-
Notifications
You must be signed in to change notification settings - Fork 2
/
bootsy.sh
executable file
·864 lines (799 loc) · 34 KB
/
bootsy.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
#!/bin/bash
# Brought to you by the relatively ok minds of Snorkel42, MarshallBanana, and Grubby
/bin/echo "MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMNk:.. ..:kNMMMMMMMMMMMMMMMMMMMMMMMMMMMMWKdc,',;lkNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMXl. .lXMMMMMMMMMMMMMMMMMMMMMMMMMMNd. ;OWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMXc .::. lXMMMMMMMMMMMMMMMMMMMMMMMMNo. .'. 'OWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMXc 'oOOo' lXMMMMMMMMMMMMMMMMMMMMMMNo. .lkx:. 'OWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMWWNXXKO: 'oOKKOl. cOKXXNWMMMMMMMMMMMMMMWXl. .lOK0x:. 'kNWMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMNOoc:,'... 'oOKKKKOl. ...';:coONWXOxdolc:;' .lOKXK0x:. .,;:clodkKNMMMMMMMMMMMMMMMMMMMMM
Nkdooooooooooooooool;. .,oOKXKKKKOl'. .',. .lOKKKKK0x:. .,looooooooooooooooooxK
; .'',;:ccldk0KKKKKKKK0xdlcc:;,''. ....'',;cdOKXKKKKK0kl:,,'..... .
'oxkOOO0000KKK0KKK00KK00000OOOkxl' 'ldxxkkOOO00KKKKKKKKKK00OOOkkxdo:.
. 'lxkOOOOOOOOOOOOOOOOOOOOOOOOkxl' .cdOO000000000000000000000000Oko;.
Oc;,,,,,,,,,,,,,,,,,. .'cdxkkkkkkkkkkkkkkkkkkkkxdc'. 'cdkkkkkkkkkkkkkkkkkkkkkkkxo;. .,,,,,,,,,,,,,,,,,,:d
MMWWWWWWWWWWWWWWWWWWXx, .'cddxxxxxxxxxxxxxxxxdoc' ,xxo;. ':oxxxxxxxxxxxxxxxxxxxdl;. .l0WWWWWWWWWWWWWWWWWWWM
MMMMMMMMMMMMMMMMMMMMMMXx, .:ooooooooodddddddoo;. ,xNMMMNk;. 'cdddddddddddddddddo:. .lKWMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMX: ;oooooooooooooooooo, cXMMMMMMMNk' .;oooooooooooooooool' :KWMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMK; .coooooooooooooooooo:. :XMMMMMMMMK, .coooooooooooooooooo; oWMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMk. 'loooooooollooooooool' .OMMMMMMMMk. 'looooooooooooooooooc. ;KMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMWo ;oooool:,....,:looooo; oWMMMMMMNl .;ooooool:,'';cloooool' .kMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMNc .;ll:,.. ..,:ll; lNMMMMMMX; .cool:,.. .';cloo, dWMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMWx. .. .;;. .. .kWMMMMMMNc .''. .. ..''. .kMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMWk, .,lkXWWXkl,. .,kWMMMMMMMMK:. .,lkK0dc' .dNMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMWXd;...'lONMMMMMMMMNOc'...:xXMMMMMMMMMMMXd. .cONMMMMMWKd,. ;kWMMMMMMMMMMMMMMMMMMMMMMMMM
Bootsy!
"
# ================================== #
# =========STATIC VARIABLES========= #
# ================================== #
# Recommended software version info
recommended_release="9.9"
recommended_kernel="4.9.0-9-686"
recommended_python_version="3.5.3"
# ================================== #
# ========DYNAMIC VARIABLES========= #
# ================================== #
# Getting release version
release=`/usr/bin/lsb_release -a 2>/dev/null | grep Release | cut -d ":" -f 2 | awk '{$1=$1};1'`
# Getting kernel version
kernel=`uname -r`
# Getting PWD
start_dir=`/bin/echo $PWD`
wordlist_path="$start_dir/funkList2000.txt"
# Getting install path
install_path=/bootsy
# Getting python version
python_version=$(/usr/bin/python3 --version 2>&1 | /usr/bin/cut -d ' ' -f 2)
if [ ! -d "$install_path" ]; then
/bin/echo "Creating folder $install_path"
/bin/mkdir "$install_path"
fi
function logger {
GREEN='\033[0;32m'
NC='\033[0m' # No Color
/bin/echo -e "[+]$1" >> $install_path/bootsy_install.log
/bin/echo -e "${GREEN}[+]${NC}$1"
}
function error {
RED='\033[0;31m'
NC='\033[0m' # No Color
/bin/echo -e "[-]$1" >> $install_path/bootsy_install.log
/bin/echo -e "${RED}[-]${NC}$1"
}
function warn {
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
/bin/echo -e "[*]$1" >> $install_path/bootsy_install.log
/bin/echo -e "${YELLOW}[*]${NC}$1"
}
function info {
BLUE='\033[0;34m'
NC='\033[0m' # No Color
/bin/echo -e "[INFO]$1" >> $install_path/bootsy_install.log
/bin/echo -e "${BLUE}$1${NC}"
}
if [[ $EUID -ne 0 ]]; then
error "This script must be run as root"
exit 1
fi
if [ -f "$install_path/bootsy_install.log" ]; then
/bin/rm "$install_path/bootsy_install.log" -f
error "Removing old bootsy install file: $install_path/bootsy_install.log"
fi
#usage="$(basename "$0") [-h] [-i /install/path] [-s] [-c /path/to/iplist.csv] [-w /path/to/wordlist] [-l /path/to/syslog/config]
usage="$(basename "$0") [-h] [-i /install/path] [-c /path/to/iplist.csv] [-w /path/to/wordlist] [-u /path/to/whitelist/file]
where (Note: All switches are optional and you will be prompted for those you don't specify):
-h Display this help message
-i Install path
-c IPList.csv file path
-w Wordlist file path (adding this option stops the download of rockyou)
-r respounder Hostname file path
-u Whitelist file path"
# Adding input for a silent parameter so we don't bother the user if they want to run this quietly
# Parameters are added using double dashes. EX) --help
#for param in $@; do
# if [ $param == "--help" ]; then
# info "$usage"
# exit 0
# else
# warn "Illegal parameter passed! Please see the help file!"
# info "$usage"
# exit 1
# fi
#done
# Command line arguments are passed using single dashes EX) -i /bootsy
silent_param="FALSE"
security_only="FALSE"
while getopts ":hi:c:w:r:u:" opt
do
case "${opt}" in
h ) info "$usage"
exit 0
;;
i ) install_path="$OPTARG"
;;
c ) ipList_path="$OPTARG"
if [ ! -f "$ipList_path" ]; then
error "ipList CSV not found! Will prompt user for input"
ipList_path=""
fi
;;
w ) wordlist_path="$OPTARG"
if [ ! -f "$wordlist_path" ]; then
error "User entered wordlist not found! Will try using funkList200 or download rockyou from OffSec"
wordlist_path="$start_dir/funkList2000.txt"
fi
;;
r ) respounderhostname_path="$OPTARG"
if [ ! -f "$respounderhostname_path" ]; then
error "User entered respounder hostname file not found! Will prompt the user for manual input."
respounderhostname_path=""
fi
;;
\?) error "Illegal argument passed! Please see the help file!"
info "$usage"
exit 1
;;
u ) whitelist_path="$OPTARG"
if [ ! -f "$whitelist_path" ]; then
error "User entered whitelist not found! Will prompt the user for manual input."
whitelist_path=""
fi
;;
\?) error "Illegal argument passed! Please see the help file!"
info "$usage"
exit 1
;;
: ) warn "Invalid option: $OPTARG requires an argument" 1>&2
info "$usage"
exit 1
;;
* ) error "Unknown parameter passed! Please see the help file!"
info "$usage"
exit 1
;;
esac
done
shift $((OPTIND-1))
while [[ ! $reallysure == "y" ]] && [[ ! $reallysure == "Y" ]]; do
#clear
warn "This script is purpose built for a fresh install of raspbian on a raspberry pi."
warn "This script will: "
warn " 1) Change your hostname"
warn " 2) Add a limited priv user"
warn " 3) Setup key based SSH auth over an ethereal port"
error " 4) Don't run with the silent switch...it's broken logic meant for another time..."
warn "Are you sure you would like to continue?"
read -p "[Y/N]? " reallysure
case $reallysure in
[Yy]* ) logger "Continuing...";;
[Nn]* ) exit;;
* ) warn "Please enter either [Y/y] or [N/n].";;
esac
done
function bootsy_check () {
logger "Detected release version: $release"
logger "Detected kernel version: $kernel"
logger "Detected start_dir: $start_dir"
logger "Detected install path: $install_path"
logger "Detected python version: $python_version"
/bin/echo "" #spacer
if [ ! -d "$install_path" ]; then
logger "Creating folder $install_path"
/bin/mkdir "$install_path"
fi
cd "$install_path"
if [ -f "/etc/rsyslog.d/99-bootsy-mail.conf" ]; then
error "Removing old /etc/rsyslog.d/99-bootsy-mail.conf config file"
/bin/rm "/etc/rsyslog.d/99-bootsy-mail.conf"
fi
if [ -f "/etc/rsyslog.d/98-bootsy-syslog.conf" ]; then
error "Removing old /etc/rsyslog.d/98-bootsy-syslog.conf config file"
/bin/rm "/etc/rsyslog.d/98-bootsy-syslog.conf"
fi
if [ -d "$install_path/respounder" ]; then
error "Removing old folder $install_path/respounder"
/bin/rm "$install_path/respounder" -rf
fi
if [ -d "$install_path/artillery" ]; then
error "Removing old folder $install_path/artillery"
/bin/rm "$install_path/artillery" -rf
fi
# Check for the rockyou.txt wordlist
if [ -f "$install_path/rockyou.txt.gz" ]; then
error "Removing old rockyou wordlist from $install_path/rockyou.txt.gz"
/bin/rm "$install_path/rockyou.txt.gz" -rf
fi
if [ -f "$install_path/words" ]; then
error "Removing old words file from $install_path/words"
/bin/rm "$install_path/words"
fi
if [ -f "$start_dir/words" ]; then
error "Removing old words file from $start_dir/words"
/bin/rm "$start_dir/words"
fi
}
function bootsy_download () {
# Download stuff
logger "Downloading respounder!"
/usr/bin/git clone https://github.com/IndustryBestPractice/respounder.git
info $rspounder
logger "Installing Go"
if [ "$release" == "10" ];
then
/usr/bin/apt-get install -y golang-go=2:1.11~1 || respounder_error="TRUE"
else
/usr/bin/apt-get install -y golang-go=2:1.7~5 || respounder_error="TRUE"
fi
info $rspounder_go
logger "Building respounder"
go build -o $install_path/respounder/respounder $install_path/respounder/respounder.go || respounder_error="TRUE"
logger "Downloading artillery"
/usr/bin/git clone https://github.com/IndustryBestPractice/artillery.git
logger "Running artillery install"
cd "$install_path/artillery"
/usr/bin/python3 "$install_path/artillery/setup.py" -y
cd "$install_path"
if [ ! -f "$wordlist_path" ]; then
error "Unable to locate $wordlist_path"
logger "Downloading rockyou"
/usr/bin/wget https://gitlab.com/kalilinux/packages/wordlists/raw/kali/master/rockyou.txt.gz
if [ ! -f "$wordlist_path" ]; then
if [ ! -f "$install_path/rockyou.txt.gz" ]; then
error "Error downloading rockyou!"
rockyou_error="TRUE"
else
logger "Moving rockyou.txt.gz to $start_dir"
/bin/mv rockyou.txt.gz $start_dir
logger "Unzipping rockyou..."
/bin/gunzip "$start_dir/rockyou.txt.gz"
logger "Moving $start_dir/rockyou.txt to $start_dir/words"
/bin/mv "$start_dir/rockyou.txt" "$start_dir/words"
# Removing non UTF8 characters
logger "Removing non UTF-8 characters from words >> words2"
/usr/bin/iconv -f utf-8 -t utf-8 -c "$start_dir/words" >> "$start_dir/words2"
logger "Deleting $start_dir/words"
/bin/rm "$start_dir/words"
logger "Renaming $start_dir/words2 to $start_dir/words"
/bin/mv "$start_dir/words2" "$start_dir/words"
fi
else
logger "Removing non UTF-8 characters from $wordlist_path >> words2"
/usr/bin/iconv -f utf-8 -t utf-8 -c "$wordlist_path" >> "$start_dir/words2"
logger "Deleting $wordlist_path"
/bin/rm "$wordlist_path"
logger "Renaming $start_dir/words2 to $start_dir/words"
/bin/mv "$start_dir/words2" "$start_dir/words"
fi
else
logger "Removing non UTF-8 characters from $wordlist_path >> words2"
/usr/bin/iconv -f utf-8 -t utf-8 -c "$wordlist_path" >> "$start_dir/words2"
logger "Deleting $wordlist_path"
/bin/rm "$wordlist_path"
logger "Renaming $start_dir/words2 to $start_dir/words"
/bin/mv "$start_dir/words2" "$start_dir/words"
fi
/bin/echo "" #spacer
if [ ! -d "$install_path/respounder" ]; then
error "Unable to find Respounder install at: $install_path/respounder"
error "Error installing respounder!"
respounder_error="TRUE"
fi
if [ ! -d "$install_path/artillery" ]; then
error "Unable to find artillery install at: $install_path/artillery"
error "Error installing artillery!"
artillery_error="TRUE"
fi
if [ "$respounder_error" == "TRUE" ] || [ "$artillery_error" == "TRUE" ] || [ "rockyou_error" == "TRUE" ]; then
error "Errors occured installing respounder, artillery or wordlist! Exiting!"
exit 1
fi
}
function bootsy_install_logging () {
# Prompt user for email, syslog, or both
# email: need to ask smtp server name, from_address, to_address
# syslog: need to ask remote host, port, UDP\TCP?
# The 98/99 files go in: /etc/rsyslog.d
if [ $silent_param == "FALSE" ]; then
# Here we prompt them for what they want
#logger "Would you like to configure email alerts for bootsy detections?"
emailcomplete="FALSE"
while [ $emailcomplete == "FALSE" ]; do
logger "Would you like to configure email alerts for bootsy detections?"
read -p "[Y/N]? " email
case "$email" in
[Yy]* ) logger "Starting email config!"; emailconfig="TRUE";;
[Nn]* ) break;;
* ) warn "Please enter either [Y/y] or [N/n]."; emailconfig="FALSE";;
esac
while [ $emailcomplete == "FALSE" ]; do
if [ $emailconfig == "TRUE" ]; then
read -p "What is the SMTP server name/ip? " smtp_server_name
read -p "What is the [FROM] address? " smtp_from_address
read -p "What is the [TO] address? " smtp_to_address
logger "Are these options correct?"
warn "SMTP Server: $smtp_server_name"
warn "SMTP [FROM] Address: $smtp_from_address"
warn "SMTP [TO] Address: $smtp_to_address"
read -p "[Y/N]? " correct_options
case $correct_options in
[Yy]* ) logger "Continuing with script!"; emailcomplete="TRUE";;
[Nn]* ) error "Enter options again..."; emailcomplete="FALSE";;
* ) warn "Prompting for input again!";;
esac
else
break
fi
done
done
/bin/echo "" #spacer
if [ $emailcomplete == "TRUE" ]; then
logger "Setting up email configuration..."
logger "Updating smtp server name to [$smtp_server_name] in $start_dir/99-bootsy-mail.conf"
/bin/sed -i "s/changeserver/$smtp_server_name/g" "$start_dir/99-bootsy-mail.conf"
logger "Updating smtp [FROM] address to [$smtp_from_address] in $start_dir/99-bootsy-mail.conf"
/bin/sed -i "s/[email protected]/$smtp_from_address/g" "$start_dir/99-bootsy-mail.conf"
logger "Updating smtp [TO] address to [$smtp_to_address] in $start_dir/99-bootsy-mail.conf"
/bin/sed -i "s/[email protected]/$smtp_to_address/g" "$start_dir/99-bootsy-mail.conf"
logger "Copying $start_dir/99-bootsy-mail.conf to /etc/rsyslog.d"
/bin/cp "$start_dir/99-bootsy-mail.conf" "/etc/rsyslog.d"
fi
/bin/echo "" #spacer
#logger "Would you like to configure syslogging for bootsy detections?"
syslogcomplete="FALSE"
while [ $syslogcomplete == "FALSE" ]; do
logger "Would you like to configure syslogging for bootsy detections?"
read -p "[Y/N]? " syslog
case "$syslog" in
[Yy]* ) logger "Continuing with script!"; syslogconfig="TRUE";;
[Nn]* ) break;;
* ) warn "Please enter either [Y/y] or [N/n]."; syslogconfig="FALSE";;
esac
while [ $syslogcomplete == "FALSE" ]; do
if [ $syslogconfig == "TRUE" ]; then
read -p "What is the SYSLOG remote host name/ip? " syslog_server_name
read -p "What is the SYSLOG port? " syslog_port
properprotocol="FALSE"
while [ $properprotocol == "FALSE" ]; do
read -p "What is the SYSLOG protocol [TCP/UDP]? " syslogprotocol
case $syslogprotocol in
[TCPtcp]* ) logger "Chose TCP!"; syslog_protocol="@@"; properprotocol="TRUE";;
[UDPudp]* ) logger "Chose UDP!"; syslog_protocol="@"; properprotocol="TRUE";;
* ) warn "Enter TCP or UDP!";;
esac
done
logger "Are these options correct?"
warn "SYSLOG Server: $syslog_server_name"
warn "SYSLOG [PORT]: $syslog_port"
warn "SYSLOG [PROTOCOL]: $syslogprotocol"
read -p "[Y/N]? " correct_options
case $correct_options in
[Yy]* ) logger "Continuing with script!"; syslogcomplete="TRUE"; break;;
[Nn]* ) logger "Enter options again..."; syslogcomplete="FALSE";;
* ) warn "Prompting for input again!";;
esac
else
break
fi
done
done
if [ $syslogcomplete == "TRUE" ]; then
logger "Setting up syslog configuration..."
logger "Updating syslog server name to [$syslog_server_name] in $start_dir/98-bootsy-syslog.conf"
/bin/sed -i "s/changeserver/$syslog_server_name/g" "$start_dir/98-bootsy-syslog.conf"
logger "Updating syslog [PORT] to [$syslog_port] in $start_dir/98-bootsy-syslog.conf"
/bin/sed -i "s/changeport/$syslog_port/g" "$start_dir/98-bootsy-syslog.conf"
logger "Updating syslog [PROTOCOL] to [$syslogprotocol] in $start_dir/98-bootsy-syslog.conf"
/bin/sed -i "s/$syslog_server_name/$syslog_protocol$syslog_server_name/g" "$start_dir/98-bootsy-syslog.conf"
logger "Copying $start_dir/98-bootsy-syslog.conf to /etc/rsyslog.d"
/bin/cp "$start_dir/98-bootsy-syslog.conf" "/etc/rsyslog.d"
fi
else
# Here, we do defaults, because they chose silent option
warn "Artillery will write to local syslog only!"
warn "This is particularly useless unless you plan to config this further yourself..."
/bin/sleep 10
fi
}
function bootsy_install_python () {
# Verify it is a version we're expecting
if [ $silent_param == "FALSE" ]; then
if [ "$python_version" == "$recommended_python_version" ]; then
logger "Python3 version ok!"
else
warn "We detected Python3 version $python_version!"
warn "Our recommended version is $recommended_python_version, and is what this was tested on."
warn "You may choose to continue or you can exit and install the recommended version of Python3 now, and set it to the default instance."
while true; do
read -p "Do you want to continue? " yn
case $yn in
[Yy]* ) logger "Continuing with script!"; break;;
[Nn]* ) exit;;
* ) warn "Please enter either [Y/y] or [N/n].";;
esac
done
fi
/bin/echo "" #spacer
if [ "$release" == "$recommended_release" ]; then
logger "OS Release version ok!"
else
warn "We detected OS Release version $release!"
warn "Our recommended version is $recommended_release, and is what this was tested on."
warn "You may choose to continue or you can exit and install the recommended version of Linux now."
while true; do
read -p "Do you want to continue? " yn
case $yn in
[Yy]* ) logger "Continuing with script!"; break;;
[Nn]* ) exit;;
* ) warn "Please enter either [Y/y] or [N/n].";;
esac
done
fi
/bin/echo "" #spacer
if [ "$kernel" == "$recommended_kernel" ]; then
logger "OS kernel version ok!"
else
warn "We detected OS kernel version $kernel!"
warn "Our recommended version is $recommended_kernel, and is what this was tested on."
warn "You may choose to continue or you can exit and install the recommended kernel now."
while true; do
read -p "Do you want to continue? " yn
case $yn in
[Yy]* ) logger "Continuing with script!"; break;;
[Nn]* ) exit;;
* ) warn "Please enter either [Y/y] or [N/n].";;
esac
done
fi
else
/bin/echo "" #spacer
logger "Detected python version is $python_version."
warn "Recommended python version is $recommended_python_version."
logger "Detected release version is $release."
warn "Recommended release version is $recommended_release."
logger "Detected kernel version is $kernel."
warn "Recommended kernel version is $recommended_kernel."
fi
}
function bootsy_respounder_hostname () {
# Setup respounder hostname configuration
if [ $silent_param == "FALSE" ]; then
if [ -z $respounderhostname_path ]; then
logger "Please enter an accessible local or network path to a file containing the hostnames to use with Respounder."
info "The file should contain one hostname per line."
info "Do not use valid hostnames unless you have LLMNR disabled in your environment"
logger "Press enter to have Respounder generate random hostnames instead"
read -p "Enter the respounder hostname file path and press [ENTER]: " respounder_path
fi
else
if [ -z $respounder_path ]; then
# Set respounderhostname_path to blank, will generate random hostnames
logger "Will generate random hostnames!"
respounderhostname_path=""
else
respounder_path="$respounderhostname_path"
if [ ! -f "$respounder_path" ]; then
error "File $respounder_path appears to either not exist or is not reachable."
error "Exiting setup!"
exit 1
else
respounderhostname_path="$respounder_path"
fi
fi
fi
# Now validate we can see the file
}
function bootsy_install_iplist () {
# Now that everything is installed as expected, we need to prompt for the path to the IP_LIST file.
if [ $silent_param == "FALSE" ]; then
if [ -z $ipList_path ]; then
logger "Please enter an accessible local or network path containing the IP CSV list file."
info "The format of the CSV must be:"
info " ip,mask,gateway,vlanid"
info " 10.0.0.2,255.255.255.0,10.0.0.1,10"
info " etc..."
logger "Press enter to use default path of $start_dir/ipList.csv"
#/bin/echo -n "Enter the path the CSV file and press [ENTER]: "
read -p "Enter the CSV file path and press [ENTER]: " csv_path
else
csv_path="$ipList_path"
fi
else
if [ -z $ipList_path ]; then
# Making var empty as we do a check for it below
csv_path=""
else
csv_path="$ipList_path"
fi
fi
# Now validate we can see the file
if [ -z "$csv_path" ]; then
logger "Default path of $start_dir/ipList.csv chosen!"
csv_path="$start_dir/ipList.csv"
fi
if [ ! -f "$csv_path" ]; then
error "File $csv_path appears to either not exist or is not reachable."
error "Exiting setup!"
exit 1
else
csv_header=`/usr/bin/head -n 1 $csv_path`
if [ $csv_header != "ip,mask,gateway,vlanid" ]; then
error "The header of the CSV file did not match as expected!"
error "The header we were expecting is: ip,mask,gateway,vlanid"
error "The header we found was: $csv_header"
error "Exiting!"
exit 1
fi
logger "Executing python network interface setup."
cd $start_dir
#if [ ! -f "$start_dir/buildIPs.py" ]; then
# error "Cannot file python build file at $start_dir/buildIPs.py! Exiting
# exit 1
#else
# /usr/bin/python3 "$start_dir/buildIPs.py" "$csv_path"
#fi
/usr/bin/python3 "$start_dir/buildIPs.py" "$csv_path"
fi
# Now we copy the created network files in place
for MYFILE in $(ls $start_dir/ips/*)
do
filename=`/bin/echo $MYFILE | /usr/bin/rev | /usr/bin/cut -d / -f 1 | /usr/bin/rev`
logger "Copying $filename to /etc/network/interfaces.d"
#/bin/cp "$start_dir/ips/$filename" "/etc/network/interfaces.d/$filename"
done
/bin/cp $start_dir/ips/* /etc/network/interfaces.d/
# Now we start each of the interfaces
for IFACE in $(ls /etc/network/interfaces.d/*-*)
do
#echo "Checking file $IFACE"
interface_name=`/bin/echo $IFACE | /usr/bin/rev | /usr/bin/cut -d / -f 1 | /usr/bin/rev`
#echo "interface name is $interface_name"
IFACE2=`/bin/echo $interface_name | /usr/bin/awk -F "-" '{print $1 ":" $2}'`
#echo "parsed name is $IFACE2"
#echo $IFACE2
logger "Interface $IFACE2 will start on boot"
#/sbin/ifup $IFACE2
done
}
# =========================================
# ========== INSTALLING APACHE 2 ==========
# =========================================
#/usr/bin/apt-get install -y apache2=2:1.7~5 || apache2_error="TRUE"
function bootsy_security () {
# =========================================
# ========== SECURITY HARDENING ===========
# =========================================
# First we use ssh-keygen to generate public\private key pair
#logger "Generating public\private key pair for to secure SSH..."
#if [ $silent_param == "TRUE" ]; then
# # don't prompt for passphrase
# keyout=`/usr/bin/ssh-keygen -f ./bootsy_rsa -t rsa -b 4096 -N ''`
#else
# # prompt for passphrase
# read -s -p "Enter your SSH key passphrase: " pswd
# /bin/echo " " # giving us a space between promptin and the next line
# if [ -f "$start_dir/bootsy_rsa" ]; then
# error "Deleting $start_dir/bootsy_rsa"
# /bin/rm "$start_dir/bootsy_rsa"
# fi
# if [ -f "$start_dir/bootsy_rsa.pub" ]; then
# error "Deleting $start_dir/bootsy_rsa.pub"
# /bin/rm "$start_dir/bootsy_rsa.pub"
# fi
# #/bin/echo " " # giving us a space between prompting and the next line
# logger "Generating keygen with RSA-4096, this may take a moment..."
# keyout=`/usr/bin/ssh-keygen -f "$start_dir/bootsy_rsa" -t rsa -b 4096 -N '$pswd'`
# logger "Generation complete"
#fi
# Now we wait for the user to copy the SSH Key info
#char=" "
#num_spaces=`/bin/echo $keyout | /usr/bin/awk -F"${char}" '{print NF-1}'`
#for i in $(seq 1 $num_spaces)
# do
# line=`/bin/echo $keyout | /usr/bin/cut -d " " -f $i`
# #echo "line is: $line"
# if [[ $line == *"SHA256"* ]]; then
# keyfingerprint=$line
# fi
# done
#logger "Key Fingerprint: $keyfingerprint"
#logger "Public Key: $start_dir/bootsy_rsa.pub"
#logger "Private Key: $start_dir/bootsy_rsa"
#read -p "Press [ENTER] to continue when ready... " anykey
# Now lets add a limited permissions user
if [ $(id -u) -eq 0 ]; then
read -p "Enter new (limited privilege) username: " username
read -s -p "Enter password: " password
/bin/echo " "
/bin/egrep "^$username" /etc/passwd >/dev/null
if [ $? -eq 0 ]; then
warn "$username already exists!"
#warn "Waiting 3 seconds and trying again..."
#/bin/sleep 3
#return 1
warn "Not changing the users password..."
logger "Adding $username to sudoers group"
/usr/sbin/usermod -aG sudo "$username"
else
pass=$(/usr/bin/perl -e 'print crypt($ARGV[0], "password")' $password)
/bin/echo " "
/usr/sbin/useradd -m -p $pass $username
if [ $? -eq 0 ]; then
logger "User has been added to system!"
else
error "Failed to add a user!"
return 1
fi
# Now create an ssh director for this user:
# logger "Creating /home/$username/.ssh/"
# /bin/mkdir "/home/$username/.ssh/" -p
# if [ ! -f "/home/$username/.ssh/authorized_keys file" ]; then
# logger "Creating empty /home/$username/.ssh/authorized_keys file"
# /usr/bin/touch "/home/$username/.ssh/authorized_keys"
# fi
# Now copy our SSH keys in there and re-permission them
# logger "Adding $start_dir/bootsy_rsa.pub to authorized_keys file"
# /bin/cat "$start_dir/bootsy_rsa.pub" >> "/home/$username/.ssh/authorized_keys"
# Now we add the new user to the sudoers group
logger "Adding $username to sudoers group"
/usr/sbin/usermod -aG sudo "$username"
# =======================
# FORCE PASSWORD CHANGE
# =======================
#logger "You will have to change your password at next login"
#/usr/bin/chage -d 0 $username
fi
# =================
# CHANGE HOSTNAME
# =================
random_3_digit=`/usr/bin/shuf --input=100-999 -n 1`
/bin/echo "bootsy$random_3_digit" > /etc/hostname
/bin/echo "127.0.1.1 bootsy$random_3_digit">>"/etc/hosts"
/bin/echo "127.0.0.1 bootsy$random_3_digit">>"/etc/hosts"
/bin/hostname "bootsy$random_3_digit"
logger "Updating hostname to bootsy$random_3_digit"
# ===================
# SETUP SSH PROPERLY
# ===================
random_port=`/usr/bin/shuf --input=10000-30000 -n 1`
logger "Setting SSH over port $random_port"
/bin/sed -i "s/#Port 22/Port $random_port/g" "/etc/ssh/sshd_config"
logger "Prohibiting root from logging in via SSH"
/bin/sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin no/g" "/etc/ssh/sshd_config"
worked="TUBULAR"
return 0
else
error "Only root may add a user to the system"
exit 1
fi
}
function bootsy_start () {
cron=`/usr/bin/crontab -l`
if [ "$emailconfig" == "TRUE" ]; then
cron_checkbootsy=`/usr/bin/crontab -l | /bin/grep "check-bootsy.sh"`
if [ -z "$cron_checkbootsy" ]; then
line="* * * * * $start_dir/check-bootsy.sh"
(/usr/bin/crontab -u root -l; /bin/echo "$line" ) | /usr/bin/crontab -u root -
logger "Added line to crontab: $line"
else
warn "check-bootsy.sh line already exists: $cron_checkbootsy"
fi
fi
# Run respounder every minute
cron_respounder=`/usr/bin/crontab -l | /bin/grep "respounder"`
if [ -z "$cron_respounder" ]; then
if [ -z "$respounderhostname_path" ]; then
line="* * * * * $install_path/respounder/respounder -rhostname -json | /usr/bin/logger -t responder-detected"
else
line="* * * * * $install_path/respounder/respounder -hostname \`shuf -n 1 $respounderhostname_path\` -json | /usr/bin/logger -t responder-detected"
fi
(/usr/bin/crontab -u root -l; /bin/echo "$line" ) | /usr/bin/crontab -u root -
logger "Added line to crontab: $line"
else
warn "Respounder cron line already exists: $cron_respounder"
fi
# Wait 2 minutes for all services to start because rpi and start artillery
cron_artillery=`/usr/bin/crontab -l | /bin/grep "artillery"`
#if [ -z "$cron_artillery" ]; then
# line="@reboot sleep 120 && /usr/bin/python3 /var/artillery/artillery.py"
# (/usr/bin/crontab -u root -l; /bin/echo "$line" ) | /usr/bin/crontab -u root -
# logger "Added line to crontab: $line"
#else
# warn "Artillery cron line already exists: $cron_artillery"
#fi
logger "Copying $install_path/artillery/config to /var/artillery"
/bin/cp "$install_path/artillery/config" "/var/artillery/config"
# Now we enable the crontab for startup
logger "Enabling crontab on startup"
/bin/systemctl enable cron
# Now restart it
logger "Restarting cron service"
/usr/sbin/service cron restart
}
function bootsy_setup_whitelist () {
if [ -z $whitelist_path ]; then
# User did not supply a file, so ask if they want to whitelist
logger "Would you like to add ip's to the whitelist file for artillery?"
read -p "[Y/N]? " perform_whitelist
if [[ $perform_whitelist == "y" ]] || [[ $perform_whitelist == "Y" ]]; then
logger "Enter IP's to add to the whitelist for BinaryDefense Artillery."
logger "Please only enter 1 IP per line, press enter and you will be prompted to add more ips"
wlarray=()
while [[ ! $addmore == "n" ]] && [[ ! $addmore == "N" ]]; do
#clear
warn "Would you like to add more IPs to the whitelist?"
read -p "[Y/N]? " reallysure
/bin/echo " "
case $reallysure in
[Yy]* ) read -p "Please enter the IP you want to whitelist " wlip; wlarray+=( "$wlip" );;
[Nn]* ) addmore="n"; break;;
* ) wlarray=(${wlarray[@]}); warn "Please enter either [Y/y] or [N/n].";;
esac
done
stringvar=`printf "%s," "${wlarray[@]}" | cut -d "," -f 1-${#wlarray[@]}`
stringvar="127.0.0.1,localhost,$stringvar"
/bin/sed -i "s/WHITELIST_IP.*/WHITELIST_IP=\"$stringvar\"/g" "$install_path/artillery/config"
fi
if [[ ! $perform_whitelist == "y" ]] && [[ ! $perform_whitelist == "Y" ]]; then
warn "No whitelist identified or we were unable to find the supplied whitelist"
warn "If this was an error, please edit the $install_path/artillery/config file manually"
fi
elif [ -f $whitelist_path ]; then
# We found the file
wlarray=()
while read line; do
logger "Adding IP to whitelist: $line"
wlarray+=( "$line" )
done < $whitelist_path
stringvar=`printf "%s," "${wlarray[@]}" | cut -d "," -f 1-${#wlarray[@]}`
stringvar="127.0.0.1,localhost,$stringvar"
/bin/sed -i "s/WHITELIST_IP.*/WHITELIST_IP=\"$stringvar\"/g" "$install_path/artillery/config"
fi
/bin/cat $install_path/artillery/config | /bin/grep WHITELIST_IP
}
# Always do bootsy check
info "===================="
info "Checking environment"
info "===================="
bootsy_check
info "================="
info "Downloading items"
info "================="
bootsy_download
# Call bootsy function
if [ $security_only == "FALSE" ]; then
info "=================="
info "Setting up logging"
info "=================="
bootsy_install_logging
info "======================"
info "Validating environment"
info "======================"
bootsy_install_python
info "========================"
info "Gathering new interfaces"
info "========================"
bootsy_install_iplist
info "===================="
info "Setting up whitelist"
info "===================="
bootsy_setup_whitelist
info "==============================="
info "Setting up Respounder hostnames"
info "==============================="
bootsy_respounder_hostname
fi
# Call security function
worked="TOTALLY"
info "===================="
info "Setting up secure pi"
info "===================="
until [ $worked == "TUBULAR" ]
do
bootsy_security
done
# Now we set bootsy to start on boot
bootsy_start
logger "FINISHED! GOING DOWN FOR A REBOOT IN 10 SECONDS!"
/bin/sleep 10
/sbin/shutdown -r now