Created
April 25, 2020 20:53
-
-
Save s0lst1c3/a1d689ba51ab0b9bdf4108bf669037fe to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: redir-create.sh | |
# Author: @s0lst1c3 | |
# Description: Simple Bash script that creates a mod_rewrite redirector | |
# using Joe Vest's cs2modrewrite tool. | |
# Syntax: ./redir-create.sh <profile path> <teamserver url> <decoy url> <redirector ip> <ssh user> <domain> | |
#!/bin/bash | |
apache_default_ssl_conf="/etc/apache2/sites-enabled/default-ssl.conf" | |
apache_conf="/etc/apache2/apache2.conf" | |
setup() { | |
git clone https://github.com/threatexpress/cs2modrewrite | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" 'sudo apt -y update' | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" 'sudo apt -y upgrade' | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" 'sudo apt -y install apache2 certbot' | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" 'systemctl stop apache2' | |
sleep 3 | |
} | |
create_apache_default_ssl_conf() { | |
local_apache_default_ssl_conf="$(mktemp)" | |
cat 'conf_files/default_ssl_template.conf' | sed "s/DOMAIN_NAME_HERE/$domain/" > $local_apache_default_ssl_conf | |
scp "$local_apache_default_ssl_conf" "$ssh_user"'@'"$redir_ip:/home/$ssh_user/default-ssl.conf" | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" "sudo cp /home/$ssh_user/default-ssl.conf $apache_default_ssl_conf" | |
rm -f "$local_apache_default_ssl_conf" | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" "sudo rm -f /home/$ssh_user/default-ssl.conf" | |
} | |
create_htaccess() { | |
htaccess_file="$(mktemp)" | |
python cs2modrewrite/cs2modrewrite.py -i "$profile" -c $ts_url -r $other_url | grep -v '\[!\]' > "$htaccess_file" | |
scp "$htaccess_file" "$ssh_user"'@'"$redir_ip"':~/.htaccess' | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" "sudo cp /home/$ssh_user/.htaccess /var/www/html/.htaccess" | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" "sudo chmod 600 /var/www/html/.htaccess" | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" "sudo chown www-data:www-data /var/www/html/.htaccess" | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" "sudo rm -f /home/$ssh_user/.htaccess" | |
rm -f "$htaccess_file" | |
} | |
config_apache() { | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" 'sudo a2enmod ssl rewrite proxy proxy_http' | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" 'sudo a2ensite default-ssl.conf' | |
scp conf_files/apache2.conf "$ssh_user"'@'"$redir_ip:/home/$ssh_user/apache2.conf" | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" "sudo cp /home/$ssh_user/apache2.conf $apache_conf" | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" "sudo rm -f /home/$ssh_user/apache2.conf" | |
create_apache_default_ssl_conf | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" 'sudo systemctl stop apache2' | |
} | |
run_letsencrypt() { | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" "sudo certbot certonly --register-unsafely-without-email --standalone -d $domain -d www.$domain" | |
} | |
profile="$1" | |
ts_url="$2" | |
other_url="$3" | |
redir_ip="$4" | |
ssh_user="$5" | |
domain="$6" | |
ssh -fN -M -S /tmp/ssh_mux_%h_%p_%r "$ssh_user"'@'"$redir_ip" | |
setup | |
run_letsencrypt | |
config_apache | |
create_htaccess | |
ssh -S /tmp/ssh_mux_%h_%p_%r -t "$ssh_user"'@'"$redir_ip" "sudo systemctl restart apache2" | |
killall ssh |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment