#!/bin/bashscore=0echo > /home/ainsley/Desktop/.score.htmlecho "<p>" >>

1. #!/bin/bash
2.  
3. score=0
4. echo > /home/ainsley/Desktop/.score.html
5. echo "<p>" >> /home/ainsley/Desktop/.score.html
6.  
7. score() {
8. score=$(($score + $2))
9. echo "$1-" " $2"" points" >> /home/ainsley/Desktop/.score.html
10. echo "<p>" >> /home/ainsley/Desktop/.score.html
11. }
12.  
13. users=(ainsley ainsbee l donatello)
14. badUsers=(teamgoldmvp cybergoat differentbreed)
15. admins=(ainsley ainsbee)
16. services=(apache2 sshd mysql php5 vsftpd)
17. npack=(john netcat aircrack youtube-dl nmap)
18. nfiles=( /etc/speech-dispatcher/modules/espeak/festival/leaveme /var/www/html/webconsole.php)
19. for i in ${users[@]}; do
20. if [ "$(cut -d: -f1 /etc/passwd | grep "$i")" == "" ];then
21. score "Authorized user $i deleted" -5
22. fi
23. done
24.  
25. for i in ${badUsers[@]}; do
26. if [ "$(cut -d: -f1 /etc/passwd | grep "$i")" == "" ];then
27. score "Unauthorized user $i Removed" 5
28. fi
29. done
30.  
31. for i in ${services[@]}; do
32. if [ "$(ps aux | grep $i | wc -l )" == "1" ];then
33. score "Authorized service $i not running" -5
34. fi
35. done
36.  
37. for i in ${admins[@]}; do
38. if [ "$(grep sudo /etc/group | grep $i )" == "" ];then
39. score "Authorized admin $i deposed" -5
40. fi
41. done
42.  
43. for i in ${npack[@]}; do
44. if [ "$(dpkg --list | grep $i )" == "" ];then
45. score "Unauthorized service $i removed" 5
46. fi
47. done
48.  
49. for i in ${nfiles[@]}; do
50. if ! [ -e "$i" ];then
51. score "Unauthorized file $i removed" 5
52. fi
53. done
54.  
55. if [ "$(grep sudo /etc/group | grep l )" == "" ]; then
56. score "Unauthorized admin L deposed" 5
57. fi
58.  
59.  
60. if [ "$(grep PermitRootLogin /etc/ssh/sshd_config| grep -i no)" ];then
61. score "SSH root login fixed" 5
62. fi
63.  
64. if [ "$(grep FAILLOG_ENAB /etc/login.defs | grep -i yes)" ];then
65. score "Failed logins logged" 5
66. fi
67.  
68. if [ "$(grep LOG_UNKFAIL_ENAB /etc/login.defs | grep -i yes)" ];then
69. score "Unknown usernames logged" 5
70. fi
71.  
72. if [ "$(grep UMASK /etc/login.defs | grep 022)" ];then
73. score "UMASK Fixed" 5
74. fi
75.  
76. if [ "$(grep UID /etc/login.defs | grep 60000)" ];then
77. score "UID max fixed" 5
78. fi
79.  
80. if [ "$(grep PASS_MAX_DAYS /etc/login.defs | grep 90)" ];then
81. score "Maximum Password Age set" 5
82. fi
83.  
84. if [ "$(grep PASS_MIN_DAYS /etc/login.defs | grep 14)" ];then
85. score "Minimum Password Age set" 5
86. fi
87.  
88. if [ "$(grep PASS_WARN_AGE /etc/login.defs | grep 7)" ];then
89. score "Warning Age set" 5
90. fi
91.  
92. if [ "$(grep Login_Retries /etc/login.defs | grep 5)" ];then
93. score "Login Retries okay" 5
94. fi
95.  
96. if [ "$(grep Protocol /etc/ssh/sshd_config | grep 2)" ];then
97. score "SSH Protocol 1 disabled" 5
98. fi
99.  
100. if ! [ "$(netstat -tulpn | grep "smbd" )" ];then
101. score "Unauthorized service samba removed" 5
102. fi
103.  
104. if ! [ "$(netstat -tulpn | grep 2756 )" ];then
105. score "bad port number 1 for apache2 disabled" 5
106. fi
107.  
108. if ! [ "$(netstat -tulpn | grep 2757 )" ];then
109. score "bad port number 2 for apache2 disabled" 5
110. fi
111.  
112. if ! [ "$(netstat -tulpn | grep 8908 )" ];then
113. score "bad port number 3 for apache2 disabled" 5
114. fi
115.  
116. if [ "$(grep "/etc/ufw/applications.d/apache2/ports.conf" '/home/ainsley/Desktop/Forensics 1')" ];then
117. score "Forensics Question 1 Correct" 5
118. fi
119.  
120. if [ "$(grep "Linux Apache2 MySQL PHP Server" '/home/ainsley/Desktop/Forensics 2')" ];then
121. score "Forensics Question 2 Correct" 5
122. fi
123.  
124. if [ "$(grep "Kobe" '/home/ainsley/Desktop/Forensics 3')" ];then
125. score "Forensics 3 correct" 5
126. fi
127.  
128. if ! [ "$(netstat -tulpn | grep 2222 )" ];then
129. score "SSH Bad Port disabled" 5
130. fi
131.  
132. if [ "$(grep KeepAlive /etc/apache2/apache2.conf | grep -i "On")" ];then
133. score "KeepAlive On" 5
134. fi
135.  
136. if [ "$(grep PermitRootLogin /etc/ssh/sshd_config | grep -i "No")" ];then
137. score "PermitRootLogin Off" 5
138. fi
139.  
140. if [ "$(grep anonymous_enable /etc/vsftpd.conf | grep -i "NO")" ];then
141. score "anonymous ftp disabled" 5
142. fi
143.  
144. if [ "$(grep write_enable /etc/vsftpd.conf | grep -i "NO")" ];then
145. score "anonymous write enabled disallowed" 5
146. fi
147.  
148. if [ $(grep pasv_min_port /etc/vsftpd.conf | grep 4000) ];then
149. score "PASV part 1 disabled" 5
150. fi
151.  
152. if [ $(grep pasv_max_port /etc/vsftpd.conf | grep 5000 ) ];then
153. score "PASV part 2 disabled" 5
154. fi
155.  
156. if [ "$(grep net.ipv4.tcp_syncookies /etc/sysctl.conf | grep 1 )" ];then
157. score "TCP Syncookies Enabled" 5
158. fi
159.  
160. if [ "$(grep net.ipv4.ip_forward /etc/sysctl.conf | grep 1)" ];then
161. score "IPv4 forwarding on" 5
162. fi
163.  
164. if [ "$(grep net.ipv4.tcp_synack_retries /etc/sysctl.conf | grep 0)" ];then
165. score "TCP SYN attack disabled" 5
166. fi
167.  
168. if [ "$(grep xpinstall /home/ainsley/.mozilla/firefox/pi1xegfn.default/prefs.js | grep "xpinstall=true")" ];then
169. score "Firefox extensions fixed" 5
170. fi
171.  
172. if [ "$(grep port /etc/mysql/my.cnf | grep -i "port 3306" )" ];then
173. score "MYSQL port fixed" 5
174. fi
175.  
176. if ! [ "$(grep Users /var/www/html/users | grep "CyberGoat")" ];then
177. score "Bad Wordpress User CyberGoat Destroyed" 5
178. fi
179.  
180. sed -i "1i<h1>Score:$score</h1>" /home/ainsley/Desktop/.score.html
181.  
182. mv /home/ainsley/Desktop/.score.html /home/ainsley/Desktop/score.html