Videos
I have a pi 3B+ in raspbian 10 and I'm trying to install an old version of Samba.
In a school project, we have as objectives to create a vulnerable pi, where one of the vulnerabilities would be exploited through a cve.
What I'm trying to do is install an old version of a service (Samba for now, but we also tried others). I tried 3.0.20, 4.6.4 and 4.5.10.
I first tried to install with sudo apt install samba=4.5.10 but it doesn't know any other package than the latest available version for the pi : 4.9.5.
I also tried to add to the apt sources list the debian snapshots repository but I seem to miss something as it returns error 404 when doing an apt update.
So I tried to install manually. My procedures were:
-
wgethttps://download.samba.org/pub/samba/stable/samba-4.5.10.tar.gz -
then
tar xzvf samba-4.5.10.tar.gz -
then run
./configure -
then
sudo makeandsudo make install(which took an hour) -
then add to path
export PATH=/usr/cal/samba/bin/:/usr/local/samba/sbin/:$PATH
The output at the end was
Waf: Leaving directory `/home/pi/bin/samba-4.5.10/bin''install' finished successfully (16m9.050s)
But when I run "samba", it outputs a lot of error messages:
samba: /usr/local/samba/lib/libtalloc.so.2: no version information available (required by samba)
And when I run lsb_release -a; uname -a; apt-cache policy samba
No LSB modules are available.
Distributor ID: Raspbian
Description: Raspbian GNU/Linux 10 (buster)
Release: 10
Codename: buster
Linux RPI05 5.10.103-v7+ #1529 SMP Tue Mar 8 12:21:37 GMT 2022 armv7l GNU/Linux
samba:
Installed: (none)
Candidate: 2:4.9.5+dfsg-5+deb10u1+rpi1
Version table:
2:4.9.5+dfsg-5+deb10u1+rpi1 500
500 http://raspbian.raspberrypi.org/raspbian buster/main armhf Packages.
Isn't there any other way? ( Even with another vulnerable port it works for me (except telnet)) Or did I miss something when I tried to add to the debian repo to the apt source list?
Thanks in advance