126 lines
3.1 KiB
Bash
126 lines
3.1 KiB
Bash
#! /bin/bash
|
|
#CYBERPATRIOT DEBIAN-DETOX MERCER ISLAND RED TEAM SCRIPT v0.2
|
|
|
|
sudo apt update
|
|
sudo apt upgrade
|
|
|
|
|
|
|
|
#removing packages that match keyword, asking user for confirmation just in case
|
|
sudo dpkg --get-selections | grep -i 'shark\|hydra\|nginx\|Samba\|snmp\|Nfs\|sendmail\|Xinetd\|crack\|telnet\|apache' | tr -d "[:blank:]" | sed 's/install//g' |
|
|
while read -r CURRENT_LINE
|
|
do
|
|
echo "purge this package $CURRENT_LINE?"
|
|
read response < /dev/tty
|
|
if [[ $response =~ ^[Yy]$ ]]
|
|
then
|
|
echo "$CURRENT_LINE" >> removedapps.txt
|
|
yes | sudo apt purge $CURRENT_LINE
|
|
else
|
|
echo "skipped removal"
|
|
fi
|
|
|
|
done
|
|
|
|
#prints out packages that don't adhere to default ubuntu install
|
|
LINEA=1
|
|
LINEB=1
|
|
|
|
while read -r CURRENT_LINEA
|
|
do
|
|
MATCH=0
|
|
while read -r CURRENT_LINEB
|
|
do
|
|
if [ "$CURRENT_LINEA" == "$CURRENT_LINEB" ]
|
|
then
|
|
((MATCH++))
|
|
fi
|
|
((LINEB++))
|
|
done < "packnorm.txt"
|
|
if [ $MATCH -eq 0 ]
|
|
then
|
|
echo "$CURRENT_LINEA is sus"
|
|
fi
|
|
((LINEA++))
|
|
done <<< "$( sudo dpkg --get-selections | tr -d "[:blank:]" | sed 's/install//g')"
|
|
|
|
#installs ufw and enables it
|
|
sudo apt install ufw
|
|
sudo ufw enable
|
|
|
|
#changes the password settings for all the users to be more secure
|
|
sudo sed -i "s/\(^PASS_MAX_DAYS* *\).*/\1 15/" /etc/login.defs
|
|
sudo sed -i "s/\(^PASS_MIN_DAYS* *\).*/\1 1/" /etc/login.defs
|
|
sudo sed -i "s/\(^PASS_WARN_AGE* *\).*/\1 5/" /etc/login.defs
|
|
|
|
#turns on cookie protection or some shit idk
|
|
sudo sed -i "s/\(^net.ipv4.tcp_syncookies*=*\).*/\11/" /etc/sysctl.conf
|
|
|
|
#turns off root login in ssh
|
|
sudo sed -i "s/\(^PermitRootLogin* *\).*/\1 no/" /etc/ssh/sshd_config
|
|
|
|
#Turns on autoupdate
|
|
sudo sed -i 's/\(^APT::Periodic::Update-Package-Lists* *\).*/\1 "1";/' /etc/apt/apt.conf.d/10periodic
|
|
|
|
#removes all bad users
|
|
LINEA=1
|
|
LINEB=1
|
|
|
|
while read -r CURRENT_LINEA
|
|
do
|
|
MATCH=0
|
|
while read -r CURRENT_LINEB
|
|
do
|
|
if [ "$CURRENT_LINEA" == "$CURRENT_LINEB" ]
|
|
then
|
|
((MATCH++))
|
|
fi
|
|
((LINEB++))
|
|
done < "usersnorm.txt"
|
|
if [ $MATCH -eq 0 ]
|
|
then
|
|
echo "kill the user $CURRENT_LINEA?"
|
|
read response < /dev/tty
|
|
if [[ $response =~ ^[Yy]$ ]]
|
|
then
|
|
echo "$CURRENT_LINEA" >> removedusers.txt
|
|
yes | sudo deluser "$CURRENT_LINEA"
|
|
echo "user $CURRENT_LINEA combusted"
|
|
else
|
|
echo "skipped removal"
|
|
fi
|
|
fi
|
|
((LINEA++))
|
|
done <<< "$(awk -F':' '{ print $1}' /etc/passwd)"
|
|
|
|
#removes all non admins
|
|
LINEA=1
|
|
LINEB=1
|
|
|
|
while read -r CURRENT_LINEA
|
|
do
|
|
MATCH=0
|
|
while read -r CURRENT_LINEB
|
|
do
|
|
if [ "$CURRENT_LINEA" == "$CURRENT_LINEB" ]
|
|
then
|
|
((MATCH++))
|
|
fi
|
|
((LINEB++))
|
|
done < "sudonorm.txt"
|
|
if [ $MATCH -eq 0 ]
|
|
then
|
|
echo "kill the user $CURRENT_LINEA?"
|
|
read response < /dev/tty
|
|
if [[ $response =~ ^[Yy]$ ]]
|
|
then
|
|
echo "$CURRENT_LINEA" >> removedusers.txt
|
|
yes | sudo deluser "$CURRENT_LINEA" sudo
|
|
echo "user $CURRENT_LINEA has been un-sudoed"
|
|
else
|
|
echo "skipped removal"
|
|
fi
|
|
fi
|
|
((LINEA++))
|
|
done <<< "$(grep '^sudo:.*$' /etc/group | cut -d: -f4)"
|