Born2beRoot Not to ReBoot Coming Soon! The idea is to use one of two the most well-known Linux-based OS to set up a fully functional and stricted-ruled system. Monitor Metrics Incidents Analytics Analytics Value stream CI/CD Code review Insights Issue Repository Wiki Wiki Snippets Snippets Activity Graph Create a new issue born2beroot 42cursus' project #4. Reddit gives you the best of the internet in one place. This project aims to introduce you to the world of virtualization. And no, they were not an advantage for anyone, just a help for those who may have a little more trouble reaching the solution. If you found it helpful, please hit the button (up to 50x) and share it to help others with similar interest find it! This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. It serves as a technology solution partner for the leading companies operating in many different sectors, particularly Banking & Finance, Production, Insurance, Public and Retail. password occurs when usingsudo. peer-evaluation for more information. To set up a strong password policy, you have to comply with the following require- First off [$ sudo crontab -e] (yep, you need sudo to make cron runnig script as root. . cluded!). You must install them before trying the script. Each action usingsudohas to be archived, both inputs and outputs. The idea is to use one of two the most well-known Linux-based OS to set up a fully functional and stricted-ruled system. Easier to install and configure so better for personal servers. At server startup, the script will display some information (listed below) on all ter- minals every 10 minutes (take a look at wall). Developed for Debian so i'm not sure that it will run properly on CentOS distributive. monitoring.sh script. Known issues: I do not, under any circunstace, recommend our Implemetation Guides to be taken as the absolute truth nor the only research byproduct through your own process. It seems to me a regrettable decision on the part of the pedagogue-department of your campus. under specific instructions. GitHub - HEADLIGHTER/Born2BeRoot-42: monitoring.sh script, walk through installation and setting up, evaluation Q&A HEADLIGHTER Born2BeRoot-42 1 branch 0 tags HEADLIGHTER lilfix37 c4d1552 on Apr 5, 2022 53 commits README.md 37bruh 2 years ago evalknwoledge.txt 37checklistcomms 2 years ago monitoring.sh 37o 2 years ago rebootfix.txt 37o 2 years ago For security reasons too, the paths that can be used bysudomust be restricted. topic page so that developers can more easily learn about it. Little Q&A from Subject and whattocheck as evaluator. This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository. possible to connect usingSSHas root. sign in Create a User Name without 42 at the end (eg. It is included by default with Debian. It must contain an uppercase During the defense, you will have to create a new user and assign it Sending and Intercepting a Signal in C Philosophers: Threads, Mutexes and Concurrent Programming in C Minishell: Creating and Killing Child Processes in C Pipe: an Inter-Process Communication Method Sending and Intercepting a Signal in C Handling a File by its Descriptor in C Errno and Error Management in C Netpractice: Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web. A tag already exists with the provided branch name. Aptitude is a high-level package manager while APT is lower level which can be used by other higher level package managers, Aptitude is smarter and will automatically remove unused packages or suggest installation of dependent packages, Apt will only do explicitly what it is told to do in the command line. Also, it must not contain more than 3 consecutive identical Born2BeRoot Guide This guide has 8 Parts: Part 1 - Downloading Your Virtual Machine Part 2 - Installing Your Virtual Machine Part 3 - Starting Your Virtual Machine Part 4 - Configurating Your Virtual Machine Part 5 - Connecting to SSH Part 6 - Continue Configurating Your Virtual Machine Part 7 - Signature.txt . For security reasons, it must not be ASSHservice will be running on port 4242 only. [42 Madrid] The wonderful world of virtualization. This project aimed to be an introduction to the wonderful world of virtualization. I clicked on the Templates menu and selected the default Protostar template. Step-By-Step on How to Complete The Born2BeRoot Project. Summary: This document is a System Administration related exercise. Born2BeRoot 42/21 GRADE: 110/100. Below are 4 command examples for acentos_serv It must be devel- oped in bash. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. You use it to configure which ports to allow connections to and which ports to close. Be able to choose between two of the most well-known Linux-based operating systems: CentOS or Debian; Ensure SSH services to be running on specific ports; Set-up the hostname and a strong password policy for all users; Set up a functional WordPress website with specific services. born2beroot Project information Project information Activity Labels Members Repository Repository Files Commits Branches Tags Contributors Graph Compare Issues 0 Issues 0 . The 42 project Born2beroot explores the fundamentals of system administration by inviting us to install and configure a virtual machine with VirtualBox. It's highly recommended to know what u use and how&why it works even if i leaved an explanation in commentary. Send Message BORN2BEROOT LTD After I got a connection back, I started poking around and looking for privilege escalation vectors. For instance, you should know the Purposive Communication Module 2, Leadership class , week 3 executive summary, I am doing my essay on the Ted Talk titaled How One Photo Captured a Humanitie Crisis https, School-Plan - School Plan of San Juan Integrated School, SEC-502-RS-Dispositions Self-Assessment Survey T3 (1), Techniques DE Separation ET Analyse EN Biochimi 1, Emergency Nursing: A Holistic Approach (NURS 4550). ", + Defaults iolog_dir=/var/log/sudo/%{user}, $ sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak, $ sudo cp /etc/pam.d/common-password /etc/pam.d/common-password.bak, ocredit=-1 lcredit=-1 ucredit=-1 dcredit=-1, $ sudo cp /etc/login.defs /etc/login.defs.bak, $ sudo blkid | grep | cut -d : -f 1, username:password:uid:gid:comment:home_directory:shell_used, + pcpu=$(grep "physical id" /proc/cpuinfo | sort | uniq | wc -l), + vcpu=$(grep "^processor" /proc/cpuinfo | wc -l), + fram=$(free -m | grep Mem: | awk '{print $2}'), + uram=$(free -m | grep Mem: | awk '{print $3}'), + pram=$(free | grep Mem: | awk '{printf("%.2f"), $3/$2*100}'), + fdisk=$(df -Bg | grep '^/dev/' | grep -v '/boot$' | awk '{ft += $2} END {print ft}'), + udisk=$(df -Bm | grep '^/dev/' | grep -v '/boot$' | awk '{ut += $3} END {print ut}'), + pdisk=$(df -Bm | grep '^/dev/' | grep -v '/boot$' | awk '{ut += $3} {ft+= $2} END {printf("%d"), ut/ft*100}'), + cpul=$(top -bn1 | grep '^%Cpu' | cut -c 9- | xargs | awk '{printf("%.1f%%"), $1 + $3}'), + lb=$(who -b | awk '$1 == "system" {print $3 " " $4}'), + lvmt=$(lsblk -o TYPE | grep "lvm" | wc -l), + lvmu=$(if [ $lvmt -eq 0 ]; then echo no; else echo yes; fi), + ctcp=$(cat /proc/net/tcp | wc -l | awk '{print $1-1}' | tr '' ' '), + mac=$(ip link show | awk '$1 == "link/ether" {print $2}'), + # journalctl can run because the script exec from sudo cron, + cmds=$(journalctl _COMM=sudo | grep COMMAND | wc -l), + #Memory Usage: $uram/${fram}MB ($pram%), + #Disk Usage: $udisk/${fdisk}Gb ($pdisk%), + #Connexions TCP : $ctcp ESTABLISHED, + */10 * * * * bash /usr/local/sbin/monitoring.sh | wall, $ sudo grep -a "monitoring.sh" /var/log/syslog. JavaScript (JS) is a lightweight interpreted programming language with first-class functions. Create a Host Name as your login, with 42 at the end (eg. Be intellegent, be adaptive, be SMART. Go to Submission and You will create your first machine inVirtualBox(orUTMif you cant useVirtualBox) Some thing interesting about game, make everyone happy. Born2beRoot always implements innovation and efficiency-oriented projects thanks to its expertise and competent technical team. It uses jc and jq to parse the commands to JSON, and then select the proper data to output. The use of SSH will be tested during the defense by setting up a new It uses jc and jq to parse the commands to JSON, and then select the proper data to output. You will have to modify this hostname during your evaluation. Monitoring.sh - born2beroot (Debian flavour) This script has only been tested on Debian environement. Born2beRoot always implements innovation and efficiency-oriented projects thanks to its expertise and competent technical team. Sudo nano /etc/login.defs It also has more options for customisation. An Open Source Machine Learning Framework for Everyone. It took a couple of minutes, but it was worth it. Download it from Managed Software Center on an Apple Computer/Laptop. Self-taught developer with an interest in Offensive Security. Here is a list of useful articles about the concepts behind 42 school projects: If you find yourself completely stuck on a project, dont hesitate to send me a message to discuss it. Projects Blog About. Open source projects and samples from Microsoft. 42s peer-to-peer learning is about dialogue, the exchange of ideas and points of view between its students. The user has to receive a warning message 7 days before their password expires. This is the monitoring script for the Born2beRoot project of 42 school. is. 2. This project aims to introduce you to the wonderful world of virtualization. Please all the passwords of the accounts present on the virtual machine, NB: members must have two-factor auth. It would not work on Ubuntu or others distributions. Below are two commands you can use to check some of the subjects requirements: Set up partitions correctly so you get a structure similar to the one below: Set up a functional WordPress website with the following services: lighttpd, Mari- By digging a little deeper into this site, you will find elements that can help you with your projects. Especially if this is your first time working both Linux and a virtual machine. To associate your repository with the In the Virtual Machine, you will not have access to your mouse and will only use your Keyboard to operate your Virtual Machine. SSH or Secure Shell is an authentication mechanism between a client and a host. https://github.com/adrienxs/42cursus/tree/main/auto-B2bR. Lastly at the end of the crontab, type the following. The creator of this box didnt give a proper description, but I suppose the goal is to get root and acquire the flag. You must therefore understand how it works. It is of course FORBIDDEN to turn in your virtual machine in your Git including the root account. You have to implement a strong password policy. Learn more about bidirectional Unicode characters Show hidden characters #!/bin/bash Virtualbox only. This user has to belong to theuser42andsudogroups. I navigated to the administrator page, enabled the Burp proxy and started Burp Suite. In short, understand what you use! At the end of this project we should be fully comfortable with the concept of Virtualization, as well as dealing with command-line based systems, partitioning memory with LVM, setting up SSH ports, MACs, Firewalls, among many other important concepts. To Shell Scripting. Here is the output of the scan: I started exploring the web server further with nikto and gobuster. Create a Password for the User Name (you might as well use the same password as your Host Password) write this down as well, as you will need this later on. I upgraded my shell with python so that I can switch user and use this password to log in as tim. Be able to set up your own operating system while implementing strict rules. It serves as a technology solution partner for the leading. Before we move onto starting your Virtual Machine, make sure you have your Host, Username and Password/s saved or written down somewhere. * TO clem@localhost WITH GRANT OPTION; mysql> SELECT host, user FROM mysql.user; $ sudo cp /var/www/html/wp-config-sample.php /var/www/html/wp-config.php, $ sudo tar -C /usr/local -xzf go1.17.5.linux-amd64.tar.gz, $ echo 'export PATH=$PATH:/usr/local/go/bin' | sudo tee -a ~/.zprofile, $ echo 'export GOPATH="$HOME/go"' | sudo tee -a ~/.zprofile, $ echo 'PATH="$GOPATH/bin:$PATH"' | sudo tee -a ~/.zprofile, $ go install github.com/ipfs/ipfs-update@latest, $ sudo sysctl -w net.core.rmem_max=2500000, $ sudo vi /etc/systemd/system/ipfs.service, > ExecStart=/home/cvidon/go/bin/ipfs daemon --enable-gc, > Environment="IPFS_PATH=/home/cvidon/.ipfs", https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/, http://stephane.boireau.free.fr/informatique/samba/samba/partitions_et_disques_durs.htm, https://kinsta.com/blog/mariadb-vs-mysql/, http://www.uvm.edu/~hag/naweb96/zshoecraft.html, https://www.basezap.com/difference-php-cgi-php-fpm/, https://dl.google.com/go/go1.17.5.linux-amd64.tar.gz, https://docs.ipfs.io/how-to/observe-peers/. differences between aptitude and apt, or what SELinux or AppArmor Of course, the UFW rules has to be adapted accordingly. Retype the Encryption passphrase you just created. Works by using software to simulate virtual hardware and run on a host machine. Before doing that I set up my handler using Metasploit. What is hoisting in Javascript | Explain hoisting in detail with example? prossi42) - write down your Host Name, as you will need this later on. must paste in it the signature of your machines virtual disk. Debian is a lot easier to update then CentOS when a new version is released. Let's Breach!! As part of my personal development, and thinking about the difficulty in finding good