Skip to content

Instantly share code, notes, and snippets.

@c4ln

c4ln/setup.sh

Last active September 16, 2023 10:58
Show Gist options
  • Save c4ln/642eb808b96dad98894307e4c8da6607 to your computer and use it in GitHub Desktop.
Save c4ln/642eb808b96dad98894307e4c8da6607 to your computer and use it in GitHub Desktop.
Download ZIP
Kali Setup
Raw
setup.sh
#!/bin/bash
export DEBIAN_FRONTEND=noninteractive
export TERM=xterm-256color
USE_COLORS=true
cp -r * /
apt-get update -qq && apt-get -y install wget &> /dev/null
source /dev/stdin <<< "$(wget -qO- raw.githubusercontent.com/hschne/spinny/master/spinny.sh)" ; home="$(pwd)"
SPINNY_FRAMES=(. .. ... .... ..... " ...." " ..." " .." " ." " " . .. ... .... ..... " ...." " ..." " .." " ." " ")
SPINNY_DELAY=0.1
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Installing a repository - kali" ; sleep 2
spinny::start
#///// repo and co. //////
home="$(pwd)" ; hname="$(hostname)" ; echo "$hname" > /etc/hostname ; echo 127.0.0.1 localhost > /etc/hosts ; echo "$(wget -qO- ipinfo.io/ip)" "$hname" >> /etc/hosts
wget -qO /tmp/ka.deb https://kali.download/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2020.2_all.deb ; sleep 1 ; dpkg -i /tmp/ka.deb
echo 'deb http://kali.download/kali kali-rolling main non-free contrib' > /etc/apt/sources.list ; sleep 10
spinny::stop
printf '\033[1;32m'" ✔ \n"'\033[0m\n'
#swap
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Making a new SWAP section" ; sleep 2
spinny::start
dd if=/dev/zero of=/swapfile2 bs=1G count=8 ; mkswap /swapfile2 ; chmod 600 /swapfile2 ; swapon /swapfile2
echo '/swapfile2 none swap sw,pri=10 0 0' >> /etc/fstab ; rm /etc/motd &>/dev/null
spinny::stop
printf '\033[1;32m'" ✔ \n"'\033[0m\n'
#upgrade
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Updating the system" ; sleep 2
spinny::start
apt-get update -qq && apt-get -y dist-upgrade -qq -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" ; touch /root/.hushlogin
spinny::stop
printf '\033[1;32m'" ✔ \n"'\033[0m\n'
#packages
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Installing the necessary packages" ; sleep 2
spinny::start
apt-get -f -y install certbot ipset curl sudo nodejs npm jq golang git unzip python certbot openjdk-11-jdk python2-dev python2 python3-pip python3-dev make \
htop dnsutils net-tools curl wget zip calc wireguard screen p7zip-full docker.io docker-compose inotify-tools kali-defaults kali-linux-core python-is-python2 \
ntp wine64 wine nano imagemagick -qq -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" ; systemctl enable docker ; systemctl start docker
apt-get -y purge apache2 -qq
spinny::stop
printf '\033[1;32m'" ✔ \n"'\033[0m\n'
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Installing the rest of the system, configure services and services" ; sleep 2
spinny::start
#///// main /////
#wine32
dpkg --add-architecture i386 ; apt-get update ; apt-get -y install wine32
#timedate issue
systemctl restart ntp.service
cat<<'EOF'>>/etc/ntp.conf
server 0.ubuntu.pool.ntp.org
server 1.ubuntu.pool.ntp.org
server 2.ubuntu.pool.ntp.org
server 3.ubuntu.pool.ntp.org
EOF
ntpq -p ; timedatectl set-local-rtc 1 ; hwclock --systohc ; sleep 5
#pip2
curl https://bootstrap.pypa.io/pip/2.7/get-pip.py -o get-pip.py ; python get-pip.py
#ulimit
echo 'session required pam_limits.so' >> /etc/pam.d/common-session
cat<<'EOF'>/etc/security/limits.conf
* soft nofile 655350
* hard nofile 655350
root soft nofile 655350
root hard nofile 655350
EOF
#transfer.sh
wget -qO /usr/local/bin/transfer.sh $(curl -sL https://api.github.com/repos/dutchcoders/transfer.sh/releases/latest | grep linux-amd64 \
| grep browser_download_url | head -1 | cut -d \" -f 4) && chmod +x /usr/local/bin/transfer.sh
cat<<'EOF'>/etc/systemd/system/transfer.service
[Unit]
Description=transferr
[Service]
ExecStart=sudo transfer.sh --listener 0.0.0.0:4466 --temp-path /tmp/ --provider local --basedir /tmp --purge-interval 1
WorkingDirectory=/tmp
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
EOF
systemctl enable transfer.service ; systemctl start transfer.service
#grub
cat<<'EOF'>/etc/default/grub
GRUB_DEFAULT=0
GRUB_TIMEOUT=0
GRUB_CMDLINE_LINUX_DEFAULT="elevator=noop ipv6.disable=1 net.ifnames=0 apparmor=1 security=apparmor mce=0 page_poison=1 pti=on mds=full,nosmt audit=1 components union=overlay vsyscall=none init_on_alloc=1 init_on_free=1 l1tf=full,force spectre_v2=on spec_store_bypass_disable=seccomp extra_latent_entropy quiet"
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX="initrd=/install/initrd.gz"
EOF
update-grub
#DNS-server
mkdir /tmp/dns && cd /tmp/dns
wget -nv --show-progress "$(curl -sL https://api.github.com/repos/DNSCrypt/dnscrypt-proxy/releases/latest | grep dnscrypt-proxy-linux_x86_64- | grep browser_download_url \
| head -1 | cut -d \" -f 4)" && tar xf dnscrypt-proxy-linux_x86_64-* -C /tmp/ ; mv /tmp/linux-x86_64/* /opt/dnscrypt-proxy/ ; ln -s /opt/dnscrypt-proxy/dnscrypt-proxy /bin/ \
; systemctl disable systemd-resolved ; dnscrypt-proxy -service install ; dnscrypt-proxy -service start
cd ~ ; rm /etc/resolv.conf ; echo nameserver 127.0.0.1 > /etc/resolv.conf ; chattr +i /etc/resolv.conf
cat<<'EOF'>/etc/rc.local
#!/bin/bash
dnscrypt-proxy -service uninstall ; dnscrypt-proxy -service stop
chattr -i /etc/resolv.conf ; echo nameserver 1.0.0.1 > /etc/resolv.conf
dnscrypt-proxy -service install ; dnscrypt-proxy -service start ; sleep 3
echo nameserver 127.0.0.1 > /etc/resolv.conf ; chattr +i /etc/resolv.conf
sleep 4 ; cd /localhost ; ./up.sh
EOF
chmod +x /etc/rc.local
#cobaltstrike section
#neo4j && bloodhound-autoimport
pip3 install bloodhound_import ; ulimit -n 500000 ; apt-get -y install neo4j
cat<<'EOF'>/usr/share/neo4j/conf/neo4j.conf
dbms.directories.import=import
dbms.allow_upgrade=true
dbms.memory.heap.initial_size=1024m
dbms.memory.heap.max_size=1024m
dbms.tx_state.memory_allocation=ON_HEAP
dbms.default_listen_address=0.0.0.0
dbms.connector.bolt.enabled=true
dbms.connector.bolt.listen_address=:980
dbms.connector.http.enabled=true
dbms.connector.http.listen_address=:970
dbms.connector.https.enabled=false
dbms.tx_log.rotation.retention_policy=1 days
dbms.jvm.additional=-XX:+UseG1GC
dbms.jvm.additional=-XX:-OmitStackTraceInFastThrow
dbms.jvm.additional=-XX:+AlwaysPreTouch
dbms.jvm.additional=-XX:+UnlockExperimentalVMOptions
dbms.jvm.additional=-XX:+TrustFinalNonStaticFields
dbms.jvm.additional=-XX:+DisableExplicitGC
dbms.jvm.additional=-XX:MaxInlineLevel=15
dbms.jvm.additional=-XX:-UseBiasedLocking
dbms.jvm.additional=-Djdk.nio.maxCachedBufferSize=262144
dbms.jvm.additional=-Dio.netty.tryReflectionSetAccessible=true
dbms.jvm.additional=-Djdk.tls.ephemeralDHKeySize=2048
dbms.jvm.additional=-Djdk.tls.rejectClientInitiatedRenegotiation=true
dbms.jvm.additional=-XX:FlightRecorderOptions=stackdepth=256
dbms.jvm.additional=-XX:+UnlockDiagnosticVMOptions
dbms.jvm.additional=-XX:+DebugNonSafepoints
dbms.jvm.additional=-Dlog4j2.disable.jmx=true
dbms.windows_service_name=neo4j
EOF
/usr/share/neo4j/bin/neo4j-admin set-initial-password root
mkdir -p /usr/share/neo4j/logs ; /usr/share/neo4j/bin/neo4j start
cat<<'EOF'>/etc/systemd/system/bloodhound-upload.service
Description=BloodHoundUpload
After=network.target
[Service]
Type=simple
User=root
Restart=on-failure
RestartSec=1s
ExecStart=/usr/local/bin/upload-server -ip 0.0.0.0 -port 899 -token f9403fc5f537b4ab332a /opt/bloodhound
[Install]
WantedBy=multi-user.target
EOF
systemctl enable bloodhound-upload ; systemctl start bloodhound-upload
cat<<'EOF'>/usr/local/bin/vampireload
#!/bin/bash
randomblood="$(openssl rand -hex 8)"
mkdir /tmp/"$randomblood" ; cd /tmp/"$randomblood" ; mv /opt/bloodhound/* /tmp/"$randomblood".zip
unzip /tmp/"$randomblood".zip -d /tmp/"$randomblood"/ ; ls * > /tmp/"$randomblood".txt
while read in ; do unzip "$in" ; done < /tmp/"$randomblood".txt
bloodhound-import -du neo4j -dp root -p 980 *.json ; cd ~ ; rm -r /tmp/"$randomblood"*
EOF
chmod +x /usr/local/bin/vampireload
cat<<'EOF'>/usr/local/bin/vampirewatcher
#!/bin/bash
inotifywait -m -e close_write /opt/bloodhound | gawk '{print $1$3; fflush()}' | xargs -L 1 vampireload
EOF
chmod +x /usr/local/bin/vampirewatcher
cat<<'EOF'>/etc/systemd/system/vampires.service
Description=VampireService
After=network.target
[Service]
Type=simple
User=root
Restart=on-failure
RestartSec=1s
ExecStart=/usr/local/bin/vampirewatcher
[Install]
WantedBy=multi-user.target
EOF
systemctl enable vampires.service ; systemctl start vampires.service
#cobaltstrike
cd /opt/cobaltstrike ; rm cobaltstrike.store ; gencert
cat<<'EOF'>/usr/local/bin/ts
#!/bin/bash
cd /opt/cobaltstrike ; hname="$(hostname)" ; neo4j start
java -XX:ParallelGCThreads=4 -Dcobaltstrike.server_port=41447 -Djavax.net.ssl.keyStore=./cobaltstrike.store -Djavax.net.ssl.keyStorePassword=root -server -XX:+AggressiveHeap \
-XX:+UseParallelGC -classpath ./cobaltstrike.jar server.TeamServer "$(dig $hname +short A)" root url.profile "$(date --date='1 year' -u +'%Y-%m-%d')"
EOF
chmod +x /usr/local/bin/ts
cat<<'EOF'>/etc/systemd/system/teamserver.service
[Unit]
Description=teamserver
[Service]
ExecStart=sudo /usr/local/bin/ts
WorkingDirectory=/opt/cobaltstrike
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
EOF
systemctl enable teamserver ; systemctl start teamserver
#frp - expose noVNC port
wget -qO /tmp/f.tar https://github.com/fatedier/frp/releases/download/v0.36.2/frp_0.36.2_linux_amd64.tar.gz && tar xf /tmp/f.tar -C /tmp/ && mv /tmp/frp*/frps /usr/bin/
cat<<'EOF'>/usr/local/bin/frps.ini
[common]
bind_port = 7000
EOF
cat<<'EOF'>/etc/systemd/system/frps.service
[Unit]
Description=Frp Server Service
After=network.target
[Service]
Type=simple
User=root
Restart=on-failure
RestartSec=5s
ExecStart=/usr/bin/frps -c /usr/local/bin/frps.ini
[Install]
WantedBy=multi-user.target
EOF
systemctl enable frps ; systemctl start frps
#sudoers
cat<<'EOF'> /etc/sudoers
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL=(ALL) NOPASSWD: ALL
gvm ALL=(ALL) NOPASSWD: ALL
%sudo ALL=(ALL) NOPASSWD: ALL
@includedir /etc/sudoers.d
EOF
spinny::stop
printf '\033[1;32m'" ✔ \n"'\033[0m\n'
#PATROWL
function installpatrowl() {
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] Installing PatrowlHears.. Attention: installation can take up to 3-4 hours. Be patient" ; sleep 2
spinny::start
sleep 10 ; cd /opt ; git clone https://github.com/Patrowl/PatrowlHears ; cd /opt/PatrowlHears ; docker-compose up -d
docker-compose exec patrowlhears bash -c 'cd backend_app && ./load_init_data.sh'
docker-compose exec patrowlhears bash -c 'cd backend_app && ./import_data_updates.sh'
(crontab -l | grep . ; echo -e "* * */1 * * cd /opt/PatrowlHears && docker-compose exec patrowlhears bash -c 'cd backend_app && ./import_data_updates.sh'") | crontab -
spinny::stop
printf '\033[1;32m'" ✔ \n"'\033[0m\n'
}
#installpatrowl
#filebrowser
wget -qO /tmp/fb.tar.gz $(curl -sL https://api.github.com/repos/filebrowser/filebrowser/releases/latest | grep linux-amd64 | grep browser_download_url | head -1 | cut -d \" -f 4) && tar xf /tmp/fb.tar.gz -C /usr/local/bin/
mv /usr/share/filebrowser/filebrowser.db /
cat<<'EOF'>/etc/systemd/system/filebrowser.service
[Unit]
Description=FileBrowser service
After=network.target
[Service]
User=root
Restart=on-failure
RestartSec=5s
ExecStart=filebrowser -a 0.0.0.0 -t /etc/letsencrypt/live/$hname/cert.pem -k /etc/letsencrypt/live/$hname/privkey.pem
[Install]
WantedBy=multi-user.target
EOF
systemctl enable filebrowser ; systemctl start filebrowser
#ssh
cat<<'EOF'>>/etc/ssh/sshd_config
MaxAuthTries 3
MaxSessions 5
EOF
#super_os
clear ; printf "\n\n\033[1;33mThe server installation is complete, Im starting to build a docker container with the main system..\n\033[0m" ; sleep 5
/etc/init.d/docker restart ; sleep 2 ; cd /opt/kali_suos ; mv /k_client . ; sleep 1 ; while [ -z "$(docker image ls | grep kali_suos)" ] ; do sleep 2 && docker build -t kali_suos . ; done
#end
printf "\033[1;37m[\033[1;31m ﮊ ! \033[1;37m] I clean, wash, put away. I install the anti-sandbox and reboot" ; sleep 2
sleep 4 ; apt-get -y autoremove ; apt autoclean ; echo 'cd /usr/share/clients && bash build.sh' > /usr/local/bin/makeclients ; chmod +x /usr/local/bin/makeclients
ln -s /localhost/up.sh /usr/local/bin/wakeupneo ; chattr -i /etc/resolv.conf ; echo nameserver 8.8.8.8 > /etc/resolv.conf ; /etc/init.d/docker restart
docker pull jordanpotter/wireguard
#badboyz
function bbinstall() {
ipset -q flush goodboyz ; ipset -q create goodboyz nethash
for ip in $(curl -s https://gist.githubusercontent.com/curi0usJack/971385e8334e189d93a6cb4671238b10/raw | \
grep -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)"); \
do ipset add goodboyz $ip ; done
iptables -A INPUT -m set --match-set goodboyz src -j DROP
iptables -A FORWARD -m set --match-set goodboyz src -j DROP
EOF
chmod +x /usr/local/bin/goodboyz ; goodboyz
echo '/usr/local/bin/goodboyz' >> /etc/rc.local
}&>/dev/null
#bbinstall
spinny::stop
printf '\033[1;32m'" ✔ Ready. I'm rebooting..\n"'\033[0m\n' ; sleep 5
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment