Advertisement
Guest User

Untitled

a guest
Feb 10th, 2018
205
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 27.45 KB | None | 0 0
  1. #!/bin/bash
  2. UserName=$(whoami)
  3. LogTime=$(date '+%Y-%d %H:%M;%S')
  4. DE=`echo $XDG_CURRENT_DESKTOP`
  5.  
  6. ##Adds a pause statement
  7. pause(){
  8.     read -p "Press [Enter] key to continue..." fakeEnter
  9. }
  10.  
  11. ##Exits the script
  12. exit20(){
  13.     exit 1
  14.     clear
  15. }
  16.  
  17. ##Detect the Operating System
  18. uname -a| grep -i Ubuntu >>/dev/null
  19. if [ $? -eq 0 ]; then
  20.     opsys="Ubuntu"
  21. fi
  22.  
  23. uname -a| grep -i debian >> /dev/null
  24. if [ $? -eq 0 ]; then
  25.     opsys="Debian"
  26. fi
  27.  
  28. ##Updates the operating system, kernel, firefox, and libre office and also installs 'clamtk'
  29. update(){
  30.     sudo add-apt-repository -y ppa:libreoffice/ppa
  31.     wait
  32.     sudo apt-get update -y
  33.     wait
  34.     sudo apt-get upgrade -y
  35.     wait
  36.     sudo apt-get dist-upgrade -y
  37.     wait
  38.     killall firefox
  39.     wait
  40.     sudo apt-get --purge --reinstall install firefox -y
  41.     wait
  42.     sudo apt-get install clamtk -y 
  43.     wait
  44.  
  45.     pause
  46. }
  47.  
  48. ##Creates copies of critical files
  49. backup() {
  50.     mkdir /BackUps
  51.     ##Backups the sudoers file
  52.     sudo cp /etc/sudoers /Backups
  53.     ##Backups the home directory
  54.     cp /etc/passwd /BackUps
  55.     ##Backups the log files
  56.     cp -r /var/log /BackUps
  57.     ##Backups the passwd file
  58.     cp /etc/passwd /BackUps
  59.     ##Backups the group file
  60.     cp /etc/group /BackUps
  61.     ##Back ups the shadow file
  62.     cp /etc/shadow /BackUps
  63.     ##Backing up the /var/spool/mail
  64.     cp /var/spool/mail /Backups
  65.     ##backups all the home directories
  66.     for x in `ls /home`
  67.     do
  68.         cp -r /home/$x /BackUps
  69.     done
  70.  
  71.     pause
  72. }
  73.  
  74. ##Sets Automatic Updates on the machine.
  75. autoUpdate() {
  76. echo "$LogTime uss: [$UserName]# Setting auto updates." >> output.log
  77. ##Set daily updates
  78.     sed -i -e 's/APT::Periodic::Update-Package-Lists.*\+/APT::Periodic::Update-Package-Lists "1";/' /etc/apt/apt.conf.d/10periodic
  79.     sed -i -e 's/APT::Periodic::Download-Upgradeable-Packages.*\+/APT::Periodic::Download-Upgradeable-Packages "0";/' /etc/apt/apt.conf.d/10periodic
  80. ##Sets default broswer
  81.     sed -i 's/x-scheme-handler\/http=.*/x-scheme-handler\/http=firefox.desktop/g' /home/$UserName/.local/share/applications/mimeapps.list
  82. ##Set "install security updates"
  83.     cat /etc/apt/sources.list | grep "deb http://security.ubuntu.com/ubuntu/ trusty-security universe main multiverse restricted"
  84.     if [ $? -eq 1 ]
  85.     then
  86.         echo "deb http://security.ubuntu.com/ubuntu/ trusty-security universe main multiverse restricted" >> /etc/apt/sources.list
  87.     fi
  88.  
  89.     echo "###Automatic updates###"
  90.     cat /etc/apt/apt.conf.d/10periodic
  91.     echo ""
  92.     echo "###Important Security Updates###"
  93.     cat /etc/apt/sources.list
  94.     pause
  95. }
  96.  
  97. ##Finds all prohibited files on the machine and deletes them
  98. pFiles() {
  99. echo "$LogTime uss: [$UserName]# Deleting media files..." >> output.log
  100.     ##Media files
  101.     echo "###MEDIA FILES###" >> pFiles.log
  102.         find / -name "*.mov" -type f >> pFiles.log
  103.         find / -name "*.mp4" -type f >> pFiles.log
  104.     find / -name "*.mp3" -type f >> pFiles.log
  105.     find / -name "*.wav" -type f >> pFiles.log
  106.     ##Pictures
  107.     echo "###PICTURES###" >> pFiles.log
  108. #   find / -name "*.png" -type f >> pFiles.log
  109.     find / -name "*.jpg" -type f >> pFiles.log
  110.     find / -name "*.jpeg" -type f >> pFiles.log
  111. #   find / -name "*.gif" -type f >> pFiles.log
  112.     ##Other Files
  113.     echo "###OTHER###" >> pFiles.log
  114.     find / -name "*.tar.gz" -type f >> pFiles.log
  115.     find / -name "*.php" -type f >> pFiles.log
  116.     find / -name "*backdoor*.*" -type f >> pFiles.log
  117.     find / -name "*backdoor*.php" -type f >> pFiles.log
  118.     ##Items without groups
  119.     echo "###FILES WITHOUT GROUPS###" >> pFiles.log
  120.     find / -nogroup >> pFiles.log
  121.     echo "###GAMES###" >> pFiles.log
  122.     dpkg -l | grep -i game
  123.  
  124.     ##Deletes audio files
  125.     find / -name "*.mp3" -type f -delete
  126.     ##Deletes Video files
  127.     find / -name "*.mov" -type f -delete
  128.     find / -name "*.mp4" -type f -delete
  129. #   find / -name "*.gif" -type f -delete
  130.     ##Deletes pictures
  131. #   find / -name "*.png" -type f -delete
  132.     find / -name "*.jpg" -type f -delete
  133.     find / -name "*.jpeg" -type f -delete
  134. echo "$LogTime uss: [$UserName]# Media files deleted." >> output.log
  135.     cat pFiles.log
  136.     pause
  137. }
  138.  
  139. ##Configures the firewall
  140. configureFirewall() {
  141. echo "$LogTime uss: [$UserName]# Checking for firewall..." >> output.log
  142.     dpkg -l | grep ufw >> output.log
  143.     if [ $? -eq 1 ]
  144.     then
  145.         apt-get install ufw >> output.log
  146.     fi
  147. echo "$LogTime uss: [$UserName]# Enabling firewall..." >> output.log
  148.     sudo ufw enable >>output.log
  149.     sudo ufw status >> output.log
  150.     sleep 1
  151. echo "$LogTime uss: [$UserName]# Firewall has been turned on and configured." >> output.log
  152.     ufw status
  153.     pause
  154. }
  155.  
  156. ##Edits the /etc/gdm3 /etc/lightdm/lightdm.conf config files.
  157. loginConf() {
  158.     case "$opsys" in
  159.     "Debian")
  160.         sed -i 's/greeter-hide-users=.*/greeter-hide-users=true/' /etc/lightdm/lightdm.conf
  161.         sed -i 's/greeter-allow-guest=.*/greeter-allow-guest=false/' /etc/lightdm/lightdm.conf
  162.         sed -i 's/greeter-show-manual-login=.*/greeter-show-manual-login=true/' /etc/lightdm/lightdm.conf
  163.         sed -i 's/allow-guest=.*/allow-guest=false/' /etc/lightdm/lightdm.conf
  164.         sed -i 's/autologin-guest=.*/autologin-guest=false/' /etc/lightdm/lightdm.conf
  165.         sed -i 's/autologin-user=.*/autologin-user=NONE/' /etc/lightdm/lightdm.conf
  166.  
  167.         sed -i 's/^# disable-user-.*/disable-user-list=true/' /etc/gdm3/greeter.dconf-defaults
  168.         sed -i 's/^# disable-restart-.*/disable-restart-buttons=true/' /etc/gdm3/greeter.dconf-defaults
  169.         sed -i 's/^#  AutomaticLoginEnable.*/AutomaticLoginEnable = false/' /etc/gdm3/custom.conf
  170.     ;;
  171.     "Ubuntu")
  172. echo "$LogTime uss: [$UserName]# Creating /etc/lightdm/lightdm.conf for 12.04 compatability." >> output.log
  173.         if [ -f /etc/lightdm/lightdm.conf ];
  174.         then
  175.             sed -i '$a allow-guest=false' /etc/lightdm/lightdm.conf
  176.             sed -i '$a greeter-hide-users=true' /etc/lightdm/lightdm.conf
  177.             sed -i '$a greeter-show-manual-login=true' /etc/lightdm/lightdm.conf
  178.  
  179.             ##Finds automatic login user if there is one and takes it out
  180.             cat /etc/ligthdm/lightdm.conf | grep autologin-user >> /dev/null
  181.             if [ $? -eq 0 ]
  182.             then
  183.                 USER=`cat /etc/lightdm/lightdm.conf | grep autologin-user | cut -d= -f2`
  184.                 if [ "$USER" != "none" ]
  185.                 then
  186.                     echo "$USER has ben set to autologin."
  187.                     sed -i 's/autologin-user=.*/autologin-user=none/' /etc/lightdm/lightdm.conf
  188.                 fi
  189.             else
  190.                 sed -i '$a autologin-user=none' /etc/lightdm/lightdm.conf
  191.             fi
  192.             cat /etc/lightdm/lightdm.conf
  193.             pause
  194.         else
  195.             touch /etc/lightdm/lightdm.conf
  196.             sed -i '$a [SeatDefault]' /etc/lightdm/lightdm.conf
  197.             sed -i '$a allow-guest=false' /etc/lightdm/lightdm.conf
  198.             sed -i '$a greeter-hide-users=true' /etc/lightdm/lightdm.conf
  199.             sed -i '$a greeter-show-manual-login=true' /etc/lightdm/lightdm.conf
  200.  
  201.             #Finds automatic login user if there is one and takes it out
  202.             cat /etc/ligthdm/lightdm.conf | grep autologin-user >> /dev/null
  203.             if [ $? -eq 0 ]
  204.             then
  205.                 USER=`cat /etc/lightdm/lightdm.conf | grep autologin-user | cut -d= -f2`
  206.                 if [ "$USER" != "none" ]
  207.                 then
  208.                     echo "$USER has ben set to autologin."
  209.                     sed -i 's/autologin-user=.*/autologin-user=none/' /etc/lightdm/lightdm.conf
  210.                 fi
  211.             else
  212.                 sed -i '$a autologin-user=none' /etc/lightdm/lightdm.conf
  213.             fi
  214.             cat /etc/lightdm/lightdm.conf
  215.             pause
  216.         fi
  217. echo "$LogTime uss: [$UserName]# Editing the ../50-ubuntu.conf for ubuntu 14.04" >> output.log
  218.         sed -i '$a greeter-hide-users=true' /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf
  219.         sed -i '$a greeter-show-manual-login=true' /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf
  220.         sed -i '$a allow-guest=false' /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf
  221.         #Finds automatic login user if there is one and takes it out
  222.         cat /etc/ligthdm/lightdm.conf | grep autologin-user >> /dev/null
  223.         if [ $? -eq 0 ]
  224.         then
  225.             USER=`cat /etc/lightdm/lightdm.conf | grep autologin-user | cut -d= -f2`
  226.             if [ "$USER" != "none" ]
  227.             then
  228.                 echo "$USER has ben set to autologin."
  229.                 sed -i 's/autologin-user=.*/autologin-user=none/' /etc/lightdm/lightdm.conf
  230.             fi
  231.         else
  232.             sed -i '$a autologin-user=none' /etc/lightdm/lightdm.conf
  233.         fi
  234. echo "$LogTime uss: [$UserName]# Lightdm files have been configured" >> output.log
  235.  
  236.         cat /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf
  237.         pause
  238.         ;;
  239.     esac
  240. }
  241.  
  242. ##Creates any missing users
  243. createUser() {
  244.     read -p "Are there any users you would like to add?[y/n]: " a
  245.     while [ $a = y ]
  246.     do
  247.         read -p "Please enter the name of the user: " user
  248.         useradd $user
  249.         mkdir /home/$user
  250.         read -p "Are there any more users you would like to add?[y/n]: " a
  251.     done
  252.  
  253.     pause
  254. }
  255.  
  256. ##Changes all the user passwords
  257. chgPasswd(){
  258. echo "$LogTime uss: [$UserName]# Changing all the user passwords to Cyb3rPatr!0t$." >> output.log
  259.     cut -d: -f1,3 /etc/passwd | egrep ':[0-9]{4}$' | cut -d: -f1 > users
  260.     ##Looks for users with the UID and GID of 0
  261.     hUSER=`cut -d: -f1,3 /etc/passwd | egrep ':[0]{1}$' | cut -d: -f1`
  262.     echo "$hUSER is a hidden user"
  263.     sed -i '/root/ d' users
  264.  
  265.     PASS='Cyb3rPatr!0t$'
  266.     for x in `cat users`
  267.     do
  268.         echo -e "$PASS\n$PASS" | passwd $x >> output.log
  269.         echo -e "Password for $x has been changed."
  270.         ##Changes the USER password policy
  271.         chage -M 90 -m 7 -W 15 $x
  272.     done
  273. echo "$LogTime uss: [$UserName]# Passwords have been changed." >> output.log
  274.  
  275.     pause
  276. }
  277.  
  278. ##Sets the password policy
  279. passPol() {
  280. echo "$LogTime uss: [$UserName]# Setting password policy..." >> output.log
  281. echo "$LogTime uss: [$UserName]# Installing Craklib..." >> output.log
  282.     apt-get install libpam-craklib
  283.     wait
  284. echo "$LogTime uss: [$UserName]# Cracklib installed." >> output.log
  285.     sed -i.bak -e 's/PASS_MAX_DAYS\t[[:digit:]]\+/PASS_MAX_DAYS\t90/' /etc/login.defs
  286.     sed -i -e 's/PASS_MIN_DAYS\t[[:digit:]]\+/PASS_MIN_DAYS\t10/' /etc/login.defs
  287.     sed -i -e 's/PASS_WARN_AGE\t[[:digit:]]\+/PASS_WARN_AGE\t7/' /etc/login.defs
  288.     sed -i -e 's/difok=3\+/difok=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1/' /etc/pam.d/common-password
  289. echo "$LogTime uss: [$UserName]# Password Policy." >> output.log
  290.  
  291.     pause
  292. }
  293.  
  294. ##Deletes users
  295. delUser() {
  296.     for x in `cat users`
  297.     do
  298.         read -p "Is $x a valid user?[y/n]: " a
  299.         if [ $a = n ];
  300.         then
  301.             mv /home/$x /home/dis_$x
  302.             sed -i -e "/$x/ s/^#*/#/" /etc/passwd
  303.             sleep 1
  304.         fi
  305.     done
  306.     pause
  307. }
  308.  
  309. ##Asks for any admin users
  310. admin() {
  311.     for x in `cat users`
  312.     do
  313.         read -p "Is $x considered an admin?[y/n]: " a
  314.         if [ $a = y ]
  315.         then
  316.             ##Adds to the adm group
  317.             sudo usermod -a -G adm $x
  318.  
