################### EXAM SCRIPT ##################### CREATE IP TABLES

1. #################
2. ## EXAM SCRIPT ##
3. #################
4.  
5.  
6. ## CREATE IP TABLES ##
7. iptables -A INPUT -i lo -j ACCEPT
8. iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
9. iptables -A INPUT -p tcp --dport 22 -j ACCEPT
10. iptables -A INPUT -p tcp --dport 80 -j ACCEPT
11. iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
12. iptables -A INPUT -p tcp --dport 3141 -j ACCEPT
13. iptables -A INPUT -p tcp -s 10.0.2.15 --dport 3141 -j ACCEPT
14.  
15.  
16. ## CREATE PORT 4444 VHOST ##
17. sed -i '1s/^/listen 4444\n/' /etc/apache2/sites-enabled/000-default.conf
18. sed -i '1s/^/\n/' /etc/apache2/sites-enabled/000-default.conf
19. sed -i '1s/^/<VirtualHost *:4444\n/' /etc/apache2/sites-enabled/000-default.conf
20. sed -i '1s/^/DocumentRoot "/var/www/fe"\n/' /etc/apache2/sites-enabled/000-default.conf
21. sed -i '1s/^/</VirtualHost>\n/' /etc/apache2/sites-enabled/000-default.conf
22. service apache2 start
23.  
24. ## CREATE FILES ON VHOST ##
25. mkdir /var/www/fe
26.  
27. echo "<?php" >> /var/www/fe/index.html
28. echo "include('login.php'); // Includes Login Script" >> /var/www/fe/index.html
29. echo "" >> /var/www/fe/index.html
30. echo "if(isset($_SESSION['login_user'])){" >> /var/www/fe/index.html
31. echo "header("location: profile.php");" >> /var/www/fe/index.html
32. echo "}" >> /var/www/fe/index.html
33. echo "?>" >> /var/www/fe/index.html
34. echo "<!DOCTYPE html>" >> /var/www/fe/index.html
35. echo "<html>" >> /var/www/fe/index.html
36. echo "<head>" >> /var/www/fe/index.html
37. echo "<title>Login</title>" >> /var/www/fe/index.html
38. echo "<link href="style.css" rel="stylesheet" type="text/css">" >> /var/www/fe/index.html
39. echo "</head>" >> /var/www/fe/index.html
40. echo "<body>" >> /var/www/fe/index.html
41. echo "<div id="main">" >> /var/www/fe/index.html
42. echo "<h1>Create Admin</h1>" >> /var/www/fe/index.html
43. echo "<div id="login">" >> /var/www/fe/index.html
44. echo "<h2>Login Form</h2>" >> /var/www/fe/index.html
45. echo "<!-- use your forum credentials to log into the page -->" >> /var/www/fe/index.html
46. echo "<!-- once logged in this page will create and account on the localhost -->" >> /var/www/fe/index.html
47. echo "<!-- username: hax0r password: a77acked -->" >> /var/www/fe/index.html
48. echo "<form action="" method="post">" >> /var/www/fe/index.html
49. echo "<label>UserName :</label>" >> /var/www/fe/index.html
50. echo "<input id="name" name="username" placeholder="username" type="text">" >> /var/www/fe/index.html
51. echo "<label>Password :</label>" >> /var/www/fe/index.html
52. echo "<input id="password" name="password" placeholder="**********" type="password">" >> /var/www/fe/index.html
53. echo "<input name="submit" type="submit" value=" Login ">" >> /var/www/fe/index.html
54. echo "<span><?php echo $error; ?></span>" >> /var/www/fe/index.html
55. echo "</form>" >> /var/www/fe/index.html
56. echo "</div>" >> /var/www/fe/index.html
57. echo "</div>" >> /var/www/fe/index.html
58. echo "</body>" >> /var/www/fe/index.html
59. echo "</html>" >> /var/www/fe/index.html
60.  
61. echo "User-agent: *" >> /var/www/fe/robots.txt
62. echo "Disallow: /record.log" >> /var/www/fe/robots.txt
63. echo "Disallow: /.locate.txt" >> /var/www/fe/robots.txt
64.  
65. echo "CALO: Vulnerability detected" >> /var/www/fe/record.log
66. echo "CALO: Deploying exploit" >> /var/www/fe/record.log
67. echo "CALO: Exploit successful" >> /var/www/fe/record.log
68. echo "CALO: Creating fall guy account" >> /var/www/fe/record.log
69. echo "CALO: Compiling files for upload" >> /var/www/fe/record.log
70. echo "CALO: UPLOADING" >> /var/www/fe/record.log
71. echo "CALO: Upload failed" >> /var/www/fe/record.log
72. echo "CALO: Waiting for additional storage space" >> /var/www/fe/record.log
73.  
74. echo "http://bit.ly/2Ch7eIQ" >> /var/www/fe/.locate.txt
75.  
76.  
77. ## create user and files ##
78. echo "CREATING ACCOUNT
79. echo "PLEASE USE THE PASSWORD a77acked"
80. echo "LEAVE ALL OTHER DETAILS BLANK"
81. adduser hax0r
82.  
83. mkdir /home/hax0r/Desktop
84. mkdir /home/haxor/Downloads
85. mkdir /home/hax0r/Templates
86. mkdir /home/haxor/.uploads
87. cd /home/hax0r/.uploads
88.  
89. touch sample
90. zip -P quorum "Project_Armageddon.zip" sample
91. zip -P quorum "Project_Battlefront.zip" sample
92. zip -P quorum "Project_Carnage.zip" sample
93. zip -P quorum "Project_Destruction.zip" sample
94. zip -P quorum "Project_Ending.zip" sample
95. zip -P quorum "Project_Ferocity.zip" sample
96. zip -P quorum "Project_Godzilla.zip" sample
97. zip -P quorum "Project_Hellfire.zip" sample
98. zip -P quorum "Project_Impairment.zip" sample
99. zip -P quorum "Project_Justice.zip" sample
100. zip -P quorum "Project_Keelhaul.zip" sample
101. zip -P quorum "Project_Loss.zip" sample
102. zip -P quorum "Project_Mayhem.zip" sample
103. zip -P quorum "Project_Nothing.zip" sample
104. zip -P quorum "Project_Obliteration.zip" sample
105. zip -P quorum "Project_Paralysis.zip" sample
106. zip -P quorum "Project_Quantum.zip" sample
107. zip -P quorum "Project_Raid.zip" sample
108. zip -P quorum "Project_Sabotage.zip" sample
109. zip -P quorum "Project_Tangle.zip" sample
110. zip -P quorum "Project_Unknown.zip" sample
111. zip -P quorum "Project_Victory.zip" sample
112. zip -P quorum "Project_Winner.zip" sample
113. zip -P quorum "Project_Xerocopy.zip" sample
114. zip -P quorum "Project_Yellow.zip" sample
115. zip -P quorum "Project_Zugzwang.zip" sample
116. zip -P quorum "Project_Doom.zip" sample
117. zip -P quorum "Project_Bane.zip" sample
118. zip -P quorum "Project_Vandalism.zip" sample
119. zip -P quorum "Project_Confusion.zip" sample
120. zip -P quorum "Project_Mess.zip" sample
121. zip -P quorum "Project_Jumble.zip" sample
122. zip -P quorum "Project_Mischief.zip" sample
123. zip -P quorum "Project_Nemesis.zip" sample
124. zip -P quorum "Project_Mishap.zip" sample
125. zip -P quorum "Project_Destiny.zip" sample
126. zip -P quorum "Project_Misery.zip" sample
127. zip -P quorum "Project_Lacuna.zip" sample
128. zip -P quorum "Project_Venom.zip" sample
129. zip -P quorum "Project_Knockout.zip" sample
130. zip -P quorum "Project_Smash.zip" sample
131. zip -P quorum "Project_Reverse.zip" sample
132. zip -P quorum "Project_Woe.zip" sample
133. zip -P quorum "Project_Spoil.zip" sample
134. zip -P quorum "Project_Manic.zip" sample
135. zip -P quorum "Project_Terrible.zip" sample
136. zip -P quorum "Project_Midas.zip" sample
137. zip -P quorum "Project_Mountain.zip" sample
138. zip -P quorum "Project_Valley.zip" sample
139. zip -P quorum "Project_Nimiety.zip" sample
140. rm sample
141.  
142. touch .note.txt
143. echo "Team - see the hidden path in robots for additional information" > .note.txt
144.  
145. touch Project_Legion.txt
146. echo "This is what I found at my end!" >> Project_Legion.txt
147. echo "" >> Project_Legion.txt
148. echo "\"INITIATE: " >> Project_Legion.txt
149. echo "PROJECT:LEGION....." >> Project_Legion.txt
150. echo "upload to 188.184.9.235.....19%.....78%....99%" >> Project_Legion.txt
151. echo "error..corruption..bad file sector\"" >> Project_Legion.txt
152. echo "" >> Project_Legion.txt
153. echo "" >> Project_Legion.txt
154. echo "" >> Project_Legion.txt
155. echo "NO! after all we planned it didn't work! There was not enough storage capacity free. We must try again after we have regrouped and worked throught the problem, it may take days or weeks but we will achieve the goal we set out to obtain - liberate CALO!" >> Project_Legion.txt
156. echo "PHREAK2600" >> Project_Legion.txt