-
-
Save Ch0pin/191007e621e806a6283d5ec5416b8847 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pwn@host$ mkdir aarch64_tests && cd aarch64_tests | |
| pwn@host$ wget https://downloads.raspberrypi.org/raspios_arm64/images/raspios_arm64-2022-01-28/2022-01-28-raspios-bullseye-arm64.zip | busybox unzip - | |
| pwn@host$ sudo mkdir /mnt/raspbian | |
| pwn@host$ fdisk -l 2022-01-28-raspios-bullseye-arm64.img | |
| # Check the 'Start' value of 2022-01-28-raspios-bullseye-arm64.img1 and multiply by 512 That will be your **N** | |
| pwn@host$ sudo mount -v -o offset=N -t vfat 2022-01-28-raspios-bullseye-arm64.img /mnt/raspbian | |
| pwn@host$ cp /mnt/raspbian/kernel8.img $(pwd) | |
| pwn@host$ cp /mnt/raspbian/bcm2710-rpi-3-b-plus.dtb $(pwd) | |
| pwn@host$ sudo umount /mnt/raspbian | |
| # Ensure you have QEMU 6.0 installed at this point | |
| pwn@host$ qemu-img resize 2022-01-28-raspios-bullseye-arm64.img 8G | |
| pwn@host$ qemu-system-aarch64 -m 1024 -M raspi3 -kernel kernel8.img -dtb bcm2710-rpi-3-b-plus.dtb -sd 2022-01-28-raspios-bullseye-arm64.img -append "console=ttyAMA0 root=/dev/mmcblk0p2 rw rootwait rootfstype=ext4" -nographic -device usb-net,netdev=net0 -netdev user,id=net0,hostfwd=tcp::5555-:22 | |
| # At this point raspbian should boot on the terminal | |
| raspberrypi login: pi | |
| Password: raspberry | |
| pi@raspberry:~$ sudo service ssh start | |
| pi@raspberry:~$ sudo update-rc.d ssh enable | |
| # At this point we should have been inside the QEMU RaspbianOS instance with ssh | |
| pwn@host$ ssh pi@127.0.0.1 -p 5555 | |
| pi@raspberry:~$ sudo apt update && sudo apt install neovim nasm -y && bash -c "$(curl -fsSL http://gef.blah.cat/sh)" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment