prepare for emobility

installer/bin/update-images.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+########################################################
+# T-Pot                                                #
+# Only start the container found in /etc/init/t-pot    #
+#                                                      #
+# v0.01 by mo, DTAG, 2016-02-08                        #
+########################################################
+
+rm -rf /etc/init/t-pot/*.conf || true
+for i in $(cat /data/images.conf);
+  do 
+    cp /data/upstart/"$i".conf /etc/init/t-pot/;
+done
+echo Please reboot for the changes to take effect.

installer/data/industrial_images.conf

@@ -0,0 +1,3 @@
+elk
+emobility
+suricata

installer/data/upstart/cowrie.conf

@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Cowrie upstart script                                #
 #                                                      #
-# v16.03.2 by av / mo, DTAG, 2015-12-14                #
+# v16.03.3 by av / mo, DTAG, 2016-02-08                #
 ########################################################
 
 description "Cowrie"
@@ -17,7 +17,7 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/cowrie/*
+  rm -rf /data/cowrie/* || true
   mkdir -p /data/cowrie/log/tty/ /data/cowrie/downloads/ /data/cowrie/keys/ /data/cowrie/misc/
   chmod 760 /data/cowrie -R
   chown tpot:tpot /data/cowrie -R

installer/data/upstart/dionaea.conf

@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Dionaea upstart script                               #
 #                                                      #
-# v16.03.4 by mo, DTAG, 2016-02-06                     #
+# v16.03.5 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
 description "Dionaea"
@@ -17,8 +17,8 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/dionaea/*
-  rm /data/ews/dionaea/ews.json
+  rm -rf /data/dionaea/* || true
+  rm /data/ews/dionaea/ews.json || true
   mkdir -p /data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/wwwroot
   chmod 760 /data/dionaea -R
   chown tpot:tpot /data/dionaea -R

installer/data/upstart/elasticpot.conf

@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Elasticpot upstart script                            #
 #                                                      #
-# v16.03.3 by ms/mo, DTAG, 2016-02-04                  #
+# v16.03.4 by ms/mo, DTAG, 2016-02-08                  #
 ########################################################
 
 description "ElasticPot"
@@ -17,7 +17,7 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/elasticpot/*
+  rm -rf /data/elasticpot/* || true
   mkdir -p /data/elasticpot/log
   chmod 760 /data/elasticpot -R
   chown tpot:tpot /data/elasticpot -R

installer/data/upstart/glastopf.conf

@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Glastopf upstart script                              #
 #                                                      #
-# v16.03.2 by mo, DTAG, 2015-12-14                     #
+# v16.03.3 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
 description "Glastopf"
@@ -17,7 +17,7 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/glastopf/*
+  rm -rf /data/glastopf/* || true
 end script
 script
   /usr/bin/docker run --name glastopf --rm=true -v /data/glastopf:/data/glastopf -v /data/ews:/data/ews -p 80:80 dtagdevsec/glastopf:latest1603

installer/data/upstart/honeytrap.conf

@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Honeytrap upstart script                             #
 #                                                      #
-# v16.03.4 by mo, DTAG, 2016-01-27                     #
+# v16.03.5 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
 description "Honeytrap"
@@ -17,7 +17,7 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/honeytrap/*
+  rm -rf /data/honeytrap/* || true
   mkdir -p /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/
   chmod 760 /data/honeytrap/ -R
   chown tpot:tpot /data/honeytrap/ -R

installer/data/upstart/suricata.conf

@@ -2,7 +2,7 @@
 # T-Pot                                                #
 # Suricata upstart script                              #
 #                                                      #
-# v16.03.2 by mo, DTAG, 2016-02-06                     #
+# v16.03.2 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
 description "Suricata"
@@ -17,7 +17,7 @@ pre-start script
     then docker rm -v $myCID;
   fi
   # Remove any data from previous container
-  rm -rf /data/suricata/*
+  rm -rf /data/suricata/* || true
   mkdir -p /data/suricata/log
   chmod 760 -R /data/suricata
   chown tpot:tpot -R /data/suricata

installer/install.sh

@@ -3,10 +3,10 @@
 # T-Pot post install script                            #
 # Ubuntu server 14.04.3, x64                           #
 #                                                      #
-# v16.03.5 by mo, DTAG, 2016-02-04                     #
+# v16.03.6 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
-# Type of install, SENSOR or FULL?
+# Type of install, SENSOR, INDUSTRIAL or FULL?
 myFLAVOR="FULL"
 
 # Some global vars
@@ -150,7 +150,6 @@ tee -a /etc/ssh/ssh_config <<EOF
 UseRoaming no
 EOF
 
-
 # Let's pull some updates
 fuECHO "### Pulling Updates."
 apt-get update -y
@@ -204,9 +203,13 @@ EOF
 if [ "$myFLAVOR" = "SENSOR" ]
   then
     cp /root/tpot/data/sensor_images.conf /root/tpot/data/images.conf
-    echo "manual" >> /etc/init/suricata.override
-    echo "manual" >> /etc/init/elk.override
-  else
+fi
+if [ "$myFLAVOR" = "INDUSTRIAL" ]
+  then
+    cp /root/tpot/data/industrial_images.conf /root/tpot/data/images.conf
+fi
+if [ "$myFLAVOR" = "FULL" ]
+  then
     cp /root/tpot/data/full_images.conf /root/tpot/data/images.conf
 fi
 
@@ -270,15 +273,6 @@ tee -a /etc/crontab <<EOF
 27 16 * * 0   root  sleep \$((RANDOM %600)); apt-get autoclean -y; apt-get autoremove -y; apt-get update -y; apt-get upgrade -y; apt-get upgrade docker-engine -y; sleep 5; reboot
 EOF
 
-# Let's take care of some files and permissions before copying
-chmod 500 /root/tpot/bin/*
-chmod 600 /root/tpot/data/*
-chmod 644 /root/tpot/etc/issue
-chmod 755 /root/tpot/etc/rc.local
-chmod 700 /root/tpot/home/*
-chown tsec:tsec /root/tpot/home/*
-chmod 644 /root/tpot/upstart/*
-
 # Let's create some files and folders
 fuECHO "### Creating some files and folders."
 mkdir -p /data/ews/log /data/ews/conf /data/ews/dionaea /data/ews/glastopf /data/ews/honeytrap \
@@ -286,15 +280,29 @@ mkdir -p /data/ews/log /data/ews/conf /data/ews/dionaea /data/ews/glastopf /data
          /data/elasticpot /data/elasticpot/log \
          /data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/wwwroot \
          /data/elk/data /data/elk/log /data/glastopf /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ \
-         /data/suricata/log /home/tsec/.ssh/
+         /data/suricata/log /home/tsec/.ssh/ \
+         /etc/init/t-pot
+
+# Let's take care of some files and permissions before copying
+chmod 500 /root/tpot/bin/*
+chmod 600 /root/tpot/data/*
+chmod 644 /root/tpot/etc/issue
+chmod 755 /root/tpot/etc/rc.local
+chmod 700 /root/tpot/home/*
+chown tsec:tsec /root/tpot/home/*
+chmod 644 /root/tpot/data/upstart/*
+chmod 644 /etc/init/t-pot
 
 # Let's copy some files
 cp -R /root/tpot/bin/* /usr/bin/
 cp -R /root/tpot/data/* /data/
 cp -R /root/tpot/etc/issue /etc/
 cp -R /root/tpot/home/* /home/tsec/
-cp -R /root/tpot/upstart/* /etc/init/
 cp    /root/tpot/keys/authorized_keys /home/tsec/.ssh/authorized_keys
+for i in $(cat /data/images.conf);
+  do 
+    cp /data/upstart/$i.conf /etc/init/t-pot/;
+done
 
 # Let's take care of some files and permissions
 chmod 760 -R /data

makeiso.sh

@@ -4,7 +4,7 @@
 # T-Pot                                                #
 # .ISO maker                                           #
 #                                                      #
-# v16.03.1 by mo, DTAG, 2016-01-14                     #
+# v16.03.2 by mo, DTAG, 2016-02-08                     #
 ########################################################
 
 # Let's define some global vars
@@ -85,8 +85,8 @@ if [ "$mySTART" = "1" ];
     exit
 fi
 
-# Let's ask for the type of installation FULL or SENSOR?
-myFLAVOR=$(dialog --no-cancel --backtitle "$myBACKTITLE" --title "[ Installation type ... ]" --radiolist "" 8 50 2 "FULL" "Install Everything" on "SENSOR" "Install Honeypots & EWS Poster" off 3>&1 1>&2 2>&3 3>&-)
+# Let's ask for the type of installation SENSOR, INDUSTRIAL or FULL?
+myFLAVOR=$(dialog --no-cancel --backtitle "$myBACKTITLE" --title "[ Installation type ... ]" --radiolist "" 9 50 4 "FULL" "Everything (w/o INDUSTRIAL)" on "SENSOR" "Honeypots (w/o INDUSTRIAL)" off "INDUSTRIAL" "Experimental (+ELK +Suricata)" off 3>&1 1>&2 2>&3 3>&-)
 sed -i 's#^myFLAVOR=.*#myFLAVOR="'$myFLAVOR'"#' $myINSTALLERPATH
 
 # Let's ask the user for a proxy ...