Last active
July 25, 2017 14:40
-
-
Save e23z/003ce6519a65382b3f78 to your computer and use it in GitHub Desktop.
[SQLInjection Vulnerable Server Setup] A simple bash script to install to prepare a vulnerable lamp server for educational purposes. #scripts #lamp #ubuntu #learning #demo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
PWD=$(pwd) | |
CURDIR=$(dirname "$(readlink -f "$0")") | |
GROUP=$(ls -ld ~ | awk '{print $4}') | |
USER=$(ls -ld ~ | awk '{print $3}') | |
IP=$(ifconfig | grep -Pi 'inet\saddr:.+bcast' | awk '{print $2}' | sed 's/addr://g') | |
clear | |
cd ~ | |
echo "Precisamos de permissão de root para alguns comandos." | |
read -p 'Digite sua senha de usuário: ' PASSWORD | |
echo "" | |
echo "Vamos iniciar o setup do ambiente de servidor web (apache, php, mysql)." | |
echo "O instalador do banco de dados (mysql) pedirá que você digite uma senha para o usuário root." | |
read -p "Digite a senha que você irá utilizar: " MYSQLPASSWORD | |
echo "" | |
echo "Instalando e preparando o servidor LAMP..." | |
echo "" | |
echo $PASSWORD | sudo -Sk apt-get update | |
echo $PASSWORD | sudo -Sk apt-get install -y apache2 mysql-server php5-mysql php5 libapache2-mod-php5 php5-mcrypt | |
echo $PASSWORD | sudo -Sk mysql_install_db | |
cd /var/www/html | |
echo $PASSWORD | sudo -Sk chmod -R 7777 . | |
echo "" | |
echo "Criando um arquivo para testar o servidor php..." | |
echo "" | |
echo "<?php phpinfo(); ?>" > info.php | |
echo "Baixando o website inseguro de demostracão do github..." | |
echo "" | |
wget https://github.com/feuerwelt/wazausky-store/archive/master.zip | |
unzip master.zip | |
mv wazausky-store-master wazausky | |
rm master.zip | |
cd wazausky | |
mysql -u root -p$MYSQLPASSWORD < dump.sql | |
sed -i -e "s/senha123/$MYSQLPASSWORD/g" database.inc | |
echo $PASSWORD | sudo -Sk sed -i -e "s/APACHE_RUN_USER=www-data/APACHE_RUN_USER=$USER/g" /etc/apache2/envvars | |
echo $PASSWORD | sudo -Sk sed -i -e "s/APACHE_RUN_GROUP=www-data/APACHE_RUN_GROUP=$GROUP/g" /etc/apache2/envvars | |
echo $PASSWORD | sudo -Sk service apache2 restart | |
cd $PWD | |
echo "" | |
echo "O ip do servidor virtual é: $IP" | |
echo "A página de informacões do PHP é: $IP/info.php" | |
echo "A página de testes de vulnerabilidades é: $IP/wazausky" | |
echo "" | |
echo "" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment