Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
public:wipeliveserver [2019/03/14 11:01] – don't mess with host's files Nicopublic:wipeliveserver [2023/11/19 22:00] (current) – update code with final version Nico
Line 3: Line 3:
 <note important>WIP. Only tested on Debian 7.x</note>  <note important>WIP. Only tested on Debian 7.x</note> 
  
-<code> +<code bash
-mkdir /tmp/tmproot +#!/bin/bash
-mount -t tmpfs none /tmp/tmproot +
-mkdir /tmp/tmproot/{bin,sbin,proc,sys,dev,run,usr,var,tmp,etc,root,oldroot} +
-mkdir -p /tmp/tmproot/usr/bin +
-mkdir -p /tmp/tmproot/dev/pts +
-mkdir -p /tmp/tmproot/lib/x86_64-linux-gnu /tmp/tmproot/lib64 /tmp/tmproot/usr/share /tmp/tmproot/usr/lib/x86_64-linux-gnu /tmp/tmproot/var/run/screen+
  
-#tmux +script used to chroot/pivot a live system on tmpfs in order to wipe it 
-cp -vrp /usr/share/terminfo /tmp/tmproot/usr/share+# only tested with Debian 7.11 
-cp -vrp /usr/lib/x86_64-linux-gnu/libevent* /tmp/tmproot/usr/lib/x86_64-linux-gnu/ +
-cp -vrp /lib/x86_64-linux-gnu/* /tmp/tmproot/lib/x86_64-linux-gnu/ +# first copy and execute it: 
-cp -vrp /lib64/ld-linux-x86-64.so./tmp/tmproot/lib64+# scp pivotroot.sh root@<remote_host>:/tmp/ 
-cp -vrp /sbin//tmp/tmproot/sbin/ +# ssh root@<remote_host> bash /tmp/pivotroot.sh 
-cp -vrp /bin/* /tmp/tmproot/bin/ +
-cp -vrp /usr/bin/shred /usr/bin/ldd /usr/bin/screen /usr/bin/tmux /tmp/tmproot/usr/bin/+# you will then be able to connect again to it on port 666 (change it if you like) and do what you want 
 +# 
 +# note: bash is the default shell under debian so there will be bashisms (don't run it with Bourne shell) 
 +#
  
-#cp -a /dev/zero /dev/random /dev/sda /tmp/tmproot/dev/ +apt-get install -y dropbear screen tmux
-cp -a /dev/* /tmp/tmproot/dev/+
  
-mount -t proc proc /tmp/tmproot/proc +CHROOTDIR='/tmp/tmproot' 
-mount --bind /dev/pts /tmp/tmproot/dev/pts +CHROOTPORT=666
-chmod g+w /tmp/tmproot/run  +
-chmod a+x /tmp/tmproot/tmp+
  
-apt-get install -y dropbear +mkdir ${CHROOTDIR} 
-cp /usr/sbin/dropbear /tmp/tmproot/sbin/ +mount -t tmpfs none ${CHROOTDIR} 
-#cp -vrp /etc/dropbear /tmp/tmproot/etc+ 
-#cp -vrp /etc/passwd* /etc/shadow* /etc/group* /etc/shells /tmp/tmproot/etc+mkdir ${CHROOTDIR}/{bin,sbin,proc,sys,dev,run,usr,var,tmp,etc,root,oldroot} 
-cp -vrp /etc/* /tmp/tmproot/etc+mkdir -p ${CHROOTDIR}/usr/bin 
-echo ""/tmp/tmproot/root/.bash_history +mkdir -p ${CHROOTDIR}/lib/x86_64-linux-gnu ${CHROOTDIR}/lib64 ${CHROOTDIR}/usr/share ${CHROOTDIR}/usr/lib/x86_64-linux-gnu ${CHROOTDIR}/var/run/screen 
-echo "TERM=xterm-16color" >>/tmp/tmproot/root/.profile+ 
 +mount -t proc proc ${CHROOTDIR}/proc 
 +mount --bind /dev ${CHROOTDIR}/dev 
 +mount --bind /dev/pts ${CHROOTDIR}/dev/pts
 mount --make-rprivate / # necessary for pivot_root to work mount --make-rprivate / # necessary for pivot_root to work
-pivot_root /tmp/tmproot /tmp/tmproot/oldroot 
-/sbin/dropbear -p 666 
  
-ssh -p 666 root@host+cp -vrp /usr/share/terminfo ${CHROOTDIR}/usr/share/ 
 +cp -vrp /usr/lib/x86_64-linux-gnu/libevent* ${CHROOTDIR}/usr/lib/x86_64-linux-gnu/ 
 +cp -vrp /lib/x86_64-linux-gnu/* ${CHROOTDIR}/lib/x86_64-linux-gnu/ 
 +cp -vrp /lib64/ld-linux-x86-64.so.2 ${CHROOTDIR}/lib64/ 
 +cp -vrp /sbin/* ${CHROOTDIR}/sbin/ 
 +cp -vrp /bin/* ${CHROOTDIR}/bin/ 
 +cp -vrp /usr/bin/id /usr/bin/shred /usr/bin/ldd /usr/bin/screen /usr/bin/tmux ${CHROOTDIR}/usr/bin/ 
 +cp -vrp /usr/sbin/dropbear ${CHROOTDIR}/sbin/ 
 + 
 +#cp -vrp /etc/passwd* /etc/shadow* /etc/group* /etc/shells ${CHROOTDIR}/etc/ 
 +#cp -vrp /etc/dropbear ${CHROOTDIR}/etc/ 
 +cp -vrp /etc/* ${CHROOTDIR}/etc/ 
 + 
 +chmod g+w ${CHROOTDIR}/run  
 + 
 +echo "" > ${CHROOTDIR}/root/.bash_history 
 +
 +  echo "TERM=xterm-16color" #necessary for tmux/screen to work 
 +  echo "alias halt=\"echo 'o' > /proc/sysrq-trigger\""  
 +  echo "alias reboot=\"echo 'b' > /proc/sysrq-trigger\""  
 +} >> ${CHROOTDIR}/root/.profile  
 + 
 +pivot_root ${CHROOTDIR} ${CHROOTDIR}/oldroot 
 +/sbin/dropbear -p ${CHROOTPORT}
  
-tmux -s shred +echo 
-#shred --/dev/sda+echo "system pivot-rooted." 
 +echo "you can now connect with ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p ${CHROOTPORT} root@$(hostname), launch screen/tmux and shred" 
 +echo "and finaly use reboot or halt commands (warning: they are not the real thing...)" 
 +echo 
 +echo "happy wiping!" 
 +echo
  
-ssh -p 666 root@host 
-#tmux a -t shred 
-#echo "o" > /proc/sysrq-trigger 
 </code> </code>