  319.             ##Adds to the sudo group
  320.             sudo usermod -a -G sudo $x
  321.         else
  322.             ##Removes from the adm group
  323.             sudo deluser $x adm
  324.  
  325.             ##Removes from the sudo group
  326.             sudo deluser $x sudo
  327.         fi
  328.     done
  329.  
  330.     pause
  331. }
  332.  
  333. ##Secures the root account
  334. secRoot(){
  335. echo "$LogTime uss: [$UserName] # Securing root..." >> output.log
  336.     PASS='Cyb3rPatr!0t$'
  337.     echo -e "$PASS\n$PASS" | passwd root  >> output.log
  338.     sudo passwd -l root
  339. echo "$LogTime uss: [$UserName] # Root has been secured." >> output.log
  340. }
  341.  
  342. ##Sets the lockout policy
  343. lockoutPol() {
  344. echo "$LogTime uss: [$UserName]# Setting lockout policy..." >> output.log
  345.     sed -i 's/auth\trequisite\t\t\tpam_deny.so\+/auth\trequired\t\t\tpam_deny.so/' /etc/pam.d/common-auth
  346.     sed -i '$a auth\trequired\t\t\tpam_tally2.so deny=5 unlock_time=1800 onerr=fail' /etc/pam.d/common-auth
  347.     sed -i 's/sha512\+/sha512 remember=13/' /etc/pam.d/common-password
  348. echo "$LogTime uss: [$UserName]# Lockout poicy set." >> output.log
  349.  
  350.     pause
  351. }
  352.  
  353. ##Checks for SSH, if it is needed then it is installed and secured
  354. ##SET SSH LOGIN GRACE TIME
  355. sshd() {
  356. echo "$LogTime uss: [$UserName]# Checking for ssh..." >> output.log
  357.     dpkg -l | grep openssh-server >> output.log
  358.             if [ $? -eq 0 ];
  359.             then
  360.                     read -p "Do you want SSH installed on the system?[y/n]: " a
  361.                     if [ $a = n ];
  362.                     then
  363.                             apt-get autoremove -y --purge openssh-server ssh >> output.log
  364. echo "$LogTime uss: [$UserName]# SSH has been removed." >> output.log
  365.                     else
  366. echo "$LogTime uss: [$UserName]# SSH has been found, securing now..." >> output.log
  367.                             sed -i 's/LoginGraceTime .*/LoginGraceTime 60/g' /etc/ssh/sshd_config
  368.                             sed -i 's/PermitRootLogin .*/PermitRootLogin no/g' /etc/ssh/sshd_config
  369.                             sed -i 's/Protocol .*/Protocol 2/g' /etc/ssh/sshd_config
  370.                             sed -i 's/#PermitEmptyPasswords .*/PermitEmptyPasswords no/g' /etc/ssh/sshd_config
  371.                             sed -i 's/PasswordAuthentication .*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
  372.                             sed -i 's/X11Forwarding .*/X11Forwarding no/g' /etc/ssh/sshd_config
  373.  
  374.                             ##Only allows authroized users
  375.                             sed -i '$a AllowUsers' /etc/ssh/sshd_config
  376.                             for x in `cat users`
  377.                             do
  378.                                 sed -i "/^AllowUser/ s/$/ $x /" /etc/ssh/sshd_config
  379.                             done
  380. echo "$LogTime uss: [$UserName]# SSH has been secured." >> output.log
  381.                 pause
  382.                     fi
  383.             else
  384.                     read -p "Does SSH NEED to be installed?[y/n]: " a
  385.                     if [ $a = y ];
  386.                     then
  387. echo "$LogTime uss: [$UserName]# Installing and securing SSH now..." >> output.log
  388.                             apt-get install -y openssh-server ssh >> output.log
  389.                 wait
  390.                             sed -i 's/LoginGraceTime .*/LoginGraceTime 60/g' /etc/ssh/sshd_config
  391.                             sed -i 's/PermitRootLogin .*/PermitRootLogin no/g' /etc/ssh/sshd_config
  392.                             sed -i 's/Protocol .*/Protocol 2/g' /etc/ssh/sshd_config
  393.                             sed -i 's/#PermitEmptyPasswords .*/PermitEmptyPasswords no/g' /etc/ssh/sshd_config
  394.                             sed -i 's/PasswordAuthentication .*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
  395.                             sed -i 's/X11Forwarding .*/X11Forwarding no/g' /etc/ssh/sshd_config
  396.  
  397.                             ##Only allows authroized users
  398.                             sed -i '$a AllowUsers' /etc/ssh/sshd_config
  399.                             for x in `cat users`
  400.                             do
  401.                                 sed -i "/^AllowUser/ s/$/ $x /" /etc/ssh/sshd_config
  402.                             done
  403.                 pause
  404.             fi
  405.             fi
  406. }
  407.  
  408. ##Secures the /etc/shadow file
  409. secureShadow() {
  410. echo "$LogTime uss: [$UserName]# Securing /etc/shadow..." >> output.log
  411.     chmod 640 /etc/shadow
  412.  
  413.     ls -l /etc/shadow
  414.     pause
  415. }
  416.  
