Based on the responses in this thread, I feel like you could present this screenshot with a "I bet you couldn't find your way out of this!" and a zip of the directory, and a significant number of users would voluntarily download it and extract it just to "prove that they could".
I do it mainly cos it makes managing lots of different environments easy. I can have windows and different Linux distros and different packages and cool shit all from one display manager.
1-2% is the overhead of virtualization. Hardware virtualization is Goated. And QubesOS uses Zen under the hood same as what's used by aws etc so its well optimised.
And for GPU? For all I understand, everything but dom0 should still require GPU Passthrough to have any decent GPU performance. Does passthrough perform well? Also, am I right in understanding that if you have 2 GPUs or APU/GPU mix, you can only have GPU passed through to one VM, leaving other VMs on the mercy of the same device that renders dom0?
The greatest trick is to make your opponent think you thought of everything. Powering off might just straight up work and they're just bluffing, might as well try
I mean they didnβt, cause you can just open another terminal window or pull the plug on the computer, but like someone else said, a binary canβt change the directory for you cd is a shell built in, so Iβm pretty sure this would be trivial to get past.
You could probably install a handler for the event that's triggered when the power button is pressed. Most OSes do that and pop up a graceful shutdown options window. Most hardware will have a hard shutdown option when you hold the power button for a few seconds. You would probably have to overwrite the BIOS or something at that level to prevent that way out.
alt+sysrq+b bypasses this handler, also switching to another vt should just drop you in a normal shell it as well as long the login shell isn't modified. There are a lot of ways that can be used to break out.
Encrypt hard drive and keep the key in RAM. Could be recovered with a cold boot attack but that's very advanced. The DOS virus ONEHALF would run as a daemon encrypring a block on the drive on each boot and intercept reads/writes to the encrypted part as if nothing ever happened. Only after encrypting Β½ of the disk, it would reveal itself with an ominous
Dis is one half.
Press any key to continue...
The decryption was eventually cracked by ESET and they developed a tool to recover the drive.
But it's on a dedicated server you have already paid for, which also hosts your own Minecraft game server with active players (mission-critical process which can never be allowed to stop).
Reminds me of gameshell, which is a rogue-like game designed to teach you the unix shell. So instead of navigating with NESW, you cd to locations. At one point you search the "garden", which is an unmanageable tangle of directories, with find.
uh in short it erases "the disk's" (unsure which) file allocation table (pretty much the dos/windows version of a superblock). apparently some versions did copy it to memory and give the user a chance though!
Maybe something like find ./ -type f | xargs md5sum, then avoid the one directory where the executable has a different checksum. Heck, even find | ls might suffice.
This could be trivially defeated by a program which erases the hard drive unless run using a particular executable name. Then, all twenty entries could simply be hard links to the same executable file on disk, but one of the names would trigger different behavior.
So then you either cat the executable and hope itβs a shell script, you output the binary with a hex viewer and compare, you modify the executable so itβs in a lower permission group and thus wouldnβt have access to erase the drive, thereβs like a hundred ways to solve this.
There was an old virus that would copy your FAT table to ram, erase it from disk, and preset you with a slot machine UI where you would gamble to get the FAT back, if you won, great, the virus would write the FAT back to the drive, if not, you lost everything.
Rebooting without playing meant loosing everything.
Despite having Table in the name, FAT isn't a table, but rather uses a table, and FAT itself is a filesystem. Thus, it's different from a machine with "machine" being in the name or a number with "number" in the name, and it seems entirely reasonable to refer to the crucial index table in the FAT filesystem as the "FAT table"
i had a school colleague who could write small programs in bytecode, so i think someone who really knows their shit can get out without issues with cat and ls, as long as there isn't much obfuscation
Based on the responses in this thread, I feel like you could present this screenshot with a "I bet you couldn't find your way out of this!" and a zip of the directory, and a significant number of users would voluntarily download it and extract it just to "prove that they could".
Genuinely my first response. What are VMs for?
I run QubesOS BTW. My entire computer is just a bunch of VMs in a trench coat.
Running Qubes as a daily driver is some serious level of privacy enthusiasm
I do it mainly cos it makes managing lots of different environments easy. I can have windows and different Linux distros and different packages and cool shit all from one display manager.
Doesn't virtualization eat away a lot of performance? Or do you not care much about it?
1-2% is the overhead of virtualization. Hardware virtualization is Goated. And QubesOS uses Zen under the hood same as what's used by aws etc so its well optimised.
Nice
@Allero Not if it's hardware-accelerated. You'll be hard-pressed to find a CPU without hardware virtualization, though.
@muntedcrocodile
And for GPU? For all I understand, everything but dom0 should still require GPU Passthrough to have any decent GPU performance. Does passthrough perform well? Also, am I right in understanding that if you have 2 GPUs or APU/GPU mix, you can only have GPU passed through to one VM, leaving other VMs on the mercy of the same device that renders dom0?
Well yeah? And you do it in a vm. But seems like a decently simple problem anyway.
ls -aland compare the sizes.Obvioulsy whoever set this minefield thought about this
The greatest trick is to make your opponent think you thought of everything. Powering off might just straight up work and they're just bluffing, might as well try
What if it encrypts the disk when entering the dir and the only way to decrypt it is by winning? Decryption keys will be provided via API at the end.
oh, and the endpoint key is on ram, to be lost forever after shutdown.
I mean they didnβt, cause you can just open another terminal window or pull the plug on the computer, but like someone else said, a binary canβt change the directory for you
cdis a shell built in, so Iβm pretty sure this would be trivial to get past.When people don't know normal things we learned in '92, I get worried.
Instead of acting like an asshole, teach us.
Oof. I consider myself a fairly decent Linux Sysadmin (~15 years experience ~10 years professionally) but I actually didn't know about that. :/
what does this change?
Bypasses aliases and uses the original command
Combat the minefield with a fork bomb. Ainβt no process surviving this engagement.
The power cable would like to have a word.
it removed your disc encryption keys and the only way to recover it is finding it in memory through the minefield
They never guess the next move: Unplugs pc
loud knocking on the door
Either that or the PC keeps running anyway.
Boston Dynamics: βEither that or the PC keeps running away.β
How can you prevent users from leaving a directory?
chroot, and override exit with an alias,could work
Magic, I guess, 'cause nothing in the sceenshot would do it, unless the attacker had already replaced
catwith a trojan or something.AFAIK, thereβs no way to without modifying the system tools and shell.
How can you prevent a shutdown using a power key?
There's an Emacs command to do that
C-x M-c M-minefieldYou could probably install a handler for the event that's triggered when the power button is pressed. Most OSes do that and pop up a graceful shutdown options window. Most hardware will have a hard shutdown option when you hold the power button for a few seconds. You would probably have to overwrite the BIOS or something at that level to prevent that way out.
You could also just unplug it.
alt+sysrq+b bypasses this handler, also switching to another vt should just drop you in a normal shell it as well as long the login shell isn't modified. There are a lot of ways that can be used to break out.
You can't, lol. Think it's just a joke
Encrypt hard drive and keep the key in RAM. Could be recovered with a cold boot attack but that's very advanced. The DOS virus ONEHALF would run as a daemon encrypring a block on the drive on each boot and intercept reads/writes to the encrypted part as if nothing ever happened. Only after encrypting Β½ of the disk, it would reveal itself with an ominous
The decryption was eventually cracked by ESET and they developed a tool to recover the drive.
If you are using KDE
I can think of a way out:
Just throw the whole PC away. It's someone else's problem now!
But that just becomes a Jumanji issue
But it's on a dedicated server you have already paid for, which also hosts your own Minecraft game server with active players (mission-critical process which can never be allowed to stop).
Reminds me of gameshell, which is a rogue-like game designed to teach you the unix shell. So instead of navigating with NESW, you
cdto locations. At one point you search the "garden", which is an unmanageable tangle of directories, withfind.There goes my night? Longer?
Cool! Will give this a try for sure! Always forget commands
Reminder that binaries cannot change a shell's working directory, so the non-mines will do nothing.
(
cdis a shell builtin)Technically they could if run as root by modifying the parent process
it could just reinvoke
$SHELLin the parent dirI mean, you can just write a whole custom shell for this
Good point. Also it wouldnβt stop you from just opening another terminal window haha.
cat 1*a single cat is hurled unceremoniously through the window onto your lap*
while this is not real, something similar in principal very much was! (but not too widespread)
see here or look up "casino dos malware"
uh in short it erases "the disk's" (unsure which) file allocation table (pretty much the dos/windows version of a superblock). apparently some versions did copy it to memory and give the user a chance though!
There also was Fake DOS back in the day
Maybe something like
find ./ -type f | xargs md5sum, then avoid the one directory where the executable has a different checksum. Heck, evenfind | lsmight suffice.This could be trivially defeated by a program which erases the hard drive unless run using a particular executable name. Then, all twenty entries could simply be hard links to the same executable file on disk, but one of the names would trigger different behavior.
So then you either cat the executable and hope itβs a shell script, you output the binary with a hex viewer and compare, you modify the executable so itβs in a lower permission group and thus wouldnβt have access to erase the drive, thereβs like a hundred ways to solve this.
Has "let's play a game" vibes
objdump -D * | less
We have squid games at home.
Squid games at home:
Does it have a perpetual energy source if I unplug it?
There was an old virus that would copy your FAT table to ram, erase it from disk, and preset you with a slot machine UI where you would gamble to get the FAT back, if you won, great, the virus would write the FAT back to the drive, if not, you lost everything.
Rebooting without playing meant loosing everything.
Can I just pay? I can go to the ATM Machine and enter my PIN Number
You forget that FAT stands for "File Allocation Travesty."
Despite having Table in the name, FAT isn't a table, but rather uses a table, and FAT itself is a filesystem. Thus, it's different from a machine with "machine" being in the name or a number with "number" in the name, and it seems entirely reasonable to refer to the crucial index table in the FAT filesystem as the "FAT table"
Diabolical!
ctrl-D
What did the minefield directory do here to hijack cd?
Can an alias be applied upon cd?
on termux it works:
ls -lah
i had a school colleague who could write small programs in bytecode, so i think someone who really knows their shit can get out without issues with cat and ls, as long as there isn't much obfuscation
Does it fry my hardware? Or can I just do another fresh install
strings 1I wonder if we could
bash -n -vthe source code? π€ Since-nshould error check without execution.Edit: maybe that only works on scripts?