honeypot_installscripts/glastopf_installation.sh at master · psy/honeypot_installscripts · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
#! /bin/bash

# ToDo: Fix errors:
#	* Database

GT_INSTALL_DIR="/opt/glastopf/"
APT_CMD=$(which apt-get)
APT_OPTS="--yes --no-install-recommends"

echo "deb http://ftp.debian.org/debian/ wheezy-backports main" >> /etc/apt/source.list

echo "Installing necessary packages"
$APT_CMD update
$APT_CMD $APT_OPTS install python python-openssl python-gevent libevent-dev python-dev build-essential make
$APT_CMD $APT_OPTS install python-argparse python-chardet python-requests python-sqlalchemy python-lxml
$APT_CMD $APT_OPTS install python-beautifulsoup python-pip python-dev python-setuptools
$APT_CMD $APT_OPTS install g++ git php5-common php5-cgi php5 php5-dev liblapack-dev gfortran
$APT_CMD $APT_OPTS install libxml2-dev libxslt-dev
$APT_CMD $APT_OPTS install libmysqlclient-dev
$APT_CMD $APT_OPTS install pwgen iptables-persistent

PIP_CMD=$(which pip)

$PIP_CMD install --upgrade distribute

echo "Clonging into BFR and installing it"
cd /opt
git clone git://github.com/glastopf/BFR.git
cd BFR
phpize
./configure --enable-bfr
BFR_DIR=$( (make && make install) | tail -n1 | grep "Installing shared extensions:" | cut -d":" -f2 | tr -d ' ')

if [ ! -f /etc/php5/cgi/php.ini.bak ]; then
	echo "Backing up php.ini"
	cp /etc/php5/cgi/php.ini /etc/php5/cgi/php.ini.bak
fi

echo "zend_extension = ${BFR_DIR}bfr.so" >> /etc/php5/cgi/php.ini

echo "Installing glastopf"
$PIP_CMD install glastopf

echo "Upgradeing greenlet"
$PIP_CMD install --upgrade greenlet

echo "Creating glastopf directory and config files"
mkdir -p ${GT_INSTALL_DIR}
cd ${GT_INSTALL_DIR}
glastopf-runner --prepare &> /dev/null &
GT_PID=$!

# Install mysql and create mysql user
dpkg -s mysql-server &> /dev/null

if [ $? -ne 0 ]
then
        read -p "Installing mysql-server, remember password! Hit [ENTER] to continue."
        $APT_CMD $APT_OPTS install mysql-server
fi

read -s -p "Please enter your mysql root password: " MYSQL_ROOT_PW

mysql_pw=$(pwgen 30 1)
echo "CREATE DATABASE glastopf; GRANT ALL ON glastopf.* TO 'glastopf'@'localhost' IDENTIFIED BY '$mysql_pw'" | mysql -u root -h localhost --password="${MYSQL_ROOT_PW}"

if [ ! -f ${GT_INSTALL_DIR}glastopf.cfg.bak ]; then
	echo "Backing up glastopf.cfg"
	cp ${GT_INSTALL_DIR}glastopf.cfg ${GT_INSTALL_DIR}glastopf.cfg.bak
fi

# Edit config
echo "Manipulating config"
# 1. Turn of console-logging
sed -i "s/\(consolelog_enabled *= *\).*/\1False/" ${GT_INSTALL_DIR}glastopf.cfg

# 2. Enable mysql logging
# Currently not working beacause of "ValueError: sample larger than population"
#sed -i "s/\(connection_string *= *\).*/\1mysql:\/\/glastopf:$mysql_pw@localhost\/glastopf/" ${GT_INSTALL_DIR}glastopf.cfg

# Emulate Plesk as well
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8443 -j REDIRECT --to-port 80

iptables-save > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6

cat > /etc/init.d/glastopf <<EOF
#!/bin/bash

# Author: Miguel Cabrerizo <doncicuto@gmail.com>

### BEGIN INIT INFO
# Provides:          glastopf
# Required-Start:    \$remote_fs \$network \$syslog
# Required-Stop:     \$remote_fs \$network \$syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start glastopf
# Description:       Glastopf is a web application honeypot.
### END INIT INFO

DAEMON_PATH="${GT_INSTALL_DIR}"
DAEMON="$(which glastopf-runner)"

NAME="glastopf"
DESC="Glastopf Honeypot"
PIDFILE="/var/run/\$NAME.pid"
SCRIPTNAME="/etc/init.d/\$NAME"

case "\$1" in

start)
        echo -n "Starting \$DESC: "
        start-stop-daemon --start --chdir \$DAEMON_PATH --background --pidfile \$PIDFILE --make-pidfile --exec \$DAEMON && echo "OK"
        ;;

stop)
        echo -n "Stopping \$DESC: "
        start-stop-daemon --stop --pidfile \$PIDFILE && echo "OK"
        ;;

restart)
        echo "Restarting \$DESC: "
        \$0 stop
        sleep 1
        \$0 start
        ;;

*)
        echo "Usage: \$0 {start|stop|restart}"
        exit 1
        ;;

esac

exit 0
EOF

chmod +x /etc/init.d/glastopf
update-rc.d glastopf defaults


echo "Restarting glastopf"
kill -9 $GT_PID &> /dev/null && /etc/init.d/glastopf start