mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-04-19 13:42:26 +00:00
Merge 50beeef63a into 84447e686d
This commit is contained in:
M Rizky Satrio
GitHub
commit
5bd1f910bc
1 changed files with 130 additions and 68 deletions
198
install.sh
198
install.sh
|
|
@ -1,5 +1,67 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
|
||||
print_help() {
|
||||
echo "Usage: $0 [-s y|n] [-t h|s|l|i|m|t] -u <webuser name> -p <password for web user>"
|
||||
echo " -s: yes or no (optional)"
|
||||
echo " -t: h (host),s (sensor), l (llm), i(mini),m(mobile),t(tarpit) (optional)"
|
||||
echo " -u: web username (optional)"
|
||||
echo " -p: password for web user (optional)"
|
||||
exit 1
|
||||
}
|
||||
|
||||
validate_s() {
|
||||
if [[ -n "$myQST" ]]; then
|
||||
if [[ "$myQST" =~ ^[yYnN]$ ]]; then
|
||||
return 1 # Valid
|
||||
else
|
||||
print_help
|
||||
fi
|
||||
else
|
||||
print_help
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
validate_t() {
|
||||
if [[ -n "$myTPOT_TYPE" ]]; then
|
||||
if [[ "$myTPOT_TYPE" =~ ^[hslimtHSLIMT]$ ]]; then
|
||||
return 1 # Valid
|
||||
else
|
||||
print_help
|
||||
fi
|
||||
else
|
||||
print_help
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
while getopts ":s:t:u:p:" opt; do
|
||||
case "$opt" in
|
||||
s)
|
||||
myQST="${OPTARG}"
|
||||
validate_s
|
||||
;;
|
||||
t)
|
||||
myTPOT_TYPE="${OPTARG}"
|
||||
validate_t
|
||||
;;
|
||||
u)
|
||||
export myWEB_USER="${OPTARG}"
|
||||
;;
|
||||
p)
|
||||
export myWEB_PW="${OPTARG}"
|
||||
;;
|
||||
:)
|
||||
echo "Option -${OPTARG} requires an argument."
|
||||
print_help
|
||||
exit 1
|
||||
;;
|
||||
\?)
|
||||
print_help
|
||||
;;
|
||||
esac
|
||||
done
|
||||
myINSTALL_NOTIFICATION="### Now installing required packages ..."
|
||||
myUSER=$(whoami)
|
||||
myTPOT_CONF_FILE="/home/${myUSER}/tpotce/.env"
|
||||
|
|
@ -43,12 +105,13 @@ echo "$myINSTALLER"
|
|||
echo
|
||||
echo
|
||||
echo "### This script will now install T-Pot and all of its dependencies."
|
||||
while [ "${myQST}" != "y" ] && [ "${myQST}" != "n" ];
|
||||
do
|
||||
if [[ -z "$myQST" ]]; then
|
||||
while [ "${myQST}" != "y" ] && [ "${myQST}" != "n" ]; do
|
||||
echo
|
||||
read -p "### Install? (y/n) " myQST
|
||||
echo
|
||||
done
|
||||
fi
|
||||
if [ "${myQST}" = "n" ];
|
||||
then
|
||||
echo
|
||||
|
|
@ -183,7 +246,10 @@ echo "### Feed data endlessly to attackers, bots and scanners."
|
|||
echo "### Also runs a Denial of Service Honeypot (ddospot)."
|
||||
echo
|
||||
while true; do
|
||||
read -p "### Install Type? (h/s/l/i/m/t) " myTPOT_TYPE
|
||||
if [[ -z "$myTPOT_TYPE" ]]; then
|
||||
read -p "### Install Type? (h/s/l/i/m/t) " myTPOT_TYPE
|
||||
fi
|
||||
|
||||
case "${myTPOT_TYPE}" in
|
||||
h|H)
|
||||
echo
|
||||
|
|
@ -234,75 +300,71 @@ done
|
|||
if [ "${myTPOT_TYPE}" == "HIVE" ];
|
||||
# If T-Pot Type is HIVE ask for WebUI username and password
|
||||
then
|
||||
# Preparing web user for T-Pot
|
||||
echo
|
||||
echo "### T-Pot User Configuration ..."
|
||||
echo
|
||||
# Asking for web user name
|
||||
myWEB_USER=""
|
||||
while [ 1 != 2 ];
|
||||
do
|
||||
myOK=""
|
||||
read -rp "### Enter your web user name: " myWEB_USER
|
||||
myWEB_USER=$(echo $myWEB_USER | tr -cd "[:alnum:]_.-")
|
||||
echo "### Your username is: ${myWEB_USER}"
|
||||
while [[ ! "${myOK}" =~ [YyNn] ]];
|
||||
do
|
||||
read -rp "### Is this correct? (y/n) " myOK
|
||||
done
|
||||
if [[ "${myOK}" =~ [Yy] ]] && [ "$myWEB_USER" != "" ];
|
||||
then
|
||||
break
|
||||
else
|
||||
echo
|
||||
fi
|
||||
done
|
||||
# Preparing web user for T-Pot
|
||||
echo
|
||||
echo "### T-Pot User Configuration ..."
|
||||
echo
|
||||
# Asking for web user name
|
||||
if [[ -z "$myWEB_USER" ]]; then
|
||||
myWEB_USER=""
|
||||
while [ 1 != 2 ]; do
|
||||
myOK=""
|
||||
read -rp "### Enter your web user name: " myWEB_USER
|
||||
myWEB_USER=$(echo $myWEB_USER | tr -cd "[:alnum:]_.-")
|
||||
echo "### Your username is: ${myWEB_USER}"
|
||||
while [[ ! "${myOK}" =~ [YyNn] ]]; do
|
||||
read -rp "### Is this correct? (y/n) " myOK
|
||||
done
|
||||
if [[ "${myOK}" =~ [Yy] ]] && [ "$myWEB_USER" != "" ]; then
|
||||
break
|
||||
else
|
||||
echo
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# Asking for web user password
|
||||
myWEB_PW="pass1"
|
||||
myWEB_PW2="pass2"
|
||||
mySECURE=0
|
||||
myOK=""
|
||||
while [ "${myWEB_PW}" != "${myWEB_PW2}" ] && [ "${mySECURE}" == "0" ]
|
||||
do
|
||||
echo
|
||||
while [ "${myWEB_PW}" == "pass1" ] || [ "${myWEB_PW}" == "" ]
|
||||
do
|
||||
read -rsp "### Enter password for your web user: " myWEB_PW
|
||||
echo
|
||||
done
|
||||
read -rsp "### Repeat password you your web user: " myWEB_PW2
|
||||
echo
|
||||
if [ "${myWEB_PW}" != "${myWEB_PW2}" ];
|
||||
then
|
||||
echo "### Passwords do not match."
|
||||
myWEB_PW="pass1"
|
||||
myWEB_PW2="pass2"
|
||||
fi
|
||||
mySECURE=$(printf "%s" "$myWEB_PW" | /usr/sbin/cracklib-check | grep -c "OK")
|
||||
if [ "$mySECURE" == "0" ] && [ "$myWEB_PW" == "$myWEB_PW2" ];
|
||||
then
|
||||
while [[ ! "${myOK}" =~ [YyNn] ]];
|
||||
do
|
||||
read -rp "### Keep insecure password? (y/n) " myOK
|
||||
done
|
||||
if [[ "${myOK}" =~ [Nn] ]] || [ "$myWEB_PW" == "" ];
|
||||
then
|
||||
myWEB_PW="pass1"
|
||||
myWEB_PW2="pass2"
|
||||
mySECURE=0
|
||||
myOK=""
|
||||
fi
|
||||
fi
|
||||
done
|
||||
# Asking for web user password
|
||||
if [[ -z "$myWEB_PW" ]]; then
|
||||
myWEB_PW="pass1"
|
||||
myWEB_PW2="pass2"
|
||||
mySECURE=0
|
||||
myOK=""
|
||||
while [ "${myWEB_PW}" != "${myWEB_PW2}" ] && [ "${mySECURE}" == "0" ]; do
|
||||
echo
|
||||
while [ "${myWEB_PW}" == "pass1" ] || [ "${myWEB_PW}" == "" ]; do
|
||||
read -rsp "### Enter password for your web user: " myWEB_PW
|
||||
echo
|
||||
done
|
||||
read -rsp "### Repeat password you your web user: " myWEB_PW2
|
||||
echo
|
||||
if [ "${myWEB_PW}" != "${myWEB_PW2}" ]; then
|
||||
echo "### Passwords do not match."
|
||||
myWEB_PW="pass1"
|
||||
myWEB_PW2="pass2"
|
||||
fi
|
||||
mySECURE=$(printf "%s" "$myWEB_PW" | /usr/sbin/cracklib-check | grep -c "OK")
|
||||
if [ "$mySECURE" == "0" ] && [ "$myWEB_PW" == "$myWEB_PW2" ]; then
|
||||
while [[ ! "${myOK}" =~ [YyNn] ]]; do
|
||||
read -rp "### Keep insecure password? (y/n) " myOK
|
||||
done
|
||||
if [[ "${myOK}" =~ [Nn] ]] || [ "$myWEB_PW" == "" ]; then
|
||||
myWEB_PW="pass1"
|
||||
myWEB_PW2="pass2"
|
||||
mySECURE=0
|
||||
myOK=""
|
||||
fi
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# Write username and password to T-Pot config file
|
||||
echo "### Creating base64 encoded htpasswd username and password for T-Pot config file: ${myTPOT_CONF_FILE}"
|
||||
myWEB_USER_ENC=$(htpasswd -b -n "${myWEB_USER}" "${myWEB_PW}")
|
||||
|
||||
# Write username and password to T-Pot config file
|
||||
echo "### Creating base64 encoded htpasswd username and password for T-Pot config file: ${myTPOT_CONF_FILE}"
|
||||
myWEB_USER_ENC=$(htpasswd -b -n "${myWEB_USER}" "${myWEB_PW}")
|
||||
myWEB_USER_ENC_B64=$(echo -n "${myWEB_USER_ENC}" | base64 -w0)
|
||||
|
||||
echo
|
||||
sed -i "s|^WEB_USER=.*|WEB_USER=${myWEB_USER_ENC_B64}|" ${myTPOT_CONF_FILE}
|
||||
echo
|
||||
sed -i "s|^WEB_USER=.*|WEB_USER=${myWEB_USER_ENC_B64}|" ${myTPOT_CONF_FILE}
|
||||
fi
|
||||
|
||||
# Pull docker images
|
||||
|
|
|
|||
Loading…
Reference in a new issue