Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- score=0
- echo > /home/ainsley/Desktop/.score.html
- echo "<p>" >> /home/ainsley/Desktop/.score.html
- score() {
- score=$(($score + $2))
- echo "$1-" " $2"" points" >> /home/ainsley/Desktop/.score.html
- echo "<p>" >> /home/ainsley/Desktop/.score.html
- }
- users=(ainsley ainsbee l donatello)
- badUsers=(teamgoldmvp cybergoat differentbreed)
- admins=(ainsley ainsbee)
- services=(apache2 sshd mysql php5 vsftpd)
- npack=(john netcat aircrack youtube-dl nmap)
- nfiles=( /etc/speech-dispatcher/modules/espeak/festival/leaveme /var/www/html/webconsole.php)
- for i in ${users[@]}; do
- if [ "$(cut -d: -f1 /etc/passwd | grep "$i")" == "" ];then
- score "Authorized user $i deleted" -5
- fi
- done
- for i in ${badUsers[@]}; do
- if [ "$(cut -d: -f1 /etc/passwd | grep "$i")" == "" ];then
- score "Unauthorized user $i Removed" 5
- fi
- done
- for i in ${services[@]}; do
- if [ "$(ps aux | grep $i | wc -l )" == "1" ];then
- score "Authorized service $i not running" -5
- fi
- done
- for i in ${admins[@]}; do
- if [ "$(grep sudo /etc/group | grep $i )" == "" ];then
- score "Authorized admin $i deposed" -5
- fi
- done
- for i in ${npack[@]}; do
- if [ "$(dpkg --list | grep $i )" == "" ];then
- score "Unauthorized service $i removed" 5
- fi
- done
- for i in ${nfiles[@]}; do
- if ! [ -e "$i" ];then
- score "Unauthorized file $i removed" 5
- fi
- done
- if [ "$(grep sudo /etc/group | grep l )" == "" ]; then
- score "Unauthorized admin L deposed" 5
- fi
- if [ "$(grep PermitRootLogin /etc/ssh/sshd_config| grep -i no)" ];then
- score "SSH root login fixed" 5
- fi
- if [ "$(grep FAILLOG_ENAB /etc/login.defs | grep -i yes)" ];then
- score "Failed logins logged" 5
- fi
- if [ "$(grep LOG_UNKFAIL_ENAB /etc/login.defs | grep -i yes)" ];then
- score "Unknown usernames logged" 5
- fi
- if [ "$(grep UMASK /etc/login.defs | grep 022)" ];then
- score "UMASK Fixed" 5
- fi
- if [ "$(grep UID /etc/login.defs | grep 60000)" ];then
- score "UID max fixed" 5
- fi
- if [ "$(grep PASS_MAX_DAYS /etc/login.defs | grep 90)" ];then
- score "Maximum Password Age set" 5
- fi
- if [ "$(grep PASS_MIN_DAYS /etc/login.defs | grep 14)" ];then
- score "Minimum Password Age set" 5
- fi
- if [ "$(grep PASS_WARN_AGE /etc/login.defs | grep 7)" ];then
- score "Warning Age set" 5
- fi
- if [ "$(grep Login_Retries /etc/login.defs | grep 5)" ];then
- score "Login Retries okay" 5
- fi
- if [ "$(grep Protocol /etc/ssh/sshd_config | grep 2)" ];then
- score "SSH Protocol 1 disabled" 5
- fi
- if ! [ "$(netstat -tulpn | grep "smbd" )" ];then
- score "Unauthorized service samba removed" 5
- fi
- if ! [ "$(netstat -tulpn | grep 2756 )" ];then
- score "bad port number 1 for apache2 disabled" 5
- fi
- if ! [ "$(netstat -tulpn | grep 2757 )" ];then
- score "bad port number 2 for apache2 disabled" 5
- fi
- if ! [ "$(netstat -tulpn | grep 8908 )" ];then
- score "bad port number 3 for apache2 disabled" 5
- fi
- if [ "$(grep "/etc/ufw/applications.d/apache2/ports.conf" '/home/ainsley/Desktop/Forensics 1')" ];then
- score "Forensics Question 1 Correct" 5
- fi
- if [ "$(grep "Linux Apache2 MySQL PHP Server" '/home/ainsley/Desktop/Forensics 2')" ];then
- score "Forensics Question 2 Correct" 5
- fi
- if [ "$(grep "Kobe" '/home/ainsley/Desktop/Forensics 3')" ];then
- score "Forensics 3 correct" 5
- fi
- if ! [ "$(netstat -tulpn | grep 2222 )" ];then
- score "SSH Bad Port disabled" 5
- fi
- if [ "$(grep KeepAlive /etc/apache2/apache2.conf | grep -i "On")" ];then
- score "KeepAlive On" 5
- fi
- if [ "$(grep PermitRootLogin /etc/ssh/sshd_config | grep -i "No")" ];then
- score "PermitRootLogin Off" 5
- fi
- if [ "$(grep anonymous_enable /etc/vsftpd.conf | grep -i "NO")" ];then
- score "anonymous ftp disabled" 5
- fi
- if [ "$(grep write_enable /etc/vsftpd.conf | grep -i "NO")" ];then
- score "anonymous write enabled disallowed" 5
- fi
- if [ $(grep pasv_min_port /etc/vsftpd.conf | grep 4000) ];then
- score "PASV part 1 disabled" 5
- fi
- if [ $(grep pasv_max_port /etc/vsftpd.conf | grep 5000 ) ];then
- score "PASV part 2 disabled" 5
- fi
- if [ "$(grep net.ipv4.tcp_syncookies /etc/sysctl.conf | grep 1 )" ];then
- score "TCP Syncookies Enabled" 5
- fi
- if [ "$(grep net.ipv4.ip_forward /etc/sysctl.conf | grep 1)" ];then
- score "IPv4 forwarding on" 5
- fi
- if [ "$(grep net.ipv4.tcp_synack_retries /etc/sysctl.conf | grep 0)" ];then
- score "TCP SYN attack disabled" 5
- fi
- if [ "$(grep xpinstall /home/ainsley/.mozilla/firefox/pi1xegfn.default/prefs.js | grep "xpinstall=true")" ];then
- score "Firefox extensions fixed" 5
- fi
- if [ "$(grep port /etc/mysql/my.cnf | grep -i "port 3306" )" ];then
- score "MYSQL port fixed" 5
- fi
- if ! [ "$(grep Users /var/www/html/users | grep "CyberGoat")" ];then
- score "Bad Wordpress User CyberGoat Destroyed" 5
- fi
- sed -i "1i<h1>Score:$score</h1>" /home/ainsley/Desktop/.score.html
- mv /home/ainsley/Desktop/.score.html /home/ainsley/Desktop/score.html
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement