From ebb58955c40755e9a5ec6170b391a93d29f973ba Mon Sep 17 00:00:00 2001
From: Marco Ochse <marco.ochse@gmail.com>
Date: Mon, 8 Feb 2016 12:21:03 +0100
Subject: [PATCH] prepare for emobility

---
 installer/bin/update-images.sh               | 15 +++++++
 installer/data/industrial_images.conf        |  3 ++
 installer/{ => data}/upstart/cowrie.conf     |  4 +-
 installer/{ => data}/upstart/dionaea.conf    |  6 +--
 installer/{ => data}/upstart/elasticpot.conf |  4 +-
 installer/{ => data}/upstart/elk.conf        |  0
 installer/{ => data}/upstart/glastopf.conf   |  4 +-
 installer/{ => data}/upstart/honeytrap.conf  |  4 +-
 installer/{ => data}/upstart/suricata.conf   |  4 +-
 installer/install.sh                         | 42 ++++++++++++--------
 makeiso.sh                                   |  6 +--
 11 files changed, 59 insertions(+), 33 deletions(-)
 create mode 100755 installer/bin/update-images.sh
 create mode 100644 installer/data/industrial_images.conf
 rename installer/{ => data}/upstart/cowrie.conf (92%)
 rename installer/{ => data}/upstart/dionaea.conf (90%)
 rename installer/{ => data}/upstart/elasticpot.conf (91%)
 rename installer/{ => data}/upstart/elk.conf (100%)
 rename installer/{ => data}/upstart/glastopf.conf (90%)
 rename installer/{ => data}/upstart/honeytrap.conf (93%)
 rename installer/{ => data}/upstart/suricata.conf (92%)

diff --git a/installer/bin/update-images.sh b/installer/bin/update-images.sh
new file mode 100755
index 00000000..2653ec5a
--- /dev/null
+++ b/installer/bin/update-images.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+########################################################
+# T-Pot                                                #
+# Only start the container found in /etc/init/t-pot    #
+#                                                      #
+# v0.01 by mo, DTAG, 2016-02-08                        #
+########################################################
+
+rm -rf /etc/init/t-pot/*.conf || true
+for i in $(cat /data/images.conf);
+  do 
+    cp /data/upstart/"$i".conf /etc/init/t-pot/;
+done
+echo Please reboot for the changes to take effect.
diff --git a/installer/data/industrial_images.conf b/installer/data/industrial_images.conf
new file mode 100644
index 00000000..071872ce
--- /dev/null
+++ b/installer/data/industrial_images.conf
@@ -0,0 +1,3 @@
+elk
+emobility
+suricata
diff --git a/installer/upstart/cowrie.conf b/installer/data/upstart/cowrie.conf
similarity index 92%
rename from installer/upstart/cowrie.conf
rename to installer/data/upstart/cowrie.conf
index 8de23470..41958e47 100644
--- a/installer/upstart/cowrie.conf
+++ b/installer/data/upstart/cowrie.conf
@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Cowrie upstart script                                #
 #                                                      #
-# v16.03.2 by av / mo, DTAG, 2015-12-14                #
+# v16.03.3 by av / mo, DTAG, 2016-02-08                #
 ########################################################
 
 description "Cowrie"
@@ -17,7 +17,7 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/cowrie/*
+  rm -rf /data/cowrie/* || true
   mkdir -p /data/cowrie/log/tty/ /data/cowrie/downloads/ /data/cowrie/keys/ /data/cowrie/misc/
   chmod 760 /data/cowrie -R
   chown tpot:tpot /data/cowrie -R
diff --git a/installer/upstart/dionaea.conf b/installer/data/upstart/dionaea.conf
similarity index 90%
rename from installer/upstart/dionaea.conf
rename to installer/data/upstart/dionaea.conf
index 2c1eeb36..e49e470e 100644
--- a/installer/upstart/dionaea.conf
+++ b/installer/data/upstart/dionaea.conf
@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Dionaea upstart script                               #
 #                                                      #
-# v16.03.4 by mo, DTAG, 2016-02-06                     #
+# v16.03.5 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
 description "Dionaea"
@@ -17,8 +17,8 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/dionaea/*
-  rm /data/ews/dionaea/ews.json
+  rm -rf /data/dionaea/* || true
+  rm /data/ews/dionaea/ews.json || true
   mkdir -p /data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/wwwroot
   chmod 760 /data/dionaea -R
   chown tpot:tpot /data/dionaea -R
diff --git a/installer/upstart/elasticpot.conf b/installer/data/upstart/elasticpot.conf
similarity index 91%
rename from installer/upstart/elasticpot.conf
rename to installer/data/upstart/elasticpot.conf
index 5a0fb726..2d9e6742 100644
--- a/installer/upstart/elasticpot.conf
+++ b/installer/data/upstart/elasticpot.conf
@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Elasticpot upstart script                            #
 #                                                      #
-# v16.03.3 by ms/mo, DTAG, 2016-02-04                  #
+# v16.03.4 by ms/mo, DTAG, 2016-02-08                  #
 ########################################################
 
 description "ElasticPot"
@@ -17,7 +17,7 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/elasticpot/*
+  rm -rf /data/elasticpot/* || true
   mkdir -p /data/elasticpot/log
   chmod 760 /data/elasticpot -R
   chown tpot:tpot /data/elasticpot -R
diff --git a/installer/upstart/elk.conf b/installer/data/upstart/elk.conf
similarity index 100%
rename from installer/upstart/elk.conf
rename to installer/data/upstart/elk.conf
diff --git a/installer/upstart/glastopf.conf b/installer/data/upstart/glastopf.conf
similarity index 90%
rename from installer/upstart/glastopf.conf
rename to installer/data/upstart/glastopf.conf
index e3947dd6..a83ccbfd 100644
--- a/installer/upstart/glastopf.conf
+++ b/installer/data/upstart/glastopf.conf
@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Glastopf upstart script                              #
 #                                                      #
-# v16.03.2 by mo, DTAG, 2015-12-14                     #
+# v16.03.3 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
 description "Glastopf"
@@ -17,7 +17,7 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/glastopf/*
+  rm -rf /data/glastopf/* || true
 end script
 script
   /usr/bin/docker run --name glastopf --rm=true -v /data/glastopf:/data/glastopf -v /data/ews:/data/ews -p 80:80 dtagdevsec/glastopf:latest1603
diff --git a/installer/upstart/honeytrap.conf b/installer/data/upstart/honeytrap.conf
similarity index 93%
rename from installer/upstart/honeytrap.conf
rename to installer/data/upstart/honeytrap.conf
index bea2408d..013e2250 100644
--- a/installer/upstart/honeytrap.conf
+++ b/installer/data/upstart/honeytrap.conf
@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Honeytrap upstart script                             #
 #                                                      #
-# v16.03.4 by mo, DTAG, 2016-01-27                     #
+# v16.03.5 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
 description "Honeytrap"
@@ -17,7 +17,7 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/honeytrap/*
+  rm -rf /data/honeytrap/* || true
   mkdir -p /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/
   chmod 760 /data/honeytrap/ -R
   chown tpot:tpot /data/honeytrap/ -R
diff --git a/installer/upstart/suricata.conf b/installer/data/upstart/suricata.conf
similarity index 92%
rename from installer/upstart/suricata.conf
rename to installer/data/upstart/suricata.conf
index c8908021..e3e9abe0 100644
--- a/installer/upstart/suricata.conf
+++ b/installer/data/upstart/suricata.conf
@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Suricata upstart script                              #
 #                                                      #
-# v16.03.2 by mo, DTAG, 2016-02-06                     #
+# v16.03.2 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
 description "Suricata"
@@ -17,7 +17,7 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/suricata/*
+  rm -rf /data/suricata/* || true
   mkdir -p /data/suricata/log
   chmod 760 -R /data/suricata
   chown tpot:tpot -R /data/suricata
diff --git a/installer/install.sh b/installer/install.sh
index 2872cd4e..e37f025e 100755
--- a/installer/install.sh
+++ b/installer/install.sh
@@ -3,10 +3,10 @@
 # T-Pot post install script                            #
 # Ubuntu server 14.04.3, x64                           #
 #                                                      #
-# v16.03.5 by mo, DTAG, 2016-02-04                     #
+# v16.03.6 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
-# Type of install, SENSOR or FULL?
+# Type of install, SENSOR, INDUSTRIAL or FULL?
 myFLAVOR="FULL"
 
 # Some global vars
@@ -150,7 +150,6 @@ tee -a /etc/ssh/ssh_config <<EOF
 UseRoaming no
 EOF
 
-
 # Let's pull some updates
 fuECHO "### Pulling Updates."
 apt-get update -y
@@ -204,9 +203,13 @@ EOF
 if [ "$myFLAVOR" = "SENSOR" ]
   then
     cp /root/tpot/data/sensor_images.conf /root/tpot/data/images.conf
-    echo "manual" >> /etc/init/suricata.override
-    echo "manual" >> /etc/init/elk.override
-  else
+fi
+if [ "$myFLAVOR" = "INDUSTRIAL" ]
+  then
+    cp /root/tpot/data/industrial_images.conf /root/tpot/data/images.conf
+fi
+if [ "$myFLAVOR" = "FULL" ]
+  then
     cp /root/tpot/data/full_images.conf /root/tpot/data/images.conf
 fi
 
@@ -270,15 +273,6 @@ tee -a /etc/crontab <<EOF
 27 16 * * 0   root  sleep \$((RANDOM %600)); apt-get autoclean -y; apt-get autoremove -y; apt-get update -y; apt-get upgrade -y; apt-get upgrade docker-engine -y; sleep 5; reboot
 EOF
 
-# Let's take care of some files and permissions before copying
-chmod 500 /root/tpot/bin/*
-chmod 600 /root/tpot/data/*
-chmod 644 /root/tpot/etc/issue
-chmod 755 /root/tpot/etc/rc.local
-chmod 700 /root/tpot/home/*
-chown tsec:tsec /root/tpot/home/*
-chmod 644 /root/tpot/upstart/*
-
 # Let's create some files and folders
 fuECHO "### Creating some files and folders."
 mkdir -p /data/ews/log /data/ews/conf /data/ews/dionaea /data/ews/glastopf /data/ews/honeytrap \
@@ -286,15 +280,29 @@ mkdir -p /data/ews/log /data/ews/conf /data/ews/dionaea /data/ews/glastopf /data
          /data/elasticpot /data/elasticpot/log \
          /data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/wwwroot \
          /data/elk/data /data/elk/log /data/glastopf /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ \
-         /data/suricata/log /home/tsec/.ssh/
+         /data/suricata/log /home/tsec/.ssh/ \
+         /etc/init/t-pot
+
+# Let's take care of some files and permissions before copying
+chmod 500 /root/tpot/bin/*
+chmod 600 /root/tpot/data/*
+chmod 644 /root/tpot/etc/issue
+chmod 755 /root/tpot/etc/rc.local
+chmod 700 /root/tpot/home/*
+chown tsec:tsec /root/tpot/home/*
+chmod 644 /root/tpot/data/upstart/*
+chmod 644 /etc/init/t-pot
 
 # Let's copy some files
 cp -R /root/tpot/bin/* /usr/bin/
 cp -R /root/tpot/data/* /data/
 cp -R /root/tpot/etc/issue /etc/
 cp -R /root/tpot/home/* /home/tsec/
-cp -R /root/tpot/upstart/* /etc/init/
 cp    /root/tpot/keys/authorized_keys /home/tsec/.ssh/authorized_keys
+for i in $(cat /data/images.conf);
+  do 
+    cp /data/upstart/$i.conf /etc/init/t-pot/;
+done
 
 # Let's take care of some files and permissions
 chmod 760 -R /data
diff --git a/makeiso.sh b/makeiso.sh
index 3e8236c5..38b578d8 100755
--- a/makeiso.sh
+++ b/makeiso.sh
@@ -4,7 +4,7 @@
 # T-Pot                                                #
 # .ISO maker                                           #
 #                                                      #
-# v16.03.1 by mo, DTAG, 2016-01-14                     #
+# v16.03.2 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
 # Let's define some global vars
@@ -85,8 +85,8 @@ if [ "$mySTART" = "1" ];
     exit
 fi
 
-# Let's ask for the type of installation FULL or SENSOR?
-myFLAVOR=$(dialog --no-cancel --backtitle "$myBACKTITLE" --title "[ Installation type ... ]" --radiolist "" 8 50 2 "FULL" "Install Everything" on "SENSOR" "Install Honeypots & EWS Poster" off 3>&1 1>&2 2>&3 3>&-)
+# Let's ask for the type of installation SENSOR, INDUSTRIAL or FULL?
+myFLAVOR=$(dialog --no-cancel --backtitle "$myBACKTITLE" --title "[ Installation type ... ]" --radiolist "" 9 50 4 "FULL" "Everything (w/o INDUSTRIAL)" on "SENSOR" "Honeypots (w/o INDUSTRIAL)" off "INDUSTRIAL" "Experimental (+ELK +Suricata)" off 3>&1 1>&2 2>&3 3>&-)
 sed -i 's#^myFLAVOR=.*#myFLAVOR="'$myFLAVOR'"#' $myINSTALLERPATH
 
 # Let's ask the user for a proxy ...