forked from adhdproject/buildkit
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathadhd-install.sh
More file actions
executable file
·426 lines (340 loc) · 11.7 KB
/
adhd-install.sh
File metadata and controls
executable file
·426 lines (340 loc) · 11.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
#!/bin/bash
if [ `whoami` != 'root' ]; then
echo "need to run as root, or with sudo"; exit
fi
if [[ `lsof /var/lib/dpkg/lock 2>/dev/null` == *"COMMAND"* ]]; then
echo "Looks like some other process has locked dpkg"
echo "Wait until the lock is released and try again"
echo "To see the lock run 'lsof /var/lib/dpkg/lock'"
exit
fi
#is Ubuntu?
is_ubuntu=`lsb_release -a 2>/dev/null | awk '/Distrib/ {print $3}'`
#get version number
ubuntu_version=`lsb_release -a 2>/dev/null | grep release -i | cut -f2`
if [ -z "$ubuntu_version" ]; then ubuntu_version="15.10"; fi
if [ $is_ubuntu != "Ubuntu" ] || [ $ubuntu_version != "16.04" ] && [ $ubuntu_version != "15.10" ]; then
echo "You appear to be attempting to install ADHD onto an unsupported OS/Ubuntu Release."
echo "You are more than welcome to try. But things will likely break."
echo "Would you like to continue? [y/N]"
read choice_c
choice_c=${choice_c:-n}
if [ $choice_c = "y" ] || [ $choice_c = "Y" ]; then
echo "continuing!"
echo
echo
echo
else
exit
fi
fi
echo "This script will need to associate a user account with all the tools."
echo "Enter the name of a user account you want associated with the install."
echo "If you enter a new account name... It will be created."
echo -n "Enter account name [adhd]: "
read account
echo
if [ ${#account} == 0 ]; then
account="adhd"
fi
grepout=`grep "^$account:x" /etc/passwd`
if [ ${#grepout} == 0 ]; then
echo
echo "Script is creating user: $account"
adduser $account
adduser $account sudo
fi
#Cowrie keygen
cd /tmp
echo
echo
echo
echo
echo "####################################"
echo "# Need to generate keys for cowrie #"
echo "####################################"
echo
echo
ssh-keygen -t dsa -b 1024 -f ssh_host_dsa_key
apt-get update
#install git
apt-get -y install git
#general dependencies
apt-get -y install sqlite3 sqlite nmap vim
#decloak dependencies
apt-get -y install icedtea-8-plugin browser-plugin-freshplayer-pepperflash
cd /
mkdir adhd
cd adhd
mkdir 1-annoyance
mkdir 2-attribution
mkdir 3-absolution
mkdir 4-attack
cd /
ln -s /opt/artillery /adhd/1-annoyance/artillery
ln -s /opt/beartrap /adhd/1-annoyance/beartrap
ln -s /opt/beef /adhd/4-attack/beef
ln -s /opt/cowrie /adhd/1-annoyance/cowrie
ln -s /opt/creepy /adhd/2-attribution/creepy
ln -s /opt/cryptolocked /adhd/1-annoyance/cryptolocked
ln -s /opt/cryptolocked-ng /adhd/1-annoyance/cryptolocked-ng
ln -s /opt/decloak /adhd/2-attribution/decloak
ln -s /opt/defense_by_numbers /adhd/1-annoyance/defense_by_numbers
ln -s /opt/denyhosts /adhd/1-annoyance/denyhosts
ln -s /opt/docz.py /adhd/2-attribution/docz.py
ln -s /opt/gcat /adhd/4-attack/gcat
ln -s /opt/ghostwriting /adhd/4-attack/ghostwriting
ln -s /opt/honeybadger /adhd/2-attribution/honeybadger
ln -s /opt/honeybadgerv2 /adhd/2-attribution/honeybadgerv2
ln -s /opt/human.py /adhd/3-absolution/human.py
ln -s /opt/invisiport /adhd/1-annoyance/invisiport
ln -s /opt/jar-combiner /adhd/2-attribution/jar-combiner
ln -s /opt/java-web-attack /adhd/4-attack/java-web-attack
ln -s /opt/kippo /adhd/1-annoyance/kippo
ln -s /opt/lockdown /adhd/3-absolution/lockdown
ln -s /opt/TALOS /adhd/3-absolution/TALOS
ln -s /opt/nova /adhd/1-annoyance/nova
ln -s /opt/OpenBAC /adhd/3-absolution/OpenBAC
ln -s /opt/oschameleon /adhd/1-annoyance/oschameleon
ln -s /opt/PHP-HTTP-Tarpit /adhd/1-annoyance/PHP-HTTP-Tarpit
ln -s /opt/portspoof /adhd/1-annoyance/portspoof
ln -s /opt/psad /adhd/1-annoyance/psad
ln -s /opt/recon-ng /adhd/4-attack/recon-ng
ln -s /opt/remux /adhd/1-annoyance/remux
ln -s /opt/rubberglue /adhd/1-annoyance/rubberglue
ln -s /opt/sent.py /adhd/3-absolution/sent.py
ln -s /opt/sidejack /adhd/4-attack/sidejack
ln -s /opt/simple-pivot-detect /adhd/3-absolution/simple-pivot-detect
ln -s /opt/sqlitebugserver /adhd/2-attribution/sqlitebugserver
ln -s /opt/spidertrap /adhd/1-annoyance/spidertrap
ln -s /opt/sweeper /adhd/3-absolution/sweeper
ln -s /opt/tcprooter /adhd/1-annoyance/tcprooter
ln -s /opt/webbugserver /adhd/2-attribution/webbugserver
ln -s /opt/weblabyrinth /adhd/1-annoyance/weblabyrinth
ln -s /opt/whosthere /adhd/2-attribution/whosthere
ln -s /opt/windows-tools /adhd/1-annoyance/windows-tools
ln -s /opt/wordpot /adhd/1-annoyance/wordpot
ln -s /opt/opencanary /adhd/3-absolution/opencanary
apt-get -y install python-dev pip
pip install --upgrade pip
easy_install -U pip
if [ $ubuntu_version == "16.04" ]; then
apt-get -y install libapache2-mod-php
apt-get -y install php7.0-mysql
apt-get -y install php7.0-pgsql
apt-get -y install php7.0-sqlite
apt-get -y install php7.0-odbc
apt-get -y install php7.0-curl
apt-get -y install php-zip
fi
if [ $ubuntu_version == "15.10" ]; then
apt-get -y install php5
apt-get -y install php5-mysql
apt-get -y install php5-pgsql
apt-get -y install php5-sqlite
apt-get -y install php5-odbc
fi
echo "127.0.0.1 spy.decloak.net" >> /etc/hosts
#dependencies for metasploit
apt-get -y install libpq-dev libpcap-dev
#dependencies for cowrie
apt-get -y install libmpfr-dev virtualenv libssl-dev libffi-dev build-essential libpython-dev
apt-get -y install libmpc-dev
pip install twisted[conch] cryptography configparser pyopenssl gmpy2 service_identity pycrypto
apt-get -y install git python-twisted python-configparser python-crypto python-pyasn1 python-gmpy2 python-mysqldb python-zope.interface
#dependencies for oschaemeleon
apt-get -y install python-nfqueue python-gevent python-scapy
#dependencies for whosthere
apt-get -y install golang
#dependencies for creepy
apt-get -y install python-qt4 python-pip
pip install pytz python-qt flickrapi python-instagram yapsy tweepy google-api-python-client python-dateutil configobj dominate
#dependencies for TALOS
pip install netaddr
pip install twisted
pip install paramiko
#dependencies for lockdown
pip install splinter
#dependencies for whosthere
apt-get -y install golang-go
#dependencies for wordpot
pip install flask
#dependencies for honeyports
apt-get -y install arpspoof
#beartrap
apt-get -y install ruby
gem install getopt
#beef
gem install bundler
apt-get -y install ruby-dev libsqlite3-dev libsqlite-dev
#decloak
apt-get -y install haxe
if [ $ubuntu_version == "15.10" ]; then
apt-get -y install openjdk-7-jdk
fi
if [ $ubuntu_version == "16.04" ]; then
apt-get -y install openjdk-8-jdk libdbd-pg-perl
fi
#database mysql
debconf-set-selections <<< 'mysql-server mysql-server/root_password password adhd'
debconf-set-selections <<< 'mysql-server mysql-server/root_password_again password adhd'
apt-get -y install mysql-server
echo "create database weblabyrinth;" | mysql -u root --password=adhd
echo "create database webbug;" | mysql -u root --password=adhd
echo "create user 'webbuguser'@'localhost' identified by 'adhd';" | mysql -u root --password=adhd
echo "create user 'weblabyrinthuser'@'localhost' identified by 'adhd';" | mysql -u root --password=adhd
echo "grant all privileges on weblabyrinth.* to 'weblabyrinthuser'@'localhost';" | mysql -u root --password=adhd
echo "grant all privileges on webbug.* to 'webbuguser'@'localhost';" | mysql -u root --password=adhd
echo "create table weblabyrinth.crawlers (crawler_ip TEXT, crawler_rdns TEXT, crawler_useragent TEXT, first_seen INT(11), last_seen INT(11), last_alert INT(11), num_hits INT(11));" | mysql -u root --password=adhd
echo "create table webbug.requests (id TEXT, type TEXT, ip_address TEXT, user_agent TEXT, time INT(11));" | mysql -u root --password=adhd
#database postgres SOON
apt-get -y install postgresql postgresql-contrib
sudo -u postgres psql -c "CREATE USER decloakuser WITH PASSWORD 'adhd';"
sudo -u postgres psql << EOF
CREATE DATABASE decloak;
\\connect decloak
--
-- PostgreSQL database dump
--
SET statement_timeout = 0;
SET client_encoding = 'UTF8';
SET standard_conforming_strings = on;
SET check_function_bodies = false;
SET client_min_messages = warning;
--
-- Name: plpgsql; Type: EXTENSION; Schema: -; Owner:
--
CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;
--
-- Name: EXTENSION plpgsql; Type: COMMENT; Schema: -; Owner:
--
COMMENT ON EXTENSION plpgsql IS 'PL/pgSQL procedural language';
SET search_path = public, pg_catalog;
SET default_tablespace = '';
SET default_with_oids = false;
--
-- Name: requests; Type: TABLE; Schema: public; Owner: decloakuser; Tablespace:
--
CREATE TABLE requests (
cip character(32),
type character varying(16),
eip character varying(16),
iip character varying(16),
dip character varying(16),
stamp timestamp without time zone DEFAULT now()
);
ALTER TABLE public.requests OWNER TO decloakuser;
--
-- Data for Name: requests; Type: TABLE DATA; Schema: public; Owner: decloakuser
--
COPY requests (cip, type, eip, iip, dip, stamp) FROM stdin;
\.
--
-- Name: public; Type: ACL; Schema: -; Owner: postgres
--
REVOKE ALL ON SCHEMA public FROM PUBLIC;
REVOKE ALL ON SCHEMA public FROM postgres;
GRANT ALL ON SCHEMA public TO postgres;
GRANT ALL ON SCHEMA public TO PUBLIC;
--
-- PostgreSQL database dump complete
--
EOF
cd /etc/postgresql/*/main/
sed -i '/local all all peer/c\local all all md5\' pg_hba.conf
cd -
service postgresql restart
if ! grep -q 'neoadhd' /etc/apt/sources.list; then
echo "deb https://prometheaninfosec.com/neoadhd ./" >> /etc/apt/sources.list
fi
apt-get update
apt-get -y --force-yes install adhd-*
#post install beef
cd /opt/beef
bundle update
#post install honeybadgerv2
cd /opt/honeybadgerv2/server
pip install -r requirements.txt
python -c "import honeybadger; honeybadger.initdb('adhd','adhd')"
#post install lockdown
cd /tmp
wget https://github.com/mozilla/geckodriver/releases/download/v0.11.1/geckodriver-v0.11.1-linux32.tar.gz
tar zxvf geckodriver-v0.11.1-linux32.tar.gz
mv geckodriver /usr/local/bin
#post install opencanary
cd /opt/opencanary
pip install -r requirements.txt
python ./setup.py install
opencanaryd --copyconfig
#post install artillery
cp -R /opt/artillery /var/artillery
#post install psad
apt-get -y install cpanminus
cpanm Date::Calc
#post install recon-ng
cd /opt/recon-ng
apt-get -y install libxml2-dev libxslt1-dev
pip install -r REQUIREMENTS
#post install labyrinth
#a2enmod rewrite
#post install cowrie
cd /opt/cowrie/data
mv -f /tmp/ssh_host_dsa_key ./
cd /opt/cowrie
pip install -r requirements.txt
#post install www
#chown www-data:www-data /var/www -R
#post kippo
apt-get -y install python-twisted
pip install -I twisted==9.0.0
#Install portspoof
cd /opt/portspoof
./configure
make
make install
#post install
git clone https://github.com/trustedsec/social-engineer-toolkit /opt/set
cd /opt/set
pip install -r requirements.txt
./setoolkit & sleep 5 && killall python
cd /etc/setoolkit
sed -i '/METASPLOIT_PATH/c\METASPLOIT_PATH=/opt/metasploit\' ./set.config
cd -
git clone https://github.com/rapid7/metasploit-framework /opt/metasploit
cd /opt/metasploit
bundle install
git clone https://github.com/adhdproject/webkit /var/www/adhd
apt-get -y install apache2
chown www-data:www-data -R /var/www/adhd
chown $account:$account -R /opt
a2enmod rewrite #for labyrinth
a2enmod php7.0
a2dismod mpm_event
a2enmod mpm_prefork
echo "<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/adhd
DirectoryIndex index.php
<Directory /var/www/adhd>
Options -Indexes +FollowSymLinks -MultiViews
AllowOverride all
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/adhd/windows_tools>
Options +Indexes
</Directory>
<Directory /var/www/adhd/honeybadger>
RedirectMatch 404 /(\\.git|include|data|admin)
</Directory>
ErrorLog \${APACHE_LOG_DIR}/error.log
CustomLog \${APACHE_LOG_DIR}/access.log combined
</VirtualHost>" > /etc/apache2/sites-available/999-adhd.conf
a2ensite 999-adhd.conf
a2dissite 000-default.conf
service apache2 restart
touch .traditional-ran
#post install beef
cd /opt/beef
bundle update
reset