-
-
Notifications
You must be signed in to change notification settings - Fork 0
paranoya in chroot
For older systems, which can't handle modern tools, you can use chroot to deploy paranoya.
You can use the helper script or RTFM (Read This Fabulous Manual):
- Chroot using Void Linux rootfs
- Chroot using Arch Linux bootstrap
- Chroot using Alpine Linux mini root filesystem
In this example I use Void Linux as a "guest" OS. This was tested on Ubuntu 14, but should work for any distro.
First create a directory, in which we are going to deploy a chroot. Download Void rootfs and unpack it inside the directory, then mount /dev and proc, copy resolv.conf and chroot into the Linux Void.
mkdir void
cd void
wget https://repo-default.voidlinux.org/live/current/void-x86_64-ROOTFS-20230628.tar.xz
tar xvf void-x86_64-ROOTFS-20230628.tar.xz
rm void-x86_64-ROOTFS-20230628.tar.xz
sudo mount -o bind /dev dev
sudo mount -t proc none proc
cp /etc/resolv.conf etc/
cd ..
sudo chroot void
Inside chroot continue the installation as follows:
xbps-install -Suy xbps
xbps-install -Suy
xbps-install -Suy bash curl git python3 python3-devel python3-pip openssl-devel gcc wget
xbps-reconfigure -fa
cd /opt
git clone https://github.com/c0m4r/paranoya.git
cd paranoya
./deploy.sh
./paranoya.py -p ./test
mkdir scan
exit
Now mount a directory you want to scan, f.e. a /home directory.
sudo mount -o bind /home void/opt/paranoya/scan
sudo chroot void
Back in the chroot you should be able to scan the directory now
cd opt/paranoya
./paranoya.py -p scan
exit
Cleanup:
sudo umount void/opt/paranoya/scan
sudo umount -l void/dev
sudo umount -l void/proc
rm -df void/dev && rm -df void/proc && sudo rm -rv void
Get bootstrap tarball from one of the mirrors.
mkdir arch
cd arch
wget https://geo.mirror.pkgbuild.com/iso/2024.01.01/archlinux-bootstrap-x86_64.tar.gz
tar -xzf archlinux-bootstrap-x86_64.tar.gz --numeric-owner
rm archlinux-bootstrap-x86_64.tar.gz
sudo mount --bind root.x86_64 root.x86_64
cp /etc/resolv.conf root.x86_64/etc/
sudo mount -o bind /dev root.x86_64/dev
sudo mount -t proc none root.x86_64/proc
sudo chroot root.x86_64
Inside chroot:
pacman-key --init
pacman-key --populate
echo 'Server = https://geo.mirror.pkgbuild.com/$repo/os/$arch' > /etc/pacman.d/mirrorlist
echo 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' >> /etc/pacman.d/mirrorlist
echo 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' >> /etc/pacman.d/mirrorlist
pacman -Syyu --noconfirm
pacman -S bash gcc git python3 python-devtools python-pip --noconfirm
cd /opt
git clone https://github.com/c0m4r/paranoya.git
cd paranoya
./deploy.sh
./paranoya.py -p ./test
mkdir scan
exit
Now mount a directory you want to scan, f.e. a /home directory.
sudo mount -o bind /home root.x86_64/opt/paranoya/scan
sudo chroot root.x86_64
Back in the chroot you should be able to scan the directory now
cd opt/paranoya
./paranoya.py -p scan
exit
Cleanup:
sudo umount root.x86_64/opt/paranoya/scan
sudo umount -l root.x86_64/dev
sudo umount -l root.x86_64/proc
sudo umount root.x86_64
rm -df root.x86_64/dev && rm -df root.x86_64/proc && sudo rm -rv root.x86_64
Get mini root filesystem from Alpine website.
mkdir alpine
cd alpine
wget https://dl-cdn.alpinelinux.org/alpine/v3.19/releases/x86_64/alpine-minirootfs-3.19.0-x86_64.tar.gz
tar -xvf alpine-minirootfs-3.19.0-x86_64.tar.gz
rm alpine-minirootfs-3.19.0-x86_64.tar.gz
cd ..
sudo mount -t proc none alpine/proc
sudo mount -o bind /dev alpine/dev
cp /etc/resolv.conf alpine/etc/
sudo chroot alpine /bin/sh
Inside chroot:
apk update
apk add bash gcc git linux-headers musl-dev openssl-dev python3 python3-dev py3-pip
apk add shadow
usermod -s /bin/bash root
cd opt
git clone https://github.com/c0m4r/paranoya.git
cd paranoya
./deploy.sh
./paranoya.py -p ./test
mkdir scan
exit
Now mount a directory you want to scan, f.e. a /home directory.
sudo mount -o bind /home alpine/opt/paranoya/scan
sudo chroot alpine /bin/sh
Back in the chroot you should be able to scan the directory now
cd opt/paranoya
./paranoya.py -p scan
exit
Cleanup:
sudo umount alpine/opt/paranoya/scan
sudo umount -l alpine/dev
sudo umount -l alpine/proc
rm -df alpine/dev && rm -df alpine/proc && sudo rm -rv alpine