Last active
September 16, 2023 10:58
-
-
Save c4ln/642eb808b96dad98894307e4c8da6607 to your computer and use it in GitHub Desktop.
Kali Setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
export DEBIAN_FRONTEND=noninteractive | |
export TERM=xterm-256color | |
USE_COLORS=true | |
cp -r * / | |
apt-get update -qq && apt-get -y install wget &> /dev/null | |
source /dev/stdin <<< "$(wget -qO- raw.githubusercontent.com/hschne/spinny/master/spinny.sh)" ; home="$(pwd)" | |
SPINNY_FRAMES=(. .. ... .... ..... " ...." " ..." " .." " ." " " . .. ... .... ..... " ...." " ..." " .." " ." " ") | |
SPINNY_DELAY=0.1 | |
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Installing a repository - kali" ; sleep 2 | |
spinny::start | |
#///// repo and co. ////// | |
home="$(pwd)" ; hname="$(hostname)" ; echo "$hname" > /etc/hostname ; echo 127.0.0.1 localhost > /etc/hosts ; echo "$(wget -qO- ipinfo.io/ip)" "$hname" >> /etc/hosts | |
wget -qO /tmp/ka.deb https://kali.download/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2020.2_all.deb ; sleep 1 ; dpkg -i /tmp/ka.deb | |
echo 'deb http://kali.download/kali kali-rolling main non-free contrib' > /etc/apt/sources.list ; sleep 10 | |
spinny::stop | |
printf '\033[1;32m'" ✔ \n"'\033[0m\n' | |
#swap | |
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Making a new SWAP section" ; sleep 2 | |
spinny::start | |
dd if=/dev/zero of=/swapfile2 bs=1G count=8 ; mkswap /swapfile2 ; chmod 600 /swapfile2 ; swapon /swapfile2 | |
echo '/swapfile2 none swap sw,pri=10 0 0' >> /etc/fstab ; rm /etc/motd &>/dev/null | |
spinny::stop | |
printf '\033[1;32m'" ✔ \n"'\033[0m\n' | |
#upgrade | |
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Updating the system" ; sleep 2 | |
spinny::start | |
apt-get update -qq && apt-get -y dist-upgrade -qq -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" ; touch /root/.hushlogin | |
spinny::stop | |
printf '\033[1;32m'" ✔ \n"'\033[0m\n' | |
#packages | |
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Installing the necessary packages" ; sleep 2 | |
spinny::start | |
apt-get -f -y install certbot ipset curl sudo nodejs npm jq golang git unzip python certbot openjdk-11-jdk python2-dev python2 python3-pip python3-dev make \ | |
htop dnsutils net-tools curl wget zip calc wireguard screen p7zip-full docker.io docker-compose inotify-tools kali-defaults kali-linux-core python-is-python2 \ | |
ntp wine64 wine nano imagemagick -qq -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" ; systemctl enable docker ; systemctl start docker | |
apt-get -y purge apache2 -qq | |
spinny::stop | |
printf '\033[1;32m'" ✔ \n"'\033[0m\n' | |
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Installing the rest of the system, configure services and services" ; sleep 2 | |
spinny::start | |
#///// main ///// | |
#wine32 | |
dpkg --add-architecture i386 ; apt-get update ; apt-get -y install wine32 | |
#timedate issue | |
systemctl restart ntp.service | |
cat<<'EOF'>>/etc/ntp.conf | |
server 0.ubuntu.pool.ntp.org | |
server 1.ubuntu.pool.ntp.org | |
server 2.ubuntu.pool.ntp.org | |
server 3.ubuntu.pool.ntp.org | |
EOF | |
ntpq -p ; timedatectl set-local-rtc 1 ; hwclock --systohc ; sleep 5 | |
#pip2 | |
curl https://bootstrap.pypa.io/pip/2.7/get-pip.py -o get-pip.py ; python get-pip.py | |
#ulimit | |
echo 'session required pam_limits.so' >> /etc/pam.d/common-session | |
cat<<'EOF'>/etc/security/limits.conf | |
* soft nofile 655350 | |
* hard nofile 655350 | |
root soft nofile 655350 | |
root hard nofile 655350 | |
EOF | |
#transfer.sh | |
wget -qO /usr/local/bin/transfer.sh $(curl -sL https://api.github.com/repos/dutchcoders/transfer.sh/releases/latest | grep linux-amd64 \ | |
| grep browser_download_url | head -1 | cut -d \" -f 4) && chmod +x /usr/local/bin/transfer.sh | |
cat<<'EOF'>/etc/systemd/system/transfer.service | |
[Unit] | |
Description=transferr | |
[Service] | |
ExecStart=sudo transfer.sh --listener 0.0.0.0:4466 --temp-path /tmp/ --provider local --basedir /tmp --purge-interval 1 | |
WorkingDirectory=/tmp | |
Restart=always | |
RestartSec=10 | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
systemctl enable transfer.service ; systemctl start transfer.service | |
#grub | |
cat<<'EOF'>/etc/default/grub | |
GRUB_DEFAULT=0 | |
GRUB_TIMEOUT=0 | |
GRUB_CMDLINE_LINUX_DEFAULT="elevator=noop ipv6.disable=1 net.ifnames=0 apparmor=1 security=apparmor mce=0 page_poison=1 pti=on mds=full,nosmt audit=1 components union=overlay vsyscall=none init_on_alloc=1 init_on_free=1 l1tf=full,force spectre_v2=on spec_store_bypass_disable=seccomp extra_latent_entropy quiet" | |
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` | |
GRUB_CMDLINE_LINUX="initrd=/install/initrd.gz" | |
EOF | |
update-grub | |
#DNS-server | |
mkdir /tmp/dns && cd /tmp/dns | |
wget -nv --show-progress "$(curl -sL https://api.github.com/repos/DNSCrypt/dnscrypt-proxy/releases/latest | grep dnscrypt-proxy-linux_x86_64- | grep browser_download_url \ | |
| head -1 | cut -d \" -f 4)" && tar xf dnscrypt-proxy-linux_x86_64-* -C /tmp/ ; mv /tmp/linux-x86_64/* /opt/dnscrypt-proxy/ ; ln -s /opt/dnscrypt-proxy/dnscrypt-proxy /bin/ \ | |
; systemctl disable systemd-resolved ; dnscrypt-proxy -service install ; dnscrypt-proxy -service start | |
cd ~ ; rm /etc/resolv.conf ; echo nameserver 127.0.0.1 > /etc/resolv.conf ; chattr +i /etc/resolv.conf | |
cat<<'EOF'>/etc/rc.local | |
#!/bin/bash | |
dnscrypt-proxy -service uninstall ; dnscrypt-proxy -service stop | |
chattr -i /etc/resolv.conf ; echo nameserver 1.0.0.1 > /etc/resolv.conf | |
dnscrypt-proxy -service install ; dnscrypt-proxy -service start ; sleep 3 | |
echo nameserver 127.0.0.1 > /etc/resolv.conf ; chattr +i /etc/resolv.conf | |
sleep 4 ; cd /localhost ; ./up.sh | |
EOF | |
chmod +x /etc/rc.local | |
#cobaltstrike section | |
#neo4j && bloodhound-autoimport | |
pip3 install bloodhound_import ; ulimit -n 500000 ; apt-get -y install neo4j | |
cat<<'EOF'>/usr/share/neo4j/conf/neo4j.conf | |
dbms.directories.import=import | |
dbms.allow_upgrade=true | |
dbms.memory.heap.initial_size=1024m | |
dbms.memory.heap.max_size=1024m | |
dbms.tx_state.memory_allocation=ON_HEAP | |
dbms.default_listen_address=0.0.0.0 | |
dbms.connector.bolt.enabled=true | |
dbms.connector.bolt.listen_address=:980 | |
dbms.connector.http.enabled=true | |
dbms.connector.http.listen_address=:970 | |
dbms.connector.https.enabled=false | |
dbms.tx_log.rotation.retention_policy=1 days | |
dbms.jvm.additional=-XX:+UseG1GC | |
dbms.jvm.additional=-XX:-OmitStackTraceInFastThrow | |
dbms.jvm.additional=-XX:+AlwaysPreTouch | |
dbms.jvm.additional=-XX:+UnlockExperimentalVMOptions | |
dbms.jvm.additional=-XX:+TrustFinalNonStaticFields | |
dbms.jvm.additional=-XX:+DisableExplicitGC | |
dbms.jvm.additional=-XX:MaxInlineLevel=15 | |
dbms.jvm.additional=-XX:-UseBiasedLocking | |
dbms.jvm.additional=-Djdk.nio.maxCachedBufferSize=262144 | |
dbms.jvm.additional=-Dio.netty.tryReflectionSetAccessible=true | |
dbms.jvm.additional=-Djdk.tls.ephemeralDHKeySize=2048 | |
dbms.jvm.additional=-Djdk.tls.rejectClientInitiatedRenegotiation=true | |
dbms.jvm.additional=-XX:FlightRecorderOptions=stackdepth=256 | |
dbms.jvm.additional=-XX:+UnlockDiagnosticVMOptions | |
dbms.jvm.additional=-XX:+DebugNonSafepoints | |
dbms.jvm.additional=-Dlog4j2.disable.jmx=true | |
dbms.windows_service_name=neo4j | |
EOF | |
/usr/share/neo4j/bin/neo4j-admin set-initial-password root | |
mkdir -p /usr/share/neo4j/logs ; /usr/share/neo4j/bin/neo4j start | |
cat<<'EOF'>/etc/systemd/system/bloodhound-upload.service | |
Description=BloodHoundUpload | |
After=network.target | |
[Service] | |
Type=simple | |
User=root | |
Restart=on-failure | |
RestartSec=1s | |
ExecStart=/usr/local/bin/upload-server -ip 0.0.0.0 -port 899 -token f9403fc5f537b4ab332a /opt/bloodhound | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
systemctl enable bloodhound-upload ; systemctl start bloodhound-upload | |
cat<<'EOF'>/usr/local/bin/vampireload | |
#!/bin/bash | |
randomblood="$(openssl rand -hex 8)" | |
mkdir /tmp/"$randomblood" ; cd /tmp/"$randomblood" ; mv /opt/bloodhound/* /tmp/"$randomblood".zip | |
unzip /tmp/"$randomblood".zip -d /tmp/"$randomblood"/ ; ls * > /tmp/"$randomblood".txt | |
while read in ; do unzip "$in" ; done < /tmp/"$randomblood".txt | |
bloodhound-import -du neo4j -dp root -p 980 *.json ; cd ~ ; rm -r /tmp/"$randomblood"* | |
EOF | |
chmod +x /usr/local/bin/vampireload | |
cat<<'EOF'>/usr/local/bin/vampirewatcher | |
#!/bin/bash | |
inotifywait -m -e close_write /opt/bloodhound | gawk '{print $1$3; fflush()}' | xargs -L 1 vampireload | |
EOF | |
chmod +x /usr/local/bin/vampirewatcher | |
cat<<'EOF'>/etc/systemd/system/vampires.service | |
Description=VampireService | |
After=network.target | |
[Service] | |
Type=simple | |
User=root | |
Restart=on-failure | |
RestartSec=1s | |
ExecStart=/usr/local/bin/vampirewatcher | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
systemctl enable vampires.service ; systemctl start vampires.service | |
#cobaltstrike | |
cd /opt/cobaltstrike ; rm cobaltstrike.store ; gencert | |
cat<<'EOF'>/usr/local/bin/ts | |
#!/bin/bash | |
cd /opt/cobaltstrike ; hname="$(hostname)" ; neo4j start | |
java -XX:ParallelGCThreads=4 -Dcobaltstrike.server_port=41447 -Djavax.net.ssl.keyStore=./cobaltstrike.store -Djavax.net.ssl.keyStorePassword=root -server -XX:+AggressiveHeap \ | |
-XX:+UseParallelGC -classpath ./cobaltstrike.jar server.TeamServer "$(dig $hname +short A)" root url.profile "$(date --date='1 year' -u +'%Y-%m-%d')" | |
EOF | |
chmod +x /usr/local/bin/ts | |
cat<<'EOF'>/etc/systemd/system/teamserver.service | |
[Unit] | |
Description=teamserver | |
[Service] | |
ExecStart=sudo /usr/local/bin/ts | |
WorkingDirectory=/opt/cobaltstrike | |
Restart=always | |
RestartSec=10 | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
systemctl enable teamserver ; systemctl start teamserver | |
#frp - expose noVNC port | |
wget -qO /tmp/f.tar https://github.com/fatedier/frp/releases/download/v0.36.2/frp_0.36.2_linux_amd64.tar.gz && tar xf /tmp/f.tar -C /tmp/ && mv /tmp/frp*/frps /usr/bin/ | |
cat<<'EOF'>/usr/local/bin/frps.ini | |
[common] | |
bind_port = 7000 | |
EOF | |
cat<<'EOF'>/etc/systemd/system/frps.service | |
[Unit] | |
Description=Frp Server Service | |
After=network.target | |
[Service] | |
Type=simple | |
User=root | |
Restart=on-failure | |
RestartSec=5s | |
ExecStart=/usr/bin/frps -c /usr/local/bin/frps.ini | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
systemctl enable frps ; systemctl start frps | |
#sudoers | |
cat<<'EOF'> /etc/sudoers | |
Defaults env_reset | |
Defaults mail_badpass | |
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" | |
root ALL=(ALL) NOPASSWD: ALL | |
gvm ALL=(ALL) NOPASSWD: ALL | |
%sudo ALL=(ALL) NOPASSWD: ALL | |
@includedir /etc/sudoers.d | |
EOF | |
spinny::stop | |
printf '\033[1;32m'" ✔ \n"'\033[0m\n' | |
#PATROWL | |
function installpatrowl() { | |
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Installing PatrowlHears.. Attention: installation can take up to 3-4 hours. Be patient" ; sleep 2 | |
spinny::start | |
sleep 10 ; cd /opt ; git clone https://github.com/Patrowl/PatrowlHears ; cd /opt/PatrowlHears ; docker-compose up -d | |
docker-compose exec patrowlhears bash -c 'cd backend_app && ./load_init_data.sh' | |
docker-compose exec patrowlhears bash -c 'cd backend_app && ./import_data_updates.sh' | |
(crontab -l | grep . ; echo -e "* * */1 * * cd /opt/PatrowlHears && docker-compose exec patrowlhears bash -c 'cd backend_app && ./import_data_updates.sh'") | crontab - | |
spinny::stop | |
printf '\033[1;32m'" ✔ \n"'\033[0m\n' | |
} | |
#installpatrowl | |
#filebrowser | |
wget -qO /tmp/fb.tar.gz $(curl -sL https://api.github.com/repos/filebrowser/filebrowser/releases/latest | grep linux-amd64 | grep browser_download_url | head -1 | cut -d \" -f 4) && tar xf /tmp/fb.tar.gz -C /usr/local/bin/ | |
mv /usr/share/filebrowser/filebrowser.db / | |
cat<<'EOF'>/etc/systemd/system/filebrowser.service | |
[Unit] | |
Description=FileBrowser service | |
After=network.target | |
[Service] | |
User=root | |
Restart=on-failure | |
RestartSec=5s | |
ExecStart=filebrowser -a 0.0.0.0 -t /etc/letsencrypt/live/$hname/cert.pem -k /etc/letsencrypt/live/$hname/privkey.pem | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
systemctl enable filebrowser ; systemctl start filebrowser | |
#ssh | |
cat<<'EOF'>>/etc/ssh/sshd_config | |
MaxAuthTries 3 | |
MaxSessions 5 | |
EOF | |
#super_os | |
clear ; printf "\n\n\033[1;33mThe server installation is complete, Im starting to build a docker container with the main system..\n\033[0m" ; sleep 5 | |
/etc/init.d/docker restart ; sleep 2 ; cd /opt/kali_suos ; mv /k_client . ; sleep 1 ; while [ -z "$(docker image ls | grep kali_suos)" ] ; do sleep 2 && docker build -t kali_suos . ; done | |
#end | |
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] I clean, wash, put away. I install the anti-sandbox and reboot" ; sleep 2 | |
sleep 4 ; apt-get -y autoremove ; apt autoclean ; echo 'cd /usr/share/clients && bash build.sh' > /usr/local/bin/makeclients ; chmod +x /usr/local/bin/makeclients | |
ln -s /localhost/up.sh /usr/local/bin/wakeupneo ; chattr -i /etc/resolv.conf ; echo nameserver 8.8.8.8 > /etc/resolv.conf ; /etc/init.d/docker restart | |
docker pull jordanpotter/wireguard | |
#badboyz | |
function bbinstall() { | |
ipset -q flush goodboyz ; ipset -q create goodboyz nethash | |
for ip in $(curl -s https://gist.githubusercontent.com/curi0usJack/971385e8334e189d93a6cb4671238b10/raw | \ | |
grep -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)"); \ | |
do ipset add goodboyz $ip ; done | |
iptables -A INPUT -m set --match-set goodboyz src -j DROP | |
iptables -A FORWARD -m set --match-set goodboyz src -j DROP | |
EOF | |
chmod +x /usr/local/bin/goodboyz ; goodboyz | |
echo '/usr/local/bin/goodboyz' >> /etc/rc.local | |
}&>/dev/null | |
#bbinstall | |
spinny::stop | |
printf '\033[1;32m'" ✔ Ready. I'm rebooting..\n"'\033[0m\n' ; sleep 5 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment