Created
October 13, 2019 01:18
-
-
Save niltonvasques/f8e1b2cc98a5de3a767fd5d4635e2b6b to your computer and use it in GitHub Desktop.
Generate knockd configuration file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
PINS=$1 | |
HOSTNAME=$2 | |
USERNAME=$3 | |
PINDIPS=`shuf -i 1024-65534 -n $PINS` | |
OUTLOCK="knockd.conf" | |
# CHECK SYNTAX | |
if [ "$#" -ne 3 ]; then | |
echo "Syntax Error!" | |
echo "Syntax: $0 <number of pins> <hostname/ip> <username to login>" | |
exit | |
fi | |
# CREATE FILES | |
touch $OUTLOCK | |
# GENERATE SERVER CONFIGURATION | |
echo "GENERATING KNOCKd CONFIG FILE" | |
echo "copy knockd.conf to /etc/knockd.conf" | |
echo "[option]" > $OUTLOCK | |
echo " UseSyslog" >> $OUTLOCK | |
echo "" >> $OUTLOCK | |
echo "[KnockSSH]" >> $OUTLOCK | |
for x in `seq 1 $PINS` | |
do | |
PIN=$(echo $PINDIPS | cut -d " " -f $x) | |
SEQUENCE="$SEQUENCE,$PIN" | |
done | |
SEQUENCE=$(echo $SEQUENCE | sed -r 's/^.{1}//') | |
echo " sequence = $SEQUENCE" >> $OUTLOCK | |
echo " tcpflags = syn" >> $OUTLOCK | |
echo " seq_timeout = 15" >> $OUTLOCK | |
echo " start_command = /sbin/iptables -I INPUT -s %IP% -p tcp --dport 22 -j ACCEPT" >> $OUTLOCK | |
echo " cmd_timeout = 10" >> $OUTLOCK | |
echo " stop_command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT" >> $OUTLOCK | |
echo "" >> $OUTLOCK | |
echo " " | |
# GENERATE SERVER ACCESS COMMAND | |
SEQUENCE=$(echo $SEQUENCE | sed -r 's/,/ /g') | |
echo "USE THE COMMAND BELLOW TO OPEN THE WINDOW AND ACCESS THE SERVER:" | |
echo " " | |
echo "for x in $SEQUENCE; do nmap -Pn --host_timeout 201 --max-retries 0 -p "'$x'" $HOSTNAME; done | |
&& ssh $USERNAME@$HOSTNAME" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment