Bootstrapping - VRIG-Ritsec/Resources GitHub Wiki
OpenStack and creating a machine
This project will be happening on RITSEC's stack. So, it is important to know how to create a machine.
Creating a OpenStack account
Begin by getting an openstack account (If you do not have one already). To do this, go to https://help.ritsec.cloud/ and click Sign-In With Google. From here, sign in with your RIT account.
This should land you at a helpdesk page. At the bottom left corner you should see something that looks like this (The S will have your RIT account's profile picture):
Click the + button and create a ticket called "Stack Access". Someone on Ops should get back to you soon with stack credentials.
Generating an SSH key
Before you set up a machine on OpenStack, you will need to generate an SSH key.
Generating and Finding your SSH key on Windows
If you are on windows follow the Generating SSH keys with OpenSSH section in the guide here: https://www.purdue.edu/science/scienceit/ssh-keys-windows.html
If you followed the guide correct, you should get something that looks like this:
To print out your SSH Public Key, type in the following:
type %HOMEPATH%\.ssh\id_rsa.pub
To print out your SSH Private Key type in the following:
type %HOMEPATH%\.ssh\id_rsa
Generating and Finding your SSH key on MacOS/Linux
If you are on Linux/Mac, open a terminal and type in ssh-keygen
and hit enter. When prompted for input do not type anything, simply hit enter. This should give you something like this:
To print out your SSH Public Key, type in:
cat ~/.ssh/id_rsa.pub
To print out your SSH Private Key,
cat ~/.ssh/id_rsa
Creating and setting up your OpenStack machine.
Once you have your credentials go to https://stack.ritsec.cloud/ and login with your new credentials. You should land on a page that looks something like this:
On the right hand side, click on Instances. Once in the Instances page, click Launch Instance on the far left side:
This should give you a pop-up that looks like this (Your project name should be your username):
Under Instance Name put in anything you choose (VRIG is a good name). Feel free to put a description, but it is not required. Do not change anything else
After you have filled out Instance Name, click Source on the left sidebar. This should give you a window that looks like this:
Here, change Delete Volume on Instance Delete to Yes. Set Volume Size (GB) to 100
In the search field under Available, search for UbuntuJammy2204_new and click the upward arrow to the right of the name:
By the end, your Source window should look like as follows:
Then, click on the Flavor button on the left sidebar. This should give you the following window:
In the search bar under Available search for l3-large and click the upward arrow to the right of the name. Once you have done that your window should look similar to the following:
From here, click the Configuration button on the left sidebar. Here, you will need to place the following cloud-config in the Customization Script section:
#cloud-config
users:
- name: [Your username]
groups: sudo
shell: /bin/bash
sudo: ['ALL=(ALL) NOPASSWD:ALL']
plain_text_passwd: [Your password]
lock_passwd: false
ssh_authorized_keys:
- [Your ssh **public** key]
Replace [Your username] with a username (vrig is a good username) and replace [Your password] with a password. NOTE YOU WILL NOT BE ABLE TO SEE THESE AGAIN. WRITE THEM DOWN
Replace [Your ssh public key] with the public key you generated earlier. If you do not remember how to print out your public key, read the guide for your OS in Generating an SSH Key. By the end, your cloud config should look something like this:
#cloud-config
users:
- name: vrig
groups: sudo
shell: /bin/bash
sudo: ['ALL=(ALL) NOPASSWD:ALL']
plain_text_passwd: VerySecurePassword
lock_passwd: false
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDJ/p7o735D68zkjbEcn2fERmz4IOxzJM8LJ1N0yeqNCRAsgLZSho4iC2n0o37lExXphmfbFWOuJcI0P+UeaZt91wLPCM3WsEvmEncTqW74zkEEjIAO8K2iWOnBIccxUEwote1QI09q6p5Xxcple+CwiCrOk6aRfUtjm4bgU/LgmDhYcbsZfFvVsjyz2M/69Y26zj7m5uSfZ9+mrrhio0/Mf/1FYhOdYHeU0Mu7CjGGU5oh7JG7/l5wq0Li7YkFdqFDdB90Ih/BgnRxaX5vK15IXV3TW1eq05iRvh+tREHQP28ppXX7J7JWojB+4+nE0u/5Lc4Ttvr0QXgTUp975BynA5KGzGYnsr9/9BoIcyGGMx6OHgYYHk4p4tkZzvfFx33LZytCAhZhiK81J2JPcV2mJttgJr+fQVuu0NUh+V7/gaJfKoXdMsJd6yG3FZBZ/gdsniiIFYGe8ySzyyZDUzm3pjmmCV2sU9yUs+26DRfm05mGRLnko5lsZy/JNId8EL0= sharadkhanna@Saurabhs-MBP
The configuration window on OpenStack should look something like this:
From here, Launch Instance on the lower left hand corner.
Setting up Tailscale
Before, we install Tailscale, we must first make an Tailscale account. To do that, go to https://login.tailscale.com/ and create an account (Or login through one of the external providers). Once your are logged in, click Skip This Introduction at the bottom. You should end up on a page that looks like this:
From here, follow the guide relevant to your OS below. Once you have finished, read the guide on Setting Up Tailscale on OpenStack
Setting up Tailscale on Linux
To install Tailscale, run curl -fsSL https://tailscale.com/install.sh | sh
in your terminal.
Once you install Tailscale on your machine, run sudo tailscale up
. This should give you something like this:
Put that link into your browser and log in to your account. Once you have logged in, hit Connect
To print out the machines on your Tailscale network, put tailscale status
and this should give you something like this:
Setting Up Tailscale on Windows
First, go to https://tailscale.com/download and download the version for Windows. Once it is downloaded, install it.
Once it is installed, it you should see the following in the pop-up on the bottom right corner of your desktop:
Click the Tailscale icon. This should open up the Tailscale login page in your browser. Login to Tailscale and hit Connect. This will connect you.
To see the connected devices, click the same Tailscale icon in the bottom right corner your Desktop. Hover over Network Devices -> My Devices. This will give you the following:
If you click one of the options, it will copy the IP address of that machine to your clipboard.
Setting up Tailscale on MacOS
First, go to https://tailscale.com/download and download the version for MacOS. Once it is downloaded, install it.
Note: On MacOS, it is going to say System Extensions blocked. Open up Settings and go to Privacy and Security. You should see this box somewhere in the window:
Click details, enter your password and you should an option for Tailscale in the pop-up:
Toggle the Tailscale option and click Ok. You should be able to launch Tailscale. Once you launch Tailscale, you should see the following icon show up on the top bar:
Click the icon and in the dropdown, click Settings. You should see the following window:
At the top click Accounts, this should give you the following window:
Click Add Account. This should open up a window in your browser. Here, log in to your Tailscale account (Or simply hit Connect if your Tailscale account is already connected). If you did this properly your Tailscale should look like this:
To see the machines connected, click the Tailscale icon in the top bar and hover over Network Devices and then My Devices. This should give you something that looks like this:
If you click on one of the options, it will copy the IP of that machine to your clipboard.
Setting Up Tailscale On Your OpenStack machine
After you have set up Tailscale on your local machine, you will need to set it up on your OpenStack machine.
To do this, go back to OpenStack and go to the Instances. You should see something like this:
Click on your Instance name (In my case, I would click on vrig). This should take you to a page that looks like this:
Click on the console tab. You should see something that looks like the following:
In the terminal, type the username you used in your config and the password you used in your config. Note that on Linux when you are typing a password, it will not show up. If you successfully log in, you should get something that looks like this:
From here, we need to install Tailscale. To install tailscale, type in curl -fsSL https://tailscale.com/install.sh | sh
and hit enter. Note that OpenStack does not support copy-pasting so you will need to type it in manually. If you were successful, you should see the following once the command completes:
From here, type in sudo tailscale up
and hit enter. You should see something like this:
Go to the link into your browser. Once again, OpenStack does not support copy-pasting. Once again, log in to your Tailscale account and click connect.
From here, you can now connect to your OpenStack machine
Connecting to your OpenStack machine over SSH
To connect to your OpenStack machine over SSH, go to https://login.tailscale.com/admin/machines. You should see something like this:
Copy the IP for your machine. In my case, my machine is called vrig and its IP is 100.117.247.113.
To SSH to your machine on Linux/MacOS, use the following command in your terminal:
ssh -i ~/.ssh/id_rsa [username]@[ip]
where [username] is replaced with the username you used in your cloud-config and [ip] is replaced with the ip address of your machine . For example, I would use ssh -i ~/.ssh/id_rsa [email protected]
To SSH to your machine on Windows, use the following command in your terminal:
ssh -i %HOMEPATH%\.ssh\id_rsa [username]@[ip]
where [username] is replaced with the username you used in your cloud-config and [ip] is replaced with your ip address. For example, I would use ssh -i %HOMEPATH%\.ssh\id_rsa [email protected]
If the ssh command works, you should see something like this:
With this command, you can now access a terminal on your OpenStack machine. This is functionally the same as the Console tab on OpenStack but is a lot better as you can scroll through past output as well as copy paste commands.
Setting up the machine
At this point you should be able to SSH into the machine.
Installing the Necessary Packages
First we must install the necessary packages. To do that run the following commands:
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install -y git fakeroot build-essential ncurses-dev xz-utils libssl-dev bc flex libelf-dev bison qemu-system-x86 gdb unzip nasm
Note that if you see a screen like this:
Do not modify anything. Simply hit enter
Installing the Toolchains
A toolchain is a collection of programs which gives us the necessary tools to develop for our custom operating system. This includes a cross-compiler that we'll use to compile the kernel. Since we are developing for our custom operating system, not Linux, we can't use the gcc that is provided through our package manager because it assumes the code will be run on the host. The cross-compiler will have a generic target (i686-elf or x86_86-elf) allowing us to compile software for our custom operating system without the worry of unexpected behavior.
Use the following commands to download the toolchains for i686 and x86_64 into $HOME/toolchain
:
cd ~
mkdir toolchain && cd toolchain
mkdir i686 && cd i686
wget https://github.com/lordmilko/i686-elf-tools/releases/download/13.2.0/i686-elf-tools-linux.zip
unzip i686-elf-tools-linux.zip && rm i686-elf-tools-linux.zip
mkdir ../x86_64 && cd ../x86_64
wget https://github.com/lordmilko/i686-elf-tools/releases/download/13.2.0/x86_64-elf-tools-linux.zip
unzip x86_64-elf-tools-linux.zip && rm x86_64-elf-tools-linux.zip
Setting up VSCode
To edit our OS code, we will be using VSCode (Or you can use nano/vim/nvim/whatever).
First download VSCode here: https://code.visualstudio.com/Download
Then, once VSCode is installed open it up and go to the Extensions tab as seen below:
In the search bar, look up Remote - SSH and install it. The extension looks something like this:
Once you install the extension, you should see a new icon on the sidebar:
Go to the new tab and hit the + sign shown below:
Once you click it, you should see a pop up textbox labeled Enter SSH Connection Command. Type in your SSH command you used to SSH into your OpenStack machine earlier and hit enter. For example, I would type in ssh -i ~/.ssh/id_rsa [email protected]
.
When it asks you to select a configuration file to update, simply hit enter. If you relaunch VSCode, you should now see a new remote. To login to that new remote, hover over it and click the button labeled below:
This will open a new window that is connected to your OpenStack machine. If you go to File->Open File, it will open up a drop-down:
Simply hit Ok and it will give you access to all your files in your home directory. You will also have a new entry under your remote:
If you click the connect in a new window button as shown below, it will directly open you to your home directory:
Compiling the Kernel
Source for the kernel can be found here. Run the following commands to get started:
cd ~
git clone https://github.com/VRIG-Ritsec/os.git
cd os
If you didn't download the toolchains into your home directory or use the commands above, modify the path in the Makefile for i686-elf-gcc
or x86_64-elf-gcc
to where you downloaded the toolchains.
Otherwise, to compile the kernel simply run:
make
Setting up GDB
GDB on its own is not the best experience. So, there are extensions of GDB that make it much easier to use. The one we will be using is GEF. To install GEF run the following on the OpenStack machine:
bash -c "$(curl -fsSL https://gef.blah.cat/sh)"
Now, next time you open up GDB, you should get something that looks like this:
Debugging the kernel with QEMU
For development purposes, we will be running our kernel using QEMU. Provided is a script called start_kernel.sh
which runs the QEMU command to start our kernel. In order to use gdb, we provide the -s and -S options. The -s options makes QEMU listen on TCP port 1234 for an incoming connection from gdb and -S will make QEMU not start the guest until it's told to from gdb.
To start the kernel, run the following on your OpenStack machine:
cd ~/os
./start_kernel.sh
QEMU will wait for a gdb connection. So, open up a new terminal, ssh to your OpenStack machine and run the following commands:
cd ~/os
./start_gdb.sh
The -x option executes gdb commands from a file. In our case, gdb.sh
sets our architecture to i386:x86-64
, connects to QEMU and sets a hardware-assisted breakpoint on _start
.
You can now use gdb normally. In the GDB shell, type in:
hbreak _start
c
If everything worked, properly then you should get something that looks like this:
(This will look different if you are using pwndbg)