diff --git a/README.md b/README.md index bceda182..77aecdf5 100644 --- a/README.md +++ b/README.md @@ -1,15 +1,14 @@ -# T-Pot 16.03 Image Creator +# T-Pot 16.10 Image Creator (broken, dev in progress) This repository contains the necessary files to create the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** ISO image. The image can then be used to install T-Pot on a physical or virtual machine. -Last year we released -[T-Pot 15.03](http://dtag-dev-sec.github.io/mediator/feature/2015/03/17/concept.html) -as open source and we received lots of positive feedback and naturally feature requests which encouraged us to continue development and share our work as open source and are proud to present to you ... +In March 2016 we released +[T-Pot 16.03](http://dtag-dev-sec.github.io/mediator/feature/2016/03/11/t-pot-16.03.html) -# T-Pot 16.03 +# T-Pot 16.10 -T-Pot 16.03 is based on +T-Pot 16.10 now uses Ubuntu Server 16.04 LTS and is based on [docker](https://www.docker.com/) diff --git a/installer/bin/backup_elk.sh b/installer/bin/backup_elk.sh index 29d4b325..df03d0f2 100755 --- a/installer/bin/backup_elk.sh +++ b/installer/bin/backup_elk.sh @@ -4,7 +4,7 @@ # T-Pot # # ELK DB backup script # # # -# v16.03.1 by mo, DTAG, 2016-03-09 # +# v16.10.0 by mo, DTAG, 2016-05-12 # ######################################################## myCOUNT=1 myDATE=$(date +%Y%m%d%H%M) @@ -38,7 +38,7 @@ touch /var/run/check.lock # Stop ELK to lift db lock echo "Now stopping ELK ..." -service elk stop +systemctl stop elk sleep 10 # Backup DB in 2 flavors @@ -53,7 +53,7 @@ chmod 760 -R $myELKPATH chown tpot:tpot -R $myELKPATH # Start ELK -service elk start +systemctl start elk echo "Now starting up ELK ..." # Allow checks to resume diff --git a/installer/bin/check.sh b/installer/bin/check.sh index 8397ccb6..0878e3e5 100755 --- a/installer/bin/check.sh +++ b/installer/bin/check.sh @@ -4,7 +4,7 @@ # T-Pot # # Check container and services script # # # -# v16.03.1 by mo, DTAG, 2016-03-09 # +# v16.10.0 by mo, DTAG, 2016-05-12 # ######################################################## if [ -a /var/run/check.lock ]; then @@ -29,9 +29,9 @@ for i in $myIMAGES if [ $myUPTIME -gt 4 ] && [ $myCIDSTATUS -gt 0 ]; then echo "Restarting "$i"." - service $i stop + systemctl stop $i sleep 5 - service $i start + systemctl start $i fi done diff --git a/installer/bin/dcres.sh b/installer/bin/dcres.sh index 364fa92e..c8ea0603 100755 --- a/installer/bin/dcres.sh +++ b/installer/bin/dcres.sh @@ -4,7 +4,7 @@ # T-Pot # # Container and services restart script # # # -# v16.03.1 by mo, DTAG, 2016-03-09 # +# v16.10.0 by mo, DTAG, 2016-05-12 # ######################################################## myCOUNT=1 @@ -38,12 +38,12 @@ if [ $myUPTIME -gt 4 ]; then for i in $myIMAGES do - service $i stop + systemctl stop $i done echo "### Waiting 10 seconds before restarting docker ..." sleep 10 iptables -w -F - service docker restart + systemctl restart docker while true do docker info > /dev/null @@ -64,7 +64,7 @@ if [ $myUPTIME -gt 4 ]; echo "### Starting T-Pot services ..." for i in $myIMAGES do - service $i start + systemctl start $i done sleep 5 else diff --git a/installer/bin/status.sh b/installer/bin/status.sh index 6f98ae90..ecdb4e05 100755 --- a/installer/bin/status.sh +++ b/installer/bin/status.sh @@ -4,7 +4,7 @@ # T-Pot # # Container and services status script # # # -# v16.03.1 by mo, DTAG, 2016-03-09 # +# v16.10.0 by mo, DTAG, 2016-05-12 # ######################################################## myCOUNT=1 diff --git a/installer/bin/update-images.sh b/installer/bin/update-images.sh index ebd5cf0c..1c7576d9 100755 --- a/installer/bin/update-images.sh +++ b/installer/bin/update-images.sh @@ -4,9 +4,11 @@ # T-Pot # # Only start the containers found in /etc/init/ # # # -# v16.03.2 by mo, DTAG, 2016-04-20 # +# v16.10.0 by mo, DTAG, 2016-05-12 # ######################################################## +echo "### I still need some dev-work!" + # Make sure not to interrupt a check while true do @@ -33,19 +35,21 @@ done touch /var/run/check.lock # Stop T-Pot services and delete all T-Pot upstart scripts +# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! echo "### Stopping T-Pot services and cleaning up." for i in $(cat /data/imgcfg/all_images.conf); do - service $i stop + systemctl stop $i sleep 2 rm -rf /etc/init/$i.conf || true; done +# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! # Restarting docker services echo "### Restarting docker services ..." -service docker stop +systemctl stop docker sleep 2 -service docker start +systemctl start docker sleep 2 # Setup only T-Pot upstart scripts from images.conf and pull the images diff --git a/installer/etc/issue b/installer/etc/issue index aa4db954..6e0dbd43 100644 --- a/installer/etc/issue +++ b/installer/etc/issue @@ -1,4 +1,4 @@ -T-Pot 16.03 +T-Pot 16.10 (development) Hostname: \n IP: diff --git a/installer/home/2fa_enable.sh b/installer/home/2fa_enable.sh index 4646b3c6..8ee97d8b 100755 --- a/installer/home/2fa_enable.sh +++ b/installer/home/2fa_enable.sh @@ -4,11 +4,10 @@ # T-Pot # # Two-Factor-Authentication and SSH enable script # # # -# v16.03.2 by mo, DTAG, 2016-03-09 # +# v16.10.0 by mo, DTAG, 2016-05-12 # ######################################################## myBACKTITLE="T-Pot - Two-Factor-Authentication and SSH enable script" - # Let's ask if the user wants to enable two-factor ... dialog --backtitle "$myBACKTITLE" --title "[ Enable 2FA? ]" --yesno "\nDo you want to enable Two-Factor-Authentication based on Google Authenticator for SSH?" 8 70 my2FA=$? @@ -32,13 +31,13 @@ if [ "$my2FA" = "0" ] && ! [ -f /etc/pam.d/sshd.bak ]; fi # Enable SSH -if [ "$mySSH" = "0" ] && [ -f /etc/init/ssh.override ]; +if [ "$mySSH" = "0" ] && [ "$(systemctl status ssh | grep -o dead)" = "dead" ]; then clear - sudo rm /etc/init/ssh.override - sudo service ssh start + sudo systemctl enable ssh + sudo systemctl start ssh dialog --backtitle "$myBACKTITLE" --title "[ SSH enabled ]" --msgbox "\nThe SSH service has been enabled and is now reachable via port tcp/64295. Password authentication is disabled by default." 8 70 - elif ! [ -f /etc/init/ssh.override ] + elif [ "$(systemctl status ssh | grep -o dead)" = "" ] then dialog --backtitle "$myBACKTITLE" --title "[ Already enabled ]" --msgbox "\nIt seems that SSH has already been enabled." 8 70 fi diff --git a/installer/install.sh b/installer/install.sh index f54e3551..ca043ebc 100755 --- a/installer/install.sh +++ b/installer/install.sh @@ -1,9 +1,9 @@ #!/bin/bash ######################################################## # T-Pot post install script # -# Ubuntu server 14.04.4, x64 # +# Ubuntu server 16.04.0, x64 # # # -# v16.03.14 by mo, DTAG, 2016-03-08 # +# v16.10.0 by mo, DTAG, 2016-05-12 # ######################################################## # Type of install, SENSOR, INDUSTRIAL or FULL? @@ -20,9 +20,9 @@ myPFXHOSTIDPATH="/root/tpot/keys/8021x.id" fuECHO () { local myRED=1 local myWHT=7 - tput setaf $myRED + tput setaf $myRED -T xterm echo $1 "$2" - tput setaf $myWHT + tput setaf $myWHT -T xterm } # Let's make sure there is a warning if running for a second time @@ -154,7 +154,7 @@ EOF fuECHO "### Adding the docker repository." apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D tee /etc/apt/sources.list.d/docker.list <> /etc/init/ssh.override +systemctl disable ssh # Let's patch docker defaults, so we can run images as service fuECHO "### Patching docker defaults." diff --git a/isolinux/txt.cfg b/isolinux/txt.cfg index d0ef147d..f5e7584d 100755 --- a/isolinux/txt.cfg +++ b/isolinux/txt.cfg @@ -1,5 +1,5 @@ default install label install - menu label ^Install T-Pot 16.03 + menu label ^Install T-Pot 16.10 (development) kernel /install/vmlinuz append file=/cdrom/tpot/tpot.seed initrd=/install/initrd.gz ks=cdrom:/tpot/ks.cfg console-setup/ask_detect=true -- diff --git a/makeiso.sh b/makeiso.sh index 06873f75..ac476d1b 100755 --- a/makeiso.sh +++ b/makeiso.sh @@ -4,13 +4,13 @@ # T-Pot # # .ISO maker # # # -# v16.03.4 by mo, DTAG, 2016-03-08 # +# v16.10.0 by mo, DTAG, 2016-05-20 # ######################################################## # Let's define some global vars myBACKTITLE="T-Pot - ISO Maker" -myUBUNTULINK="http://releases.ubuntu.com/14.04.4/ubuntu-14.04.4-server-amd64.iso" -myUBUNTUISO="ubuntu-14.04.4-server-amd64.iso" +myUBUNTULINK="http://releases.ubuntu.com/16.04/ubuntu-16.04-server-amd64.iso" +myUBUNTUISO="ubuntu-16.04-server-amd64.iso" myTPOTISO="tpot.iso" myTPOTDIR="tpotiso" myTPOTSEED="preseed/tpot.seed"