Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-19 21:52:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Init

Browse source
This commit is contained in:
t3chn0m4g3 2014-11-28 18:02:20 +01:00
parent d8158ecf51
commit 6bd6f4bbdb
7 changed files with 831 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
installer/install1.sh Executable file
View file

@ -0,0 +1,14 @@
#!/bin/bash
#############################################################
# T-Pot Community Edition - disable splash boot permanently #
# Ubuntu server 14.04, x64 #
# #
# v0.04 by mo, 2014-11-28 #
#############################################################
# Let's comment out the "quiet splash" options and update grub
sed -i.bak 's#GRUB_CMDLINE_LINUX_DEFAULT#\#GRUB_CMDLINE_LINUX_DEFAULT#' /etc/default/grub
update-grub
# Let's move the install script to rc.local and reboot
mv /root/install.sh /etc/rc.local && sleep 2 && reboot

261
installer/install2.sh Executable file
View file

@ -0,0 +1,261 @@
#!/bin/bash
########################################################
# T-Pot Community Edition post install script #
# Ubuntu server 14.04, x64 #
# #
# v0.15 by mo, DTAG, 2014-11-28 #
########################################################
# Let's make sure there is a warning if running for a second time
if [ -f install.log ];
then fuECHO "### Running more than once may complicate things. Erase install.log if you are really sure."
exit 1;
fi
# Let's log for the beauty of it
set -e
exec 2> >(tee "install.err")
exec > >(tee "install.log")
# Let's create a function for colorful output
fuECHO () {
local myRED=1
local myWHT=7
tput setaf $myRED
echo $1 "$2"
tput setaf $myWHT
}
# Let's modify the sources list
sed -i '/cdrom/d' /etc/apt/sources.list
# Let's add the docker repository
fuECHO "### Adding docker repository."
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
tee /etc/apt/sources.list.d/docker.list <<EOF
deb https://get.docker.io/ubuntu docker main
EOF
# Let's pull some updates
fuECHO "### Pulling Updates."
apt-get update -y
fuECHO "### Installing Updates."
apt-get dist-upgrade -y
# Let's install all the packages we need
fuECHO "### Installing packages."
apt-get install ntp lxc-docker git -y
# Create the data partition and limit its size
# If we want to extent the size of that filesystem later, without loss of data:
# resize2fs -p data.img 8192M
#fuECHO "### Creating data partition (Please be patient, this may take a while)."
#mkdir -p /opt/virtual-disk/
#dd if=/dev/zero of=/opt/virtual-disk/data.ext4 bs=1024 count=4096000
#mkfs.ext4 /opt/virtual-disk/data.ext4 -F
#tee -a /etc/fstab <<EOF
#/opt/virtual-disk/data.ext4 /data ext4 loop,rw,nosuid
#EOF
#mkdir -p /data
#mount /opt/virtual-disk/data.ext4 -o loop,rw,nosuid
# Let's add a new user
fuECHO "### Adding new user."
addgroup --gid 2000 tpot
adduser --system --no-create-home --uid 2000 --disabled-password --disabled-login --gid 2000 tpot
# Let's create some files and folders
fuECHO "### Creating some files and folders."
mkdir -p /data/ews/log /data/ews/conf
#mkdir -p /data/puppet/
# Let's modify the ownership / access rights
chmod 760 -R /data
chown tpot:tpot -R /data
# Let's set the hostname
fuECHO "### Setting a new hostname."
myHOST=ce$(date +%s)$RANDOM
hostnamectl set-hostname $myHOST
sed -i 's/127.0.1.1.*/127.0.1.1\t'"$myHOST"'/g' /etc/hosts
#echo $myHOST > /data/puppet/name.conf
# Let's patch sshd_config
fuECHO "### Patching sshd_config to listen on port 64295 and deny password authentication."
sed -i 's#Port 22#Port 64295#' /etc/ssh/sshd_config
sed -i 's#\#PasswordAuthentication yes#PasswordAuthentication no#' /etc/ssh/sshd_config
# Disable ssh service
mv /etc/init/ssh.conf /etc/init/ssh.conf.disable
# Let's add the ssh keys
#fuECHO "### Adding ssh keys for the admin user."
#mkdir -p /home/admin/.ssh/
#tee /home/admin/.ssh/authorized_keys <<EOF
#ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA8f8Dq8/XuVZl3M8ARxPQNz74T46Gez8nFTV6xjGKh6VZmyU8BL/+ERXSTJg47HsncNLEpqHgPnZTTh1hZK7HxJvPLQ1JrfPO7Fbl2B5Qy26yzAYJTnHQYUBMGTpI8gmLczE6eZcGuK0huMOoot+m7WeIMHQbzZcuNAknPsxBhJHY4s3rvElrJnY7ckz4mroqRSZXvu6w7igthUX3a1A+xsxVmxUatzFJ1Ky4jYswKFdcNPA77/nRckxtt86ORpqJq/r2PjDpuv2JpRha9zdUDpvpdCIQJFM1SdRyGMSrvbMyEWZBCTB3YF/GmQT04sfEytqHUY7zbK7kzNyDhXeg5Q== av@telekom
#ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCt6Af5L8FYaNiDG0JKHPlJDLAbXklK5wVHj1IYqLINR8dIBcGcFwIF+YoJypZmsf1geta9WPjEW8bpd4G6XiYYg6YNRYxgBZScSb0WGVn0rHBMH+cuQxkhIdHucEMq4JFsRTVFWXjpQspu6p5gQxafGHnsLY/RYrgFy9XktS7Ha0Tfa6WXxpF72jyCoRRBUKF8CSip1XFaHIIY0xA0wTHZpmAI7dea4XA44oVDfr6g/4CTDTPQJiwn0HrRnZjgqJPzCT4gyXv+L6c5lcdrob4JpRj/YIis6aD6AMw4PeDsp3d/P9L2Vm9+p2a5Xx5U5cfGNUanvkvicrzZC1v+v3H9 mo@telekom
#ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHM2Pht1q6VDfRs+gPYu3/Eg5wgFfQrM45A+jRduskcIJSlwO5m/dMEipc10Y+Ut+tIST8ydQA8ZTYicinOjoCbSUju7sTDRb5jMs60nBRaj4BmzCQOqo4hidt3iX8+IpU9JUl8RR5rQzwDsWTdkhuCEEjiD+2YDdJO5kjMoaa1UW19iFEOLY582psoDTmkNY9MOfhoJla4S7m0A6eOMfq4DO/eKMKgOxJ0W8K6fQjSAyMSmqlamirxSjZ2OGohS7r1JVYhTdU6cmJxYRVNa2Rr8BHn8uf1cR4uaV49CfqJgx3W5YMjSjc3nCLt0csfdQd+sur25Gv0033liq7ZQFR ms@telekom
#EOF
#chmod 700 -R /home/admin/.ssh
#chmod 600 /home/admin/.ssh/authorized_keys
#chown admin:admin -R /home/admin/.ssh
# Let's patch docker defaults, so we can run images as service
fuECHO "### Patching docker defaults."
tee -a /etc/default/docker <<EOF
DOCKER_OPTS="-r=false"
EOF
# Let's create an upstart config for the dionaea docker image
fuECHO "### Adding upstart config for the dionaea docker image."
tee -a /etc/init/dionaea.conf <<EOF
description "Dionaea"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
script
sleep 1
/usr/bin/docker run --name dionaea --cap-add=NET_ADMIN --rm -p 21:21 -p 42:42 -p 8080:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 3306:3306 -p 5061:5061 -p 5060:5060 -p 69:69/udp -p 5060:5060/udp -v /data/dionaea dtagdevsec/dionaea
end script
post-stop script
sleep 1
/usr/bin/docker rm dionaea
end script
EOF
# Let's create an upstart config for the ews docker image
fuECHO "### Adding upstart config for the ews docker image."
tee -a /etc/init/ews.conf <<EOF
description "EWS"
author "mo"
start on started docker and filesystem and started dionaea and started honeytrap and started kippo and started glastopf
stop on runlevel [!2345]
respawn
script
sleep 15
/usr/bin/docker run --name ews --volumes-from dionaea --volumes-from glastopf --volumes-from honeytrap --volumes-from kippo --rm -v /data/ews/:/data/ews/ --link kippo:kippo dtagdevsec/ews
end script
post-stop script
sleep 1
/usr/bin/docker rm ews
end script
EOF
# Let's create an upstart config for the glastopf docker image
fuECHO "### Adding upstart config for the glastopf docker image."
tee -a /etc/init/glastopf.conf <<EOF
description "Glastopf"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
script
sleep 1
/usr/bin/docker run --name glastopf --rm -p 80:80 -v /data/glastopf dtagdevsec/glastopf
end script
post-stop script
sleep 1
/usr/bin/docker rm glastopf
end script
EOF
# Let's create an upstart config for the honeytrap docker image
fuECHO "### Adding upstart config for the honeytrap docker image."
tee -a /etc/init/honeytrap.conf <<EOF
description "Honeytrap"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
pre-start script
sleep 1
/sbin/iptables -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
end script
script
sleep 1
/usr/bin/docker run --name honeytrap --cap-add=NET_ADMIN --net=host --rm -v /data/honeytrap dtagdevsec/honeytrap
end script
post-stop script
sleep 1
/sbin/iptables -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
/usr/bin/docker rm honeytrap
end script
EOF
# Let's create an upstart config for the kippo docker image
fuECHO "### Adding upstart config for the kippo docker image."
tee -a /etc/init/kippo.conf <<EOF
description "Kippo"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
script
sleep 1
/usr/bin/docker run --name kippo --rm -p 22:2222 -v /data/kippo dtagdevsec/kippo
end script
post-stop script
sleep 1
/usr/bin/docker rm kippo
end script
EOF
# Let's load docker images from local
#fuECHO "### Loading docker images from local."
#cd /root/images
#for name in dionaea ews glastopf honeytrap kippo
#do
# docker load -i $(ls $name*)
# docker tag $(ls $name* | cut -d "_" -f 2 | cut -c-12) t3chn0m4g3/beehive:$name
#done
#cd /root
#rm -rf /root/images
# Let's load docker images from remote
fuECHO "### Downloading docker images from DockerHub. Please be patient, this may take a while."
for name in dionaea ews glastopf honeytrap kippo
do
docker pull dtagdevsec/$name
done
# Let's add the daily update check with a weekly clean interval
fuECHO "### Modifying update checks."
tee /etc/apt/apt.conf.d/10periodic <<EOF
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "0";
APT::Periodic::AutocleanInterval "7";
EOF
# Let's add a nice and useful issue text and update rc.local accordingly
fuECHO "### Adding a nice and useful issue text and updating rc.local accordingly."
tee /etc/issue <<EOF
T-Pot Community Edition
Hostname: \n
IP:
xxx .
xxx xxx ==
xxx xxx xxx ===
/""""""""""""""""\___/ ===
~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ / ===- ~~~
\______ o __/
\ \ __/
\____\______/
EOF
echo "#!/bin/sh -e" > /etc/rc.local.new
echo "# Let's add the first local ip to the /etc/issue file" >> /etc/rc.local.new
echo 'sed -i "s#IP:.*#IP: ""$(hostname -I | awk '"'"'{ print $1 }'"'"')""#" /etc/issue' >> /etc/rc.local.new
echo "exit 0" >> /etc/rc.local.new
chmod +x /etc/rc.local.new
# Final steps
fuECHO "### Thanks for your patience. Now rebooting."
mv /etc/rc.local.new /etc/rc.local && chage -d 0 tsec && sleep 2 && reboot

357
installer/install2.sh.backup Executable file
View file

@ -0,0 +1,357 @@
#!/bin/bash
########################################################
# Beehive post install script #
# Ubuntu server 14.04, x64 #
# #
# v0.12 by MO, DTAG, 2014-11-07 #
########################################################
# Let's make sure there is a warning if running for a second time
if [ -f install.log ];
then fuECHO "### Running more than once may complicate things. Erase install.log if you are really sure."
exit 1;
fi
# Let's log for the beauty of it
set -e
exec 2> >(tee "install.err")
exec > >(tee "install.log")
# Let's create a function for colorful output
fuECHO () {
local myRED=1
local myWHT=7
tput setaf $myRED
echo $1 "$2"
tput setaf $myWHT
}
# Let's modify the sources list
sed -i '/cdrom/d' /etc/apt/sources.list
# Let's add the docker repository
fuECHO "### Adding docker repository."
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
tee /etc/apt/sources.list.d/docker.list <<EOF
deb https://get.docker.io/ubuntu docker main
EOF
# Let's pull some updates
fuECHO "### Pulling Updates."
apt-get update -y
fuECHO "### Installing Updates."
apt-get dist-upgrade -y
# Let's install all the packages we need
fuECHO "### Installing packages."
apt-get install ntp lxc-docker puppet git -y
# Create the data partition and limit its size
# Reminder if you want to extent the size of the filesystem later, without loss of data:
# resize2fs -p data.img 8192M
fuECHO "### Creating data partition (Please be patient, this may take a while)."
mkdir -p /opt/virtual-disk/
dd if=/dev/zero of=/opt/virtual-disk/data.ext4 bs=1024 count=4096000
mkfs.ext4 /opt/virtual-disk/data.ext4 -F
tee -a /etc/fstab <<EOF
/opt/virtual-disk/data.ext4 /data ext4 loop,rw,nosuid
EOF
mkdir -p /data
mount /opt/virtual-disk/data.ext4 -o loop,rw,nosuid
# Let's add a new user
fuECHO "### Adding new user."
addgroup --gid 2000 bee
adduser --system --no-create-home --uid 2000 --disabled-password --disabled-login --gid 2000 bee
# Let's create some files and folders
fuECHO "### Creating some files and folders."
mkdir -p /data/ews
mkdir -p /data/ews/log
mkdir -p /data/ews/data
#mkdir -p /data/dionaea
#mkdir -p /data/dionaea/log
#mkdir -p /data/dionaea/bistreams
#mkdir -p /data/dionaea/binaries
#mkdir -p /data/dionaea/rtp
#mkdir -p /data/dionaea/wwwroot
mkdir -p /data/glastopf
tee /data/glastopf/glastopf.cfg <<EOF
[webserver]
host = 0.0.0.0
port = 80
uid = bee
gid = bee
proxy_enabled = False
#Generic logging for general monitoring
[logging]
consolelog_enabled = True
filelog_enabled = True
logfile = log/glastopf.log
[dork-db]
enabled = True
pattern = rfi
#Extracts dorks from a online dorks service operated by The Honeynet Project
mnem_service = True
[hpfeed]
enabled = False
host = hpfriends.honeycloud.net
port = 20000
secret =
# channels comma separated
chan_events = glastopf.events
chan_files = glastopf.files
ident =
[main-database]
#If disabled a sqlite database will be created (db/glastopf.db)
#to be used as dork storage.
enabled = True
#mongodb or sqlalchemy connection string, ex:
#mongodb://localhost:27017/glastopf
#mongodb://james:bond@localhost:27017/glastopf
#mysql://james:bond@somehost.com/glastopf
connection_string = sqlite:///db/glastopf.db
[surfcertids]
enabled = False
host = localhost
port = 5432
user =
password =
database = idsserver
[syslog]
enabled = False
socket = /dev/log
[mail]
enabled = False
# an email notification will be sent only if a specified matched pattern is identified.
# Use the wildcard char *, to be notified every time
patterns = rfi,lfi
user =
pwd =
mail_from =
mail_to =
smtp_host = smtp.gmail.com
smtp_port = 587
[taxii]
enabled = False
host = taxiitest.mitre.org
port = 80
inbox_path = /services/inbox/default/
use_https = False
use_auth_basic = False
auth_basic_username = your_username
auth_basic_password = your_password
use_auth_certificate = False
auth_certificate_keyfile = full_path_to_keyfile
auth_certificate_certfile = full_path_to_certfile
include_contact_info = False
contact_name = ...
contact_email = ...
[misc]
# set webserver banner
banner = Apache/2.0.48
EOF
mkdir -p /data/honeytrap
mkdir -p /data/honeytrap/log
mkdir -p /data/honeytrap/data
mkdir -p /data/honeytrap/attacks
mkdir -p /data/honeytrap/downloads
mkdir -p /data/kippo
mkdir -p /data/kippo/data
mkdir -p /data/kippo/log
mkdir -p /data/kippo/log/tty
tee /data/kippo/userdb.txt << EOF
root:0:12345
EOF
mkdir -p /data/puppet
# Let's set the hostname
fuECHO "### Setting a new hostname."
#myHOST=ce$(ifconfig docker0 | grep HWaddr | awk '{ print $5 }' | tr -d ":")
myHOST=ce$(date +%s)$RANDOM
hostnamectl set-hostname $myHOST
sed -i 's/127.0.1.1.*/127.0.1.1\t'"$myHOST"'/g' /etc/hosts
echo $myHOST > /data/puppet/name.conf
# Let's modify the ownership / access rights
chmod 760 -R /data
chown bee:bee -R /data
# Let's patch sshd_config
fuECHO "### Patching sshd_config to listen on port 64295 and deny password authentication."
sed -i 's#Port 22#Port 64295#' /etc/ssh/sshd_config
sed -i 's#\#PasswordAuthentication yes#PasswordAuthentication no#' /etc/ssh/sshd_config
# Let's add the ssh keys
fuECHO "### Adding ssh keys for the hive user."
mkdir -p /home/hive/.ssh/
tee /home/hive/.ssh/authorized_keys <<EOF
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA8f8Dq8/XuVZl3M8ARxPQNz74T46Gez8nFTV6xjGKh6VZmyU8BL/+ERXSTJg47HsncNLEpqHgPnZTTh1hZK7HxJvPLQ1JrfPO7Fbl2B5Qy26yzAYJTnHQYUBMGTpI8gmLczE6eZcGuK0huMOoot+m7WeIMHQbzZcuNAknPsxBhJHY4s3rvElrJnY7ckz4mroqRSZXvu6w7igthUX3a1A+xsxVmxUatzFJ1Ky4jYswKFdcNPA77/nRckxtt86ORpqJq/r2PjDpuv2JpRha9zdUDpvpdCIQJFM1SdRyGMSrvbMyEWZBCTB3YF/GmQT04sfEytqHUY7zbK7kzNyDhXeg5Q== av@telekom
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCt6Af5L8FYaNiDG0JKHPlJDLAbXklK5wVHj1IYqLINR8dIBcGcFwIF+YoJypZmsf1geta9WPjEW8bpd4G6XiYYg6YNRYxgBZScSb0WGVn0rHBMH+cuQxkhIdHucEMq4JFsRTVFWXjpQspu6p5gQxafGHnsLY/RYrgFy9XktS7Ha0Tfa6WXxpF72jyCoRRBUKF8CSip1XFaHIIY0xA0wTHZpmAI7dea4XA44oVDfr6g/4CTDTPQJiwn0HrRnZjgqJPzCT4gyXv+L6c5lcdrob4JpRj/YIis6aD6AMw4PeDsp3d/P9L2Vm9+p2a5Xx5U5cfGNUanvkvicrzZC1v+v3H9 mo@telekom
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHM2Pht1q6VDfRs+gPYu3/Eg5wgFfQrM45A+jRduskcIJSlwO5m/dMEipc10Y+Ut+tIST8ydQA8ZTYicinOjoCbSUju7sTDRb5jMs60nBRaj4BmzCQOqo4hidt3iX8+IpU9JUl8RR5rQzwDsWTdkhuCEEjiD+2YDdJO5kjMoaa1UW19iFEOLY582psoDTmkNY9MOfhoJla4S7m0A6eOMfq4DO/eKMKgOxJ0W8K6fQjSAyMSmqlamirxSjZ2OGohS7r1JVYhTdU6cmJxYRVNa2Rr8BHn8uf1cR4uaV49CfqJgx3W5YMjSjc3nCLt0csfdQd+sur25Gv0033liq7ZQFR ms@telekom
EOF
chmod 700 -R /home/hive/.ssh
chmod 600 /home/hive/.ssh/authorized_keys
chown hive:hive -R /home/hive/.ssh
# Let's patch docker defaults, so we can run images as service
fuECHO "### Patching docker defaults."
tee -a /etc/default/docker <<EOF
DOCKER_OPTS="-r=false"
EOF
# Let's create an upstart config for the dionaea docker image
fuECHO "### Adding upstart config for the dionaea docker image."
tee -a /etc/init/dionaea.conf <<EOF
description "Dionaea"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
script
sleep 1
/usr/bin/docker run --name dionaea --cap-add=NET_ADMIN --rm -p 21:21 -p 42:42 -p 8080:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 3306:3306 -p 5061:5061 -p 5060:5060 -p 69:69/udp -p 5060:5060/udp -v /data/dionaea t3chn0m4g3/beehive:dionaea
end script
post-stop script
sleep 1
/usr/bin/docker rm dionaea
end script
EOF
# Let's create an upstart config for the ews docker image
fuECHO "### Adding upstart config for the ews docker image."
tee -a /etc/init/ews.conf <<EOF
description "EWS"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
script
sleep 1
/usr/bin/docker run --name ews --rm -v /data/:/data/ --link kippo:kippo t3chn0m4g3/beehive:ews
end script
post-stop script
sleep 1
/usr/bin/docker rm ews
end script
EOF
# Let's create an upstart config for the glastopf docker image
fuECHO "### Adding upstart config for the glastopf docker image."
tee -a /etc/init/glastopf.conf <<EOF
description "Glastopf"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
script
sleep 1
/usr/bin/docker run --name glastopf --rm -p 80:80 -v /data/glastopf:/data/glastopf t3chn0m4g3/beehive:glastopf
end script
post-stop script
sleep 1
/usr/bin/docker rm glastopf
end script
EOF
# Let's create an upstart config for the honeytrap docker image
fuECHO "### Adding upstart config for the honeytrap docker image."
tee -a /etc/init/honeytrap.conf <<EOF
description "Honeytrap"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
pre-start script
sleep 1
/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
end script
script
sleep 1
/usr/bin/docker run --name honeytrap --cap-add=NET_ADMIN --net=host --rm -v /data/honeytrap:/data/honeytrap t3chn0m4g3/beehive:honeytrap
end script
post-stop script
sleep 1
/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
/usr/bin/docker rm honeytrap
end script
EOF
# Let's create an upstart config for the kippo docker image
fuECHO "### Adding upstart config for the kippo docker image."
tee -a /etc/init/kippo.conf <<EOF
description "Kippo"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
script
sleep 1
/usr/bin/docker run --name kippo --rm -p 22:2222 -v /data/kippo:/data/kippo t3chn0m4g3/beehive:kippo
end script
post-stop script
sleep 1
/usr/bin/docker rm kippo
end script
EOF
# Let's load docker images from local
fuECHO "### Loading docker images from local."
cd /root/images
for name in dionaea ews glastopf honeytrap kippo
do
docker load -i $(ls $name*)
docker tag $(ls $name* | cut -d "_" -f 2 | cut -c-12) t3chn0m4g3/beehive:$name
done
cd /root
rm -rf /root/images
# Let's add the daily update check with a weekly clean interval
fuECHO "### Modifying update checks."
tee /etc/apt/apt.conf.d/10periodic <<EOF
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "0";
APT::Periodic::AutocleanInterval "7";
EOF
# Let's add a nice and useful issue text and update rc.local accordingly
fuECHO "### Adding a nice and useful issue text and updating rc.local accordingly."
tee /etc/issue <<EOF
Beehive 14.04.1 Alpha
Hostname: \n
IP:
xxx .
xxx xxx ==
xxx xxx xxx ===
/""""""""""""""""\___/ ===
~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ / ===- ~~~
\______ o __/
\ \ __/
\____\______/
EOF
echo "#!/bin/sh -e" > /etc/rc.local.new
echo "# Let's add the first local ip to the /etc/issue file" >> /etc/rc.local.new
echo 'sed -i "s#IP:.*#IP: ""$(hostname -I | awk '"'"'{ print $1 }'"'"')""#" /etc/issue' >> /etc/rc.local.new
echo "exit 0" >> /etc/rc.local.new
chmod +x /etc/rc.local.new
# Final steps
fuECHO "### Thanks for your patience. Now rebooting."
mv /etc/rc.local.new /etc/rc.local && sleep 2 && reboot

5
isolinux/txt.cfg Executable file
View file

@ -0,0 +1,5 @@
default install
label install
menu label ^Install T-Pot Community Edition
kernel /install/vmlinuz
append file=/cdrom/tpotce/tpotce.seed initrd=/install/initrd.gz ks=cdrom:/tpotce/ks.cfg debian-installer/locale=en_US console-setup/ask_detect=false keyboard-configuration/layoutcode=de --

41
kickstart/ks.cfg Normal file
View file

@ -0,0 +1,41 @@
#Generated by Kickstart Configurator
#platform=AMD64 or Intel EM64T
#System language
lang en_US
#Language modules to install
langsupport en_US
#System keyboard
keyboard de
#System mouse
mouse
#System timezone
timezone Europe/Berlin
#Root password
rootpw --disabled
#Initial user
user tsec --fullname "tsec" --iscrypted --password $1$jAw1TW8v$a2WFamxQJfpPYZmn4qJT71
#Reboot after installation
reboot
#Use text mode install
text
#Install OS instead of upgrade
install
#Use CDROM installation media
cdrom
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr yes
#Partition clearing information
clearpart --all --initlabel
#Disk partitioning information
part swap --recommended
part /data --fstype ext4 --size 8192
part / --fstype ext4 --size 1 --grow
#System authorization infomation
auth --useshadow --enablemd5
#Firewall configuration
firewall --disabled
#Do not configure the X Window System
skipx

71
makeiso.sh Executable file
View file

@ -0,0 +1,71 @@
#!/bin/bash
########################################################
# .iso maker for tpotce #
# #
# #
# v0.01 by mo, 2014-11-28 #
########################################################
# Let's define some global vars
myUBUNTULINK="http://de.releases.ubuntu.com/14.04.1/ubuntu-14.04.1-server-amd64.iso"
myUBUNTUISO="ubuntu-14.04.1-server-amd64.iso"
myTPOTCEISO="tpotce.iso"
myTPOTCEDIR="tpotceiso"
myTMP="tmp"
# Let's create a function for colorful output
fuECHO () {
local myRED=1
local myWHT=7
tput setaf $myRED
echo $1 "$2"
tput setaf $myWHT
}
# Let's install all the packages we need
fuECHO "### Installing packages."
apt-get install mkisofs isolinux -y
# Let's get Ubuntu 14.04.1 as .iso
fuECHO "### Downloading Ubuntu 14.04.1."
if [ ! -f $myUBUNTUFILE ]
then wget $myUBUNTULINK;
else fuECHO "### Found it locally."
fi
# Let's loop mount it and copy all contents
fuECHO "### Mounting .iso and copying all contents."
mkdir -p $myTMP $myTPOTCEDIR
losetup /dev/loop0 $myUBUNTUISO
mount /dev/loop0 $myTMP
cp -rT $myTMP $myTPOTCEDIR
chmod 777 -R $myTPOTCEDIR
umount $myTMP
losetup -d /dev/loop0
# Let's add the files for the automated install
fuECHO "### Adding the automated install files."
mkdir -p $myTPOTCEDIR/tpotce
cp installer/* $myTPOTCEDIR/tpotce/
cp isolinux/* $myTPOTCEDIR/isolinux/
cp kickstart/* $myTPOTCEDIR/tpotce/
cp preseed/* $myTPOTCEDIR/tpotce/
chmod 777 -R $myTPOTCEDIR
# Let's create the new .iso
fuECHO "### Now creating the .iso."
cd $myTPOTCEDIR
mkisofs -D -r -V "T-Pot CE" -cache-inodes -J -l -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -o ../$myTPOTCEISO ../$myTPOTCEDIR
cd ..
isohybrid $myTPOTCEISO
# Let's clean up
fuECHO "### Cleaning up."
rm -rf $myTMP $myTPOTCEDIR
# Done.
fuECHO "### Done."
fuECHO "### Install to usb stick"
fuECHO "###### Show devices: df"
fuECHO "###### Write to device: dd bs=1M if="$myTPOTCEISO" of=/dev/sdb"
exit 0

82
preseed/tpotce.seed Executable file
View file

@ -0,0 +1,82 @@
# Beehive preseed file by mo
# Setting locale
d-i debian-installer/language string en
d-i debian-installer/country string DE
d-i debian-installer/locale string en_US.UTF-8
# Keyboard selection
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/layoutcode string de
# Network Configuration
d-i netcfg/choose_interface select auto
d-i netcfg/dhcp_timeout string 60
d-i netcfg/get_hostname string t-pot
# Proxy
d-i mirror/http/proxy string
# Time
d-i clock-setup/utc boolean true
d-i time/zone string Europe/Berlin
d-i clock-setup/ntp boolean true
# Partitioning
# old, not working with nuc
#d-i partman-auto/init_automatically_partition select biggest_free
#d-i partman-auto/choose_recipe select atomic
#d-i partman-auto/method string regular
#d-i partman-lvm/confirm boolean true
#d-i partman-lvm/confirm_nooverwrite boolean true
#d-i partman-lvm/device_remove_lvm boolean true
#d-i partman-md/device_remove_md boolean true
#d-i partman/default_filesystem string ext4
#d-i partman-partitioning/confirm_write_new_label boolean true
#d-i partman/choose_partition select finish
#d-i partman/confirm boolean true
#d-i partman/confirm_nooverwrite boolean true
# testing, works with nuc, but trying ks file first
#d-i partman-auto/disk string /dev/sda
#d-i partman-auto/choose_recipe select atomic
#d-i partman-auto/method string regular
#d-i partman-lvm/confirm boolean true
#d-i partman-lvm/confirm_nooverwrite boolean true
#d-i partman-lvm/device_remove_lvm boolean true
#d-i partman-md/device_remove_md boolean true
#d-i partman/default_filesystem string ext4
#d-i partman-partitioning/confirm_write_new_label boolean true
#d-i partman/choose_partition select finish
#d-i partman/confirm boolean true
#d-i partman/confirm_nooverwrite boolean true
# User setup
#d-i passwd/user-fullname string admin
#d-i passwd/username string admin
# Encrypted using an MD5 hash (printf "password" | mkpasswd -s -m md5)
#d-i passwd/user-password-crypted password $1$8deB8hXr$S/5SDG559KmAPGAL62s3i1
#d-i user-setup/allow-password-weak boolean true
#d-i user-setup/encrypt-home boolean false
# Package Groups
tasksel tasksel/first multiselect ubuntu-server
# Packages
d-i pkgsel/include string openssh-server
# Update Policy
d-i pkgsel/update-policy select unattended-upgrades
# Grub
#d-i grub-installer/only_debian boolean true
# Post install
d-i preseed/late_command string \
cp /cdrom/tpotce/install1.sh /target/etc/rc.local; \
cp /cdrom/tpotce/install2.sh /target/root/install.sh
#mkdir -p /target/root/images/; \
#cp /cdrom/tpotce/images/* /target/root/images/
# Reboot
d-i finish-install/reboot_in_progress note