  417. ##Removes basik hak tools
  418. hakTools() {
  419.  
  420. ##CHANGE TO GREP -i
  421. echo "$LogTime uss: [$UserName]# Removing hacking tools..." >> output.log
  422. ##Looks for apache web server
  423.     dpkg -l | grep apache >> output.log
  424.     if [ $? -eq 0 ];
  425.     then
  426.             read -p "Do you want apache installed on the system[y/n]: "
  427.             if [ $a = n ];
  428.             then
  429.                     apt-get autoremove -y --purge apache2 >> output.log
  430.             else
  431.                 if [ -e /etc/apache2/apache2.conf ]
  432.                 then
  433.                     chown -R root:root /etc/apache2
  434.                     chown -R root:root /etc/apache
  435.                     echo \<Directory \> >> /etc/apache2/apache2.conf
  436.                     echo -e ' \t AllowOverride None' >> /etc/apache2/apache2.conf
  437.                     echo -e ' \t Order Deny,Allow' >> /etc/apache2/apache2.conf
  438.                     echo -e ' \t Deny from all' >> /etc/apache2/apache2.conf
  439.                     echo UserDir disabled root >> /etc/apache2/apache2.conf
  440.                 else
  441.                     ##Installs and configures apache
  442.                     apt-get install apache2 -y
  443.                         chown -R root:root /etc/apache2
  444.                         chown -R root:root /etc/apache
  445.                         echo \<Directory \> >> /etc/apache2/apache2.conf
  446.                         echo -e ' \t AllowOverride None' >> /etc/apache2/apache2.conf
  447.                         echo -e ' \t Order Deny,Allow' >> /etc/apache2/apache2.conf
  448.                         echo -e ' \t Deny from all' >> /etc/apache2/apache2.conf
  449.                         echo UserDir disabled root >> /etc/apache2/apache2.conf
  450.  
  451.                     ##Installs and configures sql
  452.                     apt-get install mysql-server -y
  453.  
  454.                     ##Installs and configures php5
  455.                     apt-get install php5 -y
  456.                     chmod 640 /etc/php5/apache2/php.ini
  457.                 fi
  458.             fi
  459.     else
  460.         echo "Apache is not installed"
  461.         sleep 1
  462.     fi
  463. ##Looks for john the ripper
  464.     dpkg -l | grep john >> output.log
  465.     if [ $? -eq 0 ];
  466.     then
  467.             echo "JOHN HAS BEEEN FOUND! DIE DIE DIE"
  468.             apt-get autoremove -y --purge john >> output.log
  469.             echo "John has been ripped"
  470.             sleep 1
  471.     else
  472.             echo "John The Ripper has not been found on the system"
  473.             sleep 1
  474.     fi
  475. ##Look for HYDRA
  476.     dpkg -l | grep hydra >>output.log
  477.     if [ $? -eq 0 ];
  478.     then
  479.         echo "HEIL HYDRA"
  480.         apt-get autoremove -y --purge hydra >> output.log
  481.     else
  482.         echo "Hydra has not been found."
  483.     fi
  484. ##Looks for nginx web server
  485.     dpkg -l | grep nginx >> output.log
  486.     if [ $? -eq 0 ];
  487.     then
  488.             echo "NGINX HAS BEEN FOUND! OHHHH NOOOOOO!"
  489.             apt-get autoremove -y --purge nginx >> output.log
  490.     else
  491.             echo "NGINX has not been found"
  492.             sleep 1
  493.     fi
  494. ##Looks for samba
  495.     if [ -d /etc/samba ];
  496.     then
  497.         read -p "Samba has been found on this system, do you want to remove it?[y/n]: " a
  498.         if [ $a = y ];
  499.         then
  500. echo "$LogTime uss: [$UserName]# Uninstalling samba..." >> output.log
  501.             sudo apt-get autoremove --purge -y samba >> output.log
  502.             sudo apt-get autoremove --purge -y samba >> output.log
  503. echo "$LogTime uss: [$UserName]# Samba has been removed." >> output.log
  504.         else
  505.             sed -i '82 i\restrict anonymous = 2' /etc/samba/smb.conf
  506.             ##List shares
  507.         fi
  508.     else
  509.         echo "Samba has not been found."
  510.         sleep 1
  511.     fi
  512. ##LOOK FOR DNS
  513.     if [ -d /etc/bind ];
  514.     then
  515.         read -p "DNS server is running would you like to shut it down?[y/n]: " a
  516.         if [ $a = y ];
  517.         then
  518.             apt-get autoremove -y --purge bind9
  519.         fi
  520.     else
  521.         echo "DNS not found."
  522.         sleep 1
  523.     fi
  524. ##Looks for FTP
  525.     dpkg -l | grep -i 'vsftpd|ftp' >> output.log
  526.     if [ $? -eq 0 ]
  527.     then   
  528.         read -p "FTP Server has been installed, would you like to remove it?[y/n]: " a
  529.         if [ $a = y ]
  530.         then
  531.             PID = `pgrep vsftpd`
  532.             sed -i 's/^/#/' /etc/vsftpd.conf
  533.             kill $PID
  534.             apt-get autoremove -y --purge vsftpd ftp
  535.         else
  536.             sed -i 's/anonymous_enable=.*/anonymous_enable=NO/' /etc/vsftpd.conf
  537.             sed -i 's/local_enable=.*/local_enable=YES/' /etc/vsftpd.conf
  538.             sed -i 's/#write_enable=.*/write_enable=YES/' /etc/vsftpd.conf
  539.             sed -i 's/#chroot_local_user=.*/chroot_local_user=YES/' /etc/vsftpd.conf
  540.         fi
  541.     else
  542.         echo "FTP has not been found."
  543.         sleep1
  544.     fi
  545. ##Looks for TFTPD
  546.     dpkg -l | grep tftpd >> output.log
  547.     if [ $? -eq 0 ]
  548.     then
  549.         read -p "TFTPD has been installed, would you like to remove it?[y/n]: " a
  550.         if [ $a = y ]
  551.         then
  552.             apt-get autoremove -y --purge tftpd
  553.         fi
  554.     else
  555.         echo "TFTPD not found."
  556.         sleep 1
  557.     fi
  558. ##Looking for VNC
  559.     dpkg -l | grep -E 'x11vnc|tightvncserver' >> output.log
  560.     if [ $? -eq 0 ]
  561.     then
  562.         read -p "VNC has been installed, would you like to remove it?[y/n]: " a
  563.         if [ $a = y ]
  564.         then
  565.             apt-get autoremove -y --purge x11vnc tightvncserver
  566.         ##else
  567.             ##Configure VNC
  568.         fi
  569.     else
  570.         echo "VNC not found."
  571.         sleep 1
  572.     fi
  573.  
  574.     dpkg -l | grep -i vnc > VNC Servers that have been installed
  575. ##Looking for NFS
  576.     dpkg -l | grep nfs-kernel-server >> output.log
  577.     if [ $? -eq 0 ]
  578.     then   
  579.         read -p "NFS has been found, would you like to remove it?[y/n]: " a
  580.         if [ $a = 0 ]
  581.         then
  582.             apt-get autoremove -y --purge nfs-kernel-server
  583.         ##else
  584.             ##Configure NFS
  585.         fi
  586.     else
  587.         echo "NFS has not been found."
  588.         sleep 1
  589.     fi
  590. ##Looks for snmp
  591.     dpkg -l | grep snmp >> output.log
  592.     if [ $? -eq 0 ]
  593.     then   
  594.         echo "SNMP HAS BEEN LOCATED!"
  595.         apt-get autoremove -y --purge snmp
  596.     else
  597.         echo "SNMP has not been found."
  598.         sleep 1
  599.     fi
  600. ##Looks for sendmail and postfix
  601.     dpkg -l | grep -E 'postfix|sendmail' >> output.log
  602.     if [ $? -eq 0 ]
  603.     then
  604.         echo "Mail servers have been found."
  605.         apt-get autoremove -y --purge postfix sendmail
  606.     else
  607.         echo "Mail servers have not been located."
  608.         sleep 1
  609.     fi
  610. ##Looks xinetd
  611.     dpkg -l | grep xinetd >> output.log
  612.     if [ $? -eq ]
  613.     then
  614.         echo "XINIT HAS BEEN FOUND!"
  615.         apt-get autoremove -y --purge xinetd
  616.     else
  617.         echo "XINETD has not been found."
  618.         sleep 1
  619.     fi
  620.     pause
  621. }
  622.  
  623. ##Edits the sysctl.conf file
  624. sys() {
  625.     ##Disables IPv6
  626.     sed -i '$a net.ipv6.conf.all.disable_ipv6 = 1' /etc/sysctl.conf
  627.     sed -i '$a net.ipv6.conf.default.disable_ipv6 = 1' /etc/sysctl.conf
  628.     sed -i '$a net.ipv6.conf.lo.disable_ipv6 = 1' /etc/sysctl.conf
  629.  
  630.     ##Disables IP Spoofing
  631.     sed -i '$a net.ipv4.conf.all.rp_filter=1' /etc/sysctl.conf
  632.  
  633.     ##Disables IP source routing
  634.     sed -i '$a net.ipv4.conf.all.accept_source_route=0' /etc/sysctl.conf
  635.  
  636.     ##SYN Flood Protection
  637.     sed -i '$a net.ipv4.tcp_max_syn_backlog = 2048' /etc/sysctl.conf
  638.     sed -i '$a net.ipv4.tcp_synack_retries = 2' /etc/sysctl.conf
  639.     sed -i '$a net.ipv4.tcp_syn_retries = 5' /etc/sysctl.conf
  640.     sed -i '$a net.ipv4.tcp_syncookies = 1' /etc/sysctl.conf
  641.  
  642.     ##IP redirecting is disallowed
  643.     sed -i '$a net.ipv4.ip_foward = 0' /etc/sysctl.conf
  644.     sed -i '$a net.ipv4.conf.all.send_redirects = 0' /etc/sysctl.conf
  645.     sed -i '$a net.ipv4.conf.default.send_redirects = 0' /etc/sysctl.conf
  646.  
  647.     ##Disable ICMP redirects
  648.     sed -i '$a net.ipv4.conf.all.accept_redirects = 0' /etc/sysctl.conf
  649.  
  650.     ##Enable martian packet loggins
  651.     sed -i '$a net.ipv4.conf.all.log_martians = 1' /etc/sysctl.conf
  652.     sed -i '$a net.ipv4.conf.default.log_martians = 1' /etc/sysctl.conf
  653.  
  654.     sysctl -p
  655.     pause
  656. }
  657.  
  658. ##Lists the running processes
  659. proc() {
  660.     lsof -Pnl +M -i > runningProcesses.log
  661.     ##Removing the default running processes
  662.     sed -i '/avahi-dae/ d' runningProcesses.log
  663.     sed -i '/cups-brow/ d' runningProcesses.log
  664.     sed -i '/dhclient/ d' runningProcesses.log
  665.     sed -i '/dnsmasq/ d' runningProcesses.log
  666.     sed -i '/cupsd/ d' runningProcesses.log
  667.  
  668.     pause
  669. }
  670.  
  671. ##Searches for netcat and its startup script and comments out the lines
  672. nc(){
  673.  
  674. #dpkg -l | grep -i (nc|netcat)
  675. if [ $? -eq 0 ]
  676. then
  677.     cat runningProcesses.log
  678.         read -p "What is the name of the suspected netcat?: " nc
  679.             whereis $nc > Path
  680.             ALIAS=`alias | grep nc | cut -d' ' -f2 | cut -d'=' -f1`
  681.             PID=`pgrep $nc`
  682.             for path in `cat Path`
  683.             do
  684.                     echo $path
  685.                     cat Path | grep -E -i '$nc|nc|netcat|$ALIAS' >> /dev/null
  686.                     if [ $? -eq 0 ]
  687.                     then
  688.                             sed -i 's/^/#/' $path
  689.                             kill $PID
  690.                     else
  691.                             echo "This is not a netcat process."
  692.                     fi
  693.             done
  694.  
  695.             ls /etc/init | grep $nc.conf >>/dev/null
  696.             if [ $? -eq 0 ]
  697.             then
  698.                     cat /etc/init/$nc.conf | grep -E -i 'nc|netcat|$ALIAS' >> /dev/null
  699.                     if [ $? -eq 0 ]
  700.                     then
  701.                             sed -i 's/^/#/' /etc/init/$nc.conf
  702.                             kill $PID
  703.                     else
  704.                             echo "This is not a netcat process."
  705.                     fi
  706.             fi
  707.  
  708.             ls /etc/init.d | grep $nc >>/dev/null
  709.             if [ $? -eq 0 ]
  710.             then
  711.                     cat /etc/init.d/$nc | grep -E -i 'nc|netcat|$ALIAS' >> /dev/null
  712.                     if [ $? -eq 0 ]
  713.                     then
  714.                             sed -i 's/^/#/' /etc/init.d/$nc
  715.                             kill $PID
  716.                     else
  717.                             echo "This is not a netcat process."
  718.                     fi
  719.             fi
  720.  
  721.             ls /etc/cron.d | grep $nc >>/dev/null
  722.             if [ $? -eq 0 ]
  723.             then
  724.                     cat /etc/cron.d/$nc | grep -E -i 'nc|netcat|$ALIAS' >> /dev/null
  725.                     if [ $? -eq 0 ]
  726.                     then
  727.                             sed -i 's/^/#/' /etc/init.d/$nc
  728.                             kill $PID
  729.                     else
  730.                             echo "This is not a netcat process."
  731.                     fi
  732.             fi
  733.  
  734.             ls /etc/cron.hourly | grep $nc >>/dev/null
  735.             if [ $? -eq 0 ]
  736.             then
  737.                     cat /etc/cron.hourly/$nc | grep -E -i 'nc|netcat|$ALIAS' >> /dev/null
  738.                     if [ $? -eq 0 ]
  739.                     then
  740.                             sed -i 's/^/#/' /etc/init.d/$nc
  741.                             kill $PID
  742.                     else
  743.                             echo "This is not a netcat process."
  744.                     fi
  745.             fi
  746.  
  747.             for x in $(ls /var/spool/cron/crontabs)
  748.             do
  749.                 cat $x | grep '$nc|nc|netcat|$ALIAS'
  750.                 if [ $? -eq 0 ]
  751.                 then
  752.                     sed -i 's/^/#/' /var/spool/cron/crontabs/$x
  753.                     kill $PID
  754.                 else
  755.                     echo "netcat has not been found in $x crontabs."
  756.                 fi
  757.             done
  758.    
  759.             echo "Uninstalling netcat now."
  760.             apt-get autoremove --purge netcat netcat-openbsd netcat-traditional
  761. else
  762.     echo "Netcat is not installed"
  763. fi
  764.     pause
  765. }
  766.  
  767. ##Exports the /etc/sudoers file and checks for a timeout and NOPASSWD value
  768. sudoers() {
  769.  
  770.     cat /etc/sudoers | grep NOPASSWD.* >>/dev/null
  771.     if [ $? -eq 0 ]
  772.     then
  773.         echo "## NOPASSWD VALUE HAS BEEN FOUND IN THE SUDOERS FILE, GO CHANGE IT." >> postScript.log
  774.     fi
  775.     ##Looks for a timeout value and and delete is.
  776.     cat /etc/sudoers | grep timestamp_timeout >>/dev/null
  777.     if [ $? -eq 0 ]
  778.     then
  779.         TIME = `cat /etc/sudoers | grep timestamp_timeout | cut -f2 | cut -d= -f2`
  780.         echo "## Time out value has been set to $TIME Please go change it or remove it." >> postScript
  781.     fi
  782.  
  783.     pause
  784. }
  785.  
  786. ##Lists all the cron jobs, init, init.d
  787. cron() {
  788.  
  789. #   Listing all the cronjobs
  790.     echo "###CRONTABS###" > cron.log
  791.     for x in $(cat users); do crontab -u $x -l; done >> cron.log
  792.     echo "###CRON JOBS###" >> cron.log
  793.     ls /etc/cron.* >> cron.log
  794.     ls /var/spool/cron/crontabs/.* >> cron.log
  795.     ls /etc/crontab >> cron.log
  796.  
  797. #   Listing the init.d/init files
  798.     echo "###Init.d###" >> cron.log
  799.     ls /etc/init.d >> cron.log
  800.  
  801.     echo "###Init###" >> cron.log
  802.     ls /etc/init >> cron.log
  803.     cat cron.log
  804.     pause
  805. }
  806.  
  807. CAD() {
  808.     sed -i '/exec shutdown -r not "Control-Alt-Delete pressed"/#exec shutdown -r not "Control-Alt-Delete pressed"/' /etc/init/control-alt-delete.conf
  809. }
  810.  
  811. runFull() {
  812.         echo "This Function does not include nc, update, and autoUpdate."
  813.         pFiles; configureFirewall; loginConf; createUser; chgPasswd; delUser; admin; cron; passPol; lockoutPol; hakTools; sshd; sys; sudoers; proc; secRoot
  814. }
  815.  
  816. show_menu(){
  817. echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
  818. echo "████████╗███████╗ █████╗ ███╗   ███╗    ██████╗ ██╗   ██╗████████╗███████╗"
  819. echo "╚══██╔══╝██╔════╝██╔══██╗████╗ ████║    ██╔══██╗╚██╗ ██╔╝╚══██╔══╝██╔════╝"
  820. echo "   ██║   █████╗  ███████║██╔████╔██║    ██████╔╝ ╚████╔╝    ██║   █████╗  "
  821. echo "   ██║   ██╔══╝  ██╔══██║██║╚██╔╝██║    ██╔══██╗  ╚██╔╝     ██║   ██╔══╝  "
  822. echo "   ██║   ███████╗██║  ██║██║ ╚═╝ ██║    ██████╔╝   ██║      ██║   ███████╗"
  823. echo "   ╚═╝   ╚══════╝╚═╝  ╚═╝╚═╝     ╚═╝    ╚═════╝    ╚═╝      ╚═╝   ╚══════╝"
  824. echo "~~~~~~~~~~~~~~~~Written by: Ethan Fowler Team-ByTE~~~~~~~~~~~~~~~~~~~~~~~~"
  825. echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
  826. echo " "
  827. echo "1) Update the machine.            2) Set automatic updates."
  828. echo "3) Search for prohibited file.        4) configure the firewall."
  829. echo "5) Configure login screen.        6) Create any new users."
  830. echo "7) Change all the passwords.      8) Delete any users."
  831. echo "9) Set all the admins.            10) List all cronjobs."
  832. echo "11) Set the password policy.      12) Set the lockout policy."
  833. echo "13) Remove the hacking tools.     14) Configure SSH."
  834. echo "15) Edit the sysctl.conf.         16) Export the sudoers file."
  835. echo "17) List all running processes.       18) Remove NetCat."
  836. echo "19) Reboot the machine.           20) Secure the root account"
  837. echo "21) PostScript                22)Disable ctrl-alt-del"
  838. ehco "23) Disable Virtual Terminals 24)Exit"
  839. echo "69) PANIC BUTTON"
  840. }
  841.  
  842. read_options(){
  843.     local choice
  844.     read -p "Pease select item you wish to do: " choice
  845.  
  846.     case $choice in
  847.         1) update;;
  848.         2) autoUpdate;;
  849.         3) pFiles;;
  850.         4) configureFirewall;;
  851.         5) loginConf;;
  852.         6) createUser;;
  853.         7) chgPasswd;;
  854.         8) delUser;;
  855.         9) admin;;
  856.         10) cron;;
  857.         11) passPol;;
  858.         12) lockoutPol;;
  859.         13) hakTools;;
  860.         14) sshd;;
  861.         15) sys;;
  862.         16) sudoers;;
  863.         17) proc;;
  864.         18) nc;;
  865.         19) reboot;;
  866.         20) secRoot;;
  867.         21) cat postScript; pause;;
  868.         22) CAD;;
  869.         23)VirtualCon;;
  870.         24) exit20;;
  871.         69)runFull;;
  872.         *) echo "Sorry that is not an option please select another one..."
  873.         ;;
  874.     esac
  875. }
  876.  
  877. ##This runs the actual script
  878. while true
  879. do
  880.     clear
  881.     show_menu
  882.     read_options
  883. done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement