diff --git a/installer/bin/backup_es_folders.sh b/bin/backup_es_folders.sh similarity index 100% rename from installer/bin/backup_es_folders.sh rename to bin/backup_es_folders.sh diff --git a/installer/bin/clean.sh b/bin/clean.sh similarity index 98% rename from installer/bin/clean.sh rename to bin/clean.sh index ce121d97..44c805f9 100755 --- a/installer/bin/clean.sh +++ b/bin/clean.sh @@ -18,8 +18,8 @@ echo $(ls $myFOLDER | wc -l) # Let's create a function to rotate and compress logs fuLOGROTATE () { - local mySTATUS="/etc/tpot/logrotate/status" - local myCONF="/etc/tpot/logrotate/logrotate.conf" + local mySTATUS="/opt/tpot/etc/logrotate/status" + local myCONF="/opt/tpot/etc/logrotate/logrotate.conf" local myCOWRIETTYLOGS="/data/cowrie/log/tty/" local myCOWRIETTYTGZ="/data/cowrie/log/ttylogs.tgz" local myCOWRIEDL="/data/cowrie/downloads/" diff --git a/installer/bin/dps.sh b/bin/dps.sh similarity index 95% rename from installer/bin/dps.sh rename to bin/dps.sh index 0c262732..8de11cba 100755 --- a/installer/bin/dps.sh +++ b/bin/dps.sh @@ -1,7 +1,7 @@ #/bin/bash # Show current status of all running containers myPARAM="$1" -myIMAGES="$(cat /etc/tpot/tpot.yml | grep -v '#' | grep container_name | cut -d: -f2)" +myIMAGES="$(cat /opt/tpot/etc/tpot.yml | grep -v '#' | grep container_name | cut -d: -f2)" myRED="" myGREEN="" myBLUE="" diff --git a/installer/bin/dump_es.sh b/bin/dump_es.sh similarity index 100% rename from installer/bin/dump_es.sh rename to bin/dump_es.sh diff --git a/installer/bin/export_kibana-objects.sh b/bin/export_kibana-objects.sh similarity index 100% rename from installer/bin/export_kibana-objects.sh rename to bin/export_kibana-objects.sh diff --git a/installer/bin/import_kibana-objects.sh b/bin/import_kibana-objects.sh similarity index 100% rename from installer/bin/import_kibana-objects.sh rename to bin/import_kibana-objects.sh diff --git a/bin/myip.sh b/bin/myip.sh new file mode 100755 index 00000000..e464b421 --- /dev/null +++ b/bin/myip.sh @@ -0,0 +1,103 @@ +#!/bin/bash + +## Get my external IP + +timeout=2 # seconds to wait for a reply before trying next server +verbose=1 # prints which server was used to STDERR + +dnslist=( + "dig +short myip.opendns.com @resolver1.opendns.com" + "dig +short myip.opendns.com @resolver2.opendns.com" + "dig +short myip.opendns.com @resolver3.opendns.com" + "dig +short myip.opendns.com @resolver4.opendns.com" + "dig +short -4 -t a whoami.akamai.net @ns1-1.akamaitech.net" + "dig +short whoami.akamai.net @ns1-1.akamaitech.net" +) + +httplist=( + alma.ch/myip.cgi + api.infoip.io/ip + api.ipify.org + bot.whatismyipaddress.com + canhazip.com + checkip.amazonaws.com + eth0.me + icanhazip.com + ident.me + ipecho.net/plain + ipinfo.io/ip + ipof.in/txt + ip.tyk.nu + l2.io/ip + smart-ip.net/myip + wgetip.com + whatismyip.akamai.com +) + +# function to check for valid ip +function valid_ip() +{ + local ip=$1 + local stat=1 + + if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then + OIFS=$IFS + IFS='.' + ip=($ip) + IFS=$OIFS + [[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \ + && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]] + stat=$? + fi + return $stat +} + +# function to shuffle the global array "array" +shuffle() { + local i tmp size max rand + size=${#array[*]} + max=$(( 32768 / size * size )) + for ((i=size-1; i>0; i--)); do + while (( (rand=$RANDOM) >= max )); do :; done + rand=$(( rand % (i+1) )) + tmp=${array[i]} array[i]=${array[rand]} array[rand]=$tmp + done +} +# if we have dig and a list of dns methods, try that first +if hash dig 2>/dev/null && [ ${#dnslist[*]} -gt 0 ]; then + eval array=( \"\${dnslist[@]}\" ) + shuffle + for cmd in "${array[@]}"; do + [ "$verbose" == 1 ] && echo Trying: $cmd 1>&2 + ip=$(timeout $timeout $cmd) + if [ -n "$ip" ]; then + if valid_ip $ip; then + echo $ip + exit + fi + fi + done +fi +# if we haven't succeeded with DNS, try HTTP +if [ ${#httplist[*]} == 0 ]; then + echo "No hosts in httplist array!" >&2 + exit 1 +fi +# use curl or wget, depending on which one we find +curl_or_wget=$(if hash curl 2>/dev/null; then echo "curl -s"; elif hash wget 2>/dev/null; then echo "wget -qO-"; fi); +if [ -z "$curl_or_wget" ]; then + echo "Neither curl nor wget found. Cannot use http method." >&2 + exit 1 +fi +eval array=( \"\${httplist[@]}\" ) +shuffle +for url in "${array[@]}"; do + [ "$verbose" == 1 ] && echo Trying: $curl_or_wget "$url" 1>&2 + ip=$(timeout $timeout $curl_or_wget "$url") + if [ -n "$ip" ]; then + if valid_ip $ip; then + echo $ip + exit + fi + fi +done diff --git a/installer/bin/restore_es.sh b/bin/restore_es.sh similarity index 100% rename from installer/bin/restore_es.sh rename to bin/restore_es.sh diff --git a/installer/bin/updateip.sh b/bin/updateip.sh similarity index 89% rename from installer/bin/updateip.sh rename to bin/updateip.sh index f9c0892a..fb9ff9cd 100755 --- a/installer/bin/updateip.sh +++ b/bin/updateip.sh @@ -3,7 +3,7 @@ # If the external IP cannot be detected, the internal IP will be inherited. source /etc/environment myLOCALIP=$(hostname -I | awk '{ print $1 }') -myEXTIP=$(/usr/share/tpot/bin/myip.sh) +myEXTIP=$(/opt/tpot/bin/myip.sh) if [ "$myEXTIP" = "" ]; then myEXTIP=$myLOCALIP @@ -15,7 +15,7 @@ tee /data/ews/conf/ews.ip << EOF [MAIN] ip = $myEXTIP EOF -tee /etc/tpot/elk/environment << EOF +tee /opt/tpot/etc/compose/elk_environment << EOF MY_EXTIP=$myEXTIP MY_INTIP=$myLOCALIP MY_HOSTNAME=$HOSTNAME diff --git a/installer/etc/tpot/compose/all.yml b/etc/compose/all.yml similarity index 99% rename from installer/etc/tpot/compose/all.yml rename to etc/compose/all.yml index a5e4b2d0..0662a310 100644 --- a/installer/etc/tpot/compose/all.yml +++ b/etc/compose/all.yml @@ -142,7 +142,7 @@ services: elasticsearch: condition: service_healthy env_file: - - /etc/tpot/elk/environment + - /opt/tpot/etc/compose/elk_environment image: "dtagdevsec/logstash:1710" volumes: - /data:/data diff --git a/installer/etc/tpot/compose/hp.yml b/etc/compose/hp.yml similarity index 100% rename from installer/etc/tpot/compose/hp.yml rename to etc/compose/hp.yml diff --git a/installer/etc/tpot/compose/industrial.yml b/etc/compose/industrial.yml similarity index 98% rename from installer/etc/tpot/compose/industrial.yml rename to etc/compose/industrial.yml index aefeac65..847b05af 100644 --- a/installer/etc/tpot/compose/industrial.yml +++ b/etc/compose/industrial.yml @@ -67,7 +67,7 @@ services: elasticsearch: condition: service_healthy env_file: - - /etc/tpot/elk/environment + - /opt/tpot/etc/compose/elk_environment image: "dtagdevsec/logstash:1710" volumes: - /data:/data diff --git a/installer/etc/tpot/compose/tpot.yml b/etc/compose/tpot.yml similarity index 99% rename from installer/etc/tpot/compose/tpot.yml rename to etc/compose/tpot.yml index d7097bb2..7d09982d 100644 --- a/installer/etc/tpot/compose/tpot.yml +++ b/etc/compose/tpot.yml @@ -127,7 +127,7 @@ services: elasticsearch: condition: service_healthy env_file: - - /etc/tpot/elk/environment + - /opt/tpot/etc/compose/elk_environment image: "dtagdevsec/logstash:1710" volumes: - /data:/data diff --git a/installer/etc/tpot/curator/actions.yml b/etc/curator/actions.yml similarity index 100% rename from installer/etc/tpot/curator/actions.yml rename to etc/curator/actions.yml diff --git a/installer/etc/tpot/curator/curator.yml b/etc/curator/curator.yml similarity index 100% rename from installer/etc/tpot/curator/curator.yml rename to etc/curator/curator.yml diff --git a/installer/etc/tpot/logrotate/logrotate.conf b/etc/logrotate/logrotate.conf similarity index 100% rename from installer/etc/tpot/logrotate/logrotate.conf rename to etc/logrotate/logrotate.conf diff --git a/installer/etc/tpot/elkbase.tgz b/etc/objects/elkbase.tgz similarity index 100% rename from installer/etc/tpot/elkbase.tgz rename to etc/objects/elkbase.tgz diff --git a/installer/etc/tpot/kibana-objects.tgz b/etc/objects/kibana-objects.tgz similarity index 100% rename from installer/etc/tpot/kibana-objects.tgz rename to etc/objects/kibana-objects.tgz diff --git a/installer/etc/dialogrc b/host/etc/dialogrc similarity index 100% rename from installer/etc/dialogrc rename to host/etc/dialogrc diff --git a/installer/etc/issue b/host/etc/issue similarity index 100% rename from installer/etc/issue rename to host/etc/issue diff --git a/installer/etc/nginx/nginx.conf b/host/etc/nginx/nginx.conf similarity index 100% rename from installer/etc/nginx/nginx.conf rename to host/etc/nginx/nginx.conf diff --git a/installer/etc/nginx/ssl/dhparam4096.pem b/host/etc/nginx/ssl/dhparam4096.pem similarity index 100% rename from installer/etc/nginx/ssl/dhparam4096.pem rename to host/etc/nginx/ssl/dhparam4096.pem diff --git a/installer/etc/nginx/ssl/gen-cert.sh b/host/etc/nginx/ssl/gen-cert.sh old mode 100755 new mode 100644 similarity index 100% rename from installer/etc/nginx/ssl/gen-cert.sh rename to host/etc/nginx/ssl/gen-cert.sh diff --git a/installer/etc/nginx/ssl/gen-dhparam.sh b/host/etc/nginx/ssl/gen-dhparam.sh old mode 100755 new mode 100644 similarity index 100% rename