Blame
Date:
Sun Jan 29 05:00:28 2023 UTC
Message:
Daily backup
01
2023-01-22
jrmu
version=pmwiki-2.2.130 ordered=1 urlencoded=1
02
2023-01-22
jrmu
agent=Opera/9.80 (X11; Linux x86_64) Presto/2.12.388 Version/12.16
03
2023-01-22
jrmu
author=Naglfar
04
2023-01-22
jrmu
charset=UTF-8
05
2023-01-22
jrmu
csum=
06
2023-01-22
jrmu
ctime=1613835047
07
2023-01-22
jrmu
host=92.191.225.58
08
2023-01-22
jrmu
name=Openhttpd.Perl
09
2023-01-22
jrmu
rev=16
10
2023-01-22
jrmu
targets=
11
2023-01-22
jrmu
text=In /etc/httpd.conf:%0a%0a[@%0aserver "www.example.com" {%0a listen on * port 80%0a root "/htdocs/perl"%0a location "*.pl" { %0a fastcgi%0a }%0a location "/.well-known/acme-challenge/*" {%0a root "/acme"%0a request strip 2%0a }%0a}%0a@]%0a%0aTo figure out what files need to be copied into the chroot:%0a%0a$ ldd /usr/bin/perl%0a%0a/usr/bin/perl:%0a Start End Type Open Ref GrpRef Name%0a 0000022622dc8000 0000022622dcd000 exe 1 0 0 /usr/bin/perl%0a 000002285bdc7000 000002285c133000 rlib 0 1 0 /usr/lib/libperl.so.20.0%0a 00000228c7de6000 00000228c7e16000 rlib 0 2 0 /usr/lib/libm.so.10.1%0a 000002282f00d000 000002282f101000 rlib 0 2 0 /usr/lib/libc.so.96.0%0a 0000022914fb2000 0000022914fb2000 ld.so 0 1 0 /usr/libexec/ld.so%0a%0a%0aSo I start with this initial guess to build the chroot. I run the following as root:%0a%0a[@%0amkdir -p /var/www/usr/{bin,lib,libexec}%0acp /usr/bin/perl /var/www/usr/bin/%0acp -p /usr/lib/lib{c,m,perl}.so* /var/www/usr/lib/%0acp /usr/libexec/ld.so /var/www/usr/libexec/%0a@]%0a%0aWe need to turn on slowcgi:%0a%0a[@%0a$ doas rcctl enable slowcgi%0a$ doas rcctl start slowcgi%0a@]%0a%0aThen we run:%0a%0a$ doas chroot -u www -g daemon /var/www perl%0a%0aI test some random gibberish to make sure perl works inside the chroot:%0a%0a[@%0aprint "shibboleth";%0a@]%0a%0aThen ctrl+d to escape; and since it echoes @@shibboleth@@, it works.%0a%0aNext, I create the directory to hold perl scripts:%0a%0a[@%0amkdir -p /var/www/htdocs/perl/%0a@]%0a%0aNow I put an index.pl in /var/www/htdocs/perl/ just to see if the web server loads it:%0a%0a[@%0a#!/usr/bin/perl -w%0ause strict;%0aprint "Content-Type:text/html\n\n";%0aprint "This is the index file for www.example.com\n";%0a@]%0a%0aMake sure to set the proper permissions:%0a%0a[@%0a$ doas chown -R www:daemon /var/www/htdocs/perl/%0a$ doas chmod +x /var/www/htdocs/perl/index.pl%0a@]%0a%0aAt this point I try running this command:%0a%0a[@%0a$ curl example.com/index.pl%0a@]%0a%0aI get a 500 Internal Error, which means perl is not able to execute properly.%0a%0aSo I search for missing perl libraries:%0a%0a[@%0a$ doas find / -iname '*perl*'%0a@]%0a%0aThe interesting one is the folder /usr/libdata/perl5 . We definitely need these libraries, so I update my script for creating the chroot:%0a%0a[@%0amkdir -p /var/www/usr/{bin,lib,libexec,libdata}%0acp /usr/bin/perl /var/www/usr/bin/%0acp -p /usr/lib/lib{c,m,perl,pthread,util,z}.so* /var/www/usr/lib/%0acp /usr/libexec/ld.so /var/www/usr/libexec/%0acp -R /usr/libdata/perl5 /var/www/usr/libdata/%0amkdir -p /var/www/{tmp,dev}%0achown www:daemon /var/www/tmp%0atouch /var/www/dev/null%0a@]%0a
12
2023-01-22
jrmu
time=1645427913
13
2023-01-22
jrmu
author:1645427913=Naglfar
14
2023-01-22
jrmu
diff:1645427913:1634227713:minor=19,20c19%0a%3c $ ldd /usr/bin/perl%0a%3c %0a---%0a> $ ldd /usr/bin/perl %0a
15
2023-01-22
jrmu
host:1645427913=92.191.225.58
16
2023-01-22
jrmu
author:1634227713=jrmu
17
2023-01-22
jrmu
diff:1634227713:1634227679:=82c82%0a%3c $ curl example.com/index.pl%0a---%0a> $ curl example.ircnow.org:8080/index.pl%0a
18
2023-01-22
jrmu
host:1634227713=38.87.162.47
19
2023-01-22
jrmu
author:1634227679=jrmu
20
2023-01-22
jrmu
diff:1634227679:1634227443:=4c4%0a%3c server "www.example.com" {%0a---%0a> server "example.ircnow.org" {%0a69c69%0a%3c print "This is the index file for www.example.com\n";%0a---%0a> print "This is the index file for perl.oddprotocol.cf\n";%0a
21
2023-01-22
jrmu
host:1634227679=38.87.162.47
22
2023-01-22
jrmu
author:1634227443=jrmu
23
2023-01-22
jrmu
diff:1634227443:1634226675:=56,61d55%0a%3c %0a%3c Next, I create the directory to hold perl scripts:%0a%3c %0a%3c [@%0a%3c mkdir -p /var/www/htdocs/perl/%0a%3c @]%0a
24
2023-01-22
jrmu
host:1634227443=38.87.162.47
25
2023-01-22
jrmu
author:1634226675=jrmu
26
2023-01-22
jrmu
diff:1634226675:1634226648:=95,97d94%0a%3c mkdir -p /var/www/{tmp,dev}%0a%3c chown www:daemon /var/www/tmp%0a%3c touch /var/www/dev/null%0a
27
2023-01-22
jrmu
host:1634226675=38.87.162.47
28
2023-01-22
jrmu
author:1634226648=jrmu
29
2023-01-22
jrmu
diff:1634226648:1634226322:=34c34,36%0a%3c cp -p /usr/lib/lib{c,m,perl}.so* /var/www/usr/lib/%0a---%0a> cp /usr/lib/libperl.so.20.0 /var/www/usr/lib/%0a> cp /usr/lib/libm.so.10.1 /var/www/usr/lib/%0a> cp /usr/lib/libc.so.96.0 /var/www/usr/lib/%0a92c94,96%0a%3c cp -p /usr/lib/lib{c,m,perl,pthread,util,z}.so* /var/www/usr/lib/%0a---%0a> cp /usr/lib/libperl.so.20.0 /var/www/usr/lib/%0a> cp /usr/lib/libm.so.10.1 /var/www/usr/lib/%0a> cp /usr/lib/libc.so.96.0 /var/www/usr/lib/%0a
30
2023-01-22
jrmu
host:1634226648=38.87.162.47
31
2023-01-22
jrmu
author:1634226322=jrmu
32
2023-01-22
jrmu
diff:1634226322:1634224002:=5c5%0a%3c listen on * port 80%0a---%0a> listen on * port 8080%0a
33
2023-01-22
jrmu
host:1634226322=38.87.162.47
34
2023-01-22
jrmu
author:1634224002=jrmu
35
2023-01-22
jrmu
diff:1634224002:1634221998:=92c92,95%0a%3c mkdir -p /var/www/usr/{bin,lib,libexec,libdata}%0a---%0a> mkdir -p /var/www/usr/bin/%0a> mkdir -p /var/www/usr/lib/%0a> mkdir -p /var/www/usr/libexec/%0a> mkdir -p /var/www/usr/libdata/%0a
36
2023-01-22
jrmu
host:1634224002=38.87.162.47
37
2023-01-22
jrmu
author:1634221998=jrmu
38
2023-01-22
jrmu
diff:1634221998:1614760349:=32c32,34%0a%3c mkdir -p /var/www/usr/{bin,lib,libexec}%0a---%0a> mkdir -p /var/www/usr/bin/%0a> mkdir -p /var/www/usr/lib/%0a> mkdir -p /var/www/usr/libexec/%0a102c104%0a%3c @]%0a---%0a> @]%0a\ No newline at end of file%0a
39
2023-01-22
jrmu
host:1634221998=38.87.162.47
40
2023-01-22
jrmu
author:1614760349=jrmu
41
2023-01-22
jrmu
diff:1614760349:1613878114:=40,46d39%0a%3c @]%0a%3c %0a%3c We need to turn on slowcgi:%0a%3c %0a%3c [@%0a%3c $ doas rcctl enable slowcgi%0a%3c $ doas rcctl start slowcgi%0a
42
2023-01-22
jrmu
host:1614760349=198.251.81.119
43
2023-01-22
jrmu
author:1613878114=jrmu
44
2023-01-22
jrmu
diff:1613878114:1613836132:=61,67d60%0a%3c @]%0a%3c %0a%3c Make sure to set the proper permissions:%0a%3c %0a%3c [@%0a%3c $ doas chown -R www:daemon /var/www/htdocs/perl/%0a%3c $ doas chmod +x /var/www/htdocs/perl/index.pl%0a
45
2023-01-22
jrmu
host:1613878114=125.231.57.76
46
2023-01-22
jrmu
author:1613836132=jrmu
47
2023-01-22
jrmu
diff:1613836132:1613836122:=
48
2023-01-22
jrmu
host:1613836132=198.251.81.119
49
2023-01-22
jrmu
author:1613836122=jrmu
50
2023-01-22
jrmu
diff:1613836122:1613835464:=29,30c29,30%0a%3c So I start with this initial guess to build the chroot. I run the following as root:%0a%3c %0a---%0a> So we run the following as root:%0a> %0a44,90c44%0a%3c $ doas chroot -u www -g daemon /var/www perl%0a%3c %0a%3c I test some random gibberish to make sure perl works inside the chroot:%0a%3c %0a%3c [@%0a%3c print "shibboleth";%0a%3c @]%0a%3c %0a%3c Then ctrl+d to escape; and since it echoes @@shibboleth@@, it works.%0a%3c %0a%3c Now I put an index.pl in /var/www/htdocs/perl/ just to see if the web server loads it:%0a%3c %0a%3c [@%0a%3c #!/usr/bin/perl -w%0a%3c use strict;%0a%3c print "Content-Type:text/html\n\n";%0a%3c print "This is the index file for perl.oddprotocol.cf\n";%0a%3c @]%0a%3c %0a%3c At this point I try running this command:%0a%3c %0a%3c [@%0a%3c $ curl example.ircnow.org:8080/index.pl%0a%3c @]%0a%3c %0a%3c I get a 500 Internal Error, which means perl is not able to execute properly.%0a%3c %0a%3c So I search for missing perl libraries:%0a%3c %0a%3c [@%0a%3c $ doas find / -iname '*perl*'%0a%3c @]%0a%3c %0a%3c The interesting one is the folder /usr/libdata/perl5 . We definitely need these libraries, so I update my script for creating the chroot:%0a%3c %0a%3c [@%0a%3c mkdir -p /var/www/usr/bin/%0a%3c mkdir -p /var/www/usr/lib/%0a%3c mkdir -p /var/www/usr/libexec/%0a%3c mkdir -p /var/www/usr/libdata/%0a%3c cp /usr/bin/perl /var/www/usr/bin/%0a%3c cp /usr/lib/libperl.so.20.0 /var/www/usr/lib/%0a%3c cp /usr/lib/libm.so.10.1 /var/www/usr/lib/%0a%3c cp /usr/lib/libc.so.96.0 /var/www/usr/lib/%0a%3c cp /usr/libexec/ld.so /var/www/usr/libexec/%0a%3c cp -R /usr/libdata/perl5 /var/www/usr/libdata/%0a%3c @]%0a\ No newline at end of file%0a---%0a> $ doas chroot -u www -g daemon /var/www perl%0a\ No newline at end of file%0a
51
2023-01-22
jrmu
host:1613836122=198.251.81.119
52
2023-01-22
jrmu
author:1613835464=jrmu
53
2023-01-22
jrmu
diff:1613835464:1613835412:=
54
2023-01-22
jrmu
host:1613835464=198.251.81.119
55
2023-01-22
jrmu
author:1613835412=jrmu
56
2023-01-22
jrmu
diff:1613835412:1613835047:=15,44c15%0a%3c @]%0a%3c %0a%3c To figure out what files need to be copied into the chroot:%0a%3c %0a%3c $ ldd /usr/bin/perl %0a%3c /usr/bin/perl:%0a%3c Start End Type Open Ref GrpRef Name%0a%3c 0000022622dc8000 0000022622dcd000 exe 1 0 0 /usr/bin/perl%0a%3c 000002285bdc7000 000002285c133000 rlib 0 1 0 /usr/lib/libperl.so.20.0%0a%3c 00000228c7de6000 00000228c7e16000 rlib 0 2 0 /usr/lib/libm.so.10.1%0a%3c 000002282f00d000 000002282f101000 rlib 0 2 0 /usr/lib/libc.so.96.0%0a%3c 0000022914fb2000 0000022914fb2000 ld.so 0 1 0 /usr/libexec/ld.so%0a%3c %0a%3c %0a%3c So we run the following as root:%0a%3c %0a%3c [@%0a%3c mkdir -p /var/www/usr/bin/%0a%3c mkdir -p /var/www/usr/lib/%0a%3c mkdir -p /var/www/usr/libexec/%0a%3c cp /usr/bin/perl /var/www/usr/bin/%0a%3c cp /usr/lib/libperl.so.20.0 /var/www/usr/lib/%0a%3c cp /usr/lib/libm.so.10.1 /var/www/usr/lib/%0a%3c cp /usr/lib/libc.so.96.0 /var/www/usr/lib/%0a%3c cp /usr/libexec/ld.so /var/www/usr/libexec/%0a%3c @]%0a%3c %0a%3c Then we run:%0a%3c %0a%3c $ doas chroot -u www -g daemon /var/www perl%0a\ No newline at end of file%0a---%0a> @]%0a\ No newline at end of file%0a
57
2023-01-22
jrmu
host:1613835412=198.251.81.119
58
2023-01-22
jrmu
author:1613835047=jrmu
59
2023-01-22
jrmu
diff:1613835047:1613835047:=1,15d0%0a%3c In /etc/httpd.conf:%0a%3c %0a%3c [@%0a%3c server "example.ircnow.org" {%0a%3c listen on * port 8080%0a%3c root "/htdocs/perl"%0a%3c location "*.pl" { %0a%3c fastcgi%0a%3c }%0a%3c location "/.well-known/acme-challenge/*" {%0a%3c root "/acme"%0a%3c request strip 2%0a%3c }%0a%3c }%0a%3c @]%0a\ No newline at end of file%0a
60
2023-01-22
jrmu
host:1613835047=198.251.81.119
IRCNow