#!/bin/bash
#Creato da Mito125
version=1.1
aggiungi() {
#Funzione aggiungi al menu
# @1: nome
# @2: commento
# @3: command line
# @4: terminale (true or false)
# @5: Categoria
echo "
[Desktop Entry]
Type=Application
Encoding=UTF-8
Name=$1
Comment=$2
Icon=/usr/share/icons/pentest/$1.png
Exec=$3
Terminal=$4
" > /tmp/$1.desktop
xdg-desktop-menu install /tmp/Mito125.directory /tmp/$5.directory /tmp/$1.desktop --novendor
xdg-desktop-menu forceupdate
}
dlicona() {
# @1: nome icona
# @2: url
# ATTENZIONE: il nome dell'icona deve essere lo stesso di quello del programma asociato
wget $2 -P /tmp
convert -size 48x48 /tmp/$(echo $2|awk -F/ '{print $NF}') -resize 48x48 -extent 48x48 +profile '*' /usr/share/icons/pentest/$1.png
rm /tmp/$(echo $2|awk -F/ '{print $NF}')
}
crearedirectoryfile() {
#Funzione aggiungi menu
#@1: nome della directory
echo "[Desktop Entry]
Name=$1
Comment=$1 tools
Icon=/usr/share/incons/pentest/$1.png
Type=Directory
Categories=$1
" > /tmp/$1.directory
}
installacrypto() {
#Installa xortools
cd /pentest/crypto/ && wget https://github.com/hellman/xortool/zipball/master -O xortool.zip && unzip xortool.zip && rm xortool.zip && cd ~
aggiungi 'xortool' 'Utility per analisi XOR' "sh -c 'cd /pentest/crypto/hellman-xortool-80cedef/ && ./xortool.py -h; bash'" 'True' Crypto
}
installaexploit() {
#Installa exploitdb
rm -rf /pentest/exploit/exploitdb && mkdir -pv /pentest/exploit/exploitdb && cd /pentest/exploit/exploitdb && wget http://www.exploit-db.com/archive.tar.bz2 && tar -jxvf archive.tar.bz2 && rm archive.tar.bz2 && cd ~
aggiungi 'exploit-db' 'Vai alla directory del database' "sh -c 'cd /pentest/exploit/exploitdb; sudo -s'" 'True' Exploit
#Installa SET
cd /pentest/exploit/ && svn co http://svn.secmaniac.com/social_engineering_toolkit set/ && cd ~
aggiungi 'SET' 'Social Engineering Toolkit' "sudo sh -c 'cd /pentest/exploit/set && ./set; bash'" 'True' Exploit
}
installapassword() {
#Installa crunch wordlist creator
cd /pentest/password && wget http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/crunch-3.2.tgz && tar -xzvf crunch-3.2.tgz && rm crunch-3.2.tgz && cd crunch3.2 && /usr/bin/gcc -Wall -lm -pthread -std=c99 -m32 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 crunch.c -o crunch -lm && cd ~
aggiungi 'crunch' 'Utility per generare wordlist' "sh -c 'cd /pentest/password/crunch3.2/ && ./crunch -h; bash'" 'True' Password
#Installa JTR
cd /pentest/password && wget http://www.openwall.com/john/g/john-1.7.9-jumbo-5.tar.gz && tar -xzvf john-1.7.9-jumbo-5.tar.gz && rm john-1.7.9-jumbo-5.tar.gz && cd john-1.7.9-jumbo-5 && cd src && make clean linux-x86-64 && cd /pentest/password && mkdir -pv john && cp -R /pentest/password/john-1.7.9-jumbo-5/run/* /pentest/password/john/ && rm -R /pentest/password/john-1.7.9-jumbo-5/ && cd ~
aggiungi 'john-the-ripper' 'Tool per crackare password' "sudo sh -c 'cd /pentest/password/john/ && ./john; bash'" 'True' Password
#Installa VNCpwdump
mkdir -pv /pentest/passwordvncpwdump && cd /pentest/passwordvncpwdump && wget http://www.cqure.net/tools/vncpwdump-win32-1_0_6.zip && unzip vncpwdump-win32-1_0_6.zip && rm vncpwdump-win32-1_0_6.zip
aggiungi 'VNCpwdump' 'Tool per crackare hash di winVNC' "sh -c 'wine /pentest/passwordvncpwdump/vncpwdump.exe &; bash'" 'True' Password
}
installascanner() {
#Installa nmap
cd /pentest/scanner/ && wget http://nmap.org/dist/nmap-5.61TEST4.tar.bz2 && bzip2 -cd nmap-5.61TEST4.tar.bz2 | tar xvf - && rm nmap-5.61TEST4.tar.bz2 && cd nmap-5.61TEST4 && ./configure && make && make install && cd ~
aggiungi 'nmap' 'Network Mapper' "sudo sh -c 'nmap; bash'" 'True' Scanner
#Installa sqlmap
cd /pentest/scanner && svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap && cd ~
aggiungi 'sqlmap' 'SQL Injection Exploiter' "sh -c 'cd /pentest/scanner/sqlmap/ && ./sqlmap.py; sudo -s'" 'True' Scanner
}
installashell() {
#Installa Weevely
cd /pentest/shell/ && mkdir -pv weevely && cd weevely && wget http://weevely.googlecode.com/files/weevely-0.5.1.tar.gz && tar -xzvf weevely-0.5.1.tar.gz && rm weevely-0.5.1.tar.gz && cd ~
aggiungi 'weevely' 'Vai alla directory di Weevely' "sh -c 'cd /pentest/shell/weevely; sudo -s'" 'True' Shell
#Salva una reverse-shell in php
cd /pentest/shell/ && wget http://pentestmonkey.net/tools/php-reverse-shell/php-reverse-shell-1.0.tar.gz && tar -xzvf php-reverse-shell-1.0.tar.gz && rm php-reverse-shell-1.0.tar.gz && cd ~
aggiungi 'php-reverse-shell' 'PHP Reverse Shell' "sh -c 'cd /pentest/shell/php-reverse-shell-1.0/; sudo -s'" 'True' Shell
#Salva una reverse-shell in perl
cd /pentest/shell/ && wget http://pentestmonkey.net/tools/perl-reverse-shell/perl-reverse-shell-1.0.tar.gz && tar -xzvf perl-reverse-shell-1.0.tar.gz && rm perl-reverse-shell-1.0.tar.gz && cd ~
aggiungi 'perl-reverse-shell' 'Perl Reverse Shell' "sh -c 'cd /pentest/shell/perl-reverse-shell-1.0/; sudo -s'" 'True' Shell
}
installaweb() {
#Installa ZAProxy
cd /pentest/web/ && wget http://zaproxy.googlecode.com/files/ZAP_1.3.4_Linux.tar.gz && tar -xzvf ZAP_1.3.4_Linux.tar.gz && rm ZAP_1.3.4_Linux.tar.gz && cd ~
aggiungi 'ZAproxy' 'Vai alla directory di ZAProxy' "sh -c 'cd /pentest/web/ZAP_1.3.4/; sudo -s'" 'True' Web
#Installa DirBuster
cd /pentest/web && wget http://sourceforge.net/projects/dirbuster/files/DirBuster%20%28jar%20%2B%20lists%29/1.0-RC1/DirBuster-1.0-RC1.tar.bz2 && tar -jxvf DirBuster-1.0-RC1.tar.bz2 && rm DirBuster-1.0-RC1.tar.bz2 && cd ~
aggiungi 'DirBuster' 'Tool OWASP' "sh -c 'cd /pentest/web/DirBuster-1.0-RC1 && java -jar DirBuster-1.0-RC1.jar'" 'False' Web
#Installa Nikto2
cd /pentest/web/ && wget https://cirt.net/nikto/nikto-2.1.4.tar.gz --no-check-certificate && tar -xzvf nikto-2.1.4.tar.gz && rm nikto-2.1.4.tar.gz && cd ~
aggiungi 'Nikto2' 'Web Server Scanner' "sh -c 'cd /pentest/web/nikto-2.1.4/; sudo -s'" 'True' Web
#Installa fimap
cd /pentest/web/ && wget http://fimap.googlecode.com/files/fimap_alpha_v09.tar.gz && tar -xzvf fimap_alpha_v09.tar.gz && rm fimap_alpha_v09.tar.gz && cd ~
aggiungi 'fimap' 'Utility per LFI/RFI bugs' "sh -c 'cd /pentest/web/fimap_alpha_v09/ && ./fimap.py -h; bash'" 'True' Web
#Installa w3af
cd /pentest/web && wget http://sourceforge.net/projects/w3af/files/w3af/w3af%201.0-stable/w3af-1.0-stable.tar.bz2 && tar -jxvf w3af-1.0-stable.tar.bz2 && rm w3af-1.0-stable.tar.bz2 && cd ~
aggiungi 'w3af' 'Web Application Attack and Audit Framework' "sh -c 'cd /pentest/web/w3af/; ./w3af_gui'" 'False' Web
#Installa metasploit
wget http://downloads.metasploit.com/data/releases/metasploit-latest-linux-x64-installer.run && chmod +x metasploit-latest-linux-x64-installer.run && ./metasploit-latest-linux-x64-installer.run && rm metasploit-latest-linux-x64-installer.run
aggiungi 'msfconsole' 'Penetration Testing Software' "sudo sh -c 'msfconsole; bash'" 'True' Exploit
}
installaforensics() {
#Installa volatility
cd /pentest/forensics && wget https://www.volatilesystems.com/volatility/2.0/volatility-2.0.tar.gz && tar -xzvf volatility-2.0.tar.gz && rm volatility-2.0.tar.gz
aggiungi 'volatility' 'Extract digital artifacts from volatile memory (RAM) samples' "sudo sh -c 'python /pentest/forensics/volatility-2.0/vol.py; bash'" 'True' Forensics
}
installareverse() {
mkdir -pv /pentest/reverse/ollydbg && cd /pentest/reverse/ollydbg && wget http://www.ollydbg.de/odbg201d.zip && unzip odbg201d.zip && rm odbg201d.zip
aggiungi 'Ollydbg' 'Ollydbg' "sh -c 'wine /pentest/reverse/ollydbg/ollydbg.exe &'" 'False' Reverse
}
creastruttura() {
for i in exploit web crypto password scanner shell forensics reverse; do mkdir -pv /pentest/$i; done
for i in Exploit Web Crypto Password Scanner Shell Forensics Reverse Mito125; do crearedirectoryfile $i; done
mkdir -pv /usr/share/icons/pentest/
}
update() {
apt-get --purge autoremove netcat-openbsd -y
echo "Aggiorno la distribuzione"
apt-get update 1>/dev/null && apt-get -y dist-upgrade 1>/dev/null
echo "Installo i pacchetti dai repository"
apt-get -y install imagemagick openjdk-7-jre whois curl vlc checkinstall apache2 libssl-dev geany hping3 gtk-recordmydesktop knockd macchanger netcat-traditional ruby libopenssl-ruby libyaml-ruby libdl-ruby libiconv-ruby libreadline-ruby irb ri rubygems subversion ruby-dev libpcap-dev wireshark netdiscover python-crypto-doc python-nltk python-soappy python-lxml python-svn python-scapy graphviz python-gtksourceview2 libc6-dev-i386 p7zip wine
#Disabilita l'avvio automatico di apache2
update-rc.d -f apache2 disable
#Installa BeautifulSoup
wget http://www.crummy.com/software/BeautifulSoup/download/3.x/BeautifulSoup-3.2.0.tar.gz && tar -xzvf BeautifulSoup-3.2.0.tar.gz && rm BeautifulSoup-3.2.0.tar.gz && cd BeautifulSoup-3.2.0/ && python setup.py install && cd ~ && rm -r BeautifulSoup-3.2.0/
}
creaalias() {
echo 'alias xortool="cd /pentest/crypto/hellman-xortool-80cedef/"' >> ~/.bashrc
echo 'alias socialengtool="cd /pentest/exploit/set"' >> ~/.bashrc
echo 'alias exploitdb="cd /pentest/exploit/exploitdb"' >> ~/.bashrc
echo 'alias crunch="/pentest/password/crunch3.2/crunch"' >> ~/.bashrc
echo 'alias john="/pentest/password/john/john"' >> ~/.bashrc
echo 'alias sqlmap="/pentest/scanner/sqlmap/sqlmap.py"' >> ~/.bashrc
echo 'alias weevely="cd /pentest/shell/weevely"' >> ~/.bashrc
echo 'alias zaproxy="cd /pentest/web/ZAP_1.3.4/"' >> ~/.bashrc
echo 'alias dirbuster="java -jar /pentest/web/DirBuster-1.0-RC1/DirBuster-1.0-RC1.jar &"' >> ~/.bashrc
echo 'alias nikto2="cd /pentest/web/nikto-2.1.4/"' >> ~/.bashrc
echo 'alias fimap="/pentest/web/fimap_alpha_v09/fimap.py"' >> ~/.bashrc
echo 'alias w3af="/pentest/web/w3af/w3af_gui &"' >> ~/.bashrc
echo 'alias aggiorna="apt-get update && apt-get dist-upgrade"' >> ~/.bashrc
echo 'alias volatility="python /pentest/forensics/volatility-2.0/vol.py"' >> ~/.bashrc
echo 'alias vncpwdump="wine /pentest/passwordvncpwdump/vncpwdump.exe &"' >> ~/.bashrc
echo 'alias ollydbg="wine /pentest/reverse/ollydbg/ollydbg.exe &"' >> ~/.bashrc
}
##############################################################################################################
if [ "$(id -u)" != "0" ]; then
echo "Devi essere root per eseguire questo script."
exit 1
fi
#Avvio automatico programmi
mkdir -pv ~/.config/autostart/ && ln -s /usr/share/applications/xfce4-terminal.desktop ~/.config/autostart/
#update ed installazione pacchetti dai repository
update
#Crea la struttura
creastruttura
#Installazioni
installacrypto
installaexploit
installapassword
installascanner
installashell
installaweb
installaforensics
creaalias
#AVVISO
echo "ADESSO RIAVVIA PER COMPLETARE CON SUCCESSO TUTTE LE OPERAZIONI"