| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | #!/bin/bash
 | 
					
						
							|  |  |  |  | # T-Pot Container Data Cleaner & Log Rotator | 
					
						
							|  |  |  |  | # Set colors | 
					
						
							|  |  |  |  | myRED="[0;31m" | 
					
						
							|  |  |  |  | myGREEN="[0;32m" | 
					
						
							|  |  |  |  | myWHITE="[0;0m" | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-24 10:31:54 +00:00
										 |  |  |  | # Set pigz | 
					
						
							|  |  |  |  | myPIGZ=$(which pigz) | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | # Set persistence | 
					
						
							|  |  |  |  | myPERSISTENCE=$1 | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | # Let's create a function to check if folder is empty | 
					
						
							|  |  |  |  | fuEMPTY () { | 
					
						
							|  |  |  |  |   local myFOLDER=$1 | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | echo $(ls $myFOLDER | wc -l) | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | # Let's create a function to rotate and compress logs | 
					
						
							|  |  |  |  | fuLOGROTATE () { | 
					
						
							| 
									
										
										
										
											2023-06-14 00:17:09 +00:00
										 |  |  |  |   local mySTATUS="/data/tpot/etc/logrotate/status" | 
					
						
							|  |  |  |  |   local myCONF="/data/tpot/etc/logrotate/logrotate.conf" | 
					
						
							| 
									
										
										
										
											2018-12-05 16:59:08 +00:00
										 |  |  |  |   local myADBHONEYTGZ="/data/adbhoney/downloads.tgz" | 
					
						
							|  |  |  |  |   local myADBHONEYDL="/data/adbhoney/downloads/" | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   local myCOWRIETTYLOGS="/data/cowrie/log/tty/" | 
					
						
							|  |  |  |  |   local myCOWRIETTYTGZ="/data/cowrie/log/ttylogs.tgz" | 
					
						
							|  |  |  |  |   local myCOWRIEDL="/data/cowrie/downloads/" | 
					
						
							|  |  |  |  |   local myCOWRIEDLTGZ="/data/cowrie/downloads.tgz" | 
					
						
							|  |  |  |  |   local myDIONAEABI="/data/dionaea/bistreams/" | 
					
						
							|  |  |  |  |   local myDIONAEABITGZ="/data/dionaea/bistreams.tgz" | 
					
						
							|  |  |  |  |   local myDIONAEABIN="/data/dionaea/binaries/" | 
					
						
							|  |  |  |  |   local myDIONAEABINTGZ="/data/dionaea/binaries.tgz" | 
					
						
							|  |  |  |  |   local myHONEYTRAPATTACKS="/data/honeytrap/attacks/" | 
					
						
							|  |  |  |  |   local myHONEYTRAPATTACKSTGZ="/data/honeytrap/attacks.tgz" | 
					
						
							|  |  |  |  |   local myHONEYTRAPDL="/data/honeytrap/downloads/" | 
					
						
							|  |  |  |  |   local myHONEYTRAPDLTGZ="/data/honeytrap/downloads.tgz" | 
					
						
							| 
									
										
										
										
											2018-05-28 21:46:51 +00:00
										 |  |  |  |   local myTANNERF="/data/tanner/files/" | 
					
						
							|  |  |  |  |   local myTANNERFTGZ="/data/tanner/files.tgz" | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  | # Ensure correct permissions and ownerships for logrotate to run without issues | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  | chmod 770 /data/ -R | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | chown tpot:tpot /data -R | 
					
						
							| 
									
										
										
										
											2018-02-16 14:17:34 +00:00
										 |  |  |  | chmod 644 /data/nginx/conf -R | 
					
						
							|  |  |  |  | chmod 644 /data/nginx/cert -R | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  | # Run logrotate with force (-f) first, so the status file can be written and race conditions (with tar) be avoided | 
					
						
							|  |  |  |  | logrotate -f -s $mySTATUS $myCONF | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | # Compressing some folders first and rotate them later | 
					
						
							| 
									
										
										
										
											2019-12-24 10:31:54 +00:00
										 |  |  |  | if [ "$(fuEMPTY $myADBHONEYDL)" != "0" ]; then tar -I $myPIGZ -cvf $myADBHONEYTGZ $myADBHONEYDL; fi | 
					
						
							|  |  |  |  | if [ "$(fuEMPTY $myCOWRIETTYLOGS)" != "0" ]; then tar -I $myPIGZ -cvf $myCOWRIETTYTGZ $myCOWRIETTYLOGS; fi | 
					
						
							|  |  |  |  | if [ "$(fuEMPTY $myCOWRIEDL)" != "0" ]; then tar -I $myPIGZ -cvf $myCOWRIEDLTGZ $myCOWRIEDL; fi | 
					
						
							|  |  |  |  | if [ "$(fuEMPTY $myDIONAEABI)" != "0" ]; then tar -I $myPIGZ -cvf $myDIONAEABITGZ $myDIONAEABI; fi | 
					
						
							|  |  |  |  | if [ "$(fuEMPTY $myDIONAEABIN)" != "0" ]; then tar -I $myPIGZ -cvf $myDIONAEABINTGZ $myDIONAEABIN; fi | 
					
						
							|  |  |  |  | if [ "$(fuEMPTY $myHONEYTRAPATTACKS)" != "0" ]; then tar -I $myPIGZ -cvf $myHONEYTRAPATTACKSTGZ $myHONEYTRAPATTACKS; fi | 
					
						
							|  |  |  |  | if [ "$(fuEMPTY $myHONEYTRAPDL)" != "0" ]; then tar -I $myPIGZ -cvf $myHONEYTRAPDLTGZ $myHONEYTRAPDL; fi | 
					
						
							|  |  |  |  | if [ "$(fuEMPTY $myTANNERF)" != "0" ]; then tar -I $myPIGZ -cvf $myTANNERFTGZ $myTANNERF; fi | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  | # Ensure correct permissions and ownership for previously created archives | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  | chmod 770 $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ | 
					
						
							| 
									
										
										
										
											2018-12-05 16:59:08 +00:00
										 |  |  |  | chown tpot:tpot $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  | # Need to remove subfolders since too many files cause rm to exit with errors | 
					
						
							| 
									
										
										
										
											2018-12-05 16:59:08 +00:00
										 |  |  |  | rm -rf $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  | # Recreate subfolders with correct permissions and ownership | 
					
						
							| 
									
										
										
										
											2018-12-05 16:59:08 +00:00
										 |  |  |  | mkdir -p $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  | chmod 770 $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF | 
					
						
							| 
									
										
										
										
											2018-12-05 16:59:08 +00:00
										 |  |  |  | chown tpot:tpot $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  | # Run logrotate again to account for previously created archives - DO NOT FORCE HERE! | 
					
						
							|  |  |  |  | logrotate -s $mySTATUS $myCONF | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-12-05 16:59:08 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare honeytrap data | 
					
						
							|  |  |  |  | fuADBHONEY () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/adbhoney/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/adbhoney/log/ /data/adbhoney/downloads/ | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/adbhoney/ -R | 
					
						
							| 
									
										
										
										
											2018-12-05 16:59:08 +00:00
										 |  |  |  |   chown tpot:tpot /data/adbhoney/ -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-30 16:41:46 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare ciscoasa data | 
					
						
							|  |  |  |  | fuCISCOASA () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/ciscoasa/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/ciscoasa/log | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/ciscoasa -R | 
					
						
							| 
									
										
										
										
											2018-03-30 16:41:46 +00:00
										 |  |  |  |   chown tpot:tpot /data/ciscoasa -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-01-15 12:14:23 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare citrixhoneypot data | 
					
						
							|  |  |  |  | fuCITRIXHONEYPOT () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/citrixhoneypot/*; fi | 
					
						
							| 
									
										
										
										
											2020-01-27 08:51:34 +00:00
										 |  |  |  |   mkdir -p /data/citrixhoneypot/logs/ | 
					
						
							| 
									
										
										
										
											2020-01-15 12:14:23 +00:00
										 |  |  |  |   chmod 770 /data/citrixhoneypot/ -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/citrixhoneypot/ -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare conpot data | 
					
						
							|  |  |  |  | fuCONPOT () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/conpot/log | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/conpot -R | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot /data/conpot -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | # Let's create a function to clean up and prepare cowrie data | 
					
						
							|  |  |  |  | fuCOWRIE () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/cowrie/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/cowrie/log/tty/ /data/cowrie/downloads/ /data/cowrie/keys/ /data/cowrie/misc/ | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/cowrie -R | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot /data/cowrie -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-08-24 11:51:01 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare ddospot data | 
					
						
							|  |  |  |  | fuDDOSPOT () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/ddospot/log; fi | 
					
						
							| 
									
										
										
										
											2023-04-30 20:51:03 +00:00
										 |  |  |  |   mkdir -p /data/ddospot/bl /data/ddospot/db /data/ddospot/log | 
					
						
							| 
									
										
										
										
											2021-08-24 11:51:01 +00:00
										 |  |  |  |   chmod 770 /data/ddospot -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/ddospot -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-06-18 16:38:43 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare dicompot data | 
					
						
							|  |  |  |  | fuDICOMPOT () { | 
					
						
							| 
									
										
										
										
											2020-06-28 20:03:14 +00:00
										 |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/dicompot/log; fi | 
					
						
							| 
									
										
										
										
											2020-06-18 16:38:43 +00:00
										 |  |  |  |   mkdir -p /data/dicompot/log | 
					
						
							| 
									
										
										
										
											2020-06-28 20:03:14 +00:00
										 |  |  |  |   mkdir -p /data/dicompot/images | 
					
						
							| 
									
										
										
										
											2020-06-18 16:38:43 +00:00
										 |  |  |  |   chmod 770 /data/dicompot -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/dicompot -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare dionaea data | 
					
						
							|  |  |  |  | fuDIONAEA () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/dionaea/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/roots/ftp /data/dionaea/roots/tftp /data/dionaea/roots/www /data/dionaea/roots/upnp | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/dionaea -R | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot /data/dionaea -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | # Let's create a function to clean up and prepare elasticpot data | 
					
						
							|  |  |  |  | fuELASTICPOT () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/elasticpot/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/elasticpot/log | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/elasticpot -R | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot /data/elasticpot -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | # Let's create a function to clean up and prepare elk data | 
					
						
							|  |  |  |  | fuELK () { | 
					
						
							|  |  |  |  |   # ELK data will be kept for <= 90 days, check /etc/crontab for curator modification | 
					
						
							|  |  |  |  |   # ELK daemon log files will be removed | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/elk/log/*; fi | 
					
						
							| 
									
										
										
										
											2018-06-24 00:38:41 +00:00
										 |  |  |  |   mkdir -p /data/elk | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/elk -R | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot /data/elk -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-08-24 11:51:01 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare endlessh data | 
					
						
							|  |  |  |  | fuENDLESSH () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/endlessh/log; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/endlessh/log | 
					
						
							|  |  |  |  |   chmod 770 /data/endlessh -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/endlessh -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-06-01 17:47:14 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare fatt data | 
					
						
							|  |  |  |  | fuFATT () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/fatt/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/fatt/log | 
					
						
							|  |  |  |  |   chmod 770 -R /data/fatt | 
					
						
							|  |  |  |  |   chown tpot:tpot -R /data/fatt | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-04-16 22:05:16 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare glastopf data | 
					
						
							|  |  |  |  | fuGLUTTON () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/glutton/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/glutton/log | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/glutton -R | 
					
						
							| 
									
										
										
										
											2018-04-16 22:05:16 +00:00
										 |  |  |  |   chown tpot:tpot /data/glutton -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-08-24 11:51:01 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare hellpot data | 
					
						
							|  |  |  |  | fuHELLPOT () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/hellpot/log; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/hellpot/log | 
					
						
							|  |  |  |  |   chmod 770 /data/hellpot -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/hellpot -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-30 16:41:46 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare heralding data | 
					
						
							|  |  |  |  | fuHERALDING () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/heralding/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/heralding/log | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/heralding -R | 
					
						
							| 
									
										
										
										
											2018-03-30 16:41:46 +00:00
										 |  |  |  |   chown tpot:tpot /data/heralding -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-11-18 20:32:48 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare honeypots data | 
					
						
							|  |  |  |  | fuHONEYPOTS () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/honeypots/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/honeypots/log | 
					
						
							|  |  |  |  |   chmod 770 /data/honeypots -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/honeypots -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-06-19 11:54:50 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare honeysap data | 
					
						
							|  |  |  |  | fuHONEYSAP () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/honeysap/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/honeysap/log | 
					
						
							|  |  |  |  |   chmod 770 /data/honeysap -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/honeysap -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare honeytrap data | 
					
						
							|  |  |  |  | fuHONEYTRAP () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/honeytrap/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/honeytrap/ -R | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot /data/honeytrap/ -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-08-24 21:36:08 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare ipphoney data | 
					
						
							|  |  |  |  | fuIPPHONEY () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/ipphoney/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/ipphoney/log | 
					
						
							|  |  |  |  |   chmod 770 /data/ipphoney -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/ipphoney -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-12-16 20:25:40 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare log4pot data | 
					
						
							|  |  |  |  | fuLOG4POT () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/log4pot/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/log4pot/log | 
					
						
							|  |  |  |  |   chmod 770 /data/log4pot -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/log4pot -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare mailoney data | 
					
						
							|  |  |  |  | fuMAILONEY () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/mailoney/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/mailoney/log/ | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/mailoney/ -R | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot /data/mailoney/ -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-09-09 18:38:47 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare mailoney data | 
					
						
							|  |  |  |  | fuMEDPOT () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/medpot/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/medpot/log/ | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/medpot/ -R | 
					
						
							| 
									
										
										
										
											2018-09-09 18:38:47 +00:00
										 |  |  |  |   chown tpot:tpot /data/medpot/ -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-16 14:17:34 +00:00
										 |  |  |  | # Let's create a function to clean up nginx logs | 
					
						
							|  |  |  |  | fuNGINX () { | 
					
						
							| 
									
										
										
										
											2018-06-04 14:36:46 +00:00
										 |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/nginx/log/*; fi | 
					
						
							| 
									
										
										
										
											2018-06-24 00:38:41 +00:00
										 |  |  |  |   touch /data/nginx/log/error.log | 
					
						
							| 
									
										
										
										
											2018-02-16 14:17:34 +00:00
										 |  |  |  |   chmod 644 /data/nginx/conf -R | 
					
						
							|  |  |  |  |   chmod 644 /data/nginx/cert -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare rdpy data | 
					
						
							|  |  |  |  | fuRDPY () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/rdpy/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/rdpy/log/ | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 /data/rdpy/ -R | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot /data/rdpy/ -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-08-24 11:51:01 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare redishoneypot data | 
					
						
							|  |  |  |  | fuREDISHONEYPOT () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/redishoneypot/log; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/redishoneypot/log | 
					
						
							|  |  |  |  |   chmod 770 /data/redishoneypot -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/redishoneypot -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-02-23 23:19:18 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare sentrypeer data | 
					
						
							|  |  |  |  | fuSENTRYPEER () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/sentrypeer/log; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/sentrypeer/log | 
					
						
							|  |  |  |  |   chmod 770 /data/sentrypeer -R | 
					
						
							|  |  |  |  |   chown tpot:tpot /data/sentrypeer -R | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | # Let's create a function to prepare spiderfoot db | 
					
						
							|  |  |  |  | fuSPIDERFOOT () { | 
					
						
							|  |  |  |  |   mkdir -p /data/spiderfoot | 
					
						
							|  |  |  |  |   touch /data/spiderfoot/spiderfoot.db | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 -R /data/spiderfoot | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot -R /data/spiderfoot | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | # Let's create a function to clean up and prepare suricata data | 
					
						
							|  |  |  |  | fuSURICATA () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/suricata/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/suricata/log | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 -R /data/suricata | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot -R /data/suricata | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | # Let's create a function to clean up and prepare p0f data | 
					
						
							|  |  |  |  | fuP0F () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/p0f/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/p0f/log | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 -R /data/p0f | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   chown tpot:tpot -R /data/p0f | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-05-28 21:46:51 +00:00
										 |  |  |  | # Let's create a function to clean up and prepare p0f data | 
					
						
							|  |  |  |  | fuTANNER () { | 
					
						
							|  |  |  |  |   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/tanner/*; fi | 
					
						
							|  |  |  |  |   mkdir -p /data/tanner/log /data/tanner/files | 
					
						
							| 
									
										
										
										
											2019-05-08 11:16:48 +00:00
										 |  |  |  |   chmod 770 -R /data/tanner | 
					
						
							| 
									
										
										
										
											2018-05-28 21:46:51 +00:00
										 |  |  |  |   chown tpot:tpot -R /data/tanner | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  | # Avoid unwanted cleaning | 
					
						
							|  |  |  |  | if [ "$myPERSISTENCE" = "" ]; | 
					
						
							|  |  |  |  |   then | 
					
						
							|  |  |  |  |     echo $myRED"!!! WARNING !!! - This will delete ALL honeypot logs. "$myWHITE | 
					
						
							|  |  |  |  |     while [ "$myQST" != "y" ] && [ "$myQST" != "n" ]; | 
					
						
							|  |  |  |  |       do | 
					
						
							|  |  |  |  |         read -p "Continue? (y/n) " myQST | 
					
						
							|  |  |  |  |     done | 
					
						
							|  |  |  |  |     if [ "$myQST" = "n" ]; | 
					
						
							|  |  |  |  |       then | 
					
						
							|  |  |  |  |         echo $myGREEN"Puuh! That was close! Aborting!"$myWHITE | 
					
						
							|  |  |  |  |         exit | 
					
						
							|  |  |  |  |     fi | 
					
						
							|  |  |  |  | fi | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | # Check persistence, if enabled compress and rotate logs | 
					
						
							|  |  |  |  | if [ "$myPERSISTENCE" = "on" ]; | 
					
						
							|  |  |  |  |   then | 
					
						
							|  |  |  |  |     echo "Persistence enabled, now rotating and compressing logs." | 
					
						
							|  |  |  |  |     fuLOGROTATE | 
					
						
							|  |  |  |  |   else | 
					
						
							|  |  |  |  |     echo "Cleaning up and preparing data folders." | 
					
						
							| 
									
										
										
										
											2018-12-05 16:59:08 +00:00
										 |  |  |  |     fuADBHONEY | 
					
						
							| 
									
										
										
										
											2018-03-30 16:41:46 +00:00
										 |  |  |  |     fuCISCOASA | 
					
						
							| 
									
										
										
										
											2020-01-15 12:14:23 +00:00
										 |  |  |  |     fuCITRIXHONEYPOT | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |     fuCONPOT | 
					
						
							|  |  |  |  |     fuCOWRIE | 
					
						
							| 
									
										
										
										
											2021-08-24 11:51:01 +00:00
										 |  |  |  |     fuDDOSPOT | 
					
						
							| 
									
										
										
										
											2020-06-18 16:38:43 +00:00
										 |  |  |  |     fuDICOMPOT | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |     fuDIONAEA | 
					
						
							|  |  |  |  |     fuELASTICPOT | 
					
						
							|  |  |  |  |     fuELK | 
					
						
							| 
									
										
										
										
											2021-08-24 11:51:01 +00:00
										 |  |  |  |     fuENDLESSH | 
					
						
							| 
									
										
										
										
											2019-06-01 17:47:14 +00:00
										 |  |  |  |     fuFATT | 
					
						
							| 
									
										
										
										
											2018-04-16 22:05:16 +00:00
										 |  |  |  |     fuGLUTTON | 
					
						
							| 
									
										
										
										
											2018-03-30 16:41:46 +00:00
										 |  |  |  |     fuHERALDING | 
					
						
							| 
									
										
										
										
											2021-08-24 11:51:01 +00:00
										 |  |  |  |     fuHELLPOT | 
					
						
							| 
									
										
										
										
											2020-06-19 11:54:50 +00:00
										 |  |  |  |     fuHONEYSAP | 
					
						
							| 
									
										
										
										
											2021-11-18 20:32:48 +00:00
										 |  |  |  |     fuHONEYPOTS | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |     fuHONEYTRAP | 
					
						
							| 
									
										
										
										
											2020-08-24 21:36:08 +00:00
										 |  |  |  |     fuIPPHONEY | 
					
						
							| 
									
										
										
										
											2021-12-16 20:25:40 +00:00
										 |  |  |  |     fuLOG4POT | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |     fuMAILONEY | 
					
						
							| 
									
										
										
										
											2018-09-09 18:38:47 +00:00
										 |  |  |  |     fuMEDPOT | 
					
						
							| 
									
										
										
										
											2018-02-16 14:17:34 +00:00
										 |  |  |  |     fuNGINX | 
					
						
							| 
									
										
										
										
											2021-08-24 11:51:01 +00:00
										 |  |  |  |     fuREDISHONEYPOT | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |     fuRDPY | 
					
						
							| 
									
										
										
										
											2022-02-23 23:19:18 +00:00
										 |  |  |  |     fuSENTRYPEER | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |     fuSPIDERFOOT | 
					
						
							|  |  |  |  |     fuSURICATA | 
					
						
							|  |  |  |  |     fuP0F | 
					
						
							| 
									
										
										
										
											2018-05-28 21:46:51 +00:00
										 |  |  |  |     fuTANNER | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  |  |   fi |