From d65d5e3026cfc1cee1db7359780a694d3f091720 Mon Sep 17 00:00:00 2001 From: g0tmi1k Date: Mon, 20 Jul 2015 16:17:25 +0100 Subject: [PATCH] Kali: Bug fixes & tools. Add 'sort' to geany - Bugging me for ages! Add Crowbar - Brute force tool Add EDB alias - Useful with searchsploit Add MinGW (Windows) - Cross Compiling Add MPC - Payload generator Add Patator (GIT) - Brute force Add PyCharm - Python IDE _(not sure how well this will work long term)_ Change default MSF actions (reverse_tcp -> reverse_https, sounds, multi_console_command) Fix OpenVAS bugs (Add keys & changed service timeout value) - Thanks @unbaiat Fix OpenVAS selection bug (thanks @sickn3ss) Fix samba share Fix wording in various places Settings to Pure-FTP service (Hide banner & Enable passive mode) Switch from giggle to gitg ...Tweak bash fu ...Tweak output --- kali.sh | 759 +++++++++++++++++++++++++++++++++----------------------- 1 file changed, 446 insertions(+), 313 deletions(-) diff --git a/kali.sh b/kali.sh index 385159f..9bbc34f 100644 --- a/kali.sh +++ b/kali.sh @@ -1,6 +1,6 @@ #!/bin/bash #-Metadata----------------------------------------------------# -# Filename: kali.sh (Update: 2015-06-19) # +# Filename: kali.sh (Update: 2015-07-20) # #-Info--------------------------------------------------------# # Personal post-install script for Kali Linux. # #-Author(s)---------------------------------------------------# @@ -8,6 +8,8 @@ #-Operating System--------------------------------------------# # Designed for: Kali Linux 1.1.0a [x64] (VM - VMware) # # Tested on: Kali Linux 1.0.0 - 1.1.0a [x64 & x84 & mini] # +#-Licence-----------------------------------------------------# +# MIT License ~ http://opensource.org/licenses/MIT # #-Notes-------------------------------------------------------# # Run as root, just after a fresh/clean install of Kali. # # --- # @@ -24,6 +26,8 @@ # --- # # Incomplete/buggy/hidden stuff - search for '***'. # # --- # +# TODO: External resoureces, check http 200 - else error out # +# --- # # ** This script is meant for _ME_. ** # # ** EDIT this to meet _YOUR_ requirements! ** # # ** Wasn't designed with customization in mind. ** # @@ -40,29 +44,33 @@ wget -qO /tmp/kali.sh https://raw.github.com/g0tmi1k/os-scripts/master/kali.sh & fi +#-Defaults-------------------------------------------------------------# + + ##### Location information keyboardApple=false # Using a Apple/Macintosh keyboard? Change to anything other than 'false' to enable [ --osx ] keyboardlayout="gb" # Great Britain timezone="Europe/London" # London, Europe - ##### Optional steps hardenDNS=false # Set static & lock DNS name server [ --dns ] freezeDEB=false # Disable updating certain packages (e.g. Metasploit) [ --hold ] burpFree=false # Disable configuring Burp Proxy Free (for Burp Pro users...) [ --burp ] openVAS=false # Install & configure OpenVAS (not everyone wants it...) [ --openvas ] - ##### (Optional) Enable debug mode? #set -x - ##### (Cosmetic) Colour output -RED="\033[01;31m" -GREEN="\033[01;32m" -YELLOW="\033[01;33m" -BLUE="\033[01;34m" -RESET="\033[00m" +RED="\033[01;31m" # Issues/Errors +GREEN="\033[01;32m" # Success +YELLOW="\033[01;33m" # Warnings/Information +BLUE="\033[01;34m" # Heading +BOLD="\033[01;01m" # Highlight +RESET="\033[00m" # Normal + + +#-Arguments------------------------------------------------------------# ##### Read command line arguments @@ -78,21 +86,21 @@ for x in $( tr '[:upper:]' '[:lower:]' <<< "$@" ); do elif [ "${x}" == "--openvas" ]; then openVAS=true else - echo -e $RED'[!]'$RESET' Unknown option: '${x} 1>&2 + echo -e ' '$RED'[!]'$RESET' Unknown option: '${x} 1>&2 exit 1 fi done -#-Start-------------------------------------------------------# +#-Start----------------------------------------------------------------# ##### Check if we are running as root - else this script will fail (hard!) if [[ $EUID -ne 0 ]]; then - echo -e $RED'[!]'$RESET' This script must be run as root. Quitting...' 1>&2 + echo -e ' '$RED'[!]'$RESET' This script must be run as root. Quitting...' 1>&2 exit 1 else - echo -e "$BLUE[*]$RESET Kali Linux post-install script" + echo -e " $BLUE[*]$RESET Kali Linux post-install script" fi @@ -101,7 +109,7 @@ export DISPLAY=:0.0 #[[ -z $SSH_CONNECTION ]] || export DISPLAY=:0.0 ##### Fixing NetworkManager issues -echo -e "\n$GREEN[+]$RESET Fixing NetworkManager issues" +echo -e "\n $GREEN[+]$RESET Fixing NetworkManager issues" service network-manager stop #--- Fix 'device not managed' issue file=/etc/network/interfaces; [ -e "$file" ] && cp -n $file{,.bkup} # ...or: /etc/NetworkManager/NetworkManager.conf @@ -115,41 +123,41 @@ service network-manager restart sleep 10 for i in {1..10}; do ping -c 1 -W $i www.google.com &>/dev/null && break; done if [[ "$?" -ne 0 ]]; then - echo -e $RED'[!]'$RESET' Possible DNS issues(?). Trying DHCP "fix".' 1>&2 + echo -e ' '$RED'[!]'$RESET' Possible DNS issues(?). Trying DHCP "fix".' 1>&2 chattr -i /etc/resolv.conf 2>/dev/null dhclient sleep 15 _TMP=true _CMD="$(ping -c 1 8.8.8.8 &>/dev/null)" - if [[ "$?" -ne 0 ]] && [[ "$_TMP" == true ]]; then + if [[ "$?" -ne 0 && "$_TMP" == true ]]; then _TMP=false - echo -e $RED'[!]'$RESET' No Internet access. Manually fix the issue & re-run the script.' 1>&2 + echo -e ' '$RED'[!]'$RESET' No Internet access. Manually fix the issue & re-run the script.' 1>&2 fi _CMD="$(ping -c 1 www.google.com &>/dev/null)" - if [[ "$?" -ne 0 ]] && [[ "$_TMP" == true ]]; then + if [[ "$?" -ne 0 && "$_TMP" == true ]]; then _TMP=false - echo -e $RED'[!]'$RESET' Possible DNS issues(?). Manually fix the issue & re-run the script.' 1>&2 + echo -e ' '$RED'[!]'$RESET' Possible DNS issues(?). Manually fix the issue & re-run the script.' 1>&2 fi if [[ "$_TMP" == false ]]; then - (dmidecode | grep -iq virtual) && echo -e $YELLOW'[i]'$RESET' Try switching network adapter to NAT.' - echo -e $RED'[!]'$RESET' Quitting...' 1>&2 + (dmidecode | grep -iq virtual) && echo -e $YELLOW'[i]'$RESET' VM Detected. Try switching network adapter mode (NAT/Bridged).' + echo -e ' '$RED'[!]'$RESET' Quitting...' 1>&2 exit 2 fi fi ##### Enabling default network repositories ~ http://docs.kali.org/general-use/kali-linux-sources-list-repositories & Fix 'KEYEXPIRED 1425567400' -echo -e "\n$GREEN[+]$RESET Enabling default network repositories ~ if they were not selected during install" +echo -e "\n $GREEN[+]$RESET Enabling default network repositories ~ if they were not selected during install" #--- Fixing old keys #find /var/cache/apt/ -type f -delete find /var/lib/apt/lists/ -type f -delete # Bug fix: https://forums.kali.org/showthread.php?24687-Problem-with-apt-get-update&p=42558&viewfull=1#post42558 apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6 #gpg --keyserver hkp://keys.gnupg.net --recv-key 7D8D0BF6 # http://docs.kali.org/introduction/download-official-kali-linux-images #--- Add network repositories file=/etc/apt/sources.list; [ -e "$file" ] && cp -n $file{,.bkup} -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q 'kali main non-free contrib' "$file" 2>/dev/null || echo "deb http://http.kali.org/kali kali main non-free contrib" >> "$file" grep -q 'kali/updates main contrib non-free' "$file" 2>/dev/null || echo "deb http://security.kali.org/kali-security kali/updates main contrib non-free" >> "$file" -#grep -q 'kali-proposed-updates main contrib non-free' "$file" 2>/dev/null || echo "deb http://repo.kali.org/kali kali-proposed-updates main contrib non-free" >> "$file" +#grep -q 'kali-proposed-updates main contrib non-free' "$file" 2>/dev/null || echo -e "deb http://repo.kali.org/kali kali-proposed-updates main contrib non-free\ndeb-src http://repo.kali.org/kali kali-proposed-updates main contrib non-free" >> "$file" #--- Disable CD repositories sed -i '/kali/ s/^\( \|\t\|\)deb cdrom/#deb cdrom/g' "$file" #--- Update @@ -158,10 +166,10 @@ apt-get -y -qq install kali-archive-keyring # Fixing old keys ##### Installing kernel headers -echo -e "\n$GREEN[+]$RESET Installing kernel headers" +echo -e "\n $GREEN[+]$RESET Installing kernel headers" apt-get -y -qq install gcc make "linux-headers-$(uname -r)" if [[ $? -ne 0 ]]; then - echo -e $RED'[!]'$RESET' There was an issue installing kernel headers' 1>&2 + echo -e ' '$RED'[!]'$RESET' There was an issue installing kernel headers' 1>&2 echo -e $YELLOW'[i]'$RESET' Are you using the latest kernel?' fi @@ -171,7 +179,7 @@ if [ -e "/etc/vmware-tools" ]; then echo -e '\n'$RED'[!]'$RESET' VMware Tools is already installed. Skipping...' 1>&2 elif (dmidecode | grep -iq vmware); then ##### Installing virtual machines tools ~ http://docs.kali.org/general-use/install-vmware-tools-kali-guest - echo -e "\n$GREEN[+]$RESET Installing virtual machines tools" + echo -e "\n $GREEN[+]$RESET Installing virtual machines tools" #--- VM -> Install VMware Tools. Note: you may need to apply a patch: https://github.com/offensive-security/kali-vmware-tools-patches mkdir -p /mnt/cdrom/ umount -f /mnt/cdrom 2>/dev/null @@ -179,8 +187,8 @@ elif (dmidecode | grep -iq vmware); then mount -o ro /dev/cdrom /mnt/cdrom 2>/dev/null; _mount=$? # This will only check the first CD drive (if there are multiple bays) sleep 2 file=$(find /mnt/cdrom/ -maxdepth 1 -type f -name 'VMwareTools-*.tar.gz' -print -quit) - ([[ "$_mount" == 0 ]] && [[ -z "$file" ]]) && echo -e $RED'[!]'$RESET' Incorrect CD/ISO mounted' 1>&2 - if [[ "$_mount" == 0 ]] && [[ -n "$file" ]]; then # If there is a CD in (and its right!), try to install native Guest Additions + ([[ "$_mount" == 0 && -z "$file" ]]) && echo -e ' '$RED'[!]'$RESET' Incorrect CD/ISO mounted' 1>&2 + if [[ "$_mount" == 0 && -n "$file" ]]; then # If there is a CD in (and its right!), try to install native Guest Additions echo -e $YELLOW'[i]'$RESET' Patching & using "native VMware tools"' apt-get -y -qq install gcc make "linux-headers-$(uname -r)" git git clone git://github.com/rasa/vmware-tools-patches.git /tmp/vmware-tools-patches @@ -195,7 +203,7 @@ elif (dmidecode | grep -iq vmware); then #popd >/dev/null umount -f /mnt/cdrom 2>/dev/null else # The fallback is 'open vm tools' ~ http://open-vm-tools.sourceforge.net/about.php - echo -e $RED'[!]'$RESET' VMware Tools CD/ISO isnt mounted' 1>&2 + echo -e ' '$RED'[!]'$RESET' VMware Tools CD/ISO isnt mounted' 1>&2 echo -e $YELLOW'[i]'$RESET' Skipping "Native VMware Tools", switching to "Open VM Tools" instead' apt-get -y -qq install open-vm-toolbox fi @@ -205,14 +213,14 @@ elif [ -e "/etc/init.d/vboxadd" ]; then echo -e '\n'$RED'[!]'$RESET' Virtualbox Guest Additions is already installed. Skipping...' 1>&2 elif (dmidecode | grep -iq virtualbox); then ##### (Optional) Installing Virtualbox Guest Additions. Note: Need VirtualBox 4.2.xx+ (http://docs.kali.org/general-use/kali-linux-virtual-box-guest) - echo -e "\n$GREEN[+]$RESET (Optional) Installing Virtualbox Guest Additions" + echo -e "\n $GREEN[+]$RESET (Optional) Installing Virtualbox Guest Additions" #--- Devices -> Install Guest Additions CD image... mkdir -p /mnt/cdrom/ umount -f /mnt/cdrom 2>/dev/null sleep 1 mount -o ro /dev/cdrom /mnt/cdrom 2>/dev/null; _mount=$? # Only checks first CD drive (if multiple) - if [[ "$_mount" == 0 ]] && [[ ! -e /mnt/cdrom/VBoxLinuxAdditions.run ]]; then - echo -e $RED'[!]'$RESET' Incorrect CD/ISO mounted. Skipping...' 1>&2 + if [[ "$_mount" == 0 && ! -e /mnt/cdrom/VBoxLinuxAdditions.run ]]; then + echo -e ' '$RED'[!]'$RESET' Incorrect CD/ISO mounted. Skipping...' 1>&2 elif [[ "$_mount" == 0 ]]; then apt-get -y -qq install gcc make "linux-headers-$(uname -r)" cp -f /mnt/cdrom/VBoxLinuxAdditions.run /tmp/ @@ -224,9 +232,9 @@ fi ###### Checking display resolutions - just for post-install setup *** -#echo -e "\n$GREEN[+]$RESET Checking possible display resolutions" +#echo -e "\n $GREEN[+]$RESET Checking possible display resolutions" #export DISPLAY=:0.0 #[[ -z $SSH_CONNECTION ]] || export DISPLAY=:0.0 -#current_res=$(xrandr | grep '\*' | awk '{print $1}') +#current_res=$(xrandr | awk '/\*/ {print $1}') #if [[ $current_res == "800x600" ]]; then # echo -e $YELLOW'[i]'$RESET' Setting display resolution (1152x864) - Only until next reboot!' # (xrandr | grep -q 1152x864) && xrandr --size 1152x864 @@ -237,7 +245,7 @@ fi ifconfig eth1 &>/dev/null if [[ $? == 0 ]]; then ##### Setting a static IP address (192.168.155.175/24) on eth1 - echo -e "\n$GREEN[+]$RESET Setting a static IP address (192.168.155.175/24) on eth1" + echo -e "\n $GREEN[+]$RESET Setting a static IP address (192.168.155.175/24) on eth1" ifconfig eth1 192.168.155.175/24 file=/etc/network/interfaces; [ -e "$file" ] && cp -n $file{,.bkup} grep -q '^iface eth1 inet static' "$file" 2>/dev/null || cat <> "$file" @@ -253,7 +261,7 @@ fi ##### Setting static & protecting DNS name servers. Note: May cause issues with forced values (e.g. captive portals etc) if [ "$hardenDNS" != "false" ]; then - echo -e "\n$GREEN[+]$RESET Setting static & protecting DNS name servers" + echo -e "\n $GREEN[+]$RESET Setting static & protecting DNS name servers" file=/etc/resolv.conf; [ -e "$file" ] && cp -n $file{,.bkup} chattr -i "$file" 2>/dev/null #--- Remove duplicate results @@ -267,12 +275,12 @@ if [ "$hardenDNS" != "false" ]; then #--- Protect it chattr +i "$file" 2>/dev/null else - echo -e $RED'[!]'$RESET' Skipping DNS (missing --dns)...' 1>&2 + echo -e ' '$RED'[!]'$RESET' Skipping DNS (missing --dns)...' 1>&2 fi ###### Updating hostname (to 'kali') - but not domain name *** -#echo -e "\n$GREEN[+]$RESET Updating hostname (to 'kali')" +#echo -e "\n $GREEN[+]$RESET Updating hostname (to 'kali')" #hostname="kali" ##--- Change it now #hostname "$hostname" @@ -287,8 +295,8 @@ fi ##### Updating location information - set either value to "" to skip. -echo -e "\n$GREEN[+]$RESET Updating location information ~ keyboard layout & time zone ($keyboardlayout & $timezone)" -[ "$keyboardApple" != "false" ] && echo -e "\n$GREEN[+]$RESET Applying Apple hardware profile" +echo -e "\n $GREEN[+]$RESET Updating location information ~ keyboard layout & time zone ($keyboardlayout & $timezone)" +[ "$keyboardApple" != "false" ] && echo -e "\n $GREEN[+]$RESET Applying Apple hardware profile" #keyboardlayout="gb" # Great Britain #timezone="Europe/London" # London, Europe #--- Configure keyboard layout @@ -328,16 +336,16 @@ start_time=$(date +%s) if [ "$freezeDEB" != "false" ]; then ##### Don't ever update these packages - echo -e "\n$GREEN[+]$RESET Don't ever update these packages:" + echo -e "\n $GREEN[+]$RESET Don't ever update these packages:" for x in metasploit metasploit-framework metasploit-common; do - echo -e "$YELLOW[i]$RESET + $x" + echo -e " $YELLOW[i]$RESET + $x" echo "$x hold" | dpkg --set-selections # To update: echo "$x install" | dpkg --set-selections done fi ##### Updating OS from repositories -echo -e "\n$GREEN[+]$RESET Updating OS from repositories (this may take a while depending on your Internet connection & Kali version/age)" +echo -e "\n $GREEN[+]$RESET Updating OS from repositories (this may take a while depending on your Internet connection & Kali version/age)" for FILE in clean autoremove; do apt-get -y -qq "$FILE"; done # Clean up clean remove autoremove autoclean export DEBIAN_FRONTEND=noninteractive apt-get -qq update && apt-get -y -qq dist-upgrade --fix-missing @@ -348,17 +356,17 @@ apt-get -qq update && apt-get -y -qq dist-upgrade --fix-missing #--- Check kernel stuff _TMP=$(dpkg -l | grep linux-image- | grep -vc meta) if [[ "$_TMP" -gt 1 ]]; then - echo -e "\n$YELLOW[i]$RESET Detected multiple kernels installed" - #echo -e "$YELLOW[i]$RESET Clean up: apt-get remove --purge $(dpkg -l 'linux-image-*' | sed '/^ii/!d;/'"$(uname -r | sed "s/\(.*\)-\([^0-9]\+\)/\1/")"'/d;s/^[^ ]* [^ ]* \([^ ]*\).*/\1/;/[0-9]/!d')" # DO NOT RUN IF NOT USING THE LASTEST KERNEL! + echo -e "\n $YELLOW[i]$RESET Detected multiple kernels installed" + #echo -e " $YELLOW[i]$RESET Clean up: apt-get remove --purge $(dpkg -l 'linux-image-*' | sed '/^ii/!d;/'"$(uname -r | sed "s/\(.*\)-\([^0-9]\+\)/\1/")"'/d;s/^[^ ]* [^ ]* \([^ ]*\).*/\1/;/[0-9]/!d')" # DO NOT RUN IF NOT USING THE LASTEST KERNEL! TMP=$(dpkg -l | grep linux-image | grep -v meta | sort -t '.' -k 2 -g | tail -n 1 | grep "$(uname -r)") - [[ -z "$_TMP" ]] && echo -e $RED'[!]'$RESET' You are not using the latest kernel' 1>&2 && echo -e "$YELLOW[i]$RESET You have it downloaded & installed, just not using it. You need to **reboot**" + [[ -z "$_TMP" ]] && echo -e ' '$RED'[!]'$RESET' You are not using the latest kernel' 1>&2 && echo -e " $YELLOW[i]$RESET You have it downloaded & installed, just not using it. You need to **reboot**" fi #--- Kali's default tools ~ https://www.kali.org/news/kali-linux-metapackages/ apt-get -y -qq install kali-linux-full ###### Settings services to listen to listen to loopback interface *** -#echo -e "\n$GREEN[+]$RESET Settings services to listen to listen to loopback interface" +#echo -e "\n $GREEN[+]$RESET Settings services to listen to listen to loopback interface" #--- Configuring ntp #file=/etc/default/ntp; [ -e "$file" ] && cp -n $file{,.bkup} #grep -q "interface=127.0.0.1" "$file" || sed -i "s/^NTPD_OPTS='/NTPD_OPTS='--interface=127.0.0.1 /" "$file" @@ -374,7 +382,7 @@ apt-get -y -qq install kali-linux-full ##### Fixing audio issues -echo -e "\n$GREEN[+]$RESET Fixing audio issues" +echo -e "\n $GREEN[+]$RESET Fixing audio issues" #--- PulseAudio warnings #file=/etc/default/pulseaudio; [ -e "$file" ] && cp -n $file{,.bkup} #sed -i 's/^PULSEAUDIO_SYSTEM_START=.*/PULSEAUDIO_SYSTEM_START=1/' "$file" @@ -386,7 +394,7 @@ amixer set Master 50% >/dev/null ##### Configuring GRUB -echo -e "\n$GREEN[+]$RESET Configuring GRUB ~ boot manager" +echo -e "\n $GREEN[+]$RESET Configuring GRUB ~ boot manager" (dmidecode | grep -iq virtual) && grubTimeout=1 || grubTimeout=5 file=/etc/default/grub; [ -e "$file" ] && cp -n $file{,.bkup} sed -i 's/^GRUB_TIMEOUT=.*/GRUB_TIMEOUT='$grubTimeout'/' "$file" # Time out (lower if in a virtual machine, else possible dual booting) @@ -395,7 +403,7 @@ update-grub ###### Disabling login manager (console login - non GUI) *** -#echo -e "\n$GREEN[+]$RESET Disabling login (console login - non GUI)" +#echo -e "\n $GREEN[+]$RESET Disabling login (console login - non GUI)" #--- Disable GUI login screen #apt-get -y -qq install chkconfig #chkconfig gdm3 off # ...or: mv -f /etc/rc2.d/S19gdm3 /etc/rc2.d/K17gdm #file=/etc/X11/default-display-manager; [ -e "$file" ] && cp -n $file{,.bkup} #echo /bin/true > "$file" @@ -408,7 +416,7 @@ update-grub ###### Configuring startup (randomize the hostname, eth0 & wlan0s MAC address) *** -#echo -e "\n$GREEN[+]$RESET Configuring startup (randomize the hostname, eth0 & wlan0s MAC address)" +#echo -e "\n $GREEN[+]$RESET Configuring startup (randomize the hostname, eth0 & wlan0s MAC address)" #--- Start up #file=/etc/rc.local; [ -e "$file" ] && cp -n $file{,.bkup} #grep -q "macchanger" "$file" 2>/dev/null || sed -i 's#^exit 0#for INT in eth0 wlan0; do\n ifconfig $INT down\n '$(whereis macchanger)' -r $INT \&\& sleep 3\n ifconfig $INT up\ndone\n\n\nexit 0#' "$file" @@ -424,7 +432,7 @@ update-grub ##### Configuring GNOME 3 -echo -e "\n$GREEN[+]$RESET Configuring GNOME 3 ~ desktop environment" +echo -e "\n $GREEN[+]$RESET Configuring GNOME 3 ~ desktop environment" #--- Move bottom panel to top panel gsettings set org.gnome.gnome-panel.layout toplevel-id-list "['top-panel']" dconf write /org/gnome/gnome-panel/layout/objects/workspace-switcher/toplevel-id "'top-panel'" @@ -496,7 +504,7 @@ grep -q '^/usr/bin/numlockx' "$file" 2>/dev/null || sed -i 's#exit 0#if [ -x /us ##### Installing & configuring XFCE 4 -echo -e "\n$GREEN[+]$RESET Installing & configuring XFCE 4 ~ desktop environment" +echo -e "\n $GREEN[+]$RESET Installing & configuring XFCE 4 ~ desktop environment" apt-get -y -qq install curl apt-get -y -qq install xfce4 xfce4-places-plugin #apt-get -y -qq install shiki-colors-xfwm-theme # theme @@ -1020,19 +1028,19 @@ EOF #--- Configure file browser (need to re-login for effect) mkdir -p /root/.config/Thunar/ file=/root/.config/Thunar/thunarrc; [ -e "$file" ] && cp -n $file{,.bkup} -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" sed -i 's/LastShowHidden=.*/LastShowHidden=TRUE/' "$file" 2>/dev/null || echo -e "[Configuration]\nLastShowHidden=TRUE" > /root/.config/Thunar/thunarrc; #--- Enable num lock at start up (might not be smart if you're using a smaller keyboard (laptop?)) ~ https://wiki.xfce.org/faq #xfconf-query -c keyboards -p /Default/Numlock -s true apt-get -y -qq install numlockx file=/etc/xdg/xfce4/xinitrc; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/rc.local -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q '^/usr/bin/numlockx' "$file" 2>/dev/null || echo "/usr/bin/numlockx on" >> "$file" #--- XFCE fixes for default applications mkdir -p /root/.local/share/applications/ file=/root/.local/share/applications/mimeapps.list; [ -e "$file" ] && cp -n $file{,.bkup} [ ! -e "$file" ] && echo '[Added Associations]' > "$file" -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" for VALUE in file trash; do sed -i 's#x-scheme-handler/'$VALUE'=.*#x-scheme-handler/'$VALUE'=exo-file-manager.desktop#' "$file" grep -q '^x-scheme-handler/'$VALUE'=' "$file" 2>/dev/null || echo -e 'x-scheme-handler/'$VALUE'=exo-file-manager.desktop' >> "$file" @@ -1047,7 +1055,7 @@ sed -i 's#^FileManager=.*#FileManager=Thunar#' "$file" 2>/dev/null grep -q '^FileManager=Thunar' "$file" 2>/dev/null || echo -e 'FileManager=Thunar' >> "$file" #--- Remove any old sessions rm -f /root/.cache/sessions/* -#--- XFCE fixes for terminator (We do this later) +#--- XFCE fixes for GNOME Terminator (We do this later) #mkdir -p /root/.local/share/xfce4/helpers/ #file=/root/.local/share/xfce4/helpers/custom-TerminalEmulator.desktop; [ -e "$file" ] && cp -n $file{,.bkup} #sed -i 's#^X-XFCE-CommandsWithParameter=.*#X-XFCE-CommandsWithParameter=/usr/bin/terminator --command="%s"#' "$file" 2>/dev/null || echo -e '[Desktop Entry]\nNoDisplay=true\nVersion=1.0\nEncoding=UTF-8\nType=X-XFCE-Helper\nX-XFCE-Category=TerminalEmulator\nX-XFCE-CommandsWithParameter=/usr/bin/terminator --command="%s"\nIcon=terminator\nName=terminator\nX-XFCE-Commands=/usr/bin/terminator' > "$file" @@ -1075,34 +1083,34 @@ rm -f /tmp/Shiki-Colors-Light-Menus.tar* ##### Configuring file browser Note: need to restart xserver for effect -echo -e "\n$GREEN[+]$RESET Configuring file browser" +echo -e "\n $GREEN[+]$RESET Configuring file browser" mkdir -p /root/.config/gtk-2.0/ file=/root/.config/gtk-2.0/gtkfilechooser.ini; [ -e "$file" ] && cp -n $file{,.bkup} -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" sed -i 's/^.*ShowHidden.*/ShowHidden=true/' "$file" 2>/dev/null || echo -e "\n[Filechooser Settings]\nLocationMode=path-bar\nShowHidden=true\nExpandFolders=false\nShowSizeColumn=true\nGeometryX=66\nGeometryY=39\nGeometryWidth=780\nGeometryHeight=618\nSortColumn=name\nSortOrder=ascending" > "$file" #Open/save Window -> Right click -> Show Hidden Files: Enabled dconf write /org/gnome/nautilus/preferences/show-hidden-files true file=/root/.gtk-bookmarks; [ -e "$file" ] && cp -n $file{,.bkup} -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q '^file:///root/Downloads ' "$file" 2>/dev/null || echo 'file:///root/Downloads Downloads' >> "$file" -(dmidecode | grep -iq vmware) && (mkdir -p /mnt/hgfs/; grep -q '^file:///mnt/hgfs ' "$file" 2>/dev/null || echo 'file:///mnt/hgfs vmshare' >> "$file") -grep -q '^file:///tmp ' "$file" 2>/dev/null || echo 'file:///tmp tmp' >> "$file" -grep -q '^file:///usr/local/src ' "$file" 2>/dev/null || echo 'file:///usr/local/src src' >> "$file" -grep -q '^file:///usr/share ' "$file" 2>/dev/null || echo 'file:///usr/share kali' >> "$file" -grep -q '^file:///var/ftp ' "$file" 2>/dev/null || echo 'file:///var/ftp ftp' >> "$file" -grep -q '^file:///var/samba ' "$file" 2>/dev/null || echo 'file:///var/samba samba' >> "$file" -grep -q '^file:///var/tftp ' "$file" 2>/dev/null || echo 'file:///var/tftp tftp' >> "$file" -grep -q '^file:///var/www ' "$file" 2>/dev/null || echo 'file:///var/www www' >> "$file" +(dmidecode | grep -iq vmware) && (mkdir -p /mnt/hgfs/; grep -q '^file:///mnt/hgfs ' "$file" 2>/dev/null || echo 'file:///mnt/hgfs VMShare' >> "$file") +grep -q '^file:///tmp ' "$file" 2>/dev/null || echo 'file:///tmp TMP' >> "$file" +grep -q '^file:///usr/local/src ' "$file" 2>/dev/null || echo 'file:///usr/local/src SRC' >> "$file" +grep -q '^file:///usr/share ' "$file" 2>/dev/null || echo 'file:///usr/share Kali Tools' >> "$file" +grep -q '^file:///var/ftp ' "$file" 2>/dev/null || echo 'file:///var/ftp FTP' >> "$file" +grep -q '^file:///var/samba ' "$file" 2>/dev/null || echo 'file:///var/samba Samba' >> "$file" +grep -q '^file:///var/tftp ' "$file" 2>/dev/null || echo 'file:///var/tftp TFTP' >> "$file" +grep -q '^file:///var/www ' "$file" 2>/dev/null || echo 'file:///var/www WWW' >> "$file" ##### Configuring terminal Note: need to restart xserver for effect -echo -e "\n$GREEN[+]$RESET Configuring terminal" +echo -e "\n $GREEN[+]$RESET Configuring terminal" gconftool-2 --type bool --set /apps/gnome-terminal/profiles/Default/scrollback_unlimited true # Terminal -> Edit -> Profile Preferences -> Scrolling -> Scrollback: Unlimited -> Close gconftool-2 --type string --set /apps/gnome-terminal/profiles/Default/background_darkness 0.85611499999999996 # Not working 100%! gconftool-2 --type string --set /apps/gnome-terminal/profiles/Default/background_type transparent ##### Configuring bash - all users -echo -e "\n$GREEN[+]$RESET Configuring bash" +echo -e "\n $GREEN[+]$RESET Configuring bash" file=/etc/bash.bashrc; [ -e "$file" ] && cp -n $file{,.bkup} #/root/.bashrc grep -q "cdspell" "$file" || echo "shopt -sq cdspell" >> "$file" # Spell check 'cd' commands grep -q "checkwinsize" "$file" || echo "shopt -sq checkwinsize" >> "$file" # Wrap lines correctly after resizing @@ -1114,9 +1122,9 @@ if [[ "$SHELL" == "/bin/zsh" ]]; then source ~/.zshrc else source "$file"; fi ##### Configuring bash colour - all users -echo -e "\n$GREEN[+]$RESET Configuring bash colour" +echo -e "\n $GREEN[+]$RESET Configuring bash colour" file=/etc/bash.bashrc; [ -e "$file" ] && cp -n $file{,.bkup} #/root/.bashrc -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" sed -i 's/.*force_color_prompt=.*/force_color_prompt=yes/' "$file" grep -q '^force_color_prompt' "$file" 2>/dev/null || echo 'force_color_prompt=yes' >> "$file" sed -i 's#PS1='"'"'.*'"'"'#PS1='"'"'${debian_chroot:+($debian_chroot)}\\[\\033\[01;31m\\]\\u@\\h\\\[\\033\[00m\\]:\\[\\033\[01;34m\\]\\w\\[\\033\[00m\\]\\$ '"'"'#' "$file" @@ -1133,7 +1141,7 @@ if [[ "$SHELL" == "/bin/zsh" ]]; then source ~/.zshrc else source "$file"; fi ##### Installing bash completion - all users -echo -e "\n$GREEN[+]$RESET Installing bash completion" +echo -e "\n $GREEN[+]$RESET Installing bash completion" apt-get -y -qq install bash-completion file=/etc/bash.bashrc; [ -e "$file" ] && cp -n $file{,.bkup} #/root/.bashrc sed -i '/# enable bash completion in/,+7{/enable bash completion/!s/^#//}' "$file" @@ -1142,7 +1150,7 @@ if [[ "$SHELL" == "/bin/zsh" ]]; then source ~/.zshrc else source "$file"; fi ##### Configuring aliases - root user -echo -e "\n$GREEN[+]$RESET Configuring aliases" +echo -e "\n $GREEN[+]$RESET Configuring aliases" #--- Enable defaults - root user for FILE in /etc/bash.bashrc /root/.bashrc /root/.bash_aliases; do #/etc/profile /etc/bashrc /etc/bash_aliases /etc/bash.bash_aliases [[ ! -f "$FILE" ]] && continue @@ -1151,7 +1159,7 @@ for FILE in /etc/bash.bashrc /root/.bashrc /root/.bash_aliases; do #/etc/prof done #--- General system ones file=/root/.bash_aliases; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/bash.bash_aliases -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q '^## grep aliases' "$file" 2>/dev/null || echo -e '## grep aliases\nalias grep="grep --color=always"\nalias ngrep="grep -n"\n' >> "$file" grep -q '^alias egrep=' "$file" 2>/dev/null || echo -e 'alias egrep="egrep --color=auto"\n' >> "$file" grep -q '^alias fgrep=' "$file" 2>/dev/null || echo -e 'alias fgrep="fgrep --color=auto"\n' >> "$file" @@ -1180,22 +1188,23 @@ grep -q '^## nmap' "$file" 2>/dev/null || echo -e '## nmap\nalias nmap="nmap --r grep -q '^## aircrack-ng' "$file" 2>/dev/null || echo -e '## aircrack-ng\nalias aircrack-ng="aircrack-ng -z"\n' >> "$file" grep -q '^## airodump-ng' "$file" 2>/dev/null || echo -e '## airodump-ng \nalias airodump-ng="airodump-ng --manufacturer --wps --uptime"\n' >> "$file" # aircrack-ng 1.2 rc2 grep -q '^## metasploit' "$file" 2>/dev/null || echo -e '## metasploit\nalias msfc="service postgresql start; service metasploit start; msfconsole -q \"$@\""\n' >> "$file" -[ "$openvas" != "false" ] && grep -q '^## openvas' "$file" 2>/dev/null || echo -e '## openvas\nalias openvas="service openvas-manager restart; service openvas-scanner restart; service greenbone-security-assistant restart; xdg-open https://127.0.0.1:9392/"\n' >> "$file" +[ "$openVAS" != "false" ] && grep -q '^## openvas' "$file" 2>/dev/null || echo -e '## openvas\nalias openvas="service openvas-manager restart; service openvas-scanner restart; service greenbone-security-assistant restart; xdg-open https://127.0.0.1:9392/"\n' >> "$file" #airmon-vz --verbose #--- Add in folders -grep -q '^## www' "$file" 2>/dev/null || echo -e '## www\nalias wwwroot="cd /var/www/"\n' >> "$file" -grep -q '^## ftp' "$file" 2>/dev/null || echo -e '## ftp\nalias ftproot="cd /var/ftp/"\n' >> "$file" -grep -q '^## tftp' "$file" 2>/dev/null || echo -e '## tftp\nalias tftproot="cd /var/tftp/"\n' >> "$file" -grep -q '^## smb' "$file" 2>/dev/null || echo -e '## smb\nalias sambaroot="cd /var/samba/"\n#alias smbroot="cd /var/samba/"\n' >> "$file" +grep -q '^## www' "$file" 2>/dev/null || echo -e '## www\nalias wwwroot="cd /var/www/"\n' >> "$file" # service apache2 start +grep -q '^## ftp' "$file" 2>/dev/null || echo -e '## ftp\nalias ftproot="cd /var/ftp/"\n' >> "$file" # service pure-ftpd start +grep -q '^## tftp' "$file" 2>/dev/null || echo -e '## tftp\nalias tftproot="cd /var/tftp/"\n' >> "$file" # service atftpd start +grep -q '^## smb' "$file" 2>/dev/null || echo -e '## smb\nalias sambaroot="cd /var/samba/"\n#alias smbroot="cd /var/samba/"\n' >> "$file" # service samba start (dmidecode | grep -iq vmware) && (grep -q '^## vmware' "$file" 2>/dev/null || echo -e '## vmware\nalias vmroot="cd /mnt/hgfs/"' >> "$file") +grep -q '^## edb' "$file" 2>/dev/null || echo -e '## edb\nalias edbroot="cd /usr/share/exploitdb/"' >> "$file" #--- Apply new aliases if [[ "$SHELL" == "/bin/zsh" ]]; then source ~/.zshrc else source "$file"; fi #--- Check #alias -##### Installing terminator -echo -e "\n$GREEN[+]$RESET Installing terminator ~ multiple terminals in a single window" +##### Installing GNOME Terminator +echo -e "\n $GREEN[+]$RESET Installing GNOME Terminator ~ multiple terminals in a single window" apt-get -y -qq install terminator #--- Configure terminator mkdir -p /root/.config/terminator/ @@ -1238,26 +1247,26 @@ Name=terminator X-XFCE-Commands=/usr/bin/terminator EOF file=/root/.config/xfce4/helpers.rc; [ -e "$file" ] && cp -n $file{,.bkup} #exo-preferred-applications #xdg-mime default -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" sed -i 's#^TerminalEmulator=.*#TerminalEmulator=custom-TerminalEmulator#' "$file" grep -q '^TerminalEmulator=custom-TerminalEmulator' "$file" 2>/dev/null || echo -e 'TerminalEmulator=custom-TerminalEmulator' >> "$file" ##### Installing ZSH & Oh-My-ZSH - root user. Note: If you use thurar, 'Open terminal here', will not work. -echo -e "\n$GREEN[+]$RESET Installing ZSH & Oh-My-ZSH ~ unix shell" +echo -e "\n $GREEN[+]$RESET Installing ZSH & Oh-My-ZSH ~ unix shell" #group="sudo" apt-get -y -qq install zsh git curl #--- Setup oh-my-zsh curl --progress -k -L "https://github.com/robbyrussell/oh-my-zsh/raw/master/tools/install.sh" | zsh #curl -s -L "https://github.com/robbyrussell/oh-my-zsh/raw/master/tools/install.sh" #--- Configure zsh file=/root/.zshrc; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/zsh/zshrc -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q 'interactivecomments' "$file" 2>/dev/null || echo 'setopt interactivecomments' >> "$file" grep -q 'ignoreeof' "$file" 2>/dev/null || echo 'setopt ignoreeof' >> "$file" grep -q 'correctall' "$file" 2>/dev/null || echo 'setopt correctall' >> "$file" grep -q 'globdots' "$file" 2>/dev/null || echo 'setopt globdots' >> "$file" grep -q '.bash_aliases' "$file" 2>/dev/null || echo 'source $HOME/.bash_aliases' >> "$file" -grep -q '/usr/bin/tmux' "$file" 2>/dev/null || echo '#if ([[ -z "$TMUX" ]] && [[ -n "$SSH_CONNECTION" ]]); then /usr/bin/tmux attach || /usr/bin/tmux new; fi' >> "$file" # If not already in tmux and via SSH +grep -q '/usr/bin/tmux' "$file" 2>/dev/null || echo '#if ([[ -z "$TMUX" && -n "$SSH_CONNECTION" ]]); then /usr/bin/tmux attach || /usr/bin/tmux new; fi' >> "$file" # If not already in tmux and via SSH #--- Configure zsh (themes) ~ https://github.com/robbyrussell/oh-my-zsh/wiki/Themes sed -i 's/ZSH_THEME=.*/ZSH_THEME="alanpeabody"/' "$file" # Other themes: alanpeabody, jreese, mh, candy, terminalparty, kardan, nicoulaj, sunaku #--- Configure oh-my-zsh @@ -1279,7 +1288,7 @@ chsh -s "$(which zsh)" ##### Installing tmux - all users -echo -e "\n$GREEN[+]$RESET Installing tmux ~ multiplex virtual consoles" +echo -e "\n $GREEN[+]$RESET Installing tmux ~ multiplex virtual consoles" #group="sudo" #apt-get -y -qq remove screen # Optional: If we're going to have/use tmux, why have screen? apt-get -y -qq install tmux @@ -1358,7 +1367,7 @@ set -g status-right '#[fg=green][#[fg=yellow]%Y-%m-%d #[fg=white]%H:%M#[fg=green EOF #--- Setup alias file=/root/.bash_aliases; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/bash.bash_aliases -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q '^alias tmux' "$file" 2>/dev/null || echo -e '## tmux\nalias tmux="tmux attach || tmux new"\n' >> "$file" #alias tmux="tmux attach -t $HOST || tmux new -s $HOST" #--- Apply new aliases if [[ "$SHELL" == "/bin/zsh" ]]; then source ~/.zshrc else source "$file"; fi @@ -1374,7 +1383,7 @@ if [[ "$SHELL" == "/bin/zsh" ]]; then source ~/.zshrc else source "$file"; fi ##### Configuring screen ~ if possible, use tmux instead! -echo -e "\n$GREEN[+]$RESET Configuring screen ~ multiplex virtual consoles" +echo -e "\n $GREEN[+]$RESET Configuring screen ~ multiplex virtual consoles" #apt-get -y -qq install screen #--- Configure screen file=/root/.screenrc; [ -e "$file" ] && cp -n $file{,.bkup} @@ -1406,11 +1415,11 @@ EOF ##### Configuring vim - all users -echo -e "\n$GREEN[+]$RESET Configuring vim ~ CLI text editor" +echo -e "\n $GREEN[+]$RESET Configuring vim ~ CLI text editor" apt-get -y -qq install vim #--- Configure vim file=/etc/vim/vimrc; [ -e "$file" ] && cp -n $file{,.bkup} #/root/.vimrc -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" sed -i 's/.*syntax on/syntax on/' "$file" sed -i 's/.*set background=dark/set background=dark/' "$file" sed -i 's/.*set showcmd/set showcmd/' "$file" @@ -1437,7 +1446,7 @@ grep -q '^:command Q q' "$file" 2>/dev/null || echo -e ':command Q q' >> "$file" #--- Set as default editor export EDITOR="vim" #update-alternatives --config editor file=/etc/bash.bashrc; [ -e "$file" ] && cp -n $file{,.bkup} -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q '^EDITOR' "$file" 2>/dev/null || echo 'EDITOR="vim"' >> "$file" git config --global core.editor "vim" #--- Set as default mergetool @@ -1447,14 +1456,14 @@ git config --global mergetool.prompt false ##### Setting up iceweasel -echo -e "\n$GREEN[+]$RESET Setting up iceweasel ~ GUI web browser" +echo -e "\n $GREEN[+]$RESET Setting up iceweasel ~ GUI web browser" apt-get install -y -qq unzip curl iceweasel #--- Configure iceweasel export DISPLAY=:0.0 #[[ -z $SSH_CONNECTION ]] || export DISPLAY=:0.0 timeout 15 iceweasel #iceweasel & sleep 15; killall -q -w iceweasel >/dev/null # Start and kill. Files needed for first time run timeout 5 killall -9 -q -w iceweasel >/dev/null file=$(find /root/.mozilla/firefox/*.default*/ -maxdepth 1 -type f -name 'prefs.js' -print -quit) && [ -e "$file" ] && cp -n $file{,.bkup} #/etc/iceweasel/pref/*.js -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" #sed -i 's/^.network.proxy.socks_remote_dns.*/user_pref("network.proxy.socks_remote_dns", true);' "$file" 2>/dev/null || echo 'user_pref("network.proxy.socks_remote_dns", true);' >> "$file" sed -i 's/^.browser.safebrowsing.enabled.*/user_pref("browser.safebrowsing.enabled", false);' "$file" 2>/dev/null || echo 'user_pref("browser.safebrowsing.enabled", false);' >> "$file" # Iceweasel -> Edit -> Preferences -> Security -> Block reported web forgeries sed -i 's/^.browser.safebrowsing.malware.enabled.*/user_pref("browser.safebrowsing.malware.enabled", false);' "$file" 2>/dev/null || echo 'user_pref("browser.safebrowsing.malware.enabled", false);' >> "$file" # Iceweasel -> Edit -> Preferences -> Security -> Block reported attack sites @@ -1471,7 +1480,7 @@ awk '!a[$0]++' /tmp/bookmarks_new.html | \egrep -v ">(Latest Headlines|Getting S sed -i 's#^

#

\n

\n

#' "$file" # Fix import issues from pentest-bookmarks... sed -i 's#^

#

\n

localhost#' "$file" # Add localhost to bookmark toolbar (before hackery folder) sed -i 's#^

#

Nessus\n

#' "$file" # Add Nessus UI bookmark toolbar -[ "$openvas" != "false" ] && sed -i 's#^

#

OpenVAS\n

#' "$file" # Add OpenVAS UI to bookmark toolbar +[ "$openVAS" != "false" ] && sed -i 's#^

#

OpenVAS\n

#' "$file" # Add OpenVAS UI to bookmark toolbar #sed -i 's#^

#

Nexpose\n

#' "$file" # Add Nexpose UI to bookmark toolbar sed -i 's#^

#

MSF\n

#' "$file" # Add Metasploit UI to bookmark toolbar sed -i 's#^

#

BeEF\n

#' "$file" # Add BeEF UI to bookmark toolbar @@ -1490,7 +1499,7 @@ find /root/.mozilla/firefox/*.default*/ -maxdepth 1 -mindepth 1 -type f -name pl find /root/.mozilla/firefox/*.default*/bookmarkbackups/ -type f -delete #--- Download extensions ffpath="$(find /root/.mozilla/firefox/*.default*/ -maxdepth 0 -mindepth 0 -type d -name '*.default*' -print -quit)/extensions" -[ "$ffpath" == "/extensions" ] && echo -e $RED'[!]'$RESET" Couldn't find Firefox/Iceweasel folder" 1>&2 +[ "$ffpath" == "/extensions" ] && echo -e ' '$RED'[!]'$RESET" Couldn't find Firefox/Iceweasel folder" 1>&2 mkdir -p "$ffpath/" #curl --progress -k -L "https://github.com/mozmark/ringleader/blob/master/fx_pnh.xpi?raw=true" # plug-n-hack #curl --progress -k -L "https://addons.mozilla.org/firefox/downloads/latest/284030/addon-284030-latest.xpi?src=dp-btn-primary" -o "$ffpath/{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi" # HTTPS Finder @@ -1516,10 +1525,10 @@ timeout 15 iceweasel #iceweasel & sleep 15; killall -q -w iceweasel >/dev/null sleep 3 file=$(find /root/.mozilla/firefox/*.default*/ -maxdepth 1 -type f -name 'extensions.sqlite' -print -quit) #&& [ -e "$file" ] && cp -n $file{,.bkup} if [ ! -e "$file" ] || [ -z "$file" ]; then - #echo -e $RED'[!]'$RESET" Something went wrong enabling Iceweasel's extensions via method #1. Trying method #2..." 1>&2 + #echo -e ' '$RED'[!]'$RESET" Something went wrong enabling Iceweasel's extensions via method #1. Trying method #2..." 1>&2 false else - echo -e "$YELLOW[i]$RESET Enabled Iceweasel's extensions (via method #1!)" + echo -e " $YELLOW[i]$RESET Enabled Iceweasel's extensions (via method #1!)" apt-get install -y -qq sqlite3 rm -f /tmp/iceweasel.sql; touch /tmp/iceweasel.sql echo "UPDATE 'main'.'addon' SET 'active' = 1, 'userDisabled' = 0;" > /tmp/iceweasel.sql # Force them all! @@ -1527,10 +1536,10 @@ else fi file=$(find /root/.mozilla/firefox/*.default*/ -maxdepth 1 -type f -name 'extensions.json' -print -quit) #&& [ -e "$file" ] && cp -n $file{,.bkup} if [ ! -e "$file" ] || [ -z "$file" ]; then - #echo -e $RED'[!]'$RESET" Something went wrong enabling Iceweasel's extensions via method #2. Did method #1 also fail?" 1>&2 + #echo -e ' '$RED'[!]'$RESET" Something went wrong enabling Iceweasel's extensions via method #2. Did method #1 also fail?" 1>&2 false else - echo -e "$YELLOW[i]$RESET Enabled Iceweasel's extensions (via method #2!)" + echo -e " $YELLOW[i]$RESET Enabled Iceweasel's extensions (via method #2!)" sed -i 's/"active":false,/"active":true,/g' "$file" # Force them all! sed -i 's/"userDisabled":true,/"userDisabled":false,/g' "$file" # Force them all! fi @@ -1543,7 +1552,7 @@ sleep 3 #--- Configure foxyproxy file=$(find /root/.mozilla/firefox/*.default*/ -maxdepth 1 -type f -name 'foxyproxy.xml' -print -quit) #&& [ -e "$file" ] && cp -n $file{,.bkup} if [ -z "$file" ]; then - echo -e $RED'[!]'$RESET' Something went wrong with the foxyproxy iceweasel extension (did any extensions install?). Skipping...' 1>&2 + echo -e ' '$RED'[!]'$RESET' Something went wrong with the foxyproxy iceweasel extension (did any extensions install?). Skipping...' 1>&2 elif [ -e "$file" ]; then grep -q 'localhost:8080' "$file" 2>/dev/null || sed -i 's#/dev/null || sed -i 's#/dev/null #metasploit = msf pro, metasploit-framework = free stuff #--- ASCII art export GOCOW=1 # Always a cow logo ;) Others: THISISHALLOWEEN (Halloween), APRILFOOLSPONIES (My Little Pony) file=/root/.bashrc; [ -e "$file" ] && cp -n $file{,.bkup} -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q '^GOCOW' "$file" 2>/dev/null || echo 'GOCOW=1' >> "$file" #--- Start services service postgresql start #service postgresql restart @@ -1713,18 +1722,34 @@ grep -q '^## metasploit' "$file" 2>/dev/null || echo -e '## metasploit\nalias ms if [[ "$SHELL" == "/bin/zsh" ]]; then source ~/.zshrc else source "$file"; fi #--- Autorun Metasploit commands each startup mkdir -p /root/.msf4/ + +file=/root/.msf4/msf_autorunscript.rc; [ -e "$file" ] && cp -n $file{,.bkup} +cat < "$file" +#run post/windows/escalate/getsystem + +#run migrate -f -k +#run migrate -n "explorer.exe" -k # Can trigger AV alerts by touching explorer.exe... + +#run post/windows/manage/smart_migrate +#run post/windows/gather/smart_hashdump +EOF file=/root/.msf4/msfconsole.rc; [ -e "$file" ] && cp -n $file{,.bkup} +#load sounds verbose=true +#load auto_add_route +#load alias +#alias dir/ls del/rm auto handler https://github.com/rapid7/metasploit-framework/tree/master/plugins // https://github.com/rapid7/metasploit-framework/issues/5107 cat < "$file" -setg VERBOSE true setg TimestampOutput true +setg VERBOSE true + use exploit/multi/handler -set AutoRunScript "migrate -f" +set AutoRunScript 'multi_console_command -rc "/root/.msf4/msf_autorunscript.rc"' set ExitOnSession false -set PAYLOAD windows/meterpreter/reverse_tcp +set EnableStageEncoding true +set PAYLOAD windows/meterpreter/reverse_https set LHOST 0.0.0.0 set LPORT 443 EOF -#alias ~ https://github.com/rapid7/metasploit-framework/issues/5107 #--- First time run (Seams to break go_pro...) #echo -e 'sleep 10\ndb_status\n#db_rebuild_cache\n#sleep 310\nexit' > /tmp/msf.rc #echo -e 'go_pro' >> /tmp/msf.rc #msfconsole -r /tmp/msf.rc @@ -1737,6 +1762,12 @@ EOF #--- Setup Web UI #bash /opt/metasploit/scripts/launchui.sh #*** Doesn't automate. Takes a little while to kick in... #xdg-open https://127.0.0.1:3790/ +#--- Wipe database and start fresh +#service metasploit stop +#sudo -u postgres dropdb msf3 +#sudo -u postgres createdb -O msf3 msf3 +#service metasploit restart +#msfconsole -q -x 'db_rebuild_cache;sleep 300;exit' #--- Oracle - Due to licensing issues, Kali/Metasploit can't ship certain Oracle's library files. (https://github.com/rapid7/metasploit-framework/wiki/How-to-get-Oracle-Support-working-with-Kali-Linux) #*** Doesn't automate ## Download: "http://www.oracle.com/technetwork/database/features/instant-client/index-097480.html" #URL="http://www.oracle.com/technetwork/topics/linuxsoft-082809.html" # x86 @@ -1774,17 +1805,35 @@ rm -f /tmp/msf.rc ###### Configuring armitage -#echo -e "\n$GREEN[+]$RESET Configuring armitage ~ GUI Metasploit UI" +#echo -e "\n $GREEN[+]$RESET Configuring armitage ~ GUI Metasploit UI" #export MSF_DATABASE_CONFIG=/opt/metasploit/apps/pro/ui/config/database.yml #file=/root/.bash_aliases; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/bash.bash_aliases -#([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +#([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" #grep -q 'MSF_DATABASE_CONFIG' "$file" 2>/dev/null || echo -e 'MSF_DATABASE_CONFIG=/opt/metasploit/apps/pro/ui/config/database.yml\n' >> "$file" #chmod 0644 /opt/metasploit/apps/pro/ui/config/database.yml #msfrpcd -U msf -P test -f -S -a 127.0.0.1 +##### Installing mpc +echo -e "\n $GREEN[+]$RESET Installing mpc ~ Msfvenom Payload Creator" +curl --progress -k -L "https://raw.githubusercontent.com/g0tmi1k/mpc/master/mpc.sh" > /usr/bin/mpc +chmod +x /usr/bin/mpc + + +##### Installing avb +#echo -e "\n $GREEN[+]$RESET Installing abc ~ simple anti-virus bypass" +#curl --progress -k -L "https://raw.githubusercontent.com/g0tmi1k/avb/master/avb.sh" > /usr/bin/avb +#chmod +x /usr/bin/avb + + +##### Installing ifile +#echo -e "\n $GREEN[+]$RESET Installing ifile ~ more informations about files" +#curl --progress -k -L "https://raw.githubusercontent.com/g0tmi1k/ifile/master/ifile.sh" > /usr/bin/ifile +#chmod +x /usr/bin/ifile + + ##### Installing geany -echo -e "\n$GREEN[+]$RESET Installing geany ~ GUI text editor" +echo -e "\n $GREEN[+]$RESET Installing geany ~ GUI text editor" apt-get -y -qq install geany #--- Add to panel dconf load /org/gnome/gnome-panel/layout/objects/geany/ << EOF @@ -1812,6 +1861,7 @@ sed -i 's/^pref_editor_ensure_convert_line_endings=.*/pref_editor_ensure_convert sed -i 's/^pref_toolbar_show=.*/pref_toolbar_show=false/' "$file" sed -i 's/^sidebar_visible=.*/sidebar_visible=false/' "$file" sed -i 's/^msgwindow_visible=.*/msgwindow_visible=false/' "$file" +grep -q '^custom_commands=sort;' "$file" || sed -i 's/\[geany\]/[geany]\ncustom_commands=sort;/' "$file" # Geany -> Tools -> Plugin Manger -> Save Actions -> HTML Characters: Enabled. Split Windows: Enabled. Save Actions: Enabled. -> Preferences -> Backup Copy -> Enable -> Directory to save backup files in: /root/backups/geany/. Directory levels to include in the backup destination: 5 -> Apply -> Ok -> Ok sed -i 's#^.*active_plugins.*#active_plugins=/usr/lib/geany/htmlchars.so;/usr/lib/geany/saveactions.so;/usr/lib/geany/splitwindow.so;#' "$file" mkdir -p /root/backups/geany/ @@ -1837,14 +1887,21 @@ time_fmt=%Y-%m-%d-%H-%M-%S backup_dir=/root/backups/geany EOF +###### Installing PyCharm (Community Edition) +echo -e "\n $GREEN[+]$RESET Installing PyCharm (Community Edition) ~ Python IDE" +curl --progress -k -L "https://download.jetbrains.com/python/pycharm-community-4.5.2.tar.gz" > /tmp/pycharms-community.tar.gz #***!!! hardcoded version! +tar -xf /tmp/pycharms-community.tar.gz -C /tmp/ +mv /tmp/pycharm-community-*/ /usr/share/pycharms +ln -sf /usr/share/pycharms/bin/pycharm.sh /usr/bin/pycharms + ###### Fix gedit -echo -e "\n$GREEN[+]$RESET Fixes gedit ~ GUI text editor" +echo -e "\n $GREEN[+]$RESET Fixes gedit ~ GUI text editor" apt-get -y -qq install gtk3-engines-unico ##### Installing meld -echo -e "\n$GREEN[+]$RESET Installing meld ~ GUI text compare" +echo -e "\n $GREEN[+]$RESET Installing meld ~ GUI text compare" apt-get -y -qq install meld #--- Configure meld gconftool-2 --type bool --set /apps/meld/show_line_numbers true @@ -1854,7 +1911,7 @@ gconftool-2 --type int --set /apps/meld/edit_wrap_lines 2 ###### Installing nessus #*** Doesn't automate -#echo -e "\n$GREEN[+]$RESET Installing nessus ~ vulnerability scanner" +#echo -e "\n $GREEN[+]$RESET Installing nessus ~ vulnerability scanner" #--- Get download link #xdg-open http://www.tenable.com/products/nessus/select-your-operating-system *** #wget -q "http://downloads.nessus.org/" -O /usr/local/src/nessus.deb #***!!! Hardcoded version value #dpkg -i /usr/local/src/Nessus-*-debian6_*.deb @@ -1878,12 +1935,17 @@ gconftool-2 --type int --set /apps/meld/edit_wrap_lines 2 ##### Installing OpenVAS -if [ "$openvas" != "false" ]; then - echo -e "\n$GREEN[+]$RESET Installing OpenVAS ~ vulnerability scanner" +if [ "$openVAS" != "false" ]; then + echo -e "\n $GREEN[+]$RESET Installing OpenVAS ~ vulnerability scanner" apt-get -y -qq install openvas openvas-setup #--- Bug fix (target credentials creation) mkdir -p /var/lib/openvas/gnupg/ + #--- Bug fix (keys) + curl --progress -k -L "http://www.openvas.org/OpenVAS_TI.asc" | gpg --import - + #--- Bug fix (Timeout - https://bugs.kali.org/view.php?id=2340) + file=/etc/init.d/openvas-manager; #[ -e "$file" ] && cp -n $file{,.bkup} + sed -i 's/^DODTIME=.*/DODTIME=25/' $file #--- Make sure all services are correct #openvas-start #service openvas-manager restart; service openvas-scanner restart; service greenbone-security-assistant restart #--- User control @@ -1891,8 +1953,8 @@ if [ "$openvas" != "false" ]; then password="toor" (openvasmd --get-users | grep -q ^admin$) && echo -n 'admin user: ' && openvasmd --delete-user=admin (openvasmd --get-users | grep -q "^${username}$") || (echo -n "$username user: "; openvasmd --create-user="$username"; openvasmd --user="$username" --new-password="$password" >/dev/null) # You will want to alter it to something (much) more secure! - echo -e "$YELLOW[i]$RESET OpenVAS username: $username" - echo -e "$YELLOW[i]$RESET OpenVAS password: $password *** CHANGE THIS ASAP. Run: # openvasmd --user=root --new-password=''" + echo -e " $YELLOW[i]$RESET OpenVAS username: $username" + echo -e " $YELLOW[i]$RESET OpenVAS password: $password *** CHANGE THIS ASAP. Run: # openvasmd --user=root --new-password=''" #--- Check openvas-check-setup #--- Remove from start up @@ -1903,18 +1965,18 @@ if [ "$openvas" != "false" ]; then file=/root/.bash_aliases; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/bash.bash_aliases grep -q '^## openvas' "$file" 2>/dev/null || echo -e '## openvas\nalias openvas="service openvas-manager restart; service openvas-scanner restart; service greenbone-security-assistant restart; xdg-open https://127.0.0.1:9392/"\n' >> "$file" else - echo -e $RED'[!]'$RESET' Skipping OpenVAS (missing --openvas)...' 1>&2 + echo -e ' '$RED'[!]'$RESET' Skipping OpenVAS (missing --openvas)...' 1>&2 fi ###### Installing vfeed -echo -e "\n$GREEN[+]$RESET Installing vfeed ~ vulnerability database" +echo -e "\n $GREEN[+]$RESET Installing vfeed ~ vulnerability database" apt-get -y -qq install vfeed ##### Configuring Burp Proxy if [ "$burpFree" != "false" ]; then - echo -e "\n$GREEN[+]$RESET Configuring Burp Proxy ~ web application proxy" + echo -e "\n $GREEN[+]$RESET Configuring Burp Proxy ~ web application proxy" apt-get -y -qq install burpsuite curl mkdir -p /root/.java/.userPrefs/burp/ file=/root/.java/.userPrefs/burp/prefs.xml; #[ -e "$file" ] && cp -n $file{,.bkup} @@ -1932,7 +1994,7 @@ EOF timeout 120 burpsuite & PID=$! sleep 15 - #echo "-----BEGIN CERTIFICATE-----" > /tmp/PortSwiggerCA && grep caCert /root/.java/.userPrefs/burp/prefs.xml | awk -F '"' '{print $4}' | fold -w 64 >> /tmp/PortSwiggerCA && echo "-----END CERTIFICATE-----" >> /tmp/PortSwiggerCA + #echo "-----BEGIN CERTIFICATE-----" > /tmp/PortSwiggerCA && awk -F '"' '/caCert/ {print $4}' /root/.java/.userPrefs/burp/prefs.xml | fold -w 64 >> /tmp/PortSwiggerCA && echo "-----END CERTIFICATE-----" >> /tmp/PortSwiggerCA export http_proxy="http://127.0.0.1:8080" rm -f /tmp/burp.crt while test -d /proc/$PID; do @@ -1953,7 +2015,7 @@ EOF #dpkg-reconfigure ca-certificates #cp -f /tmp/burp.crt /root/Desktop/burp.crt else - echo -e $RED'[!]'$RESET' Didnt extract burp suite Certificate Authority (CA). Skipping...' 1>&2 + echo -e ' '$RED'[!]'$RESET' Didnt extract burp suite Certificate Authority (CA). Skipping...' 1>&2 fi #--- Remove old temp files sleep 1 @@ -1962,12 +2024,12 @@ EOF rm -f /tmp/burp.crt unset http_proxy else - echo -e $RED'[!]'$RESET' Skipping Burp (missing --burp)...' 1>&2 + echo -e ' '$RED'[!]'$RESET' Skipping Burp (missing --burp)...' 1>&2 fi ##### Installing sparta: https://bugs.kali.org/view.php?id=2021 -echo -e "\n$GREEN[+]$RESET Installing sparta ~ GUI automatic wrapper" +echo -e "\n $GREEN[+]$RESET Installing sparta ~ GUI automatic wrapper" apt-get -y -qq install git git clone git://github.com/secforce/sparta.git /usr/share/sparta-git/ pushd /usr/share/sparta-git/ >/dev/null @@ -1984,7 +2046,7 @@ chmod +x "$file" ##### Configuring wireshark -echo -e "\n$GREEN[+]$RESET Configuring wireshark ~ GUI network protocol analyzer" +echo -e "\n $GREEN[+]$RESET Configuring wireshark ~ GUI network protocol analyzer" #--- Hide running as root warning mkdir -p /root/.wireshark/ file=/root/.wireshark/recent_common; #[ -e "$file" ] && cp -n $file{,.bkup} @@ -1995,7 +2057,7 @@ sed -i 's/^disable_lua = .*/disable_lua = true/' "$file" ##### Installing silver searcher -echo -e "\n$GREEN[+]$RESET Installing silver searcher ~ code searching" +echo -e "\n $GREEN[+]$RESET Installing silver searcher ~ code searching" apt-get -y -qq install git automake pkg-config libpcre3-dev zlib1g-dev liblzma-dev --force-yes git clone git://github.com/ggreer/the_silver_searcher.git /usr/local/src/the_silver_searcher pushd /usr/local/src/the_silver_searcher/ >/dev/null @@ -2007,7 +2069,7 @@ popd >/dev/null ##### Installing rips -echo -e "\n$GREEN[+]$RESET Installing rips ~ source code scanner" +echo -e "\n $GREEN[+]$RESET Installing rips ~ source code scanner" apt-get -y -qq install apache2 php5 git git clone git://github.com/ripsscanner/rips.git /usr/share/rips-git/ pushd /usr/share/rips-git/ >/dev/null @@ -2030,110 +2092,110 @@ service apache2 restart ##### Installing libreoffice -echo -e "\n$GREEN[+]$RESET Installing libreoffice ~ GUI office suite" +echo -e "\n $GREEN[+]$RESET Installing libreoffice ~ GUI office suite" apt-get -y -qq install libreoffice ###### Installing cherrytree -echo -e "\n$GREEN[+]$RESET Installing cherrytree ~ GUI note taking" +echo -e "\n $GREEN[+]$RESET Installing cherrytree ~ GUI note taking" apt-get -y -qq install cherrytree ###### Installing ipcalc & sipcalc -echo -e "\n$GREEN[+]$RESET Installing ipcalc & sipcalc ~ CLI subnet calculators" +echo -e "\n $GREEN[+]$RESET Installing ipcalc & sipcalc ~ CLI subnet calculators" apt-get -y -qq install ipcalc sipcalc ##### Installing recordmydesktop -echo -e "\n$GREEN[+]$RESET Installing recordmydesktop ~ GUI video screen capture" +echo -e "\n $GREEN[+]$RESET Installing recordmydesktop ~ GUI video screen capture" apt-get -y -qq install recordmydesktop #--- Installing GUI front end apt-get -y -qq install gtk-recordmydesktop ###### Installing asciinema -echo -e "\n$GREEN[+]$RESET Installing asciinema ~ CLI terminal recorder" +echo -e "\n $GREEN[+]$RESET Installing asciinema ~ CLI terminal recorder" curl -s -L https://asciinema.org/install | sh ###### Installing gimp -#echo -e "\n$GREEN[+]$RESET Installing gimp ~ GUI image editing" +#echo -e "\n $GREEN[+]$RESET Installing gimp ~ GUI image editing" #apt-get -y -qq install gimp ##### Installing shutter -echo -e "\n$GREEN[+]$RESET Installing shutter ~ GUI static screen capture" +echo -e "\n $GREEN[+]$RESET Installing shutter ~ GUI static screen capture" apt-get -y -qq install shutter ###### Installing gdebi -echo -e "\n$GREEN[+]$RESET Installing gdebi ~ GUI package installer" +echo -e "\n $GREEN[+]$RESET Installing gdebi ~ GUI package installer" apt-get -y -qq install gdebi ##### Installing psmisc ~ allows for 'killall command' to be used -echo -e "\n$GREEN[+]$RESET Installing psmisc ~ suite to help with running processes" +echo -e "\n $GREEN[+]$RESET Installing psmisc ~ suite to help with running processes" apt-get -y -qq install psmisc ###### Setting up pipe viewer -echo -e "\n$GREEN[+]$RESET Installing pipe viewer ~ CLI progress bar" +echo -e "\n $GREEN[+]$RESET Installing pipe viewer ~ CLI progress bar" apt-get install -y -qq pv ###### Setting up pwgen -echo -e "\n$GREEN[+]$RESET Installing pwgen ~ password generator" +echo -e "\n $GREEN[+]$RESET Installing pwgen ~ password generator" apt-get install -y -qq pwgen ###### Installing midnight commander -#echo -e "\n$GREEN[+]$RESET Installing midnight commander ~ CLI file manager" +#echo -e "\n $GREEN[+]$RESET Installing midnight commander ~ CLI file manager" #apt-get -y -qq install mc ##### Installing htop -echo -e "\n$GREEN[+]$RESET Installing htop ~ CLI process viewer" +echo -e "\n $GREEN[+]$RESET Installing htop ~ CLI process viewer" apt-get -y -qq install htop ##### Installing iotop -echo -e "\n$GREEN[+]$RESET Installing iotop ~ CLI I/O usage" +echo -e "\n $GREEN[+]$RESET Installing iotop ~ CLI I/O usage" apt-get -y -qq install iotop ###### Installing glance -#echo -e "\n$GREEN[+]$RESET Installing glance ~ CLI process viewer" +#echo -e "\n $GREEN[+]$RESET Installing glance ~ CLI process viewer" #apt-get -y -qq install glance ##### Installing ca-certificates -echo -e "\n$GREEN[+]$RESET Installing ca-certificates ~ HTTPS/SSL/TLS" +echo -e "\n $GREEN[+]$RESET Installing ca-certificates ~ HTTPS/SSL/TLS" apt-get -y -qq install ca-certificates ##### Installing axel -echo -e "\n$GREEN[+]$RESET Installing axel ~ CLI download manager" +echo -e "\n $GREEN[+]$RESET Installing axel ~ CLI download manager" apt-get -y -qq install axel #--- Setup alias file=/root/.bash_aliases; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/bash.bash_aliases -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q '^alias axel' "$file" 2>/dev/null || echo -e '## axel\nalias axel="axel -a"\n' >> "$file" #--- Apply new aliases if [[ "$SHELL" == "/bin/zsh" ]]; then source ~/.zshrc else source "$file"; fi ##### Installing gparted -echo -e "\n$GREEN[+]$RESET Installing gparted ~ GUI partition manager" +echo -e "\n $GREEN[+]$RESET Installing gparted ~ GUI partition manager" apt-get -y -qq install gparted ##### Installing daemonfs -echo -e "\n$GREEN[+]$RESET Installing daemonfs ~ GUI file monitor" +echo -e "\n $GREEN[+]$RESET Installing daemonfs ~ GUI file monitor" apt-get -y -qq install daemonfs ##### Installing filezilla -echo -e "\n$GREEN[+]$RESET Installing filezilla ~ GUI file transfer" +echo -e "\n $GREEN[+]$RESET Installing filezilla ~ GUI file transfer" apt-get -y -qq install filezilla #--- Configure filezilla export DISPLAY=:0.0 #[[ -z $SSH_CONNECTION ]] || export DISPLAY=:0.0 @@ -2143,82 +2205,82 @@ sed -i 's#^.*"Default editor".*#\t2 ###### Installing remmina -#echo -e "\n$GREEN[+]$RESET Installing remmina ~ GUI remote desktop" +#echo -e "\n $GREEN[+]$RESET Installing remmina ~ GUI remote desktop" #apt-get -y -qq install remmina remmina-plugin-xdmcp remmina-plugin-rdp remmina-plugin-vnc ###### Installing xrdp -#echo -e "\n$GREEN[+]$RESET Installing xrdp ~ GUI remote desktop" +#echo -e "\n $GREEN[+]$RESET Installing xrdp ~ GUI remote desktop" #apt-get -y -qq install xrdp ###### Installing x2go client -#echo -e "\n$GREEN[+]$RESET Installing x2go client ~ GUI remote desktop" +#echo -e "\n $GREEN[+]$RESET Installing x2go client ~ GUI remote desktop" #apt-get -y -qq install x2goclient ##### Installing lynx -echo -e "\n$GREEN[+]$RESET Installing lynx ~ CLI web browser" +echo -e "\n $GREEN[+]$RESET Installing lynx ~ CLI web browser" apt-get -y -qq install lynx ##### Installing p7zip -echo -e "\n$GREEN[+]$RESET Installing p7zip ~ CLI file extractor" +echo -e "\n $GREEN[+]$RESET Installing p7zip ~ CLI file extractor" apt-get -y -qq install p7zip-full ##### Installing zip & unzip -echo -e "\n$GREEN[+]$RESET Installing zip & unzip ~ CLI file extractors" +echo -e "\n $GREEN[+]$RESET Installing zip & unzip ~ CLI file extractors" apt-get -y -qq install zip # Compress apt-get -y -qq install unzip # Decompress ##### Installing file roller -echo -e "\n$GREEN[+]$RESET Installing file roller ~ GUI file extractor" +echo -e "\n $GREEN[+]$RESET Installing file roller ~ GUI file extractor" apt-get -y -qq install file-roller # GUI program apt-get -y -qq install unace unrar rar unzip zip p7zip p7zip-full p7zip-rar # supported file compressions types ##### Installing PPTP VPN support -echo -e "\n$GREEN[+]$RESET Installing PPTP VPN support" +echo -e "\n $GREEN[+]$RESET Installing PPTP VPN support" apt-get -y -qq install network-manager-pptp-gnome network-manager-pptp #apt-get -y -qq install network-manager-openvpn network-manager-openvpn-gnome network-manager-pptp network-manager-pptp-gnome network-manager-strongswan network-manager-vpnc network-manager-vpnc-gnome network-manager-openconnect network-manager-openconnect-gnome network-manager-iodine network-manager-iodine-gnome ##### Installing flash -echo -e "\n$GREEN[+]$RESET Installing flash ~ multimedia web plugin" +echo -e "\n $GREEN[+]$RESET Installing flash ~ multimedia web plugin" apt-get -y -qq install flashplugin-nonfree update-flashplugin-nonfree --install ###### Installing java -#echo -e "\n$GREEN[+]$RESET Installing java ~ web plugin" +#echo -e "\n $GREEN[+]$RESET Installing java ~ web plugin" #*** Insert bash fu here for either open jdk vs oracle jdk #update-java-alternatives --jre -s java-1.7.0-openjdk-amd64 ##### Installing hashid -echo -e "\n$GREEN[+]$RESET Installing hashid ~ identify hash types" +echo -e "\n $GREEN[+]$RESET Installing hashid ~ identify hash types" apt-get -y -qq install hashid ##### Installing hash identifier (TEMP - until hashid works: https://bugs.kali.org/view.php?id=2299) -echo -e "\n$GREEN[+]$RESET Installing hash-identifier ~ identify hash types" +echo -e "\n $GREEN[+]$RESET Installing hash-identifier ~ identify hash types" apt-get -y -qq install hash-identifier ##### Installing httprint -echo -e "\n$GREEN[+]$RESET Installing httprint ~ GUI web server fingerprint" +echo -e "\n $GREEN[+]$RESET Installing httprint ~ GUI web server fingerprint" apt-get -y -qq install httprint ##### Installing lbd -echo -e "\n$GREEN[+]$RESET Installing lbd ~ load balancing detector" +echo -e "\n $GREEN[+]$RESET Installing lbd ~ load balancing detector" apt-get -y -qq install lbd ##### Installing wafw00f -echo -e "\n$GREEN[+]$RESET Installing wafw00f ~ WAF detector" +echo -e "\n $GREEN[+]$RESET Installing wafw00f ~ WAF detector" apt-get -y -qq install git python python-pip git clone git://github.com/sandrogauci/wafw00f.git /usr/share/wafw00f-git/ pushd /usr/share/wafw00f-git/ >/dev/null @@ -2228,12 +2290,12 @@ popd >/dev/null ###### Installing waffit -#echo -e "\n$GREEN[+]$RESET Installing waffit ~ WAF detector" +#echo -e "\n $GREEN[+]$RESET Installing waffit ~ WAF detector" #apt-get -y -qq install waffit ##### Installing aircrack-ng -echo -e "\n$GREEN[+]$RESET Installing aircrack-ng ~ Wi-Fi cracking suite" +echo -e "\n $GREEN[+]$RESET Installing aircrack-ng ~ Wi-Fi cracking suite" apt-get -y -qq install aircrack-ng curl #--- Setup hardware database mkdir -p /etc/aircrack-ng/ @@ -2241,28 +2303,28 @@ airodump-ng-oui-update 2>/dev/null || curl --progress -k -L "http://standards.ie [ -e /etc/aircrack-ng/oui.txt ] && (\grep "(hex)" /etc/aircrack-ng/oui.txt | sed 's/^[ \t]*//g;s/[ \t]*$//g' > /etc/aircrack-ng/airodump-ng-oui.txt) #--- Setup alias file=/root/.bash_aliases; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/bash.bash_aliases -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q '^## aircrack-ng' "$file" 2>/dev/null || echo -e '## aircrack-ng\nalias aircrack-ng="aircrack-ng -z"\n' >> "$file" grep -q '^## airodump-ng' "$file" 2>/dev/null || echo -e '## airodump-ng \nalias airodump-ng="airodump-ng --manufacturer --wps --uptime"\n' >> "$file" # aircrack-ng 1.2 rc2 ##### Installing reaver (community fork) -echo -e "\n$GREEN[+]$RESET Installing reaver (community fork) ~ WPS pin brute force + Pixie Attack" +echo -e "\n $GREEN[+]$RESET Installing reaver (community fork) ~ WPS pin brute force + Pixie Attack" apt-get -y -qq install reaver pixiewps ##### Installing bully -echo -e "\n$GREEN[+]$RESET Installing bully ~ WPS pin brute force" +echo -e "\n $GREEN[+]$RESET Installing bully ~ WPS pin brute force" apt-get -y -qq install bully ##### Installing wifite -echo -e "\n$GREEN[+]$RESET Installing wifite ~ automated Wi-Fi tool" +echo -e "\n $GREEN[+]$RESET Installing wifite ~ automated Wi-Fi tool" apt-get -y -qq install wifite ##### Installing vulscan script for nmap -echo -e "\n$GREEN[+]$RESET Installing vulscan script for nmap ~ vulnerability scanner add-on" +echo -e "\n $GREEN[+]$RESET Installing vulscan script for nmap ~ vulnerability scanner add-on" apt-get -y -qq install nmap curl mkdir -p /usr/share/nmap/scripts/vulscan/ curl --progress -k -L "http://www.computec.ch/projekte/vulscan/download/nmap_nse_vulscan-2.0.tar.gz" > /tmp/nmap_nse_vulscan.tar.gz #***!!! hardcoded version! Need to manually check for updates @@ -2275,12 +2337,12 @@ rm -f /tmp/nmap_nse_vulscan.tar* ##### Installing unicornscan -echo -e "\n$GREEN[+]$RESET Installing unicornscan ~ fast port scanner" +echo -e "\n $GREEN[+]$RESET Installing unicornscan ~ fast port scanner" apt-get -y -qq install unicornscan ##### Installing onetwopunch -echo -e "\n$GREEN[+]$RESET Installing onetwopunch ~ unicornscan & nmap wrapper" +echo -e "\n $GREEN[+]$RESET Installing onetwopunch ~ unicornscan & nmap wrapper" apt-get -y -qq install git nmap unicornscan git clone git://github.com/superkojiman/onetwopunch.git /usr/share/onetwopunch-git/ pushd /usr/share/onetwopunch-git/ >/dev/null @@ -2297,7 +2359,7 @@ chmod +x "$file" ##### Installing udp-proto-scanner -echo -e "\n$GREEN[+]$RESET Installing udp-proto-scanner ~ common UDP port scanner" +echo -e "\n $GREEN[+]$RESET Installing udp-proto-scanner ~ common UDP port scanner" apt-get -y -qq install curl #mkdir -p /usr/share/udp-proto-scanner/ curl --progress -k -L "https://labs.portcullis.co.uk/download/udp-proto-scanner-1.1.tar.gz" -o /tmp/udp-proto-scanner.tar.gz @@ -2316,17 +2378,17 @@ rm -f /tmp/udp-proto-scanner.tar* ##### Installing clusterd -echo -e "\n$GREEN[+]$RESET Installing clusterd ~ clustered attack toolkit (jboss, coldfusion, weblogic, tomcat etc)" +echo -e "\n $GREEN[+]$RESET Installing clusterd ~ clustered attack toolkit (jboss, coldfusion, weblogic, tomcat etc)" apt-get -y -qq install clusterd ##### Installing webhandler -echo -e "\n$GREEN[+]$RESET Installing webhandler ~ shell TTY handler" +echo -e "\n $GREEN[+]$RESET Installing webhandler ~ shell TTY handler" apt-get -y -qq install webhandler ##### Installing azazel -echo -e "\n$GREEN[+]$RESET Installing azazel ~ linux userland rootkit" +echo -e "\n $GREEN[+]$RESET Installing azazel ~ linux userland rootkit" apt-get -y -qq install git git clone git://github.com/chokepoint/azazel.git /usr/share/azazel-git/ pushd /usr/share/azazel-git/ >/dev/null @@ -2335,7 +2397,7 @@ popd >/dev/null ##### Installing b374k (https://bugs.kali.org/view.php?id=1097) -echo -e "\n$GREEN[+]$RESET Installing b374k ~ (PHP) web shell" +echo -e "\n $GREEN[+]$RESET Installing b374k ~ (PHP) web shell" apt-get -y -qq install git php5-cli git clone git://github.com/b374k/b374k.git /usr/share/b374k-git/ pushd /usr/share/b374k-git/ >/dev/null @@ -2348,7 +2410,7 @@ ln -sf /usr/share/b374k-git /usr/share/webshells/php/b374k ###### Installing DAws -#echo -e "\n$GREEN[+]$RESET Installing DAws ~ (PHP) web shell" +#echo -e "\n $GREEN[+]$RESET Installing DAws ~ (PHP) web shell" #apt-get -y -qq install git #git clone git://github.com/dotcppfile/DAws.git /usr/share/daws-git/ #pushd /usr/share/daws-git/ >/dev/null @@ -2367,7 +2429,7 @@ ln -sf /usr/share/b374k-git /usr/share/webshells/php/b374k ##### Installing cmdsql -echo -e "\n$GREEN[+]$RESET Installing cmdsql ~ (ASPX) web shell" +echo -e "\n $GREEN[+]$RESET Installing cmdsql ~ (ASPX) web shell" apt-get -y -qq install git git clone git://github.com/NetSPI/cmdsql.git /usr/share/cmdsql-git/ pushd /usr/share/b374k-git/ >/dev/null @@ -2379,7 +2441,7 @@ ln -sf /usr/share/cmdsql-git /usr/share/webshells/aspx/cmdsql ##### Installing JSP file browser -echo -e "\n$GREEN[+]$RESET Installing jsp file browser ~ (JSP) web shell" +echo -e "\n $GREEN[+]$RESET Installing jsp file browser ~ (JSP) web shell" apt-get -y -qq install curl mkdir -p /usr/share/jsp-filebrowser/ curl --progress -k -L "http://www.vonloesch.de/files/browser.zip" > /tmp/jsp.zip && unzip -q -o -d /usr/share/jsp-filebrowser/ /tmp/jsp.zip #***!!! hardcoded path! @@ -2391,7 +2453,7 @@ rm -f /tmp/jsp.zip ##### Installing htshells -echo -e "\n$GREEN[+]$RESET Installing htshells ~ (htdocs/apache) web shells" +echo -e "\n $GREEN[+]$RESET Installing htshells ~ (htdocs/apache) web shells" apt-get -y -qq install htshells #--- Link to others apt-get -y -qq install webshells @@ -2399,7 +2461,7 @@ ln -sf /usr/share/htshells /usr/share/webshells/htshells ###### Installing python-pty-shells -echo -e "\n$GREEN[+]$RESET Installing python-pty-shells ~ PTY shells" +echo -e "\n $GREEN[+]$RESET Installing python-pty-shells ~ PTY shells" apt-get -y -qq install git git clone git://github.com/infodox/python-pty-shells.git /usr/share/python-pty-shells-git/ pushd /usr/share/python-pty-shells-git/ >/dev/null @@ -2408,12 +2470,12 @@ popd >/dev/null ##### Installing bridge-utils -echo -e "\n$GREEN[+]$RESET Installing bridge-utils ~ bridge network interfaces" +echo -e "\n $GREEN[+]$RESET Installing bridge-utils ~ bridge network interfaces" apt-get -y -qq install bridge-utils ##### Installing WPA2-HalfHandshake-Crack -echo -e "\n$GREEN[+]$RESET Installing WPA2-HalfHandshake-Crack ~ rogue AP todo WPA2 handshakes without AP" +echo -e "\n $GREEN[+]$RESET Installing WPA2-HalfHandshake-Crack ~ rogue AP todo WPA2 handshakes without AP" apt-get -y -qq install git git clone git://github.com/dxa4481/WPA2-HalfHandshake-Crack.git /usr/share/wpa2-halfhandshake-crack-git/ pushd /usr/share/wpa2-halfhandshake-crack-git/ >/dev/null @@ -2422,14 +2484,14 @@ popd >/dev/null ##### Installing mana toolkit -echo -e "\n$GREEN[+]$RESET Installing mana toolkit ~ rogue AP todo MITM Wi-Fi" +echo -e "\n $GREEN[+]$RESET Installing mana toolkit ~ rogue AP todo MITM Wi-Fi" apt-get -y -qq install mana-toolkit #--- BUG FIX: https://bugs.kali.org/view.php?id=1839 mkdir -p /usr/share/mana-toolkit/www/facebook/ ##### Installing wifiphisher -echo -e "\n$GREEN[+]$RESET Installing wifiphisher ~ automated Wi-Fi phishing" +echo -e "\n $GREEN[+]$RESET Installing wifiphisher ~ automated Wi-Fi phishing" apt-get -y -qq install git git clone git://github.com/sophron/wifiphisher.git /usr/share/wifiphisher-git/ pushd /usr/share/wifiphisher-git/ >/dev/null @@ -2446,7 +2508,7 @@ chmod +x "$file" ##### Installing hostapd-wpe-extended -echo -e "\n$GREEN[+]$RESET Installing hostapd-wpe-extended ~ rogue AP for WPA-Enterprise" +echo -e "\n $GREEN[+]$RESET Installing hostapd-wpe-extended ~ rogue AP for WPA-Enterprise" apt-get -y -qq install git git clone git://github.com/NerdyProjects/hostapd-wpe-extended.git /usr/share/hostapd-wpe-extended-git/ pushd /usr/share/hostapd-wpe-extended-git/ >/dev/null @@ -2455,7 +2517,7 @@ popd >/dev/null ##### Installing proxychains-ng (https://bugs.kali.org/view.php?id=2037) -echo -e "\n$GREEN[+]$RESET Installing proxychains-ng ~ proxifier to connect through a proxy" +echo -e "\n $GREEN[+]$RESET Installing proxychains-ng ~ proxifier to connect through a proxy" apt-get -y -qq install git gcc git clone git://github.com/rofl0r/proxychains-ng.git /usr/share/proxychains-ng-git/ pushd /usr/share/proxychains-ng-git/ >/dev/null @@ -2469,19 +2531,19 @@ ln -sf /usr/bin/proxychains4 /usr/bin/proxychains-ng ##### Installing httptunnel -echo -e "\n$GREEN[+]$RESET Installing httptunnel ~ tunnels data streams in HTTP requests" +echo -e "\n $GREEN[+]$RESET Installing httptunnel ~ tunnels data streams in HTTP requests" apt-get -y -qq install http-tunnel ##### Installing sshuttle -echo -e "\n$GREEN[+]$RESET Installing sshuttle ~ VPN over SSH" +echo -e "\n $GREEN[+]$RESET Installing sshuttle ~ VPN over SSH" apt-get -y -qq install sshuttle #--- Example #sshuttle --dns --remote root@123.9.9.9 0/0 -vv ##### Installing iodine -echo -e "\n$GREEN[+]$RESET Installing iodine ~ DNS tunneling (IP over DNS)" +echo -e "\n $GREEN[+]$RESET Installing iodine ~ DNS tunneling (IP over DNS)" apt-get -y -qq install iodine #--- Example #iodined -f -P password1 10.0.0.1 dns.mydomain.com @@ -2489,14 +2551,14 @@ apt-get -y -qq install iodine ##### Installing dns2tcp -echo -e "\n$GREEN[+]$RESET Installing dns2tcp ~ DNS tunneling (TCP over DNS)" +echo -e "\n $GREEN[+]$RESET Installing dns2tcp ~ DNS tunneling (TCP over DNS)" apt-get -y -qq install dns2tcp #file=/etc/dns2tcpd.conf; [ -e "$file" ] && cp -n $file{,.bkup}; echo -e "listen = 0.0.0.0\nport = 53\nuser = nobody\nchroot = /tmp\ndomain = dnstunnel.mydomain.com\nkey = password1\nressources = ssh:127.0.0.1:22" > "$file"; dns2tcpd -F -d 1 -f /etc/dns2tcpd.conf #file=/etc/dns2tcpc.conf; [ -e "$file" ] && cp -n $file{,.bkup}; echo -e "domain = dnstunnel.mydomain.com\nkey = password1\nresources = ssh\nlocal_port = 8000\ndebug_level=1" > "$file"; dns2tcpc -f /etc/dns2tcpc.conf 178.62.206.227; ssh -C -D 8081 -p 8000 root@127.0.0.1 ##### Installing ptunnel -echo -e "\n$GREEN[+]$RESET Installing ptunnel ~ IMCP tunneling" +echo -e "\n $GREEN[+]$RESET Installing ptunnel ~ IMCP tunneling" apt-get -y -qq install ptunnel #--- Example #ptunnel -x password1 @@ -2504,14 +2566,14 @@ apt-get -y -qq install ptunnel ##### Installing stunnel -echo -e "\n$GREEN[+]$RESET Installing stunnel ~ SSL wrapper" +echo -e "\n $GREEN[+]$RESET Installing stunnel ~ SSL wrapper" apt-get -y -qq install stunnel #--- Remove from start up update-rc.d -f stunnel4 remove ##### Installing zerofree -echo -e "\n$GREEN[+]$RESET Installing zerofree ~ CLI nulls free blocks on a HDD" +echo -e "\n $GREEN[+]$RESET Installing zerofree ~ CLI nulls free blocks on a HDD" apt-get -y -qq install zerofree #--- Example #fdisk -l @@ -2519,15 +2581,15 @@ apt-get -y -qq install zerofree ##### Installing gcc & multilib -echo -e "\n$GREEN[+]$RESET Installing gcc & multilibc ~ compiling libraries" +echo -e "\n $GREEN[+]$RESET Installing gcc & multilibc ~ compiling libraries" #*** I know its messy... for FILE in cc gcc g++ gcc-multilib make automake libc6 libc6-dev libc6-amd64 libc6-dev-amd64 libc6-i386 libc6-dev-i386 libc6-i686 libc6-dev-i686 build-essential dpkg-dev; do apt-get -y -qq install "$FILE" 2>/dev/null done -##### Installing mingw & cross compiling suites -echo -e "\n$GREEN[+]$RESET Installing mingw & cross compiling suites" +##### Installing MinGW ~ cross compiling suite +echo -e "\n $GREEN[+]$RESET Installing mingw ~ cross compiling suite" apt-get -y -qq install mingw-w64 binutils-mingw-w64 gcc-mingw-w64 cmake apt-get -y -qq install mingw-w64-dev mingw-w64-tools apt-get -y -qq install gcc-mingw-w64-i686 gcc-mingw-w64-x86-64 @@ -2535,11 +2597,11 @@ apt-get -y -qq install mingw32 ##### Installing WINE -echo -e "\n$GREEN[+]$RESET Installing WINE ~ run Windows programs on *nix" +echo -e "\n $GREEN[+]$RESET Installing WINE ~ run Windows programs on *nix" apt-get -y -qq install wine winetricks #--- Using x64? if [[ "$(uname -m)" == 'x86_64' ]]; then - echo -e "$YELLOW[i]$RESET Configuring WINE for x64" + echo -e " $GREEN[+]$RESET Configuring WINE for x64" dpkg --add-architecture i386 apt-get -qq update apt-get -y -qq install wine-bin:i386 @@ -2551,12 +2613,27 @@ file=/usr/bin/winetricks; #[ -e "$file" ] && cp -n $file{,.bkup} sed -i 's/which axel /which axel_disabled /' "$file" #--- Setup default file association for .exe file=/root/.local/share/applications/mimeapps.list; [ -e "$file" ] && cp -n $file{,.bkup} -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" echo -e 'application/x-ms-dos-executable=wine.desktop' >> "$file" +##### Installing MinGW (Windows) ~ cross compiling suite +echo -e "\n $GREEN[+]$RESET Installing mingw (Windows) ~ cross compiling suite" +#curl --progress -k -L "http://sourceforge.net/projects/mingw/files/Installer/mingw-get-setup.exe/download" > /tmp/mingw-get-setup.exe #***!!! hardcoded path! +curl --progress -k -L "http://sourceforge.net/projects/mingw/files/Installer/mingw-get/mingw-get-0.6.2-beta-20131004-1/mingw-get-0.6.2-mingw32-beta-20131004-1-bin.zip/download" > /tmp/mingw-get.zip #***!!! hardcoded path! +mkdir -p ~/.wine/drive_c/MinGW/bin/ +unzip -q -o -d ~/.wine/drive_c/MinGW/ /tmp/mingw-get.zip +pushd ~/.wine/drive_c/MinGW/ >/dev/null +for file in mingw32-base mingw32-gcc-g++ mingw32-gcc-objc; do #msys-base + wine ./bin/mingw-get.exe install $file +done +popd >/dev/null +grep -R '^"PATH"=.*C:\\\\MinGW\\\\bin' /root/.wine/system.reg || sed -i '/^"PATH"=/ s_"$_;C:\\\\MinGW\\\\bin"_' /root/.wine/system.reg +#wine cmd /c "set path=\"%path%;C:\MinGW\bin\" && reg ADD \"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\" /v Path /t REG_EXPAND_SZ /d %path% /f" + + ##### Downloading AccessChk.exe -echo -e "\n$GREEN[+]$RESET Downloading AccessChk.exe ~ Windows environment tester" +echo -e "\n $GREEN[+]$RESET Downloading AccessChk.exe ~ Windows environment tester" apt-get -y -qq install curl curl --progress -k -L "https://download.sysinternals.com/files/AccessChk.zip" > /usr/share/windows-binaries/AccessChk.zip #***!!! hardcoded path! unzip -q -o -d /usr/share/windows-binaries/ /usr/share/windows-binaries/AccessChk.zip @@ -2564,7 +2641,7 @@ rm -f /usr/share/windows-binaries/{AccessChk.zip,Eula.txt} ###### Installing Python (Windows via WINE) *** WINE is too dated =( (try again with debian 8 / kali 2.0) -#echo -e "\n$GREEN[+]$RESET Installing Python ~ python on Windows" +#echo -e "\n $GREEN[+]$RESET Installing Python ~ python on Windows" #curl --progress -k -L "https://www.python.org/ftp/python/2.3/Python-2.3.exe" > /tmp/python.exe #***!!! hardcoded path! #wine /tmp/python.exe /s #curl --progress -k -L "http://sourceforge.net/projects/pywin32/files/pywin32/Build%20218/pywin32-218.win32-py2.3.exe/download" > /tmp/pywin32.exe #***!!! hardcoded path! @@ -2578,38 +2655,17 @@ rm -f /usr/share/windows-binaries/{AccessChk.zip,Eula.txt} #wine /tmp/pywin32.exe /s -###### Installing the backdoor factory -echo -e "\n$GREEN[+]$RESET Installing backdoor factory ~ bypassing anti-virus" -apt-get -y -qq install backdoor-factory - - -###### Installing the Backdoor Factory Proxy (BDFProxy) -echo -e "\n$GREEN[+]$RESET Installing backdoor factory ~ patches binaries files during MITM" -apt-get -y -qq install git -git clone git://github.com/secretsquirrel/BDFProxy.git /usr/share/bdfproxy-git/ -pushd /usr/share/bdfproxy-git/ >/dev/null -git pull -popd >/dev/null - - -####### Installing the MITMf (GIT) -#echo -e "\n$GREEN[+]$RESET Installing MITMf (GTI) ~ framework for MITM" -##apt-get -y -qq install mitmf # repo version. stable, but dated -#apt-get -y -qq install git # git version. bleeding edge -#git clone git://github.com/byt3bl33d3r/MITMf.git /usr/share/mitmf-git/ -#pushd /usr/share/mitmf-git/ >/dev/null -#git pull -#bash kali_setup.sh -#popd >/dev/null - - ##### Installing veil framework -echo -e "\n$GREEN[+]$RESET Installing veil framework ~ bypasses anti-virus products" +echo -e "\n $GREEN[+]$RESET Installing veil framework ~ bypasses anti-virus" apt-get -y -qq install veil +pip install symmetricjsonrpc +touch /etc/veil/settings.py +#/usr/share/veil-evasion/setup --silent ~ https://bugs.kali.org/view.php?id=2365 +#sed -i 's/TERMINAL_CLEAR=".*"/TERMINAL_CLEAR="false"/' /etc/veil/settings.py ##### Installing OP packers -echo -e "\n$GREEN[+]$RESET Installing OP packers ~ bypasses anti-virus solutions" +echo -e "\n $GREEN[+]$RESET Installing OP packers ~ bypasses anti-virus" apt-get -y -qq install upx-ucl curl #wget -q "http://upx.sourceforge.net/download/upx309w.zip" -P /usr/share/packers/ && unzip -q -o -d /usr/share/packers/ /usr/share/packers/upx309w.zip; rm -f /usr/share/packers/upx309w.zip mkdir -p /usr/share/packers/ curl --progress -k -L "http://www.eskimo.com/~scottlu/win/cexe.exe" > /usr/share/packers/cexe.exe #***!!! hardcoded path! #***!!! hardcoded version! Need to manually check for updates @@ -2620,10 +2676,10 @@ rm -f /usr/share/packers/kkrunchy_*.zip ##### Installing hyperion -echo -e "\n$GREEN[+]$RESET Installing hyperion ~ bypasses anti-virus software" +echo -e "\n $GREEN[+]$RESET Installing hyperion ~ bypasses anti-virus" unzip -q -o -d /usr/share/windows-binaries/ /usr/share/windows-binaries/Hyperion-1.0.zip #***!!! hardcoded path! #rm -f /usr/share/windows-binaries/Hyperion-1.0.zip -i686-w64-mingw32-g++ -static-libgcc -static-libstdc++ /usr/share/windows-binaries/Hyperion-1.0/Src/Crypter/*.cpp -o /usr/share/windows-binaries/Hyperion-1.0/Src/Crypter/bin/crypter.exe #***!!! hardcoded path! +i686-w64-mingw32-g++ -static-libgcc -static-libstdc++ /usr/share/windows-binaries/Hyperion-1.0/Src/Crypter/*.cpp -o /usr/share/windows-binaries/Hyperion-1.0/Src/Crypter/bin/crypter.exe #***!!! hardcoded path! #wine /root/.wine/drive_c/MinGW/bin/g++.exe ./Src/Crypter/*.cpp -o crypter.exe #i586-mingw32msvc-g++ ./Src/Crypter/*.cpp -o crypter-w00t1.exe ln -sf /usr/share/windows-binaries/Hyperion-1.0/Src/Crypter/bin/crypter.exe /usr/share/windows-binaries/Hyperion-1.0/crypter.exe #***!!! hardcoded path! file=/usr/local/bin/hyperion cat < "$file" @@ -2641,7 +2697,7 @@ BWD="?" [ -e "./\${1}" ] && BWD="\${CWD}" ## Can't find input file! -[[ "\${BWD}" == "?" ]] && echo -e $RED'[!]'$RESET' Cant find \$1. Quitting...' && exit +[[ "\${BWD}" == "?" ]] && echo -e ' '$RED'[!]'$RESET' Cant find \$1. Quitting...' && exit ## The magic! cd /usr/share/windows-binaries/Hyperion-1.0/ @@ -2662,18 +2718,48 @@ EOF chmod +x "$file" -##### Installing fuzzdb -echo -e "\n$GREEN[+]$RESET Installing fuzzdb ~ multiple types of (word)lists (and similar things)" +###### Installing shellter +echo -e "\n $GREEN[+]$RESET Installing shellter ~ dynamic shellcode injector" +apt-get -y -qq install shellter + + +###### Installing the backdoor factory +echo -e "\n $GREEN[+]$RESET Installing backdoor factory ~ bypasses anti-virus" +apt-get -y -qq install backdoor-factory + + +###### Installing the Backdoor Factory Proxy (BDFProxy) +echo -e "\n $GREEN[+]$RESET Installing backdoor factory ~ patches binaries files during a MITM" +apt-get -y -qq install git +git clone git://github.com/secretsquirrel/BDFProxy.git /usr/share/bdfproxy-git/ +pushd /usr/share/bdfproxy-git/ >/dev/null +git pull +popd >/dev/null + + +####### Installing the MITMf (GIT) +#echo -e "\n $GREEN[+]$RESET Installing MITMf (GTI) ~ framework for MITM attacks" +##apt-get -y -qq install mitmf # repo version. stable, but dated +#apt-get -y -qq install git # git version. bleeding edge +#git clone git://github.com/byt3bl33d3r/MITMf.git /usr/share/mitmf-git/ +#pushd /usr/share/mitmf-git/ >/dev/null +#git pull +#bash kali_setup.sh +#popd >/dev/null + + +##### Installing FuzzDB +echo -e "\n $GREEN[+]$RESET Installing FuzzDB ~ multiple types of (word)lists (and similar things)" svn -q checkout "http://fuzzdb.googlecode.com/svn/trunk/" /usr/share/fuzzdb-svn/ ##### Installing seclist -echo -e "\n$GREEN[+]$RESET Installing seclist ~ multiple types of (word)lists (and similar things)" +echo -e "\n $GREEN[+]$RESET Installing seclist ~ multiple types of (word)lists (and similar things)" apt-get -y -qq install seclists ##### Updating wordlists -echo -e "\n$GREEN[+]$RESET Updating wordlists ~ collection of wordlists" +echo -e "\n $GREEN[+]$RESET Updating wordlists ~ collection of wordlists" apt-get -y -qq install curl #--- Extract rockyou wordlist [ -e /usr/share/wordlists/rockyou.txt.gz ] && gzip -dc < /usr/share/wordlists/rockyou.txt.gz > /usr/share/wordlists/rockyou.txt #gunzip rockyou.txt.gz @@ -2696,18 +2782,18 @@ rm -f /tmp/10kcommon.zip ##### Installing apt-file -echo -e "\n$GREEN[+]$RESET Installing apt-file ~ which package includes a specific file" +echo -e "\n $GREEN[+]$RESET Installing apt-file ~ which package includes a specific file" apt-get -y -qq install apt-file apt-file update ##### Installing apt-show-versions -echo -e "\n$GREEN[+]$RESET Installing apt-show-versions ~ which package version in repo" +echo -e "\n $GREEN[+]$RESET Installing apt-show-versions ~ which package version in repo" apt-get -y -qq install apt-show-versions ###### Installing Debian weak SSH keys -#echo -e "\n$GREEN[+]$RESET Installing Debian weak SSH keys ~ OpenSSL predictable PRNG" +#echo -e "\n $GREEN[+]$RESET Installing Debian weak SSH keys ~ OpenSSL predictable PRNG" #dpkg --remove --force-depends openssh-blacklist #grep -q '^PermitBlacklistedKeys yes' /etc/ssh/sshd_config || echo PermitBlacklistedKeys yes >> /etc/ssh/sshd_config #apt-get -y -qq install git @@ -2718,7 +2804,7 @@ apt-get -y -qq install apt-show-versions ###### Installing Exploit-DB binaries -#echo -e "\n$GREEN[+]$RESET Installing Installing Exploit-DB binaries ~ pre-compiled exploits" +#echo -e "\n $GREEN[+]$RESET Installing Installing Exploit-DB binaries ~ pre-compiled exploits" #apt-get -y -qq install git #git clone git://github.com/offensive-security/exploit-database-bin-sploits.git /usr/share/exploitdb-bin-git/ #pushd /usr/share/exploitdb-bin/ >/dev/null @@ -2727,7 +2813,7 @@ apt-get -y -qq install apt-show-versions ###### Installing Babel scripts -echo -e "\n$GREEN[+]$RESET Installing Babel scripts ~ post exploitation scripts" +echo -e "\n $GREEN[+]$RESET Installing Babel scripts ~ post exploitation scripts" apt-get -y -qq install git git clone git://github.com/attackdebris/babel-sf.git /usr/share/babel-sf-git/ pushd /usr/share/babel-sf-git/ >/dev/null @@ -2736,7 +2822,7 @@ popd >/dev/null ###### Installing pwntools (https://bugs.kali.org/view.php?id=1236) -echo -e "\n$GREEN[+]$RESET Installing pwntools ~ handy CTF tools" +echo -e "\n $GREEN[+]$RESET Installing pwntools ~ handy CTF tools" apt-get -y -qq install git git clone git://github.com/Gallopsled/pwntools.git /usr/share/pwntools-git/ pushd /usr/share/pwntools-git/ >/dev/null @@ -2745,7 +2831,7 @@ popd >/dev/null ###### Installing nullsecurity tool suite -echo -e "\n$GREEN[+]$RESET Installing nullsecurity tool suite ~ collection of tools" +echo -e "\n $GREEN[+]$RESET Installing nullsecurity tool suite ~ collection of tools" apt-get -y -qq install git git clone git://github.com/nullsecuritynet/tools.git /usr/share/nullsecuritynet-git/ pushd /usr/share/nullsecuritynet-git/ >/dev/null @@ -2754,7 +2840,7 @@ popd >/dev/null ###### Installing gdb-peda (https://bugs.kali.org/view.php?id=2327) -echo -e "\n$GREEN[+]$RESET Installing gdb-peda ~ GDB exploit development assistance" +echo -e "\n $GREEN[+]$RESET Installing gdb-peda ~ GDB exploit development assistance" apt-get -y -qq install git gdb git clone git://github.com/longld/peda.git /usr/share/gdb-peda-git/ pushd /usr/share/gdb-peda-git/ >/dev/null @@ -2764,7 +2850,7 @@ echo "source ~/peda/peda.py" >> ~/.gdbinit ###### Installing radare2 (https://bugs.kali.org/view.php?id=2169) -#echo -e "\n$GREEN[+]$RESET Installing radare2 ~ reverse engineering framework" +#echo -e "\n $GREEN[+]$RESET Installing radare2 ~ reverse engineering framework" #apt-get -y -qq install git gdb #git clone git://github.com/radare/radare2.git /usr/share/radare2-git/ #pushd /usr/share/radare2-git/ >/dev/null @@ -2774,7 +2860,7 @@ echo "source ~/peda/peda.py" >> ~/.gdbinit ###### Installing ropeme (https://bugs.kali.org/view.php?id=2328) -echo -e "\n$GREEN[+]$RESET Installing ropeme ~ generate ROP gadgets and payload" +echo -e "\n $GREEN[+]$RESET Installing ropeme ~ generate ROP gadgets and payload" apt-get -y -qq install git python-distorm3 libdistorm64-1 libdistorm64-dev binutils git clone git://github.com/packz/ropeme.git /usr/share/ropeme-git/ pushd /usr/share/ropeme-git/ >/dev/null @@ -2793,7 +2879,7 @@ chmod +x "$file" ###### Installing ropper (https://bugs.kali.org/view.php?id=2329) -echo -e "\n$GREEN[+]$RESET Installing ropper ~ generate ROP gadgets and payload" +echo -e "\n $GREEN[+]$RESET Installing ropper ~ generate ROP gadgets and payload" apt-get -y -qq install git python-capstone git clone git://github.com/sashs/Ropper.git /usr/share/ropper-git/ pushd /usr/share/ropper-git/ >/dev/null @@ -2803,22 +2889,17 @@ popd >/dev/null ###### Installing dissy -echo -e "\n$GREEN[+]$RESET Installing dissy ~ GUI objdump" +echo -e "\n $GREEN[+]$RESET Installing dissy ~ GUI objdump" apt-get -y -qq install dissy binutils -###### Installing shellter -echo -e "\n$GREEN[+]$RESET Installing shellter ~ dynamic shellcode injector" -apt-get -y -qq install shellter - - ###### Installing shellnoob -echo -e "\n$GREEN[+]$RESET Installing shellnoob ~ shellcode writing toolkit" +echo -e "\n $GREEN[+]$RESET Installing shellnoob ~ shellcode writing toolkit" apt-get -y -qq install shellnoob ##### Installing checksec -echo -e "\n$GREEN[+]$RESET Installing checksec ~ check *nix OS for security features" +echo -e "\n $GREEN[+]$RESET Installing checksec ~ check *nix OS for security features" apt-get -y -qq install curl mkdir -p /usr/share/checksec/ file=/usr/share/checksec/checksec.sh @@ -2827,7 +2908,7 @@ chmod +x "$file" ##### Installing shellconv -echo -e "\n$GREEN[+]$RESET Installing shellconv ~ shellcode disassembler" +echo -e "\n $GREEN[+]$RESET Installing shellconv ~ shellcode disassembler" apt-get -y -qq install git git clone git://github.com/hasherezade/shellconv.git /usr/share/shellconv-git/ pushd /usr/share/shellconv-git/ >/dev/null @@ -2844,23 +2925,23 @@ chmod +x "$file" ##### Installing bless -echo -e "\n$GREEN[+]$RESET Installing bless ~ GUI hex editor" +echo -e "\n $GREEN[+]$RESET Installing bless ~ GUI hex editor" apt-get -y -qq install bless ##### Installing dhex -echo -e "\n$GREEN[+]$RESET Installing dhex ~ CLI hex compare" +echo -e "\n $GREEN[+]$RESET Installing dhex ~ CLI hex compare" apt-get -y -qq install dhex ##### Installing firmware-mod-kit -echo -e "\n$GREEN[+]$RESET Installing firmware-mod-kit ~ customize firmware" +echo -e "\n $GREEN[+]$RESET Installing firmware-mod-kit ~ customize firmware" apt-get -y -qq install firmware-mod-kit if [[ "$(uname -m)" == "x86_64" ]]; then ##### Installing lnav - echo -e "\n$GREEN[+]$RESET Installing lnav (x64) ~ CLI log veiwer" + echo -e "\n $GREEN[+]$RESET Installing lnav (x64) ~ CLI log veiwer" # apt-get -y -qq install git ncurses-dev libsqlite3-dev libgpm-dev # git clone git://github.com/tstack/lnav.git /usr/local/src/tstack-git/ # pushd /usr/local/src/tstack >/dev/null @@ -2877,7 +2958,7 @@ fi ##### Installing sqlmap (GIT) -echo -e "\n$GREEN[+]$RESET Installing sqlmap (GIT) ~ automatic SQL injection" +echo -e "\n $GREEN[+]$RESET Installing sqlmap (GIT) ~ automatic SQL injection" apt-get -y -qq install git git clone git://github.com/sqlmapproject/sqlmap.git /usr/share/sqlmap-git/ pushd /usr/share/sqlmap-git/ >/dev/null @@ -2894,7 +2975,7 @@ chmod +x "$file" ##### Installing commix (https://bugs.kali.org/view.php?id=2201) -echo -e "\n$GREEN[+]$RESET Installing commix ~ automatic command injection" +echo -e "\n $GREEN[+]$RESET Installing commix ~ automatic command injection" apt-get -y -qq install git git clone git://github.com/stasinopoulos/commix.git /usr/share/commix-git/ pushd /usr/share/commix-git/ >/dev/null @@ -2911,17 +2992,17 @@ chmod +x "$file" ##### Installing fimap -echo -e "\n$GREEN[+]$RESET Installing fimap ~ automatic LFI/RFI tool" +echo -e "\n $GREEN[+]$RESET Installing fimap ~ automatic LFI/RFI tool" apt-get -y -qq install fimap ##### Installing smbmap -echo -e "\n$GREEN[+]$RESET Installing smbmap ~ SMB enumeration tool" +echo -e "\n $GREEN[+]$RESET Installing smbmap ~ SMB enumeration tool" apt-get -y -qq install smbmap ##### Installing wig (https://bugs.kali.org/view.php?id=1932) -echo -e "\n$GREEN[+]$RESET Installing wig ~ web application detection" +echo -e "\n $GREEN[+]$RESET Installing wig ~ web application detection" apt-get -y -qq install git git clone git://github.com/jekyc/wig.git /usr/share/wig-git/ pushd /usr/share/wig-git/ >/dev/null @@ -2938,7 +3019,7 @@ chmod +x "$file" ##### Installing CMSmap -echo -e "\n$GREEN[+]$RESET Installing CMSmap ~ CMS detection" +echo -e "\n $GREEN[+]$RESET Installing CMSmap ~ CMS detection" apt-get -y -qq install git git clone git://github.com/Dionach/CMSmap.git /usr/share/cmsmap-git/ pushd /usr/share/cmsmap-git/ >/dev/null @@ -2955,7 +3036,7 @@ chmod +x "$file" ###### Installing CMSScanner -#echo -e "\n$GREEN[+]$RESET Installing CMSScanner ~ CMS detection" +#echo -e "\n $GREEN[+]$RESET Installing CMSScanner ~ CMS detection" #apt-get -y -qq install git #git clone git://github.com/wpscanteam/CMSScanner.git /usr/share/cmsscanner-git/ #pushd /usr/share/cmsscanner-git/ >/dev/null @@ -2965,7 +3046,7 @@ chmod +x "$file" ##### Installing droopescan -echo -e "\n$GREEN[+]$RESET Installing droopescan ~ Drupal vulnerability scanner" +echo -e "\n $GREEN[+]$RESET Installing droopescan ~ Drupal vulnerability scanner" apt-get -y -qq install git git clone git://github.com/droope/droopescan.git /usr/share/droopescan-git/ pushd /usr/share/droopescan-git/ >/dev/null @@ -2982,7 +3063,7 @@ chmod +x "$file" ##### Installing wpscan (GIT) -echo -e "\n$GREEN[+]$RESET Installing wpscan (GIT) ~ WordPress vulnerability scanner" +echo -e "\n $GREEN[+]$RESET Installing wpscan (GIT) ~ WordPress vulnerability scanner" apt-get -y -qq install git git clone git://github.com/wpscanteam/wpscan.git /usr/share/wpscan-git/ pushd /usr/share/wpscan-git/ >/dev/null @@ -2999,7 +3080,7 @@ chmod +x "$file" ##### Installing BeEF XSS -echo -e "\n$GREEN[+]$RESET Installing BeEF XSS ~ XSS framework" +echo -e "\n $GREEN[+]$RESET Installing BeEF XSS ~ XSS framework" apt-get -y -qq install beef-xss #--- Configure beef file=/usr/share/beef-xss/config.yaml; [ -e "$file" ] && cp -n $file{,.bkup} @@ -3007,14 +3088,48 @@ username="root" password="toor" sed -i 's/user:.*".*"/user: "'$username'"/' $file sed -i 's/passwd:.*".*"/passwd: "'$password'"/' $file -echo -e "$YELLOW[i]$RESET BeEF username: $username" -echo -e "$YELLOW[i]$RESET BeEF password: $password *** CHANGE THIS ASAP. Edit: /usr/share/beef-xss/config.yaml" +echo -e " $YELLOW[i]$RESET BeEF username: $username" +echo -e " $YELLOW[i]$RESET BeEF password: $password *** CHANGE THIS ASAP. Edit: /usr/share/beef-xss/config.yaml" #--- Example hook # +##### Installing patator (GIT) +echo -e "\n $GREEN[+]$RESET Installing patator (GIT)~ brute force" +apt-get -y -qq install git +git clone git://github.com/lanjelot/patator.git /usr/share/patator-git/ +pushd /usr/share/patator-git/ >/dev/null +git pull +popd >/dev/null +#--- Add to path +file=/usr/local/bin/patator-git +cat < "$file" +#!/bin/bash + +cd /usr/share/patator-git/ && python patator.py "\$@" +EOF +chmod +x "$file" + + +##### Installing crowbar +echo -e "\n $GREEN[+]$RESET Installing crowbar ~ brute force" +apt-get -y -qq install git +git clone git://github.com/galkan/crowbar.git /usr/share/crowbar-git/ +pushd /usr/share/crowbar-git/ >/dev/null +git pull +popd >/dev/null +#--- Add to path +file=/usr/local/bin/crowbar-git +cat < "$file" +#!/bin/bash + +cd /usr/share/crowbar-git/ && python crowbar.py "\$@" +EOF +chmod +x "$file" + + ##### Setting up tftp client & server -echo -e "\n$GREEN[+]$RESET Setting up tftp client & server ~ file transfer methods" +echo -e "\n $GREEN[+]$RESET Setting up tftp client & server ~ file transfer methods" apt-get -y -qq install tftp # tftp client apt-get -y -qq install atftpd # tftp server #--- Configure atftpd @@ -3025,8 +3140,8 @@ chown -R nobody\:root /var/tftp/ chmod -R 0755 /var/tftp/ #--- Setup alias file=/root/.bash_aliases; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/bash.bash_aliases -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" -grep -q '^## tftp' "$file" 2>/dev/null || echo -e '## tftp\nalias tftproot="cd /var/tftp/"\n' >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +grep -q '^## tftp' "$file" 2>/dev/null || echo -e '## tftp\nalias tftproot="cd /var/tftp/"\n' >> "$file" # service atftpd start #--- Remove from start up update-rc.d -f atftpd remove #--- Disabling IPv6 can help @@ -3035,7 +3150,7 @@ update-rc.d -f atftpd remove ##### Installing pure-ftpd -echo -e "\n$GREEN[+]$RESET Installing pure-ftpd ~ FTP server/file transfer method" +echo -e "\n $GREEN[+]$RESET Installing pure-ftpd ~ FTP server/file transfer method" apt-get -y -qq install pure-ftpd #--- Setup pure-ftpd mkdir -p /var/ftp/ @@ -3055,20 +3170,25 @@ echo "no" > /etc/pure-ftpd/conf/NoAnonymous echo "yes" > /etc/pure-ftpd/conf/AnonymousCanCreateDirs echo "yes" > /etc/pure-ftpd/conf/AllowAnonymousFXP echo "no" > /etc/pure-ftpd/conf/AnonymousCantUpload +echo "30768 31768" > /etc/pure-ftpd/conf/PassivePortRange #cat /proc/sys/net/ipv4/ip_local_port_range +echo "/etc/pure-ftpd/welcome.msg" > /etc/pure-ftpd/conf/FortunesFile #/etc/motd +echo "FTP" > /etc/pure-ftpd/welcome.msg #mkdir -p /etc/ssl/private/ #openssl req -x509 -nodes -newkey rsa:4096 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem #chmod -f 0600 /etc/ssl/private/*.pem ln -sf /etc/pure-ftpd/conf/PureDB /etc/pure-ftpd/auth/50pure +#--- Apply settings +#service pure-ftpd restart #--- Setup alias file=/root/.bash_aliases; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/bash.bash_aliases -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" -grep -q '^## ftp' "$file" 2>/dev/null || echo -e '## ftp\nalias ftproot="cd /var/ftp/"\n' >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +grep -q '^## ftp' "$file" 2>/dev/null || echo -e '## ftp\nalias ftproot="cd /var/ftp/"\n' >> "$file" # service pure-ftpd start #--- Remove from start up update-rc.d -f pure-ftpd remove ##### Configuring samba -echo -e "\n$GREEN[+]$RESET Configuring samba ~ file transfer method" +echo -e "\n $GREEN[+]$RESET Configuring samba ~ file transfer method" #--- Installing samba apt-get -y -qq install samba #--- Create samba user @@ -3076,7 +3196,8 @@ groupdel smbgroup 2>/dev/null; groupadd smbgroup userdel samba 2>/dev/null; useradd -r -M -d /nonexistent -s /bin/false -c "Samba user" -g smbgroup samba #--- Use the samba user file=/etc/samba/smb.conf; [ -e "$file" ] && cp -n $file{,.bkup} -sed -i 's/guest account = .*/guest account = samba/' "$file" 2>/dev/null || sed -i 's#\[global\]#\[global\]\n guest account = samba#' "$file" +sed -i 's/guest account = .*/guest account = samba/' "$file" 2>/dev/null +grep -q 'guest account' "$file" 2>/dev/null || sed -i 's#\[global\]#\[global\]\n guest account = samba#' "$file" #--- Setup samba paths grep -q '^\[shared\]' "$file" 2>/dev/null || cat <> "$file" @@ -3085,6 +3206,7 @@ grep -q '^\[shared\]' "$file" 2>/dev/null || cat <> "$file" path = /var/samba/ browseable = yes guest ok = yes + #guest only = yes read only = no writable = yes create mask = 0644 @@ -3093,7 +3215,9 @@ EOF #--- Create samba path and configure it mkdir -p /var/samba/ chown -R samba\:smbgroup /var/samba/ -chmod -R 0755 /var/samba/ +chmod -R 0755 /var/samba/ #chmod 0777 /var/samba/ +#--- Bug fix +touch /etc/printcap #--- Check result #service samba restart #smbclient -L \\127.0.0.1 -N @@ -3102,31 +3226,31 @@ service samba stop update-rc.d -f samba remove #--- Setup alias file=/root/.bash_aliases; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/bash.bash_aliases -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" grep -q '^## smb' "$file" 2>/dev/null || echo -e '## smb\nalias sambaroot="cd /var/samba/"\n#alias smbroot="cd /var/samba/"\n' >> "$file" ##### Configuring apache2 -echo -e "\n$GREEN[+]$RESET Configuring apache2 ~ web server" +echo -e "\n $GREEN[+]$RESET Configuring apache2 ~ web server" touch /var/www/favicon.ico #--- Setup alias file=/root/.bash_aliases; [ -e "$file" ] && cp -n $file{,.bkup} #/etc/bash.bash_aliases -([[ -e "$file" ]] && [[ "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" -grep -q '^## www' "$file" 2>/dev/null || echo -e '## www\nalias wwwroot="cd /var/www/"\n' >> "$file" +([[ -e "$file" && "$(tail -c 1 $file)" != "" ]]) && echo >> "$file" +grep -q '^## www' "$file" 2>/dev/null || echo -e '## www\nalias wwwroot="cd /var/www/"\n' >> "$file" # service apache2 start ###### Installing rsh-client -echo -e "\n$GREEN[+]$RESET Installing rsh-client ~ remote shell connections" +echo -e "\n $GREEN[+]$RESET Installing rsh-client ~ remote shell connections" apt-get -y -qq install rsh-client ##### Installing sshpass -echo -e "\n$GREEN[+]$RESET Installing sshpass ~ automating SSH connections" +echo -e "\n $GREEN[+]$RESET Installing sshpass ~ automating SSH connections" apt-get -y -qq install sshpass ##### Installing DBeaver -echo -e "\n$GREEN[+]$RESET Installing DBeaver ~ GUI DB manager" +echo -e "\n $GREEN[+]$RESET Installing DBeaver ~ GUI DB manager" apt-get -y -qq install curl arch="i386" [[ "$(uname -m)" == "x86_64" ]] && arch="amd64" @@ -3137,7 +3261,7 @@ ln -sf /usr/share/dbeaver/dbeaver /usr/bin/dbeaver ##### Setting up a jail ~ http://allanfeid.com/content/creating-chroot-jail-ssh-access -echo -e "\n$GREEN[+]$RESET Setting up a jail ~ testing environment" +echo -e "\n $GREEN[+]$RESET Setting up a jail ~ testing environment" apt-get -y -qq install debootstrap curl #mkdir -p /var/jail/ #debootstrap wheezy /var/jail/ @@ -3157,7 +3281,7 @@ apt-get -y -qq install debootstrap curl ##### Configuring pythcon console - all users -echo -e "\n$GREEN[+]$RESET Configuring pythcon console ~ tab complete & history support" +echo -e "\n $GREEN[+]$RESET Configuring pythcon console ~ tab complete & history support" export PYTHONSTARTUP=$HOME/.pythonstartup file=/etc/bash.bashrc; [ -e "$file" ] && cp -n $file{,.bkup} #/root/.bashrc grep -q PYTHONSTARTUP $file || echo 'export PYTHONSTARTUP=$HOME/.pythonstartup' >> "$file" @@ -3187,27 +3311,27 @@ if [[ "$SHELL" == "/bin/zsh" ]]; then source ~/.zshrc else source "$file"; fi ###### Installing virtualenvwrapper -echo -e "\n$GREEN[+]$RESET Installing virtualenvwrapper ~ virtual environment wrapper" +echo -e "\n $GREEN[+]$RESET Installing virtualenvwrapper ~ virtual environment wrapper" apt-get -y -qq install virtualenvwrapper ###### Installing go -echo -e "\n$GREEN[+]$RESET Installing go ~ programming language" +echo -e "\n $GREEN[+]$RESET Installing go ~ programming language" apt-get -y -qq install golang ###### Installing giggle -echo -e "\n$GREEN[+]$RESET Installing giggle ~ GUI git client" -apt-get -y -qq install giggle +#echo -e "\n $GREEN[+]$RESET Installing giggle ~ GUI git client" +#apt-get -y -qq install giggle ###### Installing gitg -#echo -e "\n$GREEN[+]$RESET Installing gitg ~ GUI git client" -#apt-get -y -qq install gitg +echo -e "\n $GREEN[+]$RESET Installing gitg ~ GUI git client" +apt-get -y -qq install gitg ##### Setting up SSH -echo -e "\n$GREEN[+]$RESET Setting up SSH" +echo -e "\n $GREEN[+]$RESET Setting up SSH" apt-get -y -qq install openssh-server #--- Wipe current keys rm -f /etc/ssh/ssh_host_* @@ -3230,12 +3354,12 @@ echo "Kali Linux" | /usr/games/cowsay > /etc/motd ###### Setting up G/UFW -#echo -e "\n$GREEN[+]$RESET Installing G/UFW ~ firewall rule generator" +#echo -e "\n $GREEN[+]$RESET Installing G/UFW ~ firewall rule generator" #apt-get -y -qq install ufw gufw ##### Cleaning the system -echo -e "\n$GREEN[+]$RESET Cleaning the system" +echo -e "\n $GREEN[+]$RESET Cleaning the system" #--- Clean package manager for FILE in clean autoremove; do apt-get -y -qq "$FILE"; done # Clean up - clean remove autoremove autoclean apt-get -y -qq purge $(dpkg -l | tail -n +6 | egrep -v '^(h|i)i' | awk '{print $2}') # Purged packages @@ -3249,25 +3373,34 @@ for i in $(cut -d: -f6 /etc/passwd | sort -u); do [ -e "$i" ] && find "$i" -type f -name '.*_history' -delete done +if [ "$freezeDEB" != "false" ]; then + ##### Don't ever update these packages + echo -e "\n $GREEN[+]$RESET Don't ever update these packages:" + for x in metasploit metasploit-framework metasploit-common; do + echo -e " $YELLOW[i]$RESET + $x" + echo "$x install" | dpkg --set-selections + done +fi + ##### Time taken finish_time=$(date +%s) -echo -e "\n$YELLOW[i]$RESET Time (roughly) taken: $(( $(( finish_time - start_time )) / 60 )) minutes" +echo -e "\n $YELLOW[i]$RESET Time (roughly) taken: $(( $(( finish_time - start_time )) / 60 )) minutes" -#-Done--------------------------------------------------------# +#-Done-----------------------------------------------------------------# ##### Done! -echo -e "\n$YELLOW[i]$RESET Don't forget to:" -echo -e "$YELLOW[i]$RESET + Check the above output (Did everything installed? No errors?)" -#echo -e "$YELLOW[i]$RESET + Check that Iceweasel's extensions are enabled (as well as FoxyProxy profiles)" -echo -e "$YELLOW[i]$RESET + Manually install: Nessus, Nexpose and/or Metasploit Community" -echo -e "$YELLOW[i]$RESET + Agree/Accept to: Maltego, OWASP ZAP, w3af etc" -echo -e "$YELLOW[i]$RESET + Change time zone & keyboard layout (...if different to $timezone & $keyboardlayout)" -echo -e "$YELLOW[i]$RESET + Change default passwords: PostgreSQL/MSF, MySQL, OpenVAS, BeEF XSS etc" -echo -e "$YELLOW[i]$RESET + Reboot" -(dmidecode | grep -iq virtual) && echo -e "$YELLOW[i]$RESET + Take a snapshot" +echo -e "\n $YELLOW[i]$RESET Don't forget to:" +echo -e " $YELLOW[i]$RESET + Check the above output (Did everything installed? No errors?)" +#echo -e " $YELLOW[i]$RESET + Check that Iceweasel's extensions are enabled (as well as FoxyProxy profiles)" +echo -e " $YELLOW[i]$RESET + Manually install: Nessus, Nexpose and/or Metasploit Community" +echo -e " $YELLOW[i]$RESET + Agree/Accept to: Maltego, OWASP ZAP, w3af etc" +echo -e " $YELLOW[i]$RESET + Change time zone & keyboard layout (...if not $timezone & $keyboardlayout)" +echo -e " $YELLOW[i]$RESET + Change default passwords: PostgreSQL/MSF, MySQL, OpenVAS, BeEF XSS etc" +echo -e " $YELLOW[i]$RESET + Reboot" +(dmidecode | grep -iq virtual) && echo -e " $YELLOW[i]$RESET + Take a snapshot" echo -e '\n'$BLUE'[*]'$RESET' Done!\n\a' #reboot