Mcostart/box-setup.sh

## box-setup.sh
#!/bin/bash
#Update repositories
apt-get update
apt-get upgrade -y

#SSH config
#--------------------------
export username="pentester"
export password=""
export key=""
export salt=$(openssl rand -base64 8)
pass=$(perl -e 'print crypt($ARGV[0], $ENV{salt})' $password)

useradd -s /bin/bash -m -p $pass $username
usermod -aG sudo $username
export directory="/home/$username"
cd $directory
mkdir .ssh
cd .ssh/
touch authorized_keys
echo $key > authorized_keys
chown pentester:pentester authorized_keys
chmod 600 authorized_keys
cd ..
chown pentester:pentester .ssh/
chmod 700 .ssh/

cp /etc/ssh/sshd_config /etc/ssh/sshd_config-bak
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/^PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config
systemctl reload sshd
systemctl status sshd

cd /root/
#Firewall UFW config
#--------------------------
apt-get install ufw -y
#Default Policies
ufw default deny incoming
ufw default allow outgoing

#Allowing SSH Connections
ufw allow ssh
ufw allow 2222

#Allowing Other Connections
ufw allow 80
ufw allow 8080
ufw allow 443

#Enabling UFW
ufw enable
ufw status verbose > ufw-rules.txt
ufw status numbered > ufw-rules-numbered.txt

#NTP Synchronization
#--------------------------
#http://support.ntp.org/bin/view/Servers/NTPPoolServers
dpkg-reconfigure tzdata

apt-get install ntp -y
cp /etc/ntp.conf /etc/ntp.conf.bak
sed -i 's/^server.*//' /etc/ntp.conf
sh -c 'echo "# Specify one or more NTP servers." >> /etc/ntp.conf'
sh -c 'echo "server 0.south-america.pool.ntp.org" >> /etc/ntp.conf'
sh -c 'echo "server 1.south-america.pool.ntp.org" >> /etc/ntp.conf'
sh -c 'echo "server 2.south-america.pool.ntp.org" >> /etc/ntp.conf'
sh -c 'echo "server 3.south-america.pool.ntp.org" >> /etc/ntp.conf'
service ntp restart

#Install tools
#--------------
#python setup
apt-get install -y python-pip python-dev build-essential
pip install --upgrade pip
pip install python-nmap

mkdir tools
cd tools
#Nmap
#https://nmap.org/
apt-get purge nmap
apt-get install tcpdump build-essential libssl-dev -y
wget https://nmap.org/dist/nmap-7.40.tar.bz2
bzip2 -cd nmap-7.40.tar.bz2 | tar xvf -
cd nmap-7.40/
./configure
make && make install
cd ..
rm -f nmap-7.40.tar.bz2
rm -rf nmap-7.40/
apt-get install xsltproc -y

#Masscan
#https://github.com/robertdavidgraham/masscan
apt-get install git gcc make libpcap-dev -y
git clone https://github.com/robertdavidgraham/masscan
cd masscan/
make -j
make install
cd ..
rm -rf masscan/

#Nikto
#https://github.com/sullo/nikto
apt-get install wget unzip libnet-ssleay-perl libwhisker2-perl openssl -y
git clone https://github.com/sullo/nikto

#Metasploit
#https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && chmod 755 msfinstall && ./msfinstall
rm -f msfinstall

#recon-ng
#https://bitbucket.org/LaNMaSteR53/recon-ng
git clone https://bitbucket.org/LaNMaSteR53/recon-ng.git recon-ng/

#SET
#https://github.com/trustedsec/social-engineer-toolkit/
git clone https://github.com/trustedsec/social-engineer-toolkit/ set/
	#!/bin/bash
	#Update repositories
	apt-get update
	apt-get upgrade -y

	#SSH config
	#--------------------------
	export username="pentester"
	export password=""
	export key=""
	export salt=$(openssl rand -base64 8)
	pass=$(perl -e 'print crypt($ARGV[0], $ENV{salt})' $password)

	useradd -s /bin/bash -m -p $pass $username
	usermod -aG sudo $username
	export directory="/home/$username"
	cd $directory
	mkdir .ssh
	cd .ssh/
	touch authorized_keys
	echo $key > authorized_keys
	chown pentester:pentester authorized_keys
	chmod 600 authorized_keys
	cd ..
	chown pentester:pentester .ssh/
	chmod 700 .ssh/

	cp /etc/ssh/sshd_config /etc/ssh/sshd_config-bak
	sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
	sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
	sed -i 's/^PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config
	systemctl reload sshd
	systemctl status sshd

	cd /root/
	#Firewall UFW config
	#--------------------------
	apt-get install ufw -y
	#Default Policies
	ufw default deny incoming
	ufw default allow outgoing

	#Allowing SSH Connections
	ufw allow ssh
	ufw allow 2222

	#Allowing Other Connections
	ufw allow 80
	ufw allow 8080
	ufw allow 443

	#Enabling UFW
	ufw enable
	ufw status verbose > ufw-rules.txt
	ufw status numbered > ufw-rules-numbered.txt

	#NTP Synchronization
	#--------------------------
	#http://support.ntp.org/bin/view/Servers/NTPPoolServers
	dpkg-reconfigure tzdata

	apt-get install ntp -y
	cp /etc/ntp.conf /etc/ntp.conf.bak
	sed -i 's/^server.*//' /etc/ntp.conf
	sh -c 'echo "# Specify one or more NTP servers." >> /etc/ntp.conf'
	sh -c 'echo "server 0.south-america.pool.ntp.org" >> /etc/ntp.conf'
	sh -c 'echo "server 1.south-america.pool.ntp.org" >> /etc/ntp.conf'
	sh -c 'echo "server 2.south-america.pool.ntp.org" >> /etc/ntp.conf'
	sh -c 'echo "server 3.south-america.pool.ntp.org" >> /etc/ntp.conf'
	service ntp restart

	#Install tools
	#--------------
	#python setup
	apt-get install -y python-pip python-dev build-essential
	pip install --upgrade pip
	pip install python-nmap

	mkdir tools
	cd tools
	#Nmap
	#https://nmap.org/
	apt-get purge nmap
	apt-get install tcpdump build-essential libssl-dev -y
	wget https://nmap.org/dist/nmap-7.40.tar.bz2
	bzip2 -cd nmap-7.40.tar.bz2 \| tar xvf -
	cd nmap-7.40/
	./configure
	make && make install
	cd ..
	rm -f nmap-7.40.tar.bz2
	rm -rf nmap-7.40/
	apt-get install xsltproc -y

	#Masscan
	#https://github.com/robertdavidgraham/masscan
	apt-get install git gcc make libpcap-dev -y
	git clone https://github.com/robertdavidgraham/masscan
	cd masscan/
	make -j
	make install
	cd ..
	rm -rf masscan/

	#Nikto
	#https://github.com/sullo/nikto
	apt-get install wget unzip libnet-ssleay-perl libwhisker2-perl openssl -y
	git clone https://github.com/sullo/nikto

	#Metasploit
	#https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers
	curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && chmod 755 msfinstall && ./msfinstall
	rm -f msfinstall

	#recon-ng
	#https://bitbucket.org/LaNMaSteR53/recon-ng
	git clone https://bitbucket.org/LaNMaSteR53/recon-ng.git recon-ng/

	#SET
	#https://github.com/trustedsec/social-engineer-toolkit/
	git clone https://github.com/trustedsec/social-engineer-toolkit/ set/