ObeseTermite/cyberpatriot-linux-script
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
cyberpatriot-linux-script/script/debiandetox.sh
termite 488a3acab4 first commit
2024-11-26 11:00:08 -08:00

75 lines
2.1 KiB
Bash
Raw Permalink Blame History

#! /bin/bash
#CYBERPATRIOT DEBIAN-DETOX MERCER ISLAND RED TEAM SCRIPT v0.2
sudo apt update
sudo apt upgrade
#removing packages that match keyword, asking user for confirmation just in case
sudo dpkg --get-selections | grep -i 'shark\|hydra\|nginx\|Samba\|snmp\|Nfs\|sendmail\|Xinetd\|crack\|telnet\|apache' | tr -d "[:blank:]" | sed 's/install//g' |
while read -r CURRENT_LINE
do
echo "purge this package $CURRENT_LINE?"
read response < /dev/tty
if [[ $response =~ ^[Yy]$ ]]
then
echo "$CURRENT_LINE" >> removedapps.txt
yes | sudo apt purge $CURRENT_LINE
else
echo "skipped removal"
fi
done
#installs ufw and enables it
sudo apt install ufw
sudo ufw enable
#changes the password settings for all the users to be more secure
sudo sed -i "s/\(^PASS_MAX_DAYS* *\).*/\1 15/" /etc/login.defs
sudo sed -i "s/\(^PASS_MIN_DAYS* *\).*/\1 1/" /etc/login.defs
sudo sed -i "s/\(^PASS_WARN_AGE* *\).*/\1 5/" /etc/login.defs
#turns on cookie protection or some shit idk
sudo sed -i "s/\(^net.ipv4.tcp_syncookies*=*\).*/\11/" /etc/sysctl.conf
#turns off root login in ssh
sudo sed -i "s/\(^PermitRootLogin* *\).*/\1 no/" /etc/ssh/sshd_config
#Turns on autoupdate
sudo sed -i 's/\(^APT::Periodic::Update-Package-Lists* *\).*/\1 "1";/' /etc/apt/apt.conf.d/10periodic
#removes all bad users
LINEA=1
LINEB=1
while read -r CURRENT_LINEA
do
MATCH=0
while read -r CURRENT_LINEB
do
if [ "$CURRENT_LINEA" == "$CURRENT_LINEB" ]
then
((MATCH++))
fi
((LINEB++))
done < "usersnorm.txt"
if [ $MATCH -eq 0 ]
then
echo "kill the user $CURRENT_LINEA?"
read response < /dev/tty
if [[ $response =~ ^[Yy]$ ]]
then
echo "$CURRENT_LINEA" >> removedusers.txt
yes | sudo deluser "$CURRENT_LINEA"
echo "user $CURRENT_LINEA combusted"
else
echo "skipped removal"
fi
fi
((LINEA++))
done <<< "$(awk -F':' '{ print $1}' /etc/passwd)"
#removes all non admins
#autoremoves all packages that are no longer required (might break something, but i dont care)
Reference in a new issue View git blame Copy permalink