bolyai/CIS490
3
0
Fork 0
Code Issues 5 Pull requests Projects 1 Releases Packages Wiki Activity Actions
CIS490/tools
History
Exact
elliott f4eef81807 fix: Tier-3 verify fails — PORT_BASE 21 is privileged, RPORT not propagated 
QEMU's SLIRP hostfwd tried to bind host port 21 for the Metasploitable2
target, which fails for the non-root cis490 user (EPERM). The exploit
driver also had no way to use a different host-side port than the module's
static RPORT=21, so even if the VM had started the exploit would have
connected to the wrong port.

Fix:
  - launch_target.sh: change PORT_BASE default from (21 + SLOT*100) to
    (2121 + SLOT*100) so SLIRP binds non-privileged ports
  - exploits/driver.py: add target_port to DriverConfig; in _fire(),
    override opts["RPORT"] when target_port is set so msfrpcd connects
    to the correct forwarded port
  - tools/run_tier3_demo.py: pass target_port=args.target_port to DriverConfig
  - scripts/install-tier-3-4.sh: --target-port 2121 (matches new default)

Closes spectral/CIS490#18

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-01 08:02:23 -06:00
..
auto_fetch_samples.py auto_fetch_samples: pick Linux i386 ELF; manifest matches theZoo 2026-05-01 03:28:26 -05:00
build_cidata.py Collectors 2/4/5 + fleet runner + sample manifest + Tier-3 setup scripts 2026-04-30 00:02:27 -05:00
cis490_doctor.py fix: three install-time bugs found during first lab-host bring-up on k-gamingcom 2026-04-30 15:05:00 -06:00
fetch_sample.py Close out the open issues: bridge pcap wiring, perf collector, Tier-4 2026-04-30 00:17:49 -05:00
index_backfill.py Receiver enforces X-Cis490-Code-Commit allow-list (live, auto-refreshed) 2026-05-01 01:38:50 -05:00
index_reader.py Close out the deployment-readiness gaps 2026-04-30 00:31:55 -05:00
load_mimic.py Synthetic envelope demo: phase-driven load mimic + plotter 2026-04-28 23:53:20 -06:00
plot_envelope.py Close out the deployment-readiness gaps 2026-04-30 00:31:55 -05:00
prune_episodes.py Multi-signal prune classifier: rescue valid episodes /proc misses 2026-04-30 19:10:01 -05:00
run_envelope_demo.py Synthetic envelope demo: phase-driven load mimic + plotter 2026-04-28 23:53:20 -06:00
run_fleet.py fleet: rotate exploit modules per (host, slot, ep); Tier 3 by default 2026-04-30 02:22:49 -05:00
run_real_vm_demo.py runners: take savevm baseline-v1 after boot so revert_at_* actually works 2026-04-30 02:37:05 -05:00
run_tier3_demo.py fix: Tier-3 verify fails — PORT_BASE 21 is privileged, RPORT not propagated 2026-05-01 08:02:23 -06:00
show_envelope.sh Interactive envelope plot via WebAgg (browser-based) 2026-04-29 00:06:22 -06:00
verify_tier3_local.py tools/verify_tier3_local.py: Pi-runnable Tier-3 verifier 2026-05-01 03:41:21 -05:00
vm_load_controller.py Fix workload-silent false-positive on Alpine busybox guests (closes #15) 2026-04-30 17:28:48 -05:00
vm_serial.py Tier 2: real Alpine VM, real workload, real envelope 2026-04-29 08:38:53 -06:00