RomanNum3ral
/
pimp-my-kali
mirror of https://github.com/RomanNum3ral/pimpmykali.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

revision 1.7.3 PEH WebApp Labs added

This commit is contained in:
Dewalt 2023-07-12 07:56:38 -05:00
parent fd24de3fd1
commit a00e91b033
3 changed files with 203 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
README.md
View File

@ -39,6 +39,14 @@
# Writeups / Honorable Mentions
- ip3c4c_n00b https://ip3c4c.com/2202_homelab_vmware/
# Revision 1.7.3 - PEH Web Lab update
- Major Milestone! 2000+ Lines of code!
- added installation for Practical Ethical Hacker WebApp Labs
- menu option E
- added ~/peh/labs/start-peh-labs.sh startup script
- added ~/peh/labs/cleanup-peh-labs.sh cleanup script
- all revision 1.6.x announcements moved to changelog.txt
# Revision 1.7.2 - Hacking API Lab update
- added creation of start-api-hacking.sh
- this is to help mitigate issues with unhealthy containers
@ -71,74 +79,7 @@
- mobsf installation has been changed to a docker installation
- /usr/bin/mobsf-docker script created and made executable
# Revision 1.6.9a - changed google-chrome installation source
- is now installed from the kali repo google-chrome-stable
# Revision 1.6.9 - fix_impacket restored
- menu options N, 0 and 1 are fully operational
# Revision 1.6.8 - fix_impacket function temporarily commented out
- affecting menu options N, 0 and 1
- issues with kali2023.2
# Revision 1.6.7 - Added installer and Uninstaller for Nessus
- menu option @ to install nessus
- menu option $ to nuke nessus
# Revision 1.6.6 - Hacking API Course setup
- added Practical API Hacking Course setup (amd64 and arm64), menu option O
- Instructor Alex Olsen https://academy.tcm-sec.com/p/hacking-apis
- menu options rearranged in stand alone functions
# Revision 1.6.5 - impacket
- added --user to impacket 0.9.19 install
# Revision 1.6.4 - minor code cleanup
# Revision 1.6.3 - mitm6 installation
- mitm6 moved from a python2 to python3 installation
- added --breaks-system-packages to get around pip related issues
- liblibc symlink correction added at the end of this function
# Revision 1.6.2 - FixSSH Removed
- use kali-tweaks 2023.1.3 to resolve the issue with ssh -i and hydra out of memory
# Revision 1.6.1 - $pyver variable
- removed single quotes
# Revision 1.6.0 - Atom removed + misc fixes/updates
- Corrected the non-interactive shell being opened for:
- Menu option K - Reconfigure Keyboard
- Menu option T - Reconfigure Timezone
- shell is now interactive and functions properly
- Added $archtype variable for potential upcoming arm64 specific support ( Mac m1, rasberry pi, etc )
- Added $pyver variable for detection of version of python3
- corrects error with installing python'$pyver'-venv and other various python required installations
- Atom
- has been deprecated/sunset and the installation of atom has been removed
- menu option 7 - Install atom removed
- Seclists
- changed seclists to be pulled from github, to be more verbose about what is taking place on screen
- gowitness function updated to detect amd64 or arm64 installations, still installs from github
- httprobe, assetfinder, amass are now installed from the kali repo instead of github
- Misc Fixes
- corrected if statement on line 1240 MPP Course Setup
- added function for apt_fixbroken and apt_fixbroken_complete
- removed functions: fix_bloodhound, ask_python39, fix_python39, fix_resopnder
- addded -o Dpkg::Progress-Fancy="1" to all apt operations for fancy progress bars
- moved virt-what to be installed much earlier in the script
- general code cleanup
- Menu option B restored to BlindPenTesters - TheEssentials
- older revision history moved to changelog.txt
# Menu Breakdown of Pimpmykali
# Menu Breakdown of Pimpmykali
- Menu option N (New Users/New VM's Should start here!)
- executes menu option 0 fix all ( options 1 thru 8 )
@ -245,6 +186,8 @@
- Menu Option C
- Install Google-Chrome
- Menu Option E
- Install TCM PEH Course WebApp Labs, docker
- Menu Option F
- Fixes XFCE Broken Icons "TerminalEmulator" Not Found

67
changelog.txt
View File

@ -1,3 +1,70 @@
# Revision 1.6.9a - changed google-chrome installation source
- is now installed from the kali repo google-chrome-stable
# Revision 1.6.9 - fix_impacket restored
- menu options N, 0 and 1 are fully operational
# Revision 1.6.8 - fix_impacket function temporarily commented out
- affecting menu options N, 0 and 1
- issues with kali2023.2
# Revision 1.6.7 - Added installer and Uninstaller for Nessus
- menu option @ to install nessus
- menu option $ to nuke nessus
# Revision 1.6.6 - Hacking API Course setup
- added Practical API Hacking Course setup (amd64 and arm64), menu option O
- Instructor Alex Olsen https://academy.tcm-sec.com/p/hacking-apis
- menu options rearranged in stand alone functions
# Revision 1.6.5 - impacket
- added --user to impacket 0.9.19 install
# Revision 1.6.4 - minor code cleanup
# Revision 1.6.3 - mitm6 installation
- mitm6 moved from a python2 to python3 installation
- added --breaks-system-packages to get around pip related issues
- liblibc symlink correction added at the end of this function
# Revision 1.6.2 - FixSSH Removed
- use kali-tweaks 2023.1.3 to resolve the issue with ssh -i and hydra out of memory
# Revision 1.6.1 - $pyver variable
- removed single quotes
# Revision 1.6.0 - Atom removed + misc fixes/updates
- Corrected the non-interactive shell being opened for:
- Menu option K - Reconfigure Keyboard
- Menu option T - Reconfigure Timezone
- shell is now interactive and functions properly
- Added $archtype variable for potential upcoming arm64 specific support ( Mac m1, rasberry pi, etc )
- Added $pyver variable for detection of version of python3
- corrects error with installing python'$pyver'-venv and other various python required installations
- Atom
- has been deprecated/sunset and the installation of atom has been removed
- menu option 7 - Install atom removed
- Seclists
- changed seclists to be pulled from github, to be more verbose about what is taking place on screen
- gowitness function updated to detect amd64 or arm64 installations, still installs from github
- httprobe, assetfinder, amass are now installed from the kali repo instead of github
- Misc Fixes
- corrected if statement on line 1240 MPP Course Setup
- added function for apt_fixbroken and apt_fixbroken_complete
- removed functions: fix_bloodhound, ask_python39, fix_python39, fix_resopnder
- addded -o Dpkg::Progress-Fancy="1" to all apt operations for fancy progress bars
- moved virt-what to be installed much earlier in the script
- general code cleanup
- Menu option B restored to BlindPenTesters - TheEssentials
- older revision history moved to changelog.txt
# Revision 1.5.9 - gowitness update
- due to a new line error, pimpmykali is now hardcoded to pull gowitness 2.4.1
until the new line error in gowitness 2.4.2 is resolved.

126
pimpmykali.sh
View File

@ -9,7 +9,7 @@
# Standard Disclaimer: Author assumes no liability for any damage
# revision var
revision="1.7.2"
revision="1.7.3"
# unicorn puke:
red=$'\e[1;31m'
@ -1544,6 +1544,129 @@ mapt_prereq() {
# ln -sf /opt/spoofpoint/spoofpoint /usr/bin/spoofpoint
# }
hacking_peh_create_cleanupsh() {
cleanup_script="cleanup_peh_labs.sh"
echo -e "\n $greenplus Creating cleanup_peh_labs.sh"
# create cleanup.sh - prompts user for a Y or y prompt and provides warning before executing commands
echo -e "#!/bin/bash" > $cleanup_script
echo -e "\n" >> $cleanup_script
echo "cleanup_docker () {" >> $cleanup_script
echo -e " sudo docker stop \$(sudo docker ps -aq)" >> $cleanup_script
echo -e " sudo docker rm \$(sudo docker ps -aq)" >> $cleanup_script
echo -e " sudo docker rm \$(sudo docker images -q)" >> $cleanup_script
echo -e " sudo docker volume rm \$(sudo docker volume ls -q)" >> $cleanup_script
echo -e " sudo docker network rm \$(sudo docker network ls -q)" >> $cleanup_script
echo " exit" >> $cleanup_script
echo " }" >> $cleanup_script
echo -e "\n" >> $cleanup_script
echo " echo -e \"\n Warning! This script is about to remove all docker containers and networks!\" " >> $cleanup_script
echo " read -n3 -p \" Press Y or y to proceed any other key to exit : \" userinput " >> $cleanup_script
echo " case \$userinput in" >> $cleanup_script
echo " y|Y) cleanup_docker ;;" >> $cleanup_script
echo " *) exit ;;" >> $cleanup_script
echo " esac" >> $cleanup_script
chmod +x cleanup_peh_labs.sh
# create startu-peh-labs.sh
startup_script="start-peh-labs.sh"
echo -e "\n $greenplus Creating start-peh-hacking.sh"
echo -e "#!/bin/bash" > $startup_script
echo -e "\n" >> $startup_script
echo -e "cd ~/peh/labs/" >> $startup_script
echo -e "sudo systemctl stop mysqld" >> $startup_script
echo -e "sudo docker-compose up" >> $startup_script
chmod +x start-peh-labs.sh
}
peh_weblab_setup() {
echo -e "\n $greenplus Installing docker.io and docker-compose"
eval apt -y install docker.io docker-compose
echo -e "\n $greenplus Starting docker service and enabling "
eval systemctl enable docker --now
echo -e "\n $greenplus Downloading peh-web-labs.tar.gz "
wget https://cdn.fs.teachablecdn.com/NgPnyKOwSfWYuwnX3Lzb -O /tmp/peh-web-labs.tar.gz
if [[ $finduser == "root" ]]
then
#lab setup for root
echo -e "\n $greenplus Making peh directory for labs /$finduser/peh"
mkdir /$finduser/peh
echo -e "\n $greenplus Extracting labs to /$finduser/peh"
tar xvfz /tmp/peh-web-labs.tar.gz -C /$finduser/peh
echo -e "\n $greenplus Setting permissions for /$finduser/peh/labs/labs/uploads"
chmod 777 /$finduser/peh/labs/labs/uploads
echo -e "\n $greenplus Setting permissions for /$finduser/peh/labs/capstone/assets"
chmod 777 /$finduser/capstone/assets
echo -e "\n $greenplus Starting labs docker in daemon mode"
cd /$finduser/peh/labs
hacking_peh_create_cleanupsh
if [[ ! -f docker-compose.yml ]]
then
echo -e "\n $redexclaim docker-compose.yml not found in current directory, aborting "
exit_screen
else
echo -e "\n $greenplus docker-compose.yml found, starting labs in daemon mode -d"
eval docker-compose up -d
exit_screen
fi
else
# lab setup for regular user
echo -e "\n $greenplus Making peh directory for labs /home/$finduser/peh"
mkdir /home/$finduser/peh
echo -e "\n $greenplus Extracting labs to /home/$finduser/peh"
tar xvfz /tmp/peh-web-labs.tar.gz -C /home/$finduser/peh
# check for /home/$finduser/peh/labs/labs/uploads
if [[ -d /home/$finduser/peh/labs/labs/uploads ]]
then
echo -e "\n $greenplus Setting permissions for /home/$finduser/peh/labs/labs/uploads"
chmod 777 /home/$finduser/peh/labs/labs/uploads
echo -e "\n $greenplus Setting ownership to $finduser:$finduser for /home/$finduser/peh"
chown -R $finduser:$finduser /home/$finduser/peh
else
echo -e "\n $redexclaim Unable to find /home/$finduser/peh/labs/labs/uploads"
fi
# check for /home/$finduser/peh/labs/capstones/assets
if [[ -d /home/$finduser/peh/labs/capstone/assets ]]
then
echo -e "\n $greenplus Setting permissions for /home/$finduser/peh/labs/capstone/assets"
chmod 777 /home/$finduser/peh/labs/capstone/assets
else
echo -e "\n $redexclaim Unable to locate /home/$finduser/peh/labs/capstone/assets"
exit_screen
fi
echo -e "\n $greenplus Creating cleanup-peh-labs.sh and start-peh-labs.sh in /home/$finduser/peh/labs"
cd /home/$finduser/peh/labs
hacking_peh_create_cleanupsh
echo -e "\n $greenplus Cleaning up temporary files..."
rm /tmp/peh-web-labs.tar.gz
echo -e "\n $greenplus Starting labs docker in daemon mode"
if [[ ! -f docker-compose.yml ]]
then
echo -e "\n $redexclaim docker-compose.yml not found in current directory, aborting "
exit_screen
else
echo -e "\n $greenplus docker-compose.yml found, starting labs in daemon mode "
eval docker-compose up -d
fi
fi
}
mayor_mpp() {
# additions to PMK 1.3.0 - Mayor MPP Course additions
fix_sources
@ -1820,6 +1943,7 @@ pimpmykali_menu() {
a|A) mapt_prereq;;
b|B) bpt;;
c|C) check_chrome;;
e|E) apt_update; fix_libwacom; only_upgrade; peh_weblab_setup;;
f|F) fix_broken_xfce;;
g|G) fix_root_connectionrefused ;;
h|H) fix_httprobe;;