from installer/etc/nginx/ssl/gen-dhparam.sh rename to host/etc/nginx/ssl/gen-dhparam.sh diff --git a/installer/etc/nginx/tpotweb.conf b/host/etc/nginx/tpotweb.conf similarity index 100% rename from installer/etc/nginx/tpotweb.conf rename to host/etc/nginx/tpotweb.conf diff --git a/installer/etc/rc.local b/host/etc/rc.local similarity index 100% rename from installer/etc/rc.local rename to host/etc/rc.local diff --git a/installer/etc/tpot/systemd/tpot.service b/host/etc/systemd/tpot.service similarity index 87% rename from installer/etc/tpot/systemd/tpot.service rename to host/etc/systemd/tpot.service index 7c4a43a5..bcad4477 100644 --- a/installer/etc/tpot/systemd/tpot.service +++ b/host/etc/systemd/tpot.service @@ -8,14 +8,14 @@ Restart=always RestartSec=5 # Get and set internal, external IP infos, but ignore errors -ExecStartPre=-/usr/share/tpot/bin/updateip.sh +ExecStartPre=-/opt/tpot/bin/updateip.sh # Clear state or if persistence is enabled rotate and compress logs from /data -ExecStartPre=-/bin/bash -c '/usr/share/tpot/bin/clean.sh on' +ExecStartPre=-/bin/bash -c '/opt/tpot/bin/clean.sh on' # Remove old containers, images and volumes -ExecStartPre=-/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml down -v -ExecStartPre=-/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml rm -v +ExecStartPre=-/usr/local/bin/docker-compose -f /opt/tpot/etc/tpot.yml down -v +ExecStartPre=-/usr/local/bin/docker-compose -f /opt/tpot/etc/tpot.yml rm -v ExecStartPre=-/bin/bash -c 'docker volume rm $(docker volume ls -q)' ExecStartPre=-/bin/bash -c 'docker rm -v $(docker ps -aq)' ExecStartPre=-/bin/bash -c 'docker rmi $(docker images | grep "" | awk \'{print $3}\')' @@ -39,10 +39,10 @@ ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 1025,50100, ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE # Compose T-Pot up -ExecStart=/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml up --no-color +ExecStart=/usr/local/bin/docker-compose -f /opt/tpot/etc/tpot.yml up --no-color # Compose T-Pot down, remove containers and volumes -ExecStop=/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml down -v +ExecStop=/usr/local/bin/docker-compose -f /opt/tpot/etc/tpot.yml down -v # Remove only previously set iptables rules ExecStopPost=/sbin/iptables -w -D INPUT -s 127.0.0.1 -j ACCEPT diff --git a/installer/etc/tpot/systemd/wetty.service b/host/etc/systemd/wetty.service similarity index 100% rename from installer/etc/tpot/systemd/wetty.service rename to host/etc/systemd/wetty.service diff --git a/installer/usr/share/dict/a.txt b/host/usr/share/dict/a.txt similarity index 100% rename from installer/usr/share/dict/a.txt rename to host/usr/share/dict/a.txt diff --git a/installer/usr/share/dict/n.txt b/host/usr/share/dict/n.txt similarity index 100% rename from installer/usr/share/dict/n.txt rename to host/usr/share/dict/n.txt diff --git a/installer/usr/share/dict/names b/host/usr/share/dict/names similarity index 100% rename from installer/usr/share/dict/names rename to host/usr/share/dict/names diff --git a/installer/usr/share/nginx/html/error.html b/host/usr/share/nginx/html/error.html similarity index 100% rename from installer/usr/share/nginx/html/error.html rename to host/usr/share/nginx/html/error.html diff --git a/installer/usr/share/nginx/html/favicon.ico b/host/usr/share/nginx/html/favicon.ico similarity index 100% rename from installer/usr/share/nginx/html/favicon.ico rename to host/usr/share/nginx/html/favicon.ico diff --git a/installer/usr/share/nginx/html/navbar.html b/host/usr/share/nginx/html/navbar.html similarity index 100% rename from installer/usr/share/nginx/html/navbar.html rename to host/usr/share/nginx/html/navbar.html diff --git a/installer/usr/share/nginx/html/style.css b/host/usr/share/nginx/html/style.css similarity index 100% rename from installer/usr/share/nginx/html/style.css rename to host/usr/share/nginx/html/style.css diff --git a/installer/usr/share/nginx/html/tpotweb.html b/host/usr/share/nginx/html/tpotweb.html similarity index 100% rename from installer/usr/share/nginx/html/tpotweb.html rename to host/usr/share/nginx/html/tpotweb.html diff --git a/installer/bin/myip.sh b/installer/bin/myip.sh deleted file mode 100755 index 86a9114e..00000000 --- a/installer/bin/myip.sh +++ /dev/null @@ -1,88 +0,0 @@ -#!/bin/bash - -## Get my external IP - -timeout=2 # seconds to wait for a reply before trying next server -verbose=1 # prints which server was used to STDERR - -dnslist=( - "dig +short myip.opendns.com @resolver1.opendns.com" - "dig +short myip.opendns.com @resolver2.opendns.com" - "dig +short myip.opendns.com @resolver3.opendns.com" - "dig +short myip.opendns.com @resolver4.opendns.com" - "dig +short -4 -t a whoami.akamai.net @ns1-1.akamaitech.net" - "dig +short whoami.akamai.net @ns1-1.akamaitech.net" -) - -httplist=( - alma.ch/myip.cgi - api.infoip.io/ip - api.ipify.org - bot.whatismyipaddress.com - canhazip.com - checkip.amazonaws.com - eth0.me - icanhazip.com - ident.me - ipecho.net/plain - ipinfo.io/ip - ipof.in/txt - ip.tyk.nu - l2.io/ip - smart-ip.net/myip - wgetip.com - whatismyip.akamai.com -) - -# function to shuffle the global array "array" -shuffle() { - local i tmp size max rand - size=${#array[*]} - max=$(( 32768 / size * size )) - for ((i=size-1; i>0; i--)); do - while (( (rand=$RANDOM) >= max )); do :; done - rand=$(( rand % (i+1) )) - tmp=${array[i]} array[i]=${array[rand]} array[rand]=$tmp - done -} - -# if we have dig and a list of dns methods, try that first -if hash dig 2>/dev/null && [ ${#dnslist[*]} -gt 0 ]; then - eval array=( \"\${dnslist[@]}\" ) - shuffle - - for cmd in "${array[@]}"; do - [ "$verbose" == 1 ] && echo Trying: $cmd 1>&2 - ip=$(timeout $timeout $cmd) - if [ -n "$ip" ]; then - echo $ip - exit - fi - done -fi - -# if we haven't succeeded with DNS, try HTTP -if [ ${#httplist[*]} == 0 ]; then - echo "No hosts in httplist array!" >&2 - exit 1 -fi - -# use curl or wget, depending on which one we find -curl_or_wget=$(if hash curl 2>/dev/null; then echo curl; elif hash wget 2>/dev/null; then echo "wget -qO-"; fi); - -if [ -z "$curl_or_wget" ]; then - echo "Neither curl nor wget found. Cannot use http method." >&2 - exit 1 -fi - -eval array=( \"\${httplist[@]}\" ) -shuffle - -for url in "${array[@]}"; do - [ "$verbose" == 1 ] && echo Trying: $curl_or_wget -s "$url" 1>&2 - ip=$(timeout $timeout $curl_or_wget -s "$url") - if [ -n "$ip" ]; then - echo $ip - exit - fi -done diff --git a/installer/rc.local.install b/installer/rc.local.install deleted file mode 100755 index 13f62044..00000000 --- a/installer/rc.local.install +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -openvt -w -s /root/tpot/install.sh diff --git a/iso/installer/dialogrc b/iso/installer/dialogrc new file mode 100644 index 00000000..bb53e1b8 --- /dev/null +++ b/iso/installer/dialogrc @@ -0,0 +1,144 @@ +# +# Run-time configuration file for dialog +# +# Automatically generated by "dialog --create-rc " +# +# +# Types of values: +# +# Number - +# String - "string" +# Boolean - +# Attribute - (foreground,background,highlight?) + +# Set aspect-ration. +aspect = 0 + +# Set separator (for multiple widgets output). +separate_widget = "" + +# Set tab-length (for textbox tab-conversion). +tab_len = 0 + +# Make tab-traversal for checklist, etc., include the list. +visit_items = OFF + +# Shadow dialog boxes? This also turns on color. +use_shadow = ON + +# Turn color support ON or OFF +use_colors = ON + +# Screen color +screen_color = (WHITE,MAGENTA,ON) + +# Shadow color +shadow_color = (BLACK,BLACK,ON) + +# Dialog box color +dialog_color = (BLACK,WHITE,OFF) + +# Dialog box title color +title_color = (MAGENTA,WHITE,OFF) + +# Dialog box border color +border_color = (WHITE,WHITE,ON) + +# Active button color +button_active_color = (WHITE,MAGENTA,OFF) + +# Inactive button color +button_inactive_color = dialog_color + +# Active button key color +button_key_active_color = button_active_color + +# Inactive button key color +button_key_inactive_color = (RED,WHITE,OFF) + +# Active button label color +button_label_active_color = (YELLOW,MAGENTA,ON) + +# Inactive button label color +button_label_inactive_color = (BLACK,WHITE,OFF) + +# Input box color +inputbox_color = dialog_color + +# Input box border color +inputbox_border_color = dialog_color + +# Search box color +searchbox_color = dialog_color + +# Search box title color +searchbox_title_color = title_color + +# Search box border color +searchbox_border_color = border_color + +# File position indicator color +position_indicator_color = title_color + +# Menu box color +menubox_color = dialog_color + +# Menu box border color +menubox_border_color = border_color + +# Item color +item_color = dialog_color + +# Selected item color +item_selected_color = button_active_color + +# Tag color +tag_color = title_color + +# Selected tag color +tag_selected_color = button_label_active_color + +# Tag key color +tag_key_color = button_key_inactive_color + +# Selected tag key color +tag_key_selected_color = (RED,MAGENTA,ON) + +# Check box color +check_color = dialog_color + +# Selected check box color +check_selected_color = button_active_color + +# Up arrow color +uarrow_color = (MAGENTA,WHITE,ON) + +# Down arrow color +darrow_color = uarrow_color + +# Item help-text color +itemhelp_color = (WHITE,BLACK,OFF) + +# Active form text color +form_active_text_color = button_active_color + +# Form text color +form_text_color = (WHITE,CYAN,ON) + +# Readonly form item color +form_item_readonly_color = (CYAN,WHITE,ON) + +# Dialog box gauge color +gauge_color = title_color + +# Dialog box border2 color +border2_color = dialog_color + +# Input box border2 color +inputbox_border2_color = dialog_color + +# Search box border2 color +searchbox_border2_color = dialog_color + +# Menu box border2 color +menubox_border2_color = dialog_color diff --git a/installer/install.sh b/iso/installer/install.sh similarity index 84% rename from installer/install.sh rename to iso/installer/install.sh index 68d1bf46..34841d1a 100755 --- a/installer/install.sh +++ b/iso/installer/install.sh @@ -6,14 +6,15 @@ export TERM=linux export DIALOGRC=/etc/dialogrc # Let's load dialog color theme -cp /root/tpot/etc/dialogrc /etc/ +cp /root/installer/dialogrc /etc/ # Some global vars -myPROXYFILEPATH="/root/tpot/etc/proxy" -myNTPCONFPATH="/root/tpot/etc/ntp" -myPFXPATH="/root/tpot/keys/8021x.pfx" -myPFXPWPATH="/root/tpot/keys/8021x.pw" -myPFXHOSTIDPATH="/root/tpot/keys/8021x.id" +myPROXYFILEPATH="/root/installer/proxy" +myNTPCONFPATH="/root/installer/ntp" +myPFXPATH="/root/installer/keys/8021x.pfx" +myPFXPWPATH="/root/installer/keys/8021x.pw" +myPFXHOSTIDPATH="/root/installer/keys/8021x.id" +myTPOTCOMPOSE="/opt/tpot/etc/tpot.yml" myBACKTITLE="T-Pot-Installer" mySITES="https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com" myPROGRESSBOXCONF=" --backtitle "$myBACKTITLE" --progressbox 24 80" @@ -326,24 +327,25 @@ apt-get upgrade -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCON apt-get autoclean -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCONF apt-get autoremove -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCONF -# Installing docker-compose, wetty, ctop, elasticdump +# Installing docker-compose, wetty, ctop, elasticdump, tpot pip install --upgrade pip 2>&1 | dialog --title "[ Installing pip ]" $myPROGRESSBOXCONF -pip install docker-compose==1.12.0 2>&1 | dialog --title "[ Installing docker-compose ]" $myPROGRESSBOXCONF -pip install elasticsearch-curator==5.1.1 2>&1 | dialog --title "[ Installing elasticsearch-curator ]" $myPROGRESSBOXCONF +pip install docker-compose==1.16.1 2>&1 | dialog --title "[ Installing docker-compose ]" $myPROGRESSBOXCONF +pip install elasticsearch-curator==5.2.0 2>&1 | dialog --title "[ Installing elasticsearch-curator ]" $myPROGRESSBOXCONF ln -s /usr/bin/nodejs /usr/bin/node 2>&1 | dialog --title "[ Installing wetty ]" $myPROGRESSBOXCONF npm install https://github.com/t3chn0m4g3/wetty -g 2>&1 | dialog --title "[ Installing wetty ]" $myPROGRESSBOXCONF npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g 2>&1 | dialog --title "[ Installing elasticsearch-dump ]" $myPROGRESSBOXCONF wget https://github.com/bcicen/ctop/releases/download/v0.6.1/ctop-0.6.1-linux-amd64 -O ctop 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF mv ctop /usr/bin/ 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF chmod +x /usr/bin/ctop 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF +git clone https://github.com/dtag-dev-sec/tpotce -b autoupdate /opt/tpot 2>&1 | dialog --title "[ Cloning T-Pot ]" $myPROGRESSBOXCONF # Let's add a new user addgroup --gid 2000 tpot 2>&1 | dialog --title "[ Adding new user ]" $myPROGRESSBOXCONF adduser --system --no-create-home --uid 2000 --disabled-password --disabled-login --gid 2000 tpot 2>&1 | dialog --title "[ Adding new user ]" $myPROGRESSBOXCONF # Let's set the hostname -a=$(fuRANDOMWORD /usr/share/dict/a.txt) -n=$(fuRANDOMWORD /usr/share/dict/n.txt) +a=$(fuRANDOMWORD /opt/tpot/host/usr/share/dict/a.txt) +n=$(fuRANDOMWORD /opt/tpot/host/usr/share/dict/n.txt) myHOST=$a$n hostnamectl set-hostname $myHOST 2>&1 | dialog --title "[ Setting new hostname ]" $myPROGRESSBOXCONF sed -i 's#127.0.1.1.*#127.0.1.1\t'"$myHOST"'#g' /etc/hosts 2>&1 | dialog --title "[ Setting new hostname ]" $myPROGRESSBOXCONF @@ -362,26 +364,26 @@ EOF case $myFLAVOR in HP) echo "### Preparing HONEYPOT flavor installation." - cp /root/tpot/etc/tpot/compose/hp.yml /root/tpot/etc/tpot/tpot.yml 2>&1>/dev/null + cp /opt/tpot/etc/compose/hp.yml $myTPOTCOMPOSE 2>&1>/dev/null ;; INDUSTRIAL) echo "### Preparing INDUSTRIAL flavor installation." - cp /root/tpot/etc/tpot/compose/industrial.yml /root/tpot/etc/tpot/tpot.yml 2>&1>/dev/null + cp /opt/tpot/etc/compose/industrial.yml $myTPOTCOMPOSE 2>&1>/dev/null ;; TPOT) echo "### Preparing TPOT flavor installation." - cp /root/tpot/etc/tpot/compose/tpot.yml /root/tpot/etc/tpot/tpot.yml 2>&1>/dev/null + cp /opt/tpot/etc/compose/tpot.yml $myTPOTCOMPOSE 2>&1>/dev/null ;; EVERYTHING) echo "### Preparing EVERYTHING flavor installation." - cp /root/tpot/etc/tpot/compose/all.yml /root/tpot/etc/tpot/tpot.yml 2>&1>/dev/null + cp /opt/tpot/etc/compose/all.yml $myTPOTCOMPOSE 2>&1>/dev/null ;; esac # Let's load docker images -myIMAGESCOUNT=$(cat /root/tpot/etc/tpot/tpot.yml | grep -v '#' | grep image | cut -d: -f2 | wc -l) +myIMAGESCOUNT=$(cat $myTPOTCOMPOSE | grep -v '#' | grep image | cut -d: -f2 | wc -l) j=0 -for name in $(cat /root/tpot/etc/tpot/tpot.yml | grep -v '#' | grep image | cut -d'"' -f2) +for name in $(cat $myTPOTCOMPOSE | grep -v '#' | grep image | cut -d'"' -f2) do dialog --title "[ Downloading docker images, please be patient ]" --backtitle "$myBACKTITLE" \ --gauge "\n Now downloading: $name\n" 8 80 $(expr 100 \* $j / $myIMAGESCOUNT) <&1>/dev/null <&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF + /data/vnclowpot/log 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF touch /data/spiderfoot/spiderfoot.db 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF -# Let's take care of some files and permissions before copying -chmod 500 /root/tpot/bin/* 2>&1 | dialog --title "[ Setting permissions ]" $myPROGRESSBOXCONF -chmod 600 -R /root/tpot/etc/tpot 2>&1 | dialog --title "[ Setting permissions ]" $myPROGRESSBOXCONF -chmod 644 /root/tpot/etc/issue 2>&1 | dialog --title "[ Setting permissions ]" $myPROGRESSBOXCONF -chmod 755 /root/tpot/etc/rc.local 2>&1 | dialog --title "[ Setting permissions ]" $myPROGRESSBOXCONF -chmod 644 /root/tpot/etc/tpot/systemd/* 2>&1 | dialog --title "[ Setting permissions ]" $myPROGRESSBOXCONF - # Let's copy some files -tar xvfz /root/tpot/etc/tpot/elkbase.tgz -C / 2>&1 | dialog --title "[ Extracting elkbase.tgz ]" $myPROGRESSBOXCONF -cp -R /root/tpot/bin/* /usr/share/tpot/bin/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF -cp -R /root/tpot/etc/tpot/* /etc/tpot/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF -cp /root/tpot/etc/tpot/systemd/* /etc/systemd/system/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF -cp /root/tpot/etc/issue /etc/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF -cp -R /root/tpot/etc/nginx/ssl /etc/nginx/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF -cp /root/tpot/etc/nginx/tpotweb.conf /etc/nginx/sites-available/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF -cp /root/tpot/etc/nginx/nginx.conf /etc/nginx/nginx.conf 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF -cp /root/tpot/keys/authorized_keys /home/tsec/.ssh/authorized_keys 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF -cp /root/tpot/usr/share/nginx/html/* /usr/share/nginx/html/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF +tar xvfz /opt/tpot/etc/objects/elkbase.tgz -C / 2>&1 | dialog --title "[ Extracting elkbase.tgz ]" $myPROGRESSBOXCONF +cp /opt/tpot/host/etc/systemd/* /etc/systemd/system/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF +cp /opt/tpot/host/etc/issue /etc/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF +cp -R /opt/tpot/host/etc/nginx/ssl /etc/nginx/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF +cp /opt/tpot/host/etc/nginx/tpotweb.conf /etc/nginx/sites-available/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF +cp /opt/tpot/host/etc/nginx/nginx.conf /etc/nginx/nginx.conf 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF +cp /opt/tpot/host/usr/share/nginx/html/* /usr/share/nginx/html/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF +cp /root/installer/keys/authorized_keys /home/tsec/.ssh/authorized_keys 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF systemctl enable tpot 2>&1 | dialog --title "[ Enabling service for tpot ]" $myPROGRESSBOXCONF systemctl enable wetty 2>&1 | dialog --title "[ Enabling service for wetty ]" $myPROGRESSBOXCONF @@ -490,11 +481,6 @@ chown tsec:tsec /home/tsec/.ssh /home/tsec/.ssh/authorized_keys 2>&1 | dialog -- # Let's replace "quiet splash" options, set a console font for more screen canvas and update grub sed -i 's#GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"#GRUB_CMDLINE_LINUX_DEFAULT="consoleblank=0"#' /etc/default/grub 2>&1>/dev/null sed -i 's#GRUB_CMDLINE_LINUX=""#GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"#' /etc/default/grub 2>&1>/dev/null -#sed -i 's#\#GRUB_GFXMODE=640x480#GRUB_GFXMODE=800x600x32#' /etc/default/grub -#tee -a /etc/default/grub <&1 | dialog --title "[ Update grub ]" $myPROGRESSBOXCONF cp /usr/share/consolefonts/Uni2-Terminus12x6.psf.gz /etc/console-setup/ gunzip /etc/console-setup/Uni2-Terminus12x6.psf.gz @@ -502,23 +488,23 @@ sed -i 's#FONTFACE=".*#FONTFACE="Terminus"#' /etc/default/console-setup sed -i 's#FONTSIZE=".*#FONTSIZE="12x6"#' /etc/default/console-setup update-initramfs -u 2>&1 | dialog --title "[ Update initramfs ]" $myPROGRESSBOXCONF -# Let's enable a color prompt and add /usr/share/tpot/bin to path +# Let's enable a color prompt and add /opt/tpot/bin to path myROOTPROMPT='PS1="\[\033[38;5;8m\][\[$(tput sgr0)\]\[\033[38;5;1m\]\u\[$(tput sgr0)\]\[\033[38;5;6m\]@\[$(tput sgr0)\]\[\033[38;5;4m\]\h\[$(tput sgr0)\]\[\033[38;5;6m\]:\[$(tput sgr0)\]\[\033[38;5;5m\]\w\[$(tput sgr0)\]\[\033[38;5;8m\]]\[$(tput sgr0)\]\[\033[38;5;1m\]\\$\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]"' myUSERPROMPT='PS1="\[\033[38;5;8m\][\[$(tput sgr0)\]\[\033[38;5;2m\]\u\[$(tput sgr0)\]\[\033[38;5;6m\]@\[$(tput sgr0)\]\[\033[38;5;4m\]\h\[$(tput sgr0)\]\[\033[38;5;6m\]:\[$(tput sgr0)\]\[\033[38;5;5m\]\w\[$(tput sgr0)\]\[\033[38;5;8m\]]\[$(tput sgr0)\]\[\033[38;5;2m\]\\$\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]"' tee -a /root/.bashrc 2>&1>/dev/null <&1>/dev/null <&1>/dev/null +/opt/tpot/bin/updateip.sh 2>&1>/dev/null # Final steps -mv /root/tpot/etc/rc.local /etc/rc.local 2>&1>/dev/null && \ -rm -rf /root/tpot/ 2>&1>/dev/null && \ +cp /opt/tpot/host/etc/rc.local /etc/rc.local 2>&1>/dev/null && \ +rm -rf /root/installer 2>&1>/dev/null && \ dialog --no-ok --no-cancel --backtitle "$myBACKTITLE" --title "[ Thanks for your patience. Now rebooting. ]" --pause "" 6 80 2 && \ reboot diff --git a/installer/keys/authorized_keys b/iso/installer/keys/authorized_keys similarity index 100% rename from installer/keys/authorized_keys rename to iso/installer/keys/authorized_keys diff --git a/iso/installer/rc.local.install b/iso/installer/rc.local.install new file mode 100755 index 00000000..edb417d5 --- /dev/null +++ b/iso/installer/rc.local.install @@ -0,0 +1,2 @@ +#!/bin/bash +openvt -w -s /root/installer/install.sh diff --git a/isolinux/txt.cfg b/iso/isolinux/txt.cfg similarity index 100% rename from isolinux/txt.cfg rename to iso/isolinux/txt.cfg diff --git a/preseed/tpot.seed b/iso/preseed/tpot.seed similarity index 96% rename from preseed/tpot.seed rename to iso/preseed/tpot.seed index ca8c5931..be71342d 100755 --- a/preseed/tpot.seed +++ b/iso/preseed/tpot.seed @@ -114,9 +114,8 @@ d-i preseed/late_command string \ in-target apt-get -y install grub-pc; \ in-target grub-install --force $(debconf-get partman-auto/disk); \ in-target update-grub; \ -cp /opt/tpot/rc.local.install /target/etc/rc.local; \ -cp -r /opt/tpot/ /target/root/; \ -cp /opt/tpot/usr/share/dict/* /target/usr/share/dict/ +cp /opt/installer/rc.local.install /target/etc/rc.local; \ +cp /opt/installer -R /target/root/; ########## ### Reboot diff --git a/makeiso.sh b/makeiso.sh index 1101802a..911f22bc 100755 --- a/makeiso.sh +++ b/makeiso.sh @@ -12,15 +12,15 @@ myUBUNTULINK="http://archive.ubuntu.com/ubuntu/dists/xenial-updates/main/install myUBUNTUISO="mini.iso" myTPOTISO="tpot.iso" myTPOTDIR="tpotiso" -myTPOTSEED="preseed/tpot.seed" +myTPOTSEED="iso/preseed/tpot.seed" myPACKAGES="dialog genisoimage syslinux syslinux-utils pv udisks2" -myAUTHKEYSPATH="installer/keys/authorized_keys" -myPFXPATH="installer/keys/8021x.pfx" -myPFXPWPATH="installer/keys/8021x.pw" -myPFXHOSTIDPATH="installer/keys/8021x.id" -myINSTALLERPATH="installer/install.sh" -myPROXYCONFIG="installer/etc/proxy" -myNTPCONFPATH="installer/etc/ntp" +myAUTHKEYSPATH="iso/installer/keys/authorized_keys" +myPFXPATH="iso/installer/keys/8021x.pfx" +myPFXPWPATH="iso/installer/keys/8021x.pw" +myPFXHOSTIDPATH="iso/installer/keys/8021x.id" +myINSTALLERPATH="iso/installer/install.sh" +myPROXYCONFIG="iso/installer/proxy" +myNTPCONFPATH="iso/installer/ntp" myTMP="tmp" # Got root? @@ -33,7 +33,7 @@ if [ "$myWHOAMI" != "root" ] fi # Let's load dialog color theme -cp installer/etc/dialogrc /etc/ +cp host/etc/dialogrc /etc/ # Let's clean up at the end or if something goes wrong ... function fuCLEANUP { @@ -228,10 +228,10 @@ rm initrd cd .. # Let's add the files for the automated install -mkdir -p $myTPOTDIR/tmp/opt/tpot -cp installer/* -R $myTPOTDIR/tmp/opt/tpot/ -cp isolinux/* $myTPOTDIR/ -cp preseed/tpot.seed $myTPOTDIR/tmp/preseed.cfg +mkdir -p $myTPOTDIR/tmp/opt/ +cp iso/installer -R $myTPOTDIR/tmp/opt/ +cp iso/isolinux/* $myTPOTDIR/ +cp iso/preseed/tpot.seed $myTPOTDIR/tmp/preseed.cfg # Let's create the new initrd cd $myTPOTDIR/tmp diff --git a/update.sh b/update.sh new file mode 100755 index 00000000..30767342 --- /dev/null +++ b/update.sh @@ -0,0 +1,157 @@ +#!/bin/bash + +################################################### +# Do not change any contents of this script! +################################################### + +# Some vars +myCONFIGFILE="/opt/tpot/etc/tpot.yml" +myRED="" +myGREEN="" +myWHITE="" +myBLUE="" + +# Got root? +myWHOAMI=$(whoami) +if [ "$myWHOAMI" != "root" ] + then + echo "Need to run as root ..." + sudo ./$0 + exit +fi + +# Check for existing tpot.yml +function fuCONFIGCHECK () { + echo "### Checking for T-Pot configuration file ..." + echo -n "###### $myBLUE$myCONFIGFILE$myWHITE " + if ! [ -f $myCONFIGFILE ]; + then + echo + echo $myRED"Error - No T-Pot configuration file present." + echo "Please copy one of the preconfigured configuration files from /opt/tpot/etc/compose/*.yml to /opt/tpot/etc/tpot.yml."$myWHITE + echo + exit 1 + else + echo $myGREEN"OK"$myWHITE + fi +} + +# Let's test the internet connection +function fuCHECKINET () { +mySITES=$1 + echo "### Now checking availability of ..." + for i in $mySITES; + do + echo -n "###### $myBLUE$i$myWHITE " + curl --connect-timeout 5 -IsS $i 2>&1>/dev/null + if [ $? -ne 0 ]; + then + echo + echo $myRED"Error - Internet connection test failed. This might indicate some problems with your connection." + echo "Exiting."$myWHITE + echo + exit 1 + else + echo $myGREEN"OK"$myWHITE + fi + done; +} + +function fuSELFUPDATE () { + echo "### Now checking for newer files in repository ..." + git fetch + myREMOTESTAT=$(git status | grep -c "up-to-date") + if [ "$myREMOTESTAT" != "0" ]; + then + echo "###### $myBLUE"No updates found in repository."$myWHITE" + return + fi + myRESULT=$(git diff --name-only origin/17.06 | grep update.sh) + myLOCALSTAT=$(git status -uno | grep -c update.sh) + if [ "$myRESULT" == "update.sh" ]; + then + if [ "$myLOCALSTAT" == "0" ]; + then + echo "###### $myBLUE"Found newer version, will update myself and restart."$myWHITE" + git pull --force + exec "$1" "$2" + exit 1 + else + echo $myRED"Error - Update script was changed locally, cannot update." + echo "Exiting."$myWHITE + echo + exit 1 + fi + else + echo "###### Update script is already up-to-date." + fi +} + +# Only run with command switch +if [ "$1" != "-y" ]; then + echo "This script will update / upgrade all T-Pot related scripts, tools and packages" + echo "Some of your changes might be overwritten, so make sure to save your work" + echo "This feature is still experimental, run with \"-y\" switch" + echo + exit +fi + +echo "### Now running T-Pot update script." +echo + +fuCHECKINET "https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com" +echo + +fuSELFUPDATE "$0" "$@" +echo + +fuCONFIGCHECK +echo + +echo "### Now stopping T-Pot" +systemctl stop tpot + +echo +echo "### Now upgrading packages" +apt-get autoclean -y +apt-get autoremove -y +apt-get update +apt-get dist-upgrade -y +pip install --upgrade pip +pip install docker-compose==1.16.1 +pip install elasticsearch-curator==5.2.0 +ln -s /usr/bin/nodejs /usr/bin/node 2>&1 +npm install https://github.com/t3chn0m4g3/wetty -g +npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g +wget https://github.com/bcicen/ctop/releases/download/v0.6.1/ctop-0.6.1-linux-amd64 -O /usr/bin/ctop && chmod +x /usr/bin/ctop + +echo +echo "### Now replacing T-Pot related config files on host" +cp host/etc/systemd/* /etc/systemd/system/ +cp host/etc/issue /etc/ +cp -R host/etc/nginx/ssl /etc/nginx/ +cp host/etc/nginx/tpotweb.conf /etc/nginx/sites-available/ +cp host/etc/nginx/nginx.conf /etc/nginx/nginx.conf +cp host/usr/share/nginx/html/* /usr/share/nginx/html/ + +echo +echo "### Now reloading systemd, nginx" +systemctl daemon-reload +nginx -s reload + +echo +echo "### Now restarting wetty, nginx, docker" +systemctl restart wetty.service +systemctl restart nginx.service +systemctl restart docker.service + +echo +echo "### Now pulling latest docker images" +docker-compose -f /opt/tpot/etc/tpot.yml pull + +echo +echo "### Now starting T-Pot service" +systemctl start tpot + +echo +echo "### Done."