From 6c26933bf8219e3adec6dc14893564df5b9ab71d Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 22:37:51 +0200 Subject: [PATCH 01/10] Set return value to valid return value --- monkey/monkey_island/linux/install_mongo.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/monkey_island/linux/install_mongo.sh b/monkey/monkey_island/linux/install_mongo.sh index 478d7e0ed..0aaacc490 100755 --- a/monkey/monkey_island/linux/install_mongo.sh +++ b/monkey/monkey_island/linux/install_mongo.sh @@ -21,7 +21,7 @@ then export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian92-3.6.12.tgz" else echo Unsupported OS - exit -1 + exit 1 fi TEMP_MONGO=$(mktemp -d) From dacd469aa9e1a1c872ca20eed37da2c8c99faa38 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 22:39:34 +0200 Subject: [PATCH 02/10] Double quote to prevent globbing --- monkey/monkey_island/linux/install_mongo.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/monkey/monkey_island/linux/install_mongo.sh b/monkey/monkey_island/linux/install_mongo.sh index 0aaacc490..0d720fe15 100755 --- a/monkey/monkey_island/linux/install_mongo.sh +++ b/monkey/monkey_island/linux/install_mongo.sh @@ -25,16 +25,17 @@ else fi TEMP_MONGO=$(mktemp -d) -pushd ${TEMP_MONGO} +pushd "${TEMP_MONGO}" wget ${tgz_url} -O mongodb.tgz tar -xf mongodb.tgz popd -mkdir -p ${MONGODB_DIR}/bin -mkdir -p ${MONGODB_DIR}/db -cp ${TEMP_MONGO}/mongodb-*/bin/mongod ${MONGODB_DIR}/bin/mongod -cp ${TEMP_MONGO}/mongodb-*/LICENSE-Community.txt ${MONGODB_DIR}/ -chmod a+x ${MONGODB_DIR}/bin/mongod +mkdir -p "${MONGODB_DIR}"/bin +mkdir -p "${MONGODB_DIR}"/db +cp "${TEMP_MONGO}"/mongodb-*/bin/mongod "${MONGODB_DIR}"/bin/mongod +cp "${TEMP_MONGO}"/mongodb-*/LICENSE-Community.txt "${MONGODB_DIR}"/ +chmod a+x "${MONGODB_DIR}"/bin/mongod +# shellcheck disable=SC2086 rm -r ${TEMP_MONGO} exit 0 \ No newline at end of file From f15abda2ff051a1b2b618f428bef3e273e8e3df5 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 22:50:34 +0200 Subject: [PATCH 03/10] 1 - Formatted shell script 2 - Added option to download with either curl or wget --- monkey/monkey_island/linux/install_mongo.sh | 51 +++++++++++++-------- 1 file changed, 31 insertions(+), 20 deletions(-) diff --git a/monkey/monkey_island/linux/install_mongo.sh b/monkey/monkey_island/linux/install_mongo.sh index 0d720fe15..93b0349d1 100755 --- a/monkey/monkey_island/linux/install_mongo.sh +++ b/monkey/monkey_island/linux/install_mongo.sh @@ -1,32 +1,43 @@ #!/bin/bash +exists() { + command -v "$1" >/dev/null 2>&1 +} + export os_version_monkey=$(cat /etc/issue) MONGODB_DIR=$1 # If using deb, this should be: /var/monkey/monkey_island/bin/mongodb -if [[ ${os_version_monkey} == "Ubuntu 16.04"* ]] ; -then - echo Detected Ubuntu 16.04 - export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1604-3.6.12.tgz" -elif [[ ${os_version_monkey} == "Ubuntu 18.04"* ]] ; -then - echo Detected Ubuntu 18.04 - export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1804-4.2.0.tgz" -elif [[ ${os_version_monkey} == "Debian GNU/Linux 8"* ]] ; -then - echo Detected Debian 8 - export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian81-3.6.12.tgz" -elif [[ ${os_version_monkey} == "Debian GNU/Linux 9"* ]] ; -then - echo Detected Debian 9 - export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian92-3.6.12.tgz" +if [[ ${os_version_monkey} == "Ubuntu 16.04"* ]]; then + echo Detected Ubuntu 16.04 + export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1604-3.6.12.tgz" +elif [[ ${os_version_monkey} == "Ubuntu 18.04"* ]]; then + echo Detected Ubuntu 18.04 + export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1804-4.2.0.tgz" +elif [[ ${os_version_monkey} == "Debian GNU/Linux 8"* ]]; then + echo Detected Debian 8 + export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian81-3.6.12.tgz" +elif [[ ${os_version_monkey} == "Debian GNU/Linux 9"* ]]; then + echo Detected Debian 9 + export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian92-3.6.12.tgz" else - echo Unsupported OS - exit 1 + echo Unsupported OS + exit 1 fi TEMP_MONGO=$(mktemp -d) pushd "${TEMP_MONGO}" -wget ${tgz_url} -O mongodb.tgz + +if exists bash; then + wget ${tgz_url} -O mongodb.tgz +else + if exists curl; then + curl --output mongodb.tgz ${tgz_url} + else + echo 'Your system has neither curl nor wget, exiting' + exit 1 + fi +fi + tar -xf mongodb.tgz popd @@ -38,4 +49,4 @@ chmod a+x "${MONGODB_DIR}"/bin/mongod # shellcheck disable=SC2086 rm -r ${TEMP_MONGO} -exit 0 \ No newline at end of file +exit 0 From fe97a8f8e3d2180878a321570c5624ddbec3242f Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 22:51:08 +0200 Subject: [PATCH 04/10] Fixed SC2155 https://github.com/koalaman/shellcheck/wiki/SC2155 --- monkey/monkey_island/linux/install_mongo.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/monkey/monkey_island/linux/install_mongo.sh b/monkey/monkey_island/linux/install_mongo.sh index 93b0349d1..7afe95ff3 100755 --- a/monkey/monkey_island/linux/install_mongo.sh +++ b/monkey/monkey_island/linux/install_mongo.sh @@ -4,7 +4,8 @@ exists() { command -v "$1" >/dev/null 2>&1 } -export os_version_monkey=$(cat /etc/issue) +os_version_monkey=$(cat /etc/issue) +export os_version_monkey MONGODB_DIR=$1 # If using deb, this should be: /var/monkey/monkey_island/bin/mongodb if [[ ${os_version_monkey} == "Ubuntu 16.04"* ]]; then From 98018251acfa3d75a82a328c82c345bff5e25548 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 22:52:56 +0200 Subject: [PATCH 05/10] Added error handling for pushd failing. --- monkey/monkey_island/linux/install_mongo.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/monkey/monkey_island/linux/install_mongo.sh b/monkey/monkey_island/linux/install_mongo.sh index 7afe95ff3..baaf39ac9 100755 --- a/monkey/monkey_island/linux/install_mongo.sh +++ b/monkey/monkey_island/linux/install_mongo.sh @@ -26,7 +26,10 @@ else fi TEMP_MONGO=$(mktemp -d) -pushd "${TEMP_MONGO}" +pushd "${TEMP_MONGO}" || { + echo "Pushd failed" + exit 1 +} if exists bash; then wget ${tgz_url} -O mongodb.tgz @@ -40,7 +43,10 @@ else fi tar -xf mongodb.tgz -popd +popd || { + echo "popd failed" + exit 1 +} mkdir -p "${MONGODB_DIR}"/bin mkdir -p "${MONGODB_DIR}"/db From 6c9018401062f7e92afa23597aef22174afbed62 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 22:54:25 +0200 Subject: [PATCH 06/10] Double quote to prevent globbing. Not worriessome but why not --- monkey/monkey_island/linux/install_mongo.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/monkey/monkey_island/linux/install_mongo.sh b/monkey/monkey_island/linux/install_mongo.sh index baaf39ac9..2e435b388 100755 --- a/monkey/monkey_island/linux/install_mongo.sh +++ b/monkey/monkey_island/linux/install_mongo.sh @@ -53,7 +53,6 @@ mkdir -p "${MONGODB_DIR}"/db cp "${TEMP_MONGO}"/mongodb-*/bin/mongod "${MONGODB_DIR}"/bin/mongod cp "${TEMP_MONGO}"/mongodb-*/LICENSE-Community.txt "${MONGODB_DIR}"/ chmod a+x "${MONGODB_DIR}"/bin/mongod -# shellcheck disable=SC2086 -rm -r ${TEMP_MONGO} +rm -r "${TEMP_MONGO}" exit 0 From 768a103c0ad1c5100197bc3b7aaa4a6789d1171f Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 22:55:00 +0200 Subject: [PATCH 07/10] Shell formatting --- deployment_scripts/deploy_linux.sh | 50 ++++++++++++++++-------------- 1 file changed, 26 insertions(+), 24 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 4e641407e..d5d2b1957 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -1,10 +1,14 @@ #!/bin/bash source config +exists() { + command -v "$1" >/dev/null 2>&1 +} + # Setup monkey either in dir required or current dir -monkey_home=${1:-`pwd`} -if [[ $monkey_home == `pwd` ]]; then - monkey_home="$monkey_home/$MONKEY_FOLDER_NAME" +monkey_home=${1:-$(pwd)} +if [[ $monkey_home == $(pwd) ]]; then + monkey_home="$monkey_home/$MONKEY_FOLDER_NAME" fi # We can set main paths after we know the home dir @@ -15,39 +19,39 @@ ISLAND_BINARIES_PATH="$ISLAND_PATH/cc/binaries" INFECTION_MONKEY_DIR="$monkey_home/monkey/infection_monkey" MONKEY_BIN_DIR="$INFECTION_MONKEY_DIR/bin" -handle_error () { - echo "Fix the errors above and rerun the script" - exit 1 +handle_error() { + echo "Fix the errors above and rerun the script" + exit 1 } -log_message () { - echo -e "\n\n-------------------------------------------" - echo -e "DEPLOYMENT SCRIPT: $1" - echo -e "-------------------------------------------\n" +log_message() { + echo -e "\n\n-------------------------------------------" + echo -e "DEPLOYMENT SCRIPT: $1" + echo -e "-------------------------------------------\n" } sudo -v if [[ $? != 0 ]]; then - echo "You need root permissions for some of this script operations. Quiting." - exit 1 + echo "You need root permissions for some of this script operations. Quiting." + exit 1 fi if [[ ! -d ${monkey_home} ]]; then - mkdir -p ${monkey_home} + mkdir -p ${monkey_home} fi git --version &>/dev/null git_available=$? if [[ ${git_available} != 0 ]]; then - echo "Please install git and re-run this script" - exit 1 + echo "Please install git and re-run this script" + exit 1 fi log_message "Cloning files from git" branch=${2:-"develop"} if [[ ! -d "$monkey_home/monkey" ]]; then # If not already cloned - git clone --single-branch -b $branch ${MONKEY_GIT_URL} ${monkey_home} 2>&1 || handle_error - chmod 774 -R ${monkey_home} + git clone --single-branch -b $branch ${MONKEY_GIT_URL} ${monkey_home} 2>&1 || handle_error + chmod 774 -R ${monkey_home} fi # Create folders @@ -57,13 +61,13 @@ mkdir -p ${ISLAND_BINARIES_PATH} || handle_error # Detecting command that calls python 3.7 python_cmd="" -if [[ `python --version 2>&1` == *"Python 3.7"* ]]; then +if [[ $(python --version 2>&1) == *"Python 3.7"* ]]; then python_cmd="python" fi -if [[ `python37 --version 2>&1` == *"Python 3.7"* ]]; then +if [[ $(python37 --version 2>&1) == *"Python 3.7"* ]]; then python_cmd="python37" fi -if [[ `python3.7 --version 2>&1` == *"Python 3.7"* ]]; then +if [[ $(python3.7 --version 2>&1) == *"Python 3.7"* ]]; then python_cmd="python3.7" fi @@ -105,10 +109,9 @@ wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_64_BINARY_URL} chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_32_BINARY_NAME" chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_64_BINARY_NAME" - # Get machine type/kernel version -kernel=`uname -m` -linux_dist=`lsb_release -a 2> /dev/null` +kernel=$(uname -m) +linux_dist=$(lsb_release -a 2>/dev/null) # If a user haven't installed mongo manually check if we can install it with our script log_message "Installing MongoDB" @@ -149,7 +152,6 @@ log_message "Downloading traceroute binaries" wget -c -N -P ${MONKEY_BIN_DIR} ${TRACEROUTE_64_BINARY_URL} wget -c -N -P ${MONKEY_BIN_DIR} ${TRACEROUTE_32_BINARY_URL} - sudo chmod +x ${monkey_home}/monkey/infection_monkey/build_linux.sh log_message "Deployment script finished." From 5c7cc5117aa5c4f05158df2d994e93fc08c529a8 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 5 Jan 2020 10:08:48 +0200 Subject: [PATCH 08/10] Fix typo --- monkey/monkey_island/linux/install_mongo.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/monkey_island/linux/install_mongo.sh b/monkey/monkey_island/linux/install_mongo.sh index 2e435b388..51091d144 100755 --- a/monkey/monkey_island/linux/install_mongo.sh +++ b/monkey/monkey_island/linux/install_mongo.sh @@ -31,7 +31,7 @@ pushd "${TEMP_MONGO}" || { exit 1 } -if exists bash; then +if exists wget; then wget ${tgz_url} -O mongodb.tgz else if exists curl; then From 9493cad5e65413820b39a99dee78eb9a5cd8ba0b Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Thu, 16 Jan 2020 19:54:02 +0200 Subject: [PATCH 09/10] Use exists function for deploy_linux.sh. --- deployment_scripts/deploy_linux.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index d5d2b1957..5c52088e4 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -40,13 +40,16 @@ if [[ ! -d ${monkey_home} ]]; then mkdir -p ${monkey_home} fi -git --version &>/dev/null -git_available=$? -if [[ ${git_available} != 0 ]]; then +if ! exists git; then echo "Please install git and re-run this script" exit 1 fi +if ! exists wget; then + echo 'Your system does have wget, please install and re-run this script' + exit 1 +fi + log_message "Cloning files from git" branch=${2:-"develop"} if [[ ! -d "$monkey_home/monkey" ]]; then # If not already cloned From 1cb66b46fac67577379b7cf4e76e6683408d33de Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Thu, 16 Jan 2020 19:57:20 +0200 Subject: [PATCH 10/10] Remove warnings --- deployment_scripts/deploy_linux.sh | 31 ++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 5c52088e4..834d811a7 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -37,7 +37,7 @@ if [[ $? != 0 ]]; then fi if [[ ! -d ${monkey_home} ]]; then - mkdir -p ${monkey_home} + mkdir -p "${monkey_home}" fi if ! exists git; then @@ -53,14 +53,14 @@ fi log_message "Cloning files from git" branch=${2:-"develop"} if [[ ! -d "$monkey_home/monkey" ]]; then # If not already cloned - git clone --single-branch -b $branch ${MONKEY_GIT_URL} ${monkey_home} 2>&1 || handle_error - chmod 774 -R ${monkey_home} + git clone --single-branch -b "$branch" "${MONKEY_GIT_URL}" "${monkey_home}" 2>&1 || handle_error + chmod 774 -R "${monkey_home}" fi # Create folders log_message "Creating island dirs under $ISLAND_PATH" -mkdir -p ${MONGO_PATH} -mkdir -p ${ISLAND_BINARIES_PATH} || handle_error +mkdir -p "${MONGO_PATH}" +mkdir -p "${ISLAND_BINARIES_PATH}" || handle_error # Detecting command that calls python 3.7 python_cmd="" @@ -99,7 +99,7 @@ ${python_cmd} -m pip install --user --upgrade -r ${requirements} || handle_error log_message "Installing monkey requirements" sudo apt-get install libffi-dev upx libssl-dev libc++1 -cd ${monkey_home}/monkey/infection_monkey || handle_error +cd "${monkey_home}"/monkey/infection_monkey || handle_error ${python_cmd} -m pip install -r requirements.txt --user --upgrade || handle_error # Download binaries @@ -118,14 +118,17 @@ linux_dist=$(lsb_release -a 2>/dev/null) # If a user haven't installed mongo manually check if we can install it with our script log_message "Installing MongoDB" -${ISLAND_PATH}/linux/install_mongo.sh ${MONGO_PATH} || handle_error +"${ISLAND_PATH}"/linux/install_mongo.sh ${MONGO_PATH} || handle_error log_message "Installing openssl" sudo apt-get install openssl # Generate SSL certificate log_message "Generating certificate" -cd ${ISLAND_PATH} +cd "${ISLAND_PATH}" || { + echo "cd failed" + exit 1 +} openssl genrsa -out cc/server.key 2048 openssl req -new -key cc/server.key -out cc/server.csr -subj "/C=GB/ST=London/L=London/O=Global Security/OU=Monkey Department/CN=monkey.com" openssl x509 -req -days 366 -in cc/server.csr -signkey cc/server.key -out cc/server.crt @@ -143,19 +146,19 @@ log_message "Generating front end" npm run dist # Making dir for binaries -mkdir ${MONKEY_BIN_DIR} +mkdir "${MONKEY_BIN_DIR}" # Download sambacry binaries log_message "Downloading sambacry binaries" -wget -c -N -P ${MONKEY_BIN_DIR} ${SAMBACRY_64_BINARY_URL} -wget -c -N -P ${MONKEY_BIN_DIR} ${SAMBACRY_32_BINARY_URL} +wget -c -N -P "${MONKEY_BIN_DIR}" "${SAMBACRY_64_BINARY_URL}" +wget -c -N -P "${MONKEY_BIN_DIR}" "${SAMBACRY_32_BINARY_URL}" # Download traceroute binaries log_message "Downloading traceroute binaries" -wget -c -N -P ${MONKEY_BIN_DIR} ${TRACEROUTE_64_BINARY_URL} -wget -c -N -P ${MONKEY_BIN_DIR} ${TRACEROUTE_32_BINARY_URL} +wget -c -N -P "${MONKEY_BIN_DIR}" "${TRACEROUTE_64_BINARY_URL}" +wget -c -N -P "${MONKEY_BIN_DIR}" "${TRACEROUTE_32_BINARY_URL}" -sudo chmod +x ${monkey_home}/monkey/infection_monkey/build_linux.sh +sudo chmod +x "${monkey_home}"/monkey/infection_monkey/build_linux.sh log_message "Deployment script finished." exit 0