-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathinstall.sh
431 lines (394 loc) · 12.6 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
#!/data/data/com.termux/files/usr/bin/bash -e
# This repository has been forked from https://www.kali.org/docs/nethunter/nethunter-rootless/
# This script is to install NetHunter on other Linux devices than an Android, it will work on Ubuntu and Debian.
# I am trying to make it work on CentOS but for some reason PRoot fails to execute anything
VERSION=2020030908
BASE_URL=https://build.nethunter.com/kalifs/kalifs-20170903/
USERNAME=kalilinux
PKGMAN=$(if [ -f "/usr/bin/apt" ]; then echo "apt"; elif [ -f "/usr/bin/yum" ]; then echo "yum"; elif [ -f "/usr/bin/zypper" ]; then echo "zypper"; elif [ -f "/usr/bin/pkg" ]; then echo "pkg"; elif [ -f "/usr/bin/pacman" ]; then echo "pacman"; fi)
red='\033[1;31m'
green='\033[1;32m'
yellow='\033[1;33m'
blue='\033[1;34m'
light_cyan='\033[1;96m'
reset='\033[0m'
if [ -f "/usr/bin/getprop" ]; then getprop="1"; fi
if [ ! -z "$getprop" ]; then archcase=$(getprop ro.product.cpu.abi); fi
if [ -z "$archcase" ]; then archcase=$(uname -m); fi
cd ~;
function print_banner() {
clear
printf "${red}"
printf "${red}##################################################\n"
printf "${red}## ##\n"
printf "${red}## 88 a8P db 88 88 ##\n"
printf "${red}## 88 .88' d88b 88 88 ##\n"
printf "${red}## 88 88' d8''8b 88 88 ##\n"
printf "${red}## 88 d88 d8' '8b 88 88 ##\n"
printf "${red}## 8888'88. d8YaaaaY8b 88 88 ##\n"
printf "${red}## 88P Y8b d8''''''''8b 88 88 ##\n"
printf "${red}## 88 '88. d8' '8b 88 88 ##\n"
printf "${red}## 88 Y8b d8' '8b 888888888 88 ##\n"
printf "${red}## ${blue}Forked by @independentcod${red} ##\n"
printf "${red}################### NetHunter ####################${reset}\n\n"
}
function unsupported_arch() {
printf "${red}"
echo "[*] Unsupported Architecture\n\n"
printf "${reset}"
exit
}
function get_arch() {
printf "${blue}[*] Checking device architecture ..."
case $archcase in
arm64-v8a|arm64-v8|aarch64)
SYS_ARCH=arm64
;;
armeabi|armv7l)
SYS_ARCH=armhf
;;
x86_64|amd64)
SYS_ARCH=amd64
;;
i386|i686|x86)
SYS_ARCH=i386
;;
*)
unsupported_arch
;;
esac
}
function set_strings() {
CHROOT=kali-${SYS_ARCH}
IMAGE_NAME=kalifs-${SYS_ARCH}-full.tar.xz
SHA_NAME=kalifs-${SYS_ARCH}-full.sha512sum
}
function get_url() {
ROOTFS_URL="${BASE_URL}/${IMAGE_NAME}"
SHA_URL="${BASE_URL}/${SHA_NAME}"
}
print_banner
get_arch
set_strings
function ask() {
# http://djm.me/ask
while true; do
if [ "${2:-}" = "Y" ]; then
prompt="Y/n"
default=Y
elif [ "${2:-}" = "N" ]; then
prompt="y/N"
default=N
else
prompt="y/n"
default=
fi
# Ask the question
printf "${light_cyan}\n[?] "
read -p "$1 [$prompt] " REPLY
# Default?
if [ -z "$REPLY" ]; then
REPLY=$default
fi
printf "${reset}"
# Check if the reply is valid
case "$REPLY" in
Y*|y*) return 0 ;;
N*|n*) return 1 ;;
esac
done
}
function prepare_fs() {
unset KEEP_CHROOT
if [ -d ${CHROOT} ]; then
if ask "Existing rootfs directory found. Delete and create a new one?" "N"; then
rm -rf ${CHROOT}
else
KEEP_CHROOT=1
fi
fi
}
function cleanup() {
if [ -f ${IMAGE_NAME} ]; then
if ask "Delete downloaded rootfs file?" "N"; then
if [ -f ${IMAGE_NAME} ]; then
rm -f ${IMAGE_NAME}
fi
if [ -f ${SHA_NAME} ]; then
rm -f ${SHA_NAME}
fi
fi
fi
}
function check_dependencies() {
printf "${blue}\n[*] Checking package dependencies ***REQUIRES ROOT***${reset}\n"
${PKGMAN} update -y &> /dev/null
apt install net-tools -y;
for i in proot tar curl; do
if [ -e $PREFIX/bin/$i ]; then
printf "${green}[*] ${i} is OK!\n"
else
printf "Installing ${i}...\n"
${PKGMAN} install -y $i || {
printf "${red}ERROR: Failed to install packages.\n Exiting.\n${reset}"
exit
}
fi
done
}
function get_rootfs() {
unset KEEP_IMAGE
if [ -f ${IMAGE_NAME} ]; then
if ask "Existing image file found. Delete and download a new one?" "N"; then
rm -f ${IMAGE_NAME}
else
printf "${yellow}[!] Using existing rootfs archive${reset}\n"
KEEP_IMAGE=1
return
fi
fi
printf "${blue}[*] Downloading rootfs...${reset}\n\n"
get_url
curl -O ${ROOTFS_URL}
}
function get_sha() {
if [ -z $KEEP_IMAGE ]; then
printf "\n${blue}[*] Getting SHA ... ${reset}\n\n"
get_url
if [ -f ${SHA_NAME} ]; then
rm -f ${SHA_NAME}
fi
curl -O "${SHA_URL}"
fi
}
function verify_sha() {
if [ -z $KEEP_IMAGE ]; then
printf "\n${blue}[*] Verifying integrity of rootfs...${reset}\n\n"
sha512sum -c $SHA_NAME || {
printf "${red} Rootfs corrupted. Please run this installer again or download the file manually\n${reset}"
exit 1
}
fi
}
function extract_rootfs() {
if [ -z $KEEP_CHROOT ]; then
printf "\n${blue}[*] Extracting rootfs... ${reset}\n\n"
if [ ! -d "$CHROOT" ]; then mkdir $CHROOT; fi
$(if [ ! -z "$getprop" ]; then echo "proot --link2symlink"; fi) tar vxfJ $IMAGE_NAME $(if [ -z "$getprop" ]; then echo "--keep-directory-symlink"; fi) 2> /dev/null || :
else
printf "${yellow}[!] Using existing rootfs directory${reset}\n"
fi
}
function update() {
NH_UPDATE=${PREFIX}/bin/upd
cat > $NH_UPDATE <<- EOF
#!/bin/bash -e
unset LD_PRELOAD
user="root"
home="/root"
cmd1="apt update"
cmd2="apt-get install kali-linux-nethunter -y"
nh -r \$cmd1;
nh -r \$cmd2;
exit 0
EOF
chmod +x $NH_UPDATE
}
function webd() {
NH_WEBD=${PREFIX}/bin/webd
cat > $NH_WEBD <<- EOF
#!/bin/bash -e
cd \${HOME}
unset LD_PRELOAD
user="root"
home="/\$user"
cmd1="apt update"
cmd2="apt install apache2 wget git -y"
cmd3="/bin/git clone https://github.com/independentcod/mollyweb"
cmd4="/bin/sh mollyweb/bootstrap.sh"
cmd5="apache2&"
nh -r \$cmd1;
nh -r \$cmd2;
nh -r \$cmd3;
if [ -d "\${CHROOT}/root/mollyweb" ]; then rm -rf \${CHROOT}/root/mollyweb; fi
nh -r \$cmd4;
myip=\$(ifconfig | grep inet)
echo "\${myip} port 8088 http and https port 8443";
echo "Listen 8088" > \${CHROOT}/etc/apache2/ports.conf;
echo "Listen 8443 ssl" >> \${CHROOT}/etc/apache2/ports.conf;
nh -r \$cmd5 &
exit 0
EOF
chmod +x $NH_WEBD
}
function sexywall() {
NH_SEXY=${PREFIX}/bin/sexywall
cat > $NH_SEXY <<- EOF
#!/bin/bash -e
cd \${HOME}
unset LD_PRELOAD
user="root"
home="/\$user"
cmd1="apt update"
cmd2="apt install git pcmanfm -y"
cmd3="git clone https://github.com/ind3p3nd3nt/lxde-wallpaperchanger"
cmd4="sh lxde-wallpaperchanger/wallpaperchanger.sh &"
nh -r \$cmd1;
nh -r \$cmd2;
nh -r \$cmd3;
nh -r DISPLAY=:3;
DISPLAY=:3;
nh -r \$cmd4&
exit 0
EOF
chmod +x $NH_SEXY
}
function remote() {
NH_REMOTE=${PREFIX}/bin/remote
cat > $NH_REMOTE <<- EOF
#!/bin/bash -e
cd \${HOME}
unset LD_PRELOAD
if [ "\$1" = "install" ]; then
nh -r apt update && nh -r apt install tightvncserver lxde-core xorg kali-desktop-lxde kali-menu net-tools xterm lxterminal -y;
fi
if [ "\$1" = "stop" ]; then
nh -r USER=root /usr/bin/vncserver -kill :3
fi
if [ "\$1" = "start" ]; then
echo 'VNC Server listening on 0.0.0.0:5903 you can remotely connect another device to that display with a vnc viewer';
myip=\$(ifconfig | grep inet)
echo "\$myip"
nh -r mkdir -p /root/.vnc
nh -r wget -O /root/.vnc/xstartup https://pastebin.com/raw/McmmnZc3 >.wget
nh -r chmod +rwx /root/.vnc/xstartup
nh -r USER=root /usr/bin/vncserver :3 &
fi
if [ "\$1" = "passwd" ]; then
nh -r vncpasswd;
fi
exit 0
EOF
chmod +x $NH_REMOTE
}
function create_launcher() {
NH_LAUNCHER=${PREFIX}/bin/nethunter
NH_SHORTCUT=${PREFIX}/bin/nh
cat > $NH_LAUNCHER <<- EOF
#!/bin/bash -e
cd \${HOME}
## termux-exec sets LD_PRELOAD so let's unset it before continuing
unset LD_PRELOAD
## Default user is "kalilinux"
user="kalilinux"
home="/home/kalilinux"
start="sudo -u kalilinux /bin/bash --login"
## NH can be launched as root with the "-r" cmd attribute
## Also check if user $USERNAME exists, if not start as root
if grep -q "\$USERNAME" \${CHROOT}/etc/passwd; then
KALIUSR="1";
else
KALIUSR="0";
fi
if [[ \$KALIUSR == "0" || ("\$#" != "0" && ("\$1" == "-r" || "\$1" == "-R")) ]]; then
user="root"
home="/\$user"
start="/bin/bash --login"
if [[ "\$#" != "0" && ("\$1" == "-r" || "\$1" == "-R") ]]; then
shift
fi
fi
cmdline="proot \\
$(if [ ! -z "$getprop" ]; then echo "--link2symlink \\\\"; fi)
-0 \\
-r $CHROOT \\
-b /dev \\
-b /proc \\
-b \${CHROOT}\${home}:/dev/shm \\
-w \$home \\
/usr/bin/env -i \\
HOME=\${home} \\
PATH=/usr/local/sbin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin \\
TERM=\$TERM \\
LANG=C.UTF-8 \\
\$start"
cmd="\$@"
if [ "\$#" == "0" ]; then
exec \$cmdline
else
\$cmdline -c "\$cmd"
fi
EOF
chmod +rxs-w $NH_LAUNCHER
if [ -L ${NH_SHORTCUT} ]; then
rm -f ${NH_SHORTCUT}
fi
if [ ! -f ${NH_SHORTCUT} ]; then
ln -s ${NH_LAUNCHER} ${NH_SHORTCUT} >/dev/null
fi
}
function fix_profile_bash() {
## Prevent attempt to create links in read only filesystem
if [ -f ${CHROOT}/root/.bash_profile ]; then
sed -i '/if/,/fi/d' "${CHROOT}/root/.bash_profile"
fi
}
function fix_sudo() {
## fix sudo & su on start
nh -r apt update
nh -r apt install sudo busybox -y
chmod +s $CHROOT/usr/bin/sudo
chmod +s $CHROOT/usr/bin/su
echo "kalilinux ALL=(ALL:ALL) ALL" > $CHROOT/etc/sudoers.d/kalilinux
# https://bugzilla.redhat.com/show_bug.cgi?id=1773148
echo "Set disable_coredump false" > $CHROOT/etc/sudo.conf
}
function fix_uid() {
## Change $USERNAME uid and gid to match that of the termux user
GRPID=$(id -g)
chmod 440 $CHROOT/etc/sudoers $CHROOT/etc/sudo.conf $CHROOT/etc/hosts $CHROOT/usr/bin/sudo
chmod 777 /bin/nh /bin/nethunter /bin/remote /bin/webd /bin/upd /bin/sexywall ${CHROOT}/home/${USERNAME} -R
nh -r usermod -g sudo $USERNAME 2>/dev/null
nh -r groupmod -g $GRPID $USERNAME 2>/dev/null
if [ -f "/usr/sbin/ifconfig" ]; then mv -f /usr/sbin/ifconfig /usr/bin/ifconfig; fi
chmod 777 /usr/bin/ifconfig
nh -r chmod +sxr-w /usr/bin/sudo;
}
cd $HOME
prepare_fs
check_dependencies
get_rootfs
get_sha
verify_sha
extract_rootfs
printf "\n${blue}[*] Configuring NetHunter for $(uname -a) ...\n"
printf "${green}[=] NetHunter for Termux installed successfully${reset}\n\n"
printf "${green}[+] To start NetHunter, type:${reset}\n"
printf "${green}[+] nethunter # To start NetHunter cli${reset}\n"
printf "${green}[+] nethunter -r # To run NetHunter as root${reset}\n"
printf "${green}[+] nh # Shortcut for nethunter${reset}\n\n"
printf "${green}[+] upd # install ALL nethunter tools${reset}\n\n"
printf "${green}[+] remote install # To install a LXDE Display Manager on port 5903 reachable by other devices${reset}\n\n"
printf "${green}[+] remote start # To start the VNC server${reset}\n\n"
printf "${green}[+] remote passwd # To change the remote VNC password${reset}\n\n"
printf "${green}[+] remote stop # To stop the VNC server${reset}\n\n"
printf "${green}[+] sexywall & # To install a sexy wallpaper rotator in LXDE for remote sessions${reset}\n\n"
printf "${green}[+] webd & # To install an SSL Website www.mollyeskam.net as template${reset}\n\n"
create_launcher
update
sexywall
remote
webd
nh -r hostname -b localhost
nh -r useradd -m kalilinux
echo "127.0.0.1 localhost localhost.localdomain localhost localhost.localdomain4" > $CHROOT/etc/hosts
echo "::1 localhost localhost.localdomain localhost localhost.localdomain6" >> $CHROOT/etc/hosts
cleanup
fix_profile_bash
fix_sudo
fix_uid
print_banner
if [ ! -d "${CHROOT}/home/kalilinux/" ]; then mkdir ${CHROOT}/home/kalilinux/; fi
if [ ! -d "${CHROOT}/root/Desktop/" ]; then mkdir ${CHROOT}/root/Desktop/; fi
if [ ! -d "${CHROOT}/root/Desktop/Wallpapers" ]; then mkdir ${CHROOT}/root/Desktop/Wallpapers; fi
if [ ! -d "${CHROOT}/root/.vnc" ]; then mkdir ${CHROOT}/root/.vnc; fi