From a00e91b0339dc3ec00ecffa990a2cf33cc4c0673 Mon Sep 17 00:00:00 2001 From: Dewalt <> Date: Wed, 12 Jul 2023 07:56:38 -0500 Subject: [PATCH] revision 1.7.3 PEH WebApp Labs added --- README.md | 79 +++++-------------------------- changelog.txt | 67 +++++++++++++++++++++++++++ pimpmykali.sh | 126 +++++++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 203 insertions(+), 69 deletions(-) diff --git a/README.md b/README.md index a8075e0..82372ce 100644 --- a/README.md +++ b/README.md @@ -39,6 +39,14 @@ # Writeups / Honorable Mentions - ip3c4c_n00b https://ip3c4c.com/2202_homelab_vmware/ +# Revision 1.7.3 - PEH Web Lab update + - Major Milestone! 2000+ Lines of code! + - added installation for Practical Ethical Hacker WebApp Labs + - menu option E + - added ~/peh/labs/start-peh-labs.sh startup script + - added ~/peh/labs/cleanup-peh-labs.sh cleanup script + - all revision 1.6.x announcements moved to changelog.txt + # Revision 1.7.2 - Hacking API Lab update - added creation of start-api-hacking.sh - this is to help mitigate issues with unhealthy containers @@ -71,74 +79,7 @@ - mobsf installation has been changed to a docker installation - /usr/bin/mobsf-docker script created and made executable -# Revision 1.6.9a - changed google-chrome installation source - - is now installed from the kali repo google-chrome-stable - -# Revision 1.6.9 - fix_impacket restored - - menu options N, 0 and 1 are fully operational - -# Revision 1.6.8 - fix_impacket function temporarily commented out - - affecting menu options N, 0 and 1 - - issues with kali2023.2 - -# Revision 1.6.7 - Added installer and Uninstaller for Nessus - - menu option @ to install nessus - - menu option $ to nuke nessus - -# Revision 1.6.6 - Hacking API Course setup - - added Practical API Hacking Course setup (amd64 and arm64), menu option O - - Instructor Alex Olsen https://academy.tcm-sec.com/p/hacking-apis - - menu options rearranged in stand alone functions - -# Revision 1.6.5 - impacket - - added --user to impacket 0.9.19 install - -# Revision 1.6.4 - minor code cleanup - -# Revision 1.6.3 - mitm6 installation - - mitm6 moved from a python2 to python3 installation - - added --breaks-system-packages to get around pip related issues - - liblibc symlink correction added at the end of this function - -# Revision 1.6.2 - FixSSH Removed - - use kali-tweaks 2023.1.3 to resolve the issue with ssh -i and hydra out of memory - -# Revision 1.6.1 - $pyver variable - - removed single quotes - -# Revision 1.6.0 - Atom removed + misc fixes/updates - - Corrected the non-interactive shell being opened for: - - Menu option K - Reconfigure Keyboard - - Menu option T - Reconfigure Timezone - - shell is now interactive and functions properly - - - Added $archtype variable for potential upcoming arm64 specific support ( Mac m1, rasberry pi, etc ) - - Added $pyver variable for detection of version of python3 - - corrects error with installing python'$pyver'-venv and other various python required installations - - - Atom - - has been deprecated/sunset and the installation of atom has been removed - - menu option 7 - Install atom removed - - - Seclists - - changed seclists to be pulled from github, to be more verbose about what is taking place on screen - - - gowitness function updated to detect amd64 or arm64 installations, still installs from github - - - httprobe, assetfinder, amass are now installed from the kali repo instead of github - - - Misc Fixes - - corrected if statement on line 1240 MPP Course Setup - - added function for apt_fixbroken and apt_fixbroken_complete - - removed functions: fix_bloodhound, ask_python39, fix_python39, fix_resopnder - - addded -o Dpkg::Progress-Fancy="1" to all apt operations for fancy progress bars - - moved virt-what to be installed much earlier in the script - - general code cleanup - - - Menu option B restored to BlindPenTesters - TheEssentials - - older revision history moved to changelog.txt - -# Menu Breakdown of Pimpmykali +# Menu Breakdown of Pimpmykali - Menu option N (New Users/New VM's Should start here!) - executes menu option 0 fix all ( options 1 thru 8 ) @@ -245,6 +186,8 @@ - Menu Option C - Install Google-Chrome +- Menu Option E + - Install TCM PEH Course WebApp Labs, docker - Menu Option F - Fixes XFCE Broken Icons "TerminalEmulator" Not Found diff --git a/changelog.txt b/changelog.txt index 7c30731..4834b52 100644 --- a/changelog.txt +++ b/changelog.txt @@ -1,3 +1,70 @@ +# Revision 1.6.9a - changed google-chrome installation source + - is now installed from the kali repo google-chrome-stable + +# Revision 1.6.9 - fix_impacket restored + - menu options N, 0 and 1 are fully operational + +# Revision 1.6.8 - fix_impacket function temporarily commented out + - affecting menu options N, 0 and 1 + - issues with kali2023.2 + +# Revision 1.6.7 - Added installer and Uninstaller for Nessus + - menu option @ to install nessus + - menu option $ to nuke nessus + +# Revision 1.6.6 - Hacking API Course setup + - added Practical API Hacking Course setup (amd64 and arm64), menu option O + - Instructor Alex Olsen https://academy.tcm-sec.com/p/hacking-apis + - menu options rearranged in stand alone functions + +# Revision 1.6.5 - impacket + - added --user to impacket 0.9.19 install + +# Revision 1.6.4 - minor code cleanup + +# Revision 1.6.3 - mitm6 installation + - mitm6 moved from a python2 to python3 installation + - added --breaks-system-packages to get around pip related issues + - liblibc symlink correction added at the end of this function + +# Revision 1.6.2 - FixSSH Removed + - use kali-tweaks 2023.1.3 to resolve the issue with ssh -i and hydra out of memory + +# Revision 1.6.1 - $pyver variable + - removed single quotes + +# Revision 1.6.0 - Atom removed + misc fixes/updates + - Corrected the non-interactive shell being opened for: + - Menu option K - Reconfigure Keyboard + - Menu option T - Reconfigure Timezone + - shell is now interactive and functions properly + + - Added $archtype variable for potential upcoming arm64 specific support ( Mac m1, rasberry pi, etc ) + - Added $pyver variable for detection of version of python3 + - corrects error with installing python'$pyver'-venv and other various python required installations + + - Atom + - has been deprecated/sunset and the installation of atom has been removed + - menu option 7 - Install atom removed + + - Seclists + - changed seclists to be pulled from github, to be more verbose about what is taking place on screen + + - gowitness function updated to detect amd64 or arm64 installations, still installs from github + + - httprobe, assetfinder, amass are now installed from the kali repo instead of github + + - Misc Fixes + - corrected if statement on line 1240 MPP Course Setup + - added function for apt_fixbroken and apt_fixbroken_complete + - removed functions: fix_bloodhound, ask_python39, fix_python39, fix_resopnder + - addded -o Dpkg::Progress-Fancy="1" to all apt operations for fancy progress bars + - moved virt-what to be installed much earlier in the script + - general code cleanup + + - Menu option B restored to BlindPenTesters - TheEssentials + - older revision history moved to changelog.txt + # Revision 1.5.9 - gowitness update - due to a new line error, pimpmykali is now hardcoded to pull gowitness 2.4.1 until the new line error in gowitness 2.4.2 is resolved. diff --git a/pimpmykali.sh b/pimpmykali.sh index cd2e96d..21a15c1 100755 --- a/pimpmykali.sh +++ b/pimpmykali.sh @@ -9,7 +9,7 @@ # Standard Disclaimer: Author assumes no liability for any damage # revision var - revision="1.7.2" + revision="1.7.3" # unicorn puke: red=$'\e[1;31m' @@ -1544,6 +1544,129 @@ mapt_prereq() { # ln -sf /opt/spoofpoint/spoofpoint /usr/bin/spoofpoint # } +hacking_peh_create_cleanupsh() { + cleanup_script="cleanup_peh_labs.sh" + echo -e "\n $greenplus Creating cleanup_peh_labs.sh" + # create cleanup.sh - prompts user for a Y or y prompt and provides warning before executing commands + echo -e "#!/bin/bash" > $cleanup_script + echo -e "\n" >> $cleanup_script + echo "cleanup_docker () {" >> $cleanup_script + echo -e " sudo docker stop \$(sudo docker ps -aq)" >> $cleanup_script + echo -e " sudo docker rm \$(sudo docker ps -aq)" >> $cleanup_script + echo -e " sudo docker rm \$(sudo docker images -q)" >> $cleanup_script + echo -e " sudo docker volume rm \$(sudo docker volume ls -q)" >> $cleanup_script + echo -e " sudo docker network rm \$(sudo docker network ls -q)" >> $cleanup_script + echo " exit" >> $cleanup_script + echo " }" >> $cleanup_script + echo -e "\n" >> $cleanup_script + echo " echo -e \"\n Warning! This script is about to remove all docker containers and networks!\" " >> $cleanup_script + echo " read -n3 -p \" Press Y or y to proceed any other key to exit : \" userinput " >> $cleanup_script + echo " case \$userinput in" >> $cleanup_script + echo " y|Y) cleanup_docker ;;" >> $cleanup_script + echo " *) exit ;;" >> $cleanup_script + echo " esac" >> $cleanup_script + chmod +x cleanup_peh_labs.sh + + # create startu-peh-labs.sh + startup_script="start-peh-labs.sh" + echo -e "\n $greenplus Creating start-peh-hacking.sh" + echo -e "#!/bin/bash" > $startup_script + echo -e "\n" >> $startup_script + echo -e "cd ~/peh/labs/" >> $startup_script + echo -e "sudo systemctl stop mysqld" >> $startup_script + echo -e "sudo docker-compose up" >> $startup_script + chmod +x start-peh-labs.sh + } + +peh_weblab_setup() { + + echo -e "\n $greenplus Installing docker.io and docker-compose" + eval apt -y install docker.io docker-compose + + echo -e "\n $greenplus Starting docker service and enabling " + eval systemctl enable docker --now + + echo -e "\n $greenplus Downloading peh-web-labs.tar.gz " + wget https://cdn.fs.teachablecdn.com/NgPnyKOwSfWYuwnX3Lzb -O /tmp/peh-web-labs.tar.gz + + if [[ $finduser == "root" ]] + then + #lab setup for root + echo -e "\n $greenplus Making peh directory for labs /$finduser/peh" + mkdir /$finduser/peh + + echo -e "\n $greenplus Extracting labs to /$finduser/peh" + tar xvfz /tmp/peh-web-labs.tar.gz -C /$finduser/peh + + echo -e "\n $greenplus Setting permissions for /$finduser/peh/labs/labs/uploads" + chmod 777 /$finduser/peh/labs/labs/uploads + + echo -e "\n $greenplus Setting permissions for /$finduser/peh/labs/capstone/assets" + chmod 777 /$finduser/capstone/assets + + echo -e "\n $greenplus Starting labs docker in daemon mode" + cd /$finduser/peh/labs + hacking_peh_create_cleanupsh + + if [[ ! -f docker-compose.yml ]] + then + echo -e "\n $redexclaim docker-compose.yml not found in current directory, aborting " + exit_screen + else + echo -e "\n $greenplus docker-compose.yml found, starting labs in daemon mode -d" + eval docker-compose up -d + exit_screen + fi + + else + # lab setup for regular user + echo -e "\n $greenplus Making peh directory for labs /home/$finduser/peh" + mkdir /home/$finduser/peh + + echo -e "\n $greenplus Extracting labs to /home/$finduser/peh" + tar xvfz /tmp/peh-web-labs.tar.gz -C /home/$finduser/peh + + # check for /home/$finduser/peh/labs/labs/uploads + if [[ -d /home/$finduser/peh/labs/labs/uploads ]] + then + echo -e "\n $greenplus Setting permissions for /home/$finduser/peh/labs/labs/uploads" + chmod 777 /home/$finduser/peh/labs/labs/uploads + echo -e "\n $greenplus Setting ownership to $finduser:$finduser for /home/$finduser/peh" + chown -R $finduser:$finduser /home/$finduser/peh + else + echo -e "\n $redexclaim Unable to find /home/$finduser/peh/labs/labs/uploads" + fi + + # check for /home/$finduser/peh/labs/capstones/assets + if [[ -d /home/$finduser/peh/labs/capstone/assets ]] + then + echo -e "\n $greenplus Setting permissions for /home/$finduser/peh/labs/capstone/assets" + chmod 777 /home/$finduser/peh/labs/capstone/assets + else + echo -e "\n $redexclaim Unable to locate /home/$finduser/peh/labs/capstone/assets" + exit_screen + fi + + echo -e "\n $greenplus Creating cleanup-peh-labs.sh and start-peh-labs.sh in /home/$finduser/peh/labs" + cd /home/$finduser/peh/labs + hacking_peh_create_cleanupsh + + echo -e "\n $greenplus Cleaning up temporary files..." + rm /tmp/peh-web-labs.tar.gz + + echo -e "\n $greenplus Starting labs docker in daemon mode" + + if [[ ! -f docker-compose.yml ]] + then + echo -e "\n $redexclaim docker-compose.yml not found in current directory, aborting " + exit_screen + else + echo -e "\n $greenplus docker-compose.yml found, starting labs in daemon mode " + eval docker-compose up -d + fi + fi + } + mayor_mpp() { # additions to PMK 1.3.0 - Mayor MPP Course additions fix_sources @@ -1820,6 +1943,7 @@ pimpmykali_menu() { a|A) mapt_prereq;; b|B) bpt;; c|C) check_chrome;; + e|E) apt_update; fix_libwacom; only_upgrade; peh_weblab_setup;; f|F) fix_broken_xfce;; g|G) fix_root_connectionrefused ;; h|H) fix_httprobe;;