diff --git a/.config/yadm/bootstrap b/.config/yadm/bootstrap index 8b336ac..bc5e469 100755 --- a/.config/yadm/bootstrap +++ b/.config/yadm/bootstrap @@ -9,6 +9,7 @@ go=false rust=false rootzsh=false desktop=false +pwn=false while [ $# != 0 ]; do case "$1" in @@ -22,6 +23,8 @@ while [ $# != 0 ]; do rootzsh) rootzsh=true;; nodesktop) desktop=false;; desktop) desktop=true;; + nopwn) pwn=false;; + pwn) pwn=true;; *) echo "Unknown flag: $1"; exit 1;; esac shift @@ -91,7 +94,7 @@ download_dust() { case $ID in macos) system=apple-darwin;; alpine) system=unknown-linux-musl;; - *) system=unknown-linux-gnu;; + fedora|debian|ubuntu) system=unknown-linux-gnu;; esac wget \ --output-document /tmp/dust.tar.gz \ @@ -109,6 +112,7 @@ download_kubectl() { case $PLATFORM in macos) system=darwin;; linux) system=linux;; + *) return 1;; esac wget \ --output-document $download_bin_path/kubectl \ @@ -120,6 +124,7 @@ download_minio_client() { case $PLATFORM in macos) system=darwin;; linux) system=linux;; + *) return 1;; esac wget \ --output-document $download_bin_path/mc \ @@ -139,6 +144,7 @@ download_go() { case $PLATFORM in macos) system=darwin;; linux) system=linux;; + *) return 1;; esac wget \ --output-document /tmp/go.tar.gz \ @@ -176,6 +182,17 @@ download_font_ibmplex() { done rm -r /tmp/ibmplex.zip /tmp/ibmplex } +download_cutter_re() { + version=2.0.2 + case $PLATFORM in + linux) system=Linux;; + *) return 1;; + esac + wget \ + --output-document $download_bin_path/cutter \ + https://github.com/rizinorg/cutter/releases/download/v$version/Cutter-v$version-x64.$system.AppImage + chmod +x $download_bin_path/cutter +} # Install basics @@ -201,6 +218,7 @@ esac packages_add neovim git case $ID in + alpine|debain|ubuntu) packages_add xxd;; fedora) packages_add vim-common;; esac $nicetohave && packages_add pass gnupg @@ -280,6 +298,12 @@ $nicetohave && download_minio_client download_nvim_plug nvim +PlugInstall +qa || true +# Install graphics tools + +case $ID in + *) $nicetohave && packages_add graphicsmagick;; +esac + # Final packages installation packages_install @@ -368,3 +392,57 @@ if $desktop; then packages_install fi + +if $pwn; then + + case $ID in + debian) + if ! grep --quiet 'unstable' /etc/apt/sources.list; then + echo "WARN: debian unstable required" + exit 1 + fi + ;; + esac + + # pwn: Build dependencies for cryptography + + case $ID in + alpine|debian|ubuntu) packages_add libffi-dev openssl-dev;; + fedora) packages_add libffi-devel openssl-devel;; + esac + + packages_install + + case $ID in + *) pip3 install --no-cache-dir --user pwntools;; + esac + + # pwn: Other tools + + case $ID in + alpine|fedora|debian|ubuntu|macos) packages_add radare2 binwalk testdisk socat nasm john;; + esac + case $ID in + alpine|fedora|debian|ubuntu) packages_add file squashfs-tools;; + macos) packages_add squashfs;; + esac + case $ID in + alpine|macos) packages_add exiftool;; + fedora) packages_add perl-Image-ExifTool;; + debain|ubuntu) packages_add libimage-exiftool-perl;; + esac + case $ID in + alpine|debian|ubuntu) packages_add netcat-openbsd;; + fedora) packages_add netcat;; + esac + + case $ID in + alpine|fedora|debian|ubuntu) $desktop && download_cutter_re;; + macos) $desktop && brew install --cask cutter;; + esac + + # pwn: Final packages installation + + packages_install + +fi diff --git a/.docker/alpine-pwn b/.docker/alpine-pwn new file mode 100644 index 0000000..bbbcedc --- /dev/null +++ b/.docker/alpine-pwn @@ -0,0 +1,27 @@ +FROM alpine:3.13 + +RUN echo hosts: dns files > /etc/nsswitch.conf +RUN apk add --no-cache --update \ + sudo tzdata zsh + +RUN adduser -s /bin/zsh -D ambrose \ + && echo '' >> /etc/sudoers \ + && echo '## No password sudo' >> /etc/sudoers \ + && echo 'ambrose ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers + +WORKDIR /home/ambrose +COPY --chown=ambrose:ambrose . . +RUN chmod go-rwx .gnupg + +USER ambrose + +RUN ./.config/yadm/bootstrap rootzsh pwn + +LABEL org.opencontainers.image.title="environment" +LABEL org.opencontainers.image.url="https://github.com/serverwentdown/env" +LABEL org.opencontainers.image.source="https://github.com/serverwentdown/env.git" +LABEL org.opencontainers.image.authors="Ambrose Chua" + +CMD ["/bin/zsh", "-l"] + +# vim: set ft=dockerfile: diff --git a/.docker/fedora-pwn b/.docker/fedora-pwn new file mode 100644 index 0000000..4332700 --- /dev/null +++ b/.docker/fedora-pwn @@ -0,0 +1,28 @@ +FROM fedora:33 + +RUN dnf install -y \ + zsh \ + && dnf clean all \ + && rm -rrf /var/cache/dnf + +RUN useradd -s /bin/zsh ambrose \ + && echo '' >> /etc/sudoers \ + && echo '## No password sudo' >> /etc/sudoers \ + && echo 'ambrose ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers + +WORKDIR /home/ambrose +COPY --chown=ambrose:ambrose . . +RUN chmod go-rwx .gnupg + +USER ambrose + +RUN ./.config/yadm/bootstrap rootzsh pwn + +LABEL org.opencontainers.image.title="environment" +LABEL org.opencontainers.image.url="https://github.com/serverwentdown/env" +LABEL org.opencontainers.image.source="https://github.com/serverwentdown/env.git" +LABEL org.opencontainers.image.authors="Ambrose Chua" + +CMD ["/bin/zsh", "-l"] + +# vim: set ft=dockerfile: diff --git a/.docker/ubuntu-pwn b/.docker/ubuntu-pwn new file mode 100644 index 0000000..a5df248 --- /dev/null +++ b/.docker/ubuntu-pwn @@ -0,0 +1,28 @@ +FROM ubuntu:20.10 + +RUN apt-get update \ + && apt-get install -y \ + sudo zsh \ + && rm -rf /var/lib/apt/lists/* + +RUN useradd -s /bin/zsh ambrose \ + && echo '' >> /etc/sudoers \ + && echo '## No password sudo' >> /etc/sudoers \ + && echo 'ambrose ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers + +WORKDIR /home/ambrose +COPY --chown=ambrose:ambrose . . +RUN chmod go-rwx .gnupg + +USER ambrose + +RUN ./.config/yadm/bootstrap rootzsh pwn + +LABEL org.opencontainers.image.title="environment" +LABEL org.opencontainers.image.url="https://github.com/serverwentdown/env" +LABEL org.opencontainers.image.source="https://github.com/serverwentdown/env.git" +LABEL org.opencontainers.image.authors="Ambrose Chua" + +CMD ["/bin/zsh", "-l"] + +# vim: set ft=dockerfile: