mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-04-19 21:52:27 +00:00
Merge 50beeef63a into 84447e686d
This commit is contained in:
M Rizky Satrio
GitHub
commit
5bd1f910bc
1 changed files with 130 additions and 68 deletions
198
install.sh
198
install.sh
|
|
@ -1,5 +1,67 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
|
||||||
|
print_help() {
|
||||||
|
echo "Usage: $0 [-s y|n] [-t h|s|l|i|m|t] -u <webuser name> -p <password for web user>"
|
||||||
|
echo " -s: yes or no (optional)"
|
||||||
|
echo " -t: h (host),s (sensor), l (llm), i(mini),m(mobile),t(tarpit) (optional)"
|
||||||
|
echo " -u: web username (optional)"
|
||||||
|
echo " -p: password for web user (optional)"
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
validate_s() {
|
||||||
|
if [[ -n "$myQST" ]]; then
|
||||||
|
if [[ "$myQST" =~ ^[yYnN]$ ]]; then
|
||||||
|
return 1 # Valid
|
||||||
|
else
|
||||||
|
print_help
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
print_help
|
||||||
|
fi
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
validate_t() {
|
||||||
|
if [[ -n "$myTPOT_TYPE" ]]; then
|
||||||
|
if [[ "$myTPOT_TYPE" =~ ^[hslimtHSLIMT]$ ]]; then
|
||||||
|
return 1 # Valid
|
||||||
|
else
|
||||||
|
print_help
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
print_help
|
||||||
|
fi
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
while getopts ":s:t:u:p:" opt; do
|
||||||
|
case "$opt" in
|
||||||
|
s)
|
||||||
|
myQST="${OPTARG}"
|
||||||
|
validate_s
|
||||||
|
;;
|
||||||
|
t)
|
||||||
|
myTPOT_TYPE="${OPTARG}"
|
||||||
|
validate_t
|
||||||
|
;;
|
||||||
|
u)
|
||||||
|
export myWEB_USER="${OPTARG}"
|
||||||
|
;;
|
||||||
|
p)
|
||||||
|
export myWEB_PW="${OPTARG}"
|
||||||
|
;;
|
||||||
|
:)
|
||||||
|
echo "Option -${OPTARG} requires an argument."
|
||||||
|
print_help
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
\?)
|
||||||
|
print_help
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
myINSTALL_NOTIFICATION="### Now installing required packages ..."
|
myINSTALL_NOTIFICATION="### Now installing required packages ..."
|
||||||
myUSER=$(whoami)
|
myUSER=$(whoami)
|
||||||
myTPOT_CONF_FILE="/home/${myUSER}/tpotce/.env"
|
myTPOT_CONF_FILE="/home/${myUSER}/tpotce/.env"
|
||||||
|
|
@ -43,12 +105,13 @@ echo "$myINSTALLER"
|
||||||
echo
|
echo
|
||||||
echo
|
echo
|
||||||
echo "### This script will now install T-Pot and all of its dependencies."
|
echo "### This script will now install T-Pot and all of its dependencies."
|
||||||
while [ "${myQST}" != "y" ] && [ "${myQST}" != "n" ];
|
if [[ -z "$myQST" ]]; then
|
||||||
do
|
while [ "${myQST}" != "y" ] && [ "${myQST}" != "n" ]; do
|
||||||
echo
|
echo
|
||||||
read -p "### Install? (y/n) " myQST
|
read -p "### Install? (y/n) " myQST
|
||||||
echo
|
echo
|
||||||
done
|
done
|
||||||
|
fi
|
||||||
if [ "${myQST}" = "n" ];
|
if [ "${myQST}" = "n" ];
|
||||||
then
|
then
|
||||||
echo
|
echo
|
||||||
|
|
@ -183,7 +246,10 @@ echo "### Feed data endlessly to attackers, bots and scanners."
|
||||||
echo "### Also runs a Denial of Service Honeypot (ddospot)."
|
echo "### Also runs a Denial of Service Honeypot (ddospot)."
|
||||||
echo
|
echo
|
||||||
while true; do
|
while true; do
|
||||||
read -p "### Install Type? (h/s/l/i/m/t) " myTPOT_TYPE
|
if [[ -z "$myTPOT_TYPE" ]]; then
|
||||||
|
read -p "### Install Type? (h/s/l/i/m/t) " myTPOT_TYPE
|
||||||
|
fi
|
||||||
|
|
||||||
case "${myTPOT_TYPE}" in
|
case "${myTPOT_TYPE}" in
|
||||||
h|H)
|
h|H)
|
||||||
echo
|
echo
|
||||||
|
|
@ -234,75 +300,71 @@ done
|
||||||
if [ "${myTPOT_TYPE}" == "HIVE" ];
|
if [ "${myTPOT_TYPE}" == "HIVE" ];
|
||||||
# If T-Pot Type is HIVE ask for WebUI username and password
|
# If T-Pot Type is HIVE ask for WebUI username and password
|
||||||
then
|
then
|
||||||
# Preparing web user for T-Pot
|
# Preparing web user for T-Pot
|
||||||
echo
|
echo
|
||||||
echo "### T-Pot User Configuration ..."
|
echo "### T-Pot User Configuration ..."
|
||||||
echo
|
echo
|
||||||
# Asking for web user name
|
# Asking for web user name
|
||||||
myWEB_USER=""
|
if [[ -z "$myWEB_USER" ]]; then
|
||||||
while [ 1 != 2 ];
|
myWEB_USER=""
|
||||||
do
|
while [ 1 != 2 ]; do
|
||||||
myOK=""
|
myOK=""
|
||||||
read -rp "### Enter your web user name: " myWEB_USER
|
read -rp "### Enter your web user name: " myWEB_USER
|
||||||
myWEB_USER=$(echo $myWEB_USER | tr -cd "[:alnum:]_.-")
|
myWEB_USER=$(echo $myWEB_USER | tr -cd "[:alnum:]_.-")
|
||||||
echo "### Your username is: ${myWEB_USER}"
|
echo "### Your username is: ${myWEB_USER}"
|
||||||
while [[ ! "${myOK}" =~ [YyNn] ]];
|
while [[ ! "${myOK}" =~ [YyNn] ]]; do
|
||||||
do
|
read -rp "### Is this correct? (y/n) " myOK
|
||||||
read -rp "### Is this correct? (y/n) " myOK
|
done
|
||||||
done
|
if [[ "${myOK}" =~ [Yy] ]] && [ "$myWEB_USER" != "" ]; then
|
||||||
if [[ "${myOK}" =~ [Yy] ]] && [ "$myWEB_USER" != "" ];
|
break
|
||||||
then
|
else
|
||||||
break
|
echo
|
||||||
else
|
fi
|
||||||
echo
|
done
|
||||||
fi
|
fi
|
||||||
done
|
|
||||||
|
|
||||||
# Asking for web user password
|
# Asking for web user password
|
||||||
myWEB_PW="pass1"
|
if [[ -z "$myWEB_PW" ]]; then
|
||||||
myWEB_PW2="pass2"
|
myWEB_PW="pass1"
|
||||||
mySECURE=0
|
myWEB_PW2="pass2"
|
||||||
myOK=""
|
mySECURE=0
|
||||||
while [ "${myWEB_PW}" != "${myWEB_PW2}" ] && [ "${mySECURE}" == "0" ]
|
myOK=""
|
||||||
do
|
while [ "${myWEB_PW}" != "${myWEB_PW2}" ] && [ "${mySECURE}" == "0" ]; do
|
||||||
echo
|
echo
|
||||||
while [ "${myWEB_PW}" == "pass1" ] || [ "${myWEB_PW}" == "" ]
|
while [ "${myWEB_PW}" == "pass1" ] || [ "${myWEB_PW}" == "" ]; do
|
||||||
do
|
read -rsp "### Enter password for your web user: " myWEB_PW
|
||||||
read -rsp "### Enter password for your web user: " myWEB_PW
|
echo
|
||||||
echo
|
done
|
||||||
done
|
read -rsp "### Repeat password you your web user: " myWEB_PW2
|
||||||
read -rsp "### Repeat password you your web user: " myWEB_PW2
|
echo
|
||||||
echo
|
if [ "${myWEB_PW}" != "${myWEB_PW2}" ]; then
|
||||||
if [ "${myWEB_PW}" != "${myWEB_PW2}" ];
|
echo "### Passwords do not match."
|
||||||
then
|
myWEB_PW="pass1"
|
||||||
echo "### Passwords do not match."
|
myWEB_PW2="pass2"
|
||||||
myWEB_PW="pass1"
|
fi
|
||||||
myWEB_PW2="pass2"
|
mySECURE=$(printf "%s" "$myWEB_PW" | /usr/sbin/cracklib-check | grep -c "OK")
|
||||||
fi
|
if [ "$mySECURE" == "0" ] && [ "$myWEB_PW" == "$myWEB_PW2" ]; then
|
||||||
mySECURE=$(printf "%s" "$myWEB_PW" | /usr/sbin/cracklib-check | grep -c "OK")
|
while [[ ! "${myOK}" =~ [YyNn] ]]; do
|
||||||
if [ "$mySECURE" == "0" ] && [ "$myWEB_PW" == "$myWEB_PW2" ];
|
read -rp "### Keep insecure password? (y/n) " myOK
|
||||||
then
|
done
|
||||||
while [[ ! "${myOK}" =~ [YyNn] ]];
|
if [[ "${myOK}" =~ [Nn] ]] || [ "$myWEB_PW" == "" ]; then
|
||||||
do
|
myWEB_PW="pass1"
|
||||||
read -rp "### Keep insecure password? (y/n) " myOK
|
myWEB_PW2="pass2"
|
||||||
done
|
mySECURE=0
|
||||||
if [[ "${myOK}" =~ [Nn] ]] || [ "$myWEB_PW" == "" ];
|
myOK=""
|
||||||
then
|
fi
|
||||||
myWEB_PW="pass1"
|
fi
|
||||||
myWEB_PW2="pass2"
|
done
|
||||||
mySECURE=0
|
fi
|
||||||
myOK=""
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
# Write username and password to T-Pot config file
|
|
||||||
echo "### Creating base64 encoded htpasswd username and password for T-Pot config file: ${myTPOT_CONF_FILE}"
|
# Write username and password to T-Pot config file
|
||||||
myWEB_USER_ENC=$(htpasswd -b -n "${myWEB_USER}" "${myWEB_PW}")
|
echo "### Creating base64 encoded htpasswd username and password for T-Pot config file: ${myTPOT_CONF_FILE}"
|
||||||
|
myWEB_USER_ENC=$(htpasswd -b -n "${myWEB_USER}" "${myWEB_PW}")
|
||||||
myWEB_USER_ENC_B64=$(echo -n "${myWEB_USER_ENC}" | base64 -w0)
|
myWEB_USER_ENC_B64=$(echo -n "${myWEB_USER_ENC}" | base64 -w0)
|
||||||
|
|
||||||
echo
|
echo
|
||||||
sed -i "s|^WEB_USER=.*|WEB_USER=${myWEB_USER_ENC_B64}|" ${myTPOT_CONF_FILE}
|
sed -i "s|^WEB_USER=.*|WEB_USER=${myWEB_USER_ENC_B64}|" ${myTPOT_CONF_FILE}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Pull docker images
|
# Pull docker images
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue