#!/bin/bash #######################static IP########################## ##########updata AND install some software############## update(){ echo -e "\n\n\n\033[31m ################ Start update ################ \033[0m" apt-get update } basic(){ echo -e "\n\n\n\033[31m ################ install scanner and basic tools. ################ \033[0m" apt-get install vim -y apt-get install nmap -y apt-get install git -y apt install zmap -y apt install masscan -y apt install python-pip -y apt install unzip -y } sqlmap(){ ###############install some pentesting software################ echo -e "\n\n\n \033[31m ################ install SQLMap ################ \033[0m" git clone https://github.com/sqlmapproject/sqlmap.git /opt/sqlmap echo "alias sqlmap='python /opt/sqlmap/sqlmap.py'">> ~/.bashrc `source ~/.bashrc` } subDomainsBrute(){ echo -e "\n\n\n \033[31m ################ install subDomainsBrute ################ \033[0m" git clone https://github.com/lijiejie/subDomainsBrute /opt/subDomainsBrute pip install dnspython gevent } teemo(){ echo -e "\n\n\n \033[31m ################ install teemo ################ \033[0m" git clone https://github.com/bit4woo/teemo /opt/teemo pip install -r /opt/teemo/requirements.txt } wydomain(){ echo -e "\n\n\n \033[31m ################ install wydomain ################ \033[0m" git clone https://github.com/ring04h/wydomain /opt/wydomain pip install -r /opt/wydomain/requirements.txt } Metasploit(){ echo -e "\n\n\n \033[31m ################ install Metasploit ################ \033[0m" curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall chmod 755 msfinstall ./msfinstall } java(){ echo -e "\n\n\n \033[31m ################ install java 8u171 ################ \033[0m" wget https://repo.huaweicloud.com/java/jdk/8u171-b11/jdk-8u171-linux-x64.tar.gz tar -zxvf jdk-8u171-linux-x64.tar.gz -C /usr/lib/ echo "export JAVA_HOME=/usr/lib/jdk1.8.0_171/" >> /etc/profile echo "export JRE_HOME=/usr/lib/jdk1.8.0_171/jre" >> /etc/profile echo "export PATH=\$JAVA_HOME/bin:\$JAVA_HOME/jre/bin:\$PATH" >> /etc/profile echo "export CLASSPATH=\$CLASSPATH:.:\$JAVA_HOME/lib:\$JAVA_HOME/jre/lib" >> /etc/profile `source /etc/profile` rm jdk-8u171-linux-x64.tar.gz } cs(){ echo -e "\n\n\n \033[31m ################ install Cobalt Strike ################ \033[0m" git clone https://github.com/rsmudge/Malleable-C2-Profiles /opt/Malleable-C2-Profiles mkdir /opt/CobaltStrike/ unzip /opt/CobaltStrike/CobaltStrike.zip local_ip=`curl http://ip.3322.org` echo "#!/bin/bash" >> RunCS.sh passwordset=`tr -dc "0-9,a-z" < /dev/urandom | head -c 10` echo "cd /opt/CobaltStrike/ && chmod +x teamserver && nohup ./teamserver $local_ip $passwordset /opt/Malleable-C2-Profiles/normal/amazon.profile >/dev/null 2>&1 &" >> RunCS.sh } sshtunnel(){ echo -e "\n\n\n \033[31m ################ config ssh tunnel ################ \033[0m" echo "AllowTcpForwarding yes" >>/etc/ssh/sshd_config echo "GatewayPorts yes" >>/etc/ssh/sshd_config echo "TCPKeepAlive yes" >>/etc/ssh/sshd_config echo "PasswordAuthentication yes" >>/etc/ssh/sshd_config `/etc/init.d/ssh restart` echo -e "\n\n\n \033[31m ################ Add ssh tunnel user ################ \033[0m" `useradd -s /bin/false sshtunnel` echo "sshtunnel:sshtunnel1234" | chpasswd } ssr(){ echo -e "\n\n\n \033[31m ################ install shadowsocks ################ \033[0m" wget -N --no-check-certificate https://raw.githubusercontent.com/ToyoDAdoubiBackup/doubi/master/ssr.sh && chmod +x ssr.sh } sshport(){ echo -e "\n\n\n \033[0m ################ Modify ssh port ################ \033[0m" sed -i 's/22/53291/g' /etc/ssh/sshd_config sed -i 's/#Port/Port/g' /etc/ssh/sshd_config /etc/init.d/ssh restart } connectiontime(){ echo "ClientAliveInterval 60" >>/etc/ssh/sshd_config echo "ClientAliveCountMax 3" >>/etc/ssh/sshd_config } generatekey(){ echo -e "\n\n\n \033[0m ################ ssh-keygen ################ \033[0m" ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys cat ~/.ssh/id_rsa rm ~/.ssh/id_rsa } lcx(){ echo -e "\n\n\n \033[0m ################ LCX ################ \033[0m" wget https://raw.githubusercontent.com/52stu/Notes_pub/master/Linux_lcx/portmap.c gcc portmap.c -o Lcx chmod +x Lcx } PmWebDirScan(){ echo -e "\n\n\n \033[0m ################ PmWebDirScan ################ \033[0m" git clone https://github.com/phpooop/PmWebDirScan.git /opt/PmWebDirScan pip3 install requests } printkey(){ echo -e " --------------- 0. Install All --------------- 1. Install Basic Tools: vim/nmap/git/zmap/masscan/python-pip/unzip/ssr 2. Install SQLMap 3. Install SubDomainBrute: SubDomainBrute\Teemo\wydomain\subdomain_find 4. Install Metasploit 5. Install java 1.8 6. Install Cobalt Strike 7. Configuration sshtunnel 8. modify ssh port 22 --> 53291 9. Configuration Connection Time 10. Install LCX 11. Install PmWebDirScan #python3 110. generate ssh key " } printkey echo && read -e -p "Please Enter number [0-10] (default:[0]): " num case "$num" in 1) basic ssr ;; 2) sqlmap ;; 3) subDomainsBrute teemo wydomain ;; 4) Metasploit ;; 5) java ;; 6) cs ;; 7) sshtunnel ;; 8) sshport ;; 9) connectiontime ;; 10) lcx ;; 11) PmWebDirScan ;; 110) generatekey ;; *) echo -e "We will Install All." basic ssr sqlmap subDomainsBrute teemo wydomain Metasploit java cs sshtunnel sshport connectiontime lcx PmWebDirScan generatekey ;; esac