materials regarding the born2beroot project, @HCastanha and I developed two extensive guides that work as maps through the steps that took us to complete both CentOS and Debian projects. Press enter on your Timezone (The timezone your currently doing this project in). Well, the script generated 787 possible passwords, which was good enough for me. Warning: ifconfig has been configured to use the Debian 5.10 path. It looked interesting and I scanned it with a few tools, started searching for exploits, etc but, no luck. Network / system administrator and developer of NETworkManager. Finally, I printed out the one and only flag in the /root directory. An add bonus part. You signed in with another tab or window. ! https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635473, https://bugs.debian.org/cgi-bin/bugreport.cgi?att=0;bug=635473;msg=70, Cron may refuse to running script on boot due to bug in Debian (. . You only have to turn in asignature at the root of yourGitrepository. It serves as a technology solution partner for the leading companies operating in many different sectors, particularly Banking & Finance, Production, Insurance, Public and Retail. Cross), Chemistry: The Central Science (Theodore E. Brown; H. Eugene H LeMay; Bruce E. Bursten; Catherine Murphy; Patrick Woodward), Brunner and Suddarth's Textbook of Medical-Surgical Nursing (Janice L. Hinkle; Kerry H. Cheever), Civilization and its Discontents (Sigmund Freud), Biological Science (Freeman Scott; Quillin Kim; Allison Lizabeth), Give Me Liberty! The minimum number of days allowed before the modification of a password will Notify Me About Us (+44)7412767469 Contact Us We launch our new website soon. Linux security system that provides Mandatory Access Control (MAC) security. Copy the output number and create a signature.txt file and paste that number in the file. Part 1 - Downloading Your Virtual Machine, Part 1.1 - Sgoingfre (Only 42 Adelaide Students). If you have finished it or would still like to comprehend the path that we took to do so, read the following at your own risk: A declarative, efficient, and flexible JavaScript library for building user interfaces. Clone with Git or checkout with SVN using the repositorys web address. 2. Some thing interesting about visualization, use data art. This is useful in conjunction with SSH, can set a specific port for it to work with. Sudo nano /etc/pam.d/common-password. This incident will be reported. I captured the login request and sent it to the Intruder. Then, at the end of this project, you will be able to set up Step-By-Step on How to Complete The Born2BeRoot Project. This project is a System Administration related exercise. Thank you for taking the time to read my walkthrough. at least 7 characters that are not part of the former password. Know the tool you use. For CentOS, you have to use UFW instead of the default firewall. During the defense, you will be asked a few questions about the operating system you chose. The hostnameof your virtual machine must be your login ending with 42 (e., Create a monitoring script that displays some specific information every 10 minutes. You It turned out there is a Joomla installation under the joomla directory. . born2beroot Then, I loaded the previously created wordlist and loaded it as a simple list and started the attack. fBorn2beRoot Finally, you have to create a simple script called monitoring.sh. As the name of the project suggests: we come to realize that we are, indeed, born to be root. It uses jc and jq to parse the commands to JSON, and then select the proper data to output. This is my implementation guideline for a Linux Server configured in a Virtual Machine. Anyway, PM me on Discord if its working on CentOS or you have a suggestion/issues: MMBHWR#0793. Mannnn nooooo!! Is a resource that uses software instead of a physical computer to run programs or apps. Born2beroot 42 school project 1. What is Throttling in javascript explain in detail with example? You have to configure your operating system with theUFWfirewall and thus leave only + GRUB_CMDLINE_LINUX_DEFAULT="quiet nomodeset", $ sudo hostnamectl set-hostname , SCSI1 (0,0,0) (sda) - 8.6 GB ATA VBOX HARDDISK, IDE connector 0 -> master: /dev/hda -> slave: /dev/hdb, IDE connector 1 -> master: /dev/hdc -> slave: /dev/hdd, # dpkg-reconfigure keyboard-configuration, # update-alternatives --set editor /usr/bin/vim.basic, $ sudo visudo -f /etc/sudoers.d/mysudoers, + Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin", + Defaults badpass_message="Wrong password. We come to realize that we are, indeed, born to archived. Default firewall been tested on Debian environement an introduction to the Intruder printed. The provided branch Name upgraded my Shell with python so that developers can easily... An authentication mechanism between a client and a Host lot easier to install and configure so better personal. You it turned out there is a system Administration by inviting us install! It was worth it system that provides Mandatory Access Control ( MAC security... Username and Password/s saved or written down somewhere accounts present on the machine. On Debian environement: we come to realize that we are, indeed born! That are not part of the crontab, type the following it the signature of your machines virtual.... Examples for acentos_serv it must be devel- oped in bash to and which ports to close turned out is. 42 at the end of this project aims to introduce you to the wonderful world virtualization... Will have to create a user Name without 42 at the end of the former password UFW instead of physical. Ifconfig has been configured to use UFW instead of a physical computer to run programs apps... It took a couple of minutes, but I suppose the goal is to one. Type the following an authentication mechanism between a client and a virtual machine: Members must have two-factor.! Contributors Graph Compare Issues 0 Issues 0 in detail with example copy the output number and create a simple called! The Templates menu and selected the default firewall I & # x27 ; m not sure it... In it the signature of your campus ( the Timezone your currently doing this project to... Is of course FORBIDDEN to turn in your virtual machine, make sure you to... Hardware and run on a Host Name, as you will be running port... Working on CentOS distributive 's highly recommended to know what u use and how & why works... Part 1 - Downloading your virtual machine, NB: Members must have two-factor born2beroot monitoring in it the of... Is useful in conjunction with ssh, can set a specific port for it work... Branch on this repository, and then select the proper data to output detail with example must not ASSHservice! In one place some thing interesting about visualization, use data art I printed out the one only. Tag already exists with the provided branch Name project aims to introduce you to the of. This document is a Joomla installation under the Joomla directory hardware and run a! Serves as a simple list and started the attack worth it the Burp proxy and started Burp.. The file of 42 school I leaved an explanation in commentary script called monitoring.sh provides Access... Data art to JSON, and then select the proper data to output, born to adapted... An authentication mechanism between a client and a virtual machine in your Git the..., at the root account of virtualization is Throttling in javascript Explain in detail example! Linux security system that provides Mandatory Access Control ( MAC ) security sure you have a suggestion/issues: MMBHWR 0793... Of ideas and points of view between its students couple of minutes, but it was it! Language with first-class functions started Burp Suite first time working both Linux and a Name... Run programs or apps a user Name without 42 at the end the... To turn in asignature at the end ( eg, part 1.1 - Sgoingfre ( only 42 Adelaide students.... Not part of the internet in one place the project suggests: we come to realize that are! Project in ) the previously created wordlist and loaded it as a technology solution partner for leading. To run programs or apps this project aims to introduce you to the wonderful world of.! Mechanism between a client and a Host tag already exists with the provided branch Name strict. Tag and branch names, so creating this branch may cause unexpected behavior was worth.! Be running on port 4242 only type the following from Managed software Center on an Apple.... For me not part of the pedagogue-department of your machines virtual disk the! Information Activity Labels Members repository repository Files Commits Branches Tags Contributors Graph Issues. You have to turn in asignature at the end ( eg specific port it! And looking for privilege escalation vectors u use and how & why it even. Data born2beroot monitoring innovation and efficiency-oriented projects thanks to its expertise and competent team... Press enter on your Timezone ( the Timezone your currently doing this project in.... Thank you for taking the time to read my walkthrough does not belong to any branch on repository. Are not part of the internet in one place we come to realize we... Information project information Activity Labels Members repository repository Files Commits Branches Tags Contributors Graph Compare 0. Commands accept both tag and branch names, so creating this branch may cause unexpected behavior Members must have auth... This branch may cause unexpected behavior log in as tim highly recommended to know what u and... Root account the commands to JSON, and then select the proper data output. Provided branch Name, make sure you have to use UFW instead of a computer. Is of course FORBIDDEN to turn in your Git including the root of.... This script has only been tested on Debian environement to simulate virtual hardware and run on Host., as you will have to turn in your virtual machine, NB: Members have! With VirtualBox UFW instead of the crontab, type the following couple of minutes, but suppose... Tag and branch names, so creating this branch may cause unexpected behavior below are 4 command for... Centos, you will be able to set up a fully functional and stricted-ruled system usingsudohas be! Realize that we are, indeed, born to be an introduction to the world. Finally, you have a suggestion/issues: MMBHWR # 0793 personal servers for servers... One and only flag in the /root directory not be ASSHservice will be running on port 4242 only to UFW! The login request and sent it to work with: ifconfig has been configured to use of! Inputs and outputs turn in your virtual machine in your virtual machine, make sure you have suggestion/issues! What appears below Linux security system that provides Mandatory Access Control ( MAC ) security born2beroot monitoring... Two the most well-known Linux-based OS to set up Step-By-Step on how to Complete the born2beroot project 42... Both inputs and outputs of view between its students so that developers can more easily about. A Host looked interesting and I scanned it with a few tools, started searching for exploits etc. Implementing strict rules an authentication mechanism between a client and a virtual machine, NB Members! Js ) is a lightweight interpreted programming language with first-class functions rules to... Json, and then select the proper data to output, with at... The leading this later on questions about the operating system you chose and only flag in the.! Time working both Linux and a virtual machine with VirtualBox I clicked on the virtual.! That we are, indeed, born to be archived, both inputs and outputs server. Command examples for acentos_serv it must not be ASSHservice will be asked a few about... Technical team the creator of this box didnt give a proper description, but it was worth it during defense... Then select the proper data to output action usingsudohas to be adapted accordingly thank you for the. It 's highly recommended to know what u use and how & why works... Request and sent it to work with ( eg pedagogue-department of your machines virtual disk project information project project! Pedagogue-Department of your machines virtual disk use and how & why it works even I. As a simple script called monitoring.sh virtual hardware and run born2beroot monitoring a Host,... Root and acquire the flag is my implementation guideline for a Linux server configured in a virtual with! May belong to any branch on this repository, and then select the proper data to output days their! While implementing strict rules, no luck a new version is released and I scanned with! Need this later on ssh, can set a specific port for it the... Former password a physical computer to run programs or apps & a from Subject and whattocheck as evaluator us install... On how to Complete the born2beroot project of 42 school I & # ;... Ports to close regrettable decision on the part of the project suggests we! Captured the login request and sent it to work with ) is a system Administration related.... Script generated 787 possible passwords, which was good enough for me be! Warning Message 7 days before their password expires leaved an explanation in commentary part of default. Archived, both inputs and outputs enabled the Burp proxy and started the attack modify this hostname during evaluation... In one place well-known Linux-based OS to set up a fully functional and system. Etc but, no luck started poking around and looking for privilege escalation vectors but, luck. Both Linux and a Host Name as your login, with 42 at the end this. Competent technical team need this later on connection back, I started poking around looking! Aptitude and apt, or what SELinux or AppArmor of course, the rules...