-
Notifications
You must be signed in to change notification settings - Fork 22
/
setup-drop-box-v2
executable file
·93 lines (68 loc) · 2.39 KB
/
setup-drop-box-v2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
#!/bin/bash
### SETUP DROP BOX ###
# Prompt user for all setup information
read -p "CNC IP or hostname: " CNC_IP
if [ "$CNC_IP" == "" ] ; then
CNC_IP=10.100.2.132
fi
echo "
The drop box will have its own user account on the CNC server for connecting
back to the CNC's SSH server. Each drop box should have its own unique
account which is created by the setup-cnc script in this package.
"
read -p "Drop box user account on CNC [drop-box]: " DBUSER
if [ "$DBUSER" == "" ] ; then
DBUSER=drop-box
fi
echo "
The drop box will forward one of the CNC's ports to its own SSH server for
remote access. This port should be unique to each dropbox handled by the CNC.
"
read -p "CNC port where this drop box should listen [2222]: " DBPORT
if [ "$DBPORT" == "" ] ; then
DBPORT=2222
fi
echo "
The CNC administrative user must be able to login over SSH using a password
and have access to /home/$DBUSER/.ssh/id_rsa on the CNC.
"
read -p "CNC administrative user to use during setup [root]: " ADMIN
if [ "$ADMIN" == "" ] ; then
ADMIN=root
fi
# Create directory where files will live if not already created
mkdir -p /opt/ssh-phone-home
cd /opt/ssh-phone-home
echo "CNC_IP=$CNC_IP" >> /opt/ssh-phone-home/config
echo "DBUSER=$DBUSER" >> /opt/ssh-phone-home/config
echo "DBPORT=$DBPORT" >> /opt/ssh-phone-home/config
# Copy ssh key from CNC
echo "Connecting to CNC as $ADMIN to copy ssh keys..."
scp $ADMIN@$CNC_IP:/home/$DBUSER/.ssh/id_rsa ./
## Setup the local SSH server for connections from C&C ##
echo
echo "Configuring drop box's SSH server..."
# Delete original SSH host keys and generate new ones
rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
# Enable root login over SSH using a password
sed -Ei 's/^PermitRootLogin without-password/PermitRootLogin yes/' /etc/ssh/sshd_config
# Enable SSH service to start at boot
update-rc.d ssh enable
# Start the SSH service now
service ssh start
## Create a cron job to phone home every 5 seconds ##
echo "*/5 * * * * root /opt/ssh-phone-home/phone-home.sh" >> /etc/crontab
## Phone home at boot ##
mv /etc/rc.local /etc/rc.local.$(ls /etc/rc.local* | wc -l)
cat <<EOF >/etc/rc.local
#!/bin/bash
# Wait for a network interface to get an IP address
while [ "\$(ifconfig | grep 'inet addr' | grep -vF '127.0.0.1')" == "" ] ; do
sleep 1
done
# Execute the phone-home.sh script
/opt/ssh-phone-home/phone-home.sh &
EOF
chmod ugo+x /etc/rc.local
echo Done.