Last active
January 23, 2017 02:02
-
-
Save Mcostart/86b216bd74e0246b69091f8795d4f29c to your computer and use it in GitHub Desktop.
Penetration testing box setup.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#Update repositories | |
apt-get update | |
apt-get upgrade -y | |
#SSH config | |
#-------------------------- | |
export username="pentester" | |
export password="" | |
export key="" | |
export salt=$(openssl rand -base64 8) | |
pass=$(perl -e 'print crypt($ARGV[0], $ENV{salt})' $password) | |
useradd -s /bin/bash -m -p $pass $username | |
usermod -aG sudo $username | |
export directory="/home/$username" | |
cd $directory | |
mkdir .ssh | |
cd .ssh/ | |
touch authorized_keys | |
echo $key > authorized_keys | |
chown pentester:pentester authorized_keys | |
chmod 600 authorized_keys | |
cd .. | |
chown pentester:pentester .ssh/ | |
chmod 700 .ssh/ | |
cp /etc/ssh/sshd_config /etc/ssh/sshd_config-bak | |
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config | |
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config | |
sed -i 's/^PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config | |
systemctl reload sshd | |
systemctl status sshd | |
cd /root/ | |
#Firewall UFW config | |
#-------------------------- | |
apt-get install ufw -y | |
#Default Policies | |
ufw default deny incoming | |
ufw default allow outgoing | |
#Allowing SSH Connections | |
ufw allow ssh | |
ufw allow 2222 | |
#Allowing Other Connections | |
ufw allow 80 | |
ufw allow 8080 | |
ufw allow 443 | |
#Enabling UFW | |
ufw enable | |
ufw status verbose > ufw-rules.txt | |
ufw status numbered > ufw-rules-numbered.txt | |
#NTP Synchronization | |
#-------------------------- | |
#http://support.ntp.org/bin/view/Servers/NTPPoolServers | |
dpkg-reconfigure tzdata | |
apt-get install ntp -y | |
cp /etc/ntp.conf /etc/ntp.conf.bak | |
sed -i 's/^server.*//' /etc/ntp.conf | |
sh -c 'echo "# Specify one or more NTP servers." >> /etc/ntp.conf' | |
sh -c 'echo "server 0.south-america.pool.ntp.org" >> /etc/ntp.conf' | |
sh -c 'echo "server 1.south-america.pool.ntp.org" >> /etc/ntp.conf' | |
sh -c 'echo "server 2.south-america.pool.ntp.org" >> /etc/ntp.conf' | |
sh -c 'echo "server 3.south-america.pool.ntp.org" >> /etc/ntp.conf' | |
service ntp restart | |
#Install tools | |
#-------------- | |
#python setup | |
apt-get install -y python-pip python-dev build-essential | |
pip install --upgrade pip | |
pip install python-nmap | |
mkdir tools | |
cd tools | |
#Nmap | |
#https://nmap.org/ | |
apt-get purge nmap | |
apt-get install tcpdump build-essential libssl-dev -y | |
wget https://nmap.org/dist/nmap-7.40.tar.bz2 | |
bzip2 -cd nmap-7.40.tar.bz2 | tar xvf - | |
cd nmap-7.40/ | |
./configure | |
make && make install | |
cd .. | |
rm -f nmap-7.40.tar.bz2 | |
rm -rf nmap-7.40/ | |
apt-get install xsltproc -y | |
#Masscan | |
#https://github.com/robertdavidgraham/masscan | |
apt-get install git gcc make libpcap-dev -y | |
git clone https://github.com/robertdavidgraham/masscan | |
cd masscan/ | |
make -j | |
make install | |
cd .. | |
rm -rf masscan/ | |
#Nikto | |
#https://github.com/sullo/nikto | |
apt-get install wget unzip libnet-ssleay-perl libwhisker2-perl openssl -y | |
git clone https://github.com/sullo/nikto | |
#Metasploit | |
#https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers | |
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && chmod 755 msfinstall && ./msfinstall | |
rm -f msfinstall | |
#recon-ng | |
#https://bitbucket.org/LaNMaSteR53/recon-ng | |
git clone https://bitbucket.org/LaNMaSteR53/recon-ng.git recon-ng/ | |
#SET | |
#https://github.com/trustedsec/social-engineer-toolkit/ | |
git clone https://github.com/trustedsec/social-engineer-toolkit/ set/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment