trustedsec / tap Goto Github PK

The TrustedSec Attack Platform is a reliable method for droppers on an infrastructure in order to ensure established connections to an organization.

License: Other

Shell 19.13% Python 80.87%

tap's Introduction

The TrustedSec Attack Platform (TAP)

TAP - Remote penetration testing platform builder.
Written by: David Kennedy @HackingDave
Company: TrustedSec (https://www.trustedsec.com)
Project page: https://github.com/trustedsec/tap
A TrustedSec Project - Copyright 2020
Supported operating systems: Linux (Ubuntu Linux preferred)

What is the TAP?

TAP is a remote penetration testing platform builder. For folks in the security industry, traveling often times becomes a burden and adds a ton of cost to the customer. TAP was designed to make the deployment of these boxes super simple and create a self-healing and stable platform to deploy remote penetration testing platforms. Essentially the concept is simple, you pre-configure a brand new box and run the TAP setup file. This will install a service on Linux that will be configured the way you want. What it will do is establish a reverse SSH tunnel back to a machine thats exposed on the Internet for you. From there you can access the box locally from the server it connects back to. TAP automatically detects when an SSH connection has gone stale and will automatically rebuild it for you.

It also has a number of other options, for example, in the event you lose SSH, it'll connect out to a text file and execute commands for you. Also updates itself continiously as well as ensure that you are running the latest packages for Ubuntu Linux (if that is your OS).

TAP Installation

python setup.py - This will install TAP.

In order to uninstall TAP:

python setup.py - This will uninstall TAP.

TAP Instructions

When setting up TAP, the questions you may have is the REMOTE ssh server, this would be an external box you have with SSH exposed. This would be your box you want the TAP machine to connect back to, the machine you have on the Internet waiting for connections. It is not recommended to use root as this is a security oversight. Use a normal user to establish the SSH tunnel. Right now its password only although lateron we will be adding support for SSH keys. The password is stored using AES however the cipher key storage is insecure at the moment. Someone with maintained access to the box could grab the cipher key and decrypt the password in the config with enough time and persistence. Will fix this in a later release date.

The second is the LOCAL port that will be on the REMOTE box. When TAP connects back via reverse SSH, it connects to the REMOTE box and establishes a local port on the machine. When you SSH to the remote box on the Internet, you will want to ssh user@localhost -p . This will be the port TAP bindes to on the REMOTE system so you can access it.

Once you configure that, TAP has a default path it pulls updates from, you can change this to your own update path. I intentionally kept this off github so you can specify what you want for approved updates.

Next, you can send commands to the TAP, it checks every two minutes for new instructions. You need to specify a path, for example:

https://websiteurl/commands.txt

TAP will check that path every two minutes looking for new commands, note that this next part is IMPORTANT. The first line of the text file MUST contain "EXECUTE COMMAND" (without the double quotes). Once TAP identifies this, it will check to see if the command was executed before and if not it will execute the commands line by line. This is useful when you lose connection with TAP and need to call execute commands to fix it.

Once you run setup, it will install the files in /usr/share/tap. It will automatically start if you specify, and will automatically check for updates such as Debian updates, TAP updates, etc.

You should also whitelist the update servers if you are using Debian as well as your REMOTE box you connect back to.

Thats it!

In the event that you decide not to use SSH keys and use passwords, the config stores it in an AES format (requires python-pycrypto). If you need to update the password, go to the scripts directory which has an update-password script to update the encrypted password and create a new dynamic cipher key.

Also a neat trick once you are there is a small tool we wrote for basically a SSH VPN. This works out great if you aren't doing large traffic volumes such as port scans, vulnerability scans, etc. The below is a simple tool that wraps sshuttle to create the VPN. Just save the below file into a python file and run and use the commands. It'll VPN you in to the remote network where TAP is deployed. You can do anything such as long as it isn't extremely large volume traffic (pretty stable).

There's two ways to handle a VPN, first is through the method below with SSHuttle. You can also use a transparent VPN that was created by Geoff Walton at TrustedSec that is located in the under the scripts folder. This will create a TAP interface and VPN you into the system through SSH. With SSHuttle, things like port scans do not work properly, would highly recommend the ssh-tunnel script.

SSHUTTLE Tunneling Script

SSHUTTLE is a tool that allows you to use SSH as a method for a transparent proxy VPN. You can use this script to communicate with the remote TAP device and tunnel your system over the proxy for a full VPN. This allows you to do testing through your own device, and not leverage the TAP device itself.

import subprocess 
import time

if not os.path.isfile("/usr/sbin/sshuttle"): 
    print "[!] SSHUTTLE does not appear to be installed, installing now" 
    subprocess.Popen("apt-get install sshuttle -f", shell=True).wait() 

print("Welcome to the sshuttle wrapper for TAP.") 
print("Enter the address for the SSH server, i.e. box.sshserver.com") 
reverse1 = input("Enter SSH server (REMOTE server): ") 
reverse2 = input("Enter the remote SSH port for %s:: " % (reverse1)) 
reverse3 = input("Enter the port to tunnel for the  local TAP machine (i.e. TAP box localhost port): ") 
reverse4 = input("Enter the username to connect to REMOTE system: ") 
print)"Triggering tunnel now...") 
time.sleep(2)
subprocess.Popen("ssh -f %s@%s -L %s:localhost:%s -N" % (reverse4, reverse1, reverse3, reverse2), shell=True).wait()
subprocess.Popen("sshuttle --dns -vr %s@localhost:%s 0/0" % (reverse4,reverse3), shell=True).wait()

Using Proxy Chains

TAP uses proxychains4 (proxychains-ng) to tunnel all of your http/https traffic through SSH to your remote box. This helps with content/egress filtering so you can ensure you always have everything up-to-date. In order to use proxychains, just type proxychains4 <command_you_want_to_use> - TAP updates automatically use this.

Logging

TAP during the setup process will prompt you to see if you want to log all commands executed on the system. If you do, all commands that are entered on the system will be logged so that you can provide to the customer or keep records of what happened on the devices. All logs are saved under /var/log/messages.

Supported Operating Systems

Ubuntu 18.04 LTS (should work fine on debian and other ubuntu versions)

tap's People

Contributors

Stargazers

Watchers

Forkers

jsmit260 jmassapina 0x0mar securextools dipsec shark2016 lucabongiorni eniac888 androdev4u aliabadi h121h ognz darrow jakuta-tech errollunbe gvsurenderreddy 00derp pabit volt72 cydoor gr3yr0n1n kaicastledine connlan ankushgoel27 methos2016 wflk deki0r yehgdotnet cephurs 3rawkz buckshotwhoami olivierh59500 connor-wool cybershieldconsulting amorb n4yk mgcfish benzo-benzin houcy snollyg0st3r vinnytroia nightlionsecurity fireh7nter littleairmada h0k5 1tryhard h4ckl4bm3 sireof ro9ueadmin ykankaya dev0p0 globalnetsec charliebwup discoking 8l4nk saintz666 heikipikker citadelofblairs bryanks ashr l9sk stefaanbolle rafi693 techris45 und3rcl0ck3d chazmacc red-infosec darkoperator mmilleror pentest-tools jermainlaforce leethobbit marciopocebon tile2tile mmg1 argonauta666 mlynchcogent kamikazerascal carlwc israelccarvalho weber11 crispud tnarnold projectzerodays caprico1 gugas1nwork ketaminekid423 theassyrian spoonman1091 stefanoratto h0ffayyy jeffaf pandora-research ninewires rakhithjk masoud92m benheise grimmkr3w wrexshit247 cnnrshd

tap's Issues

Use SSH keys instead of plaintext passwords in a config file

Finding: Sensitive Data Stored Unencrypted, subtext: Encrypted data stored alongside keys to decrypt it. ;)

update_password.py tries to import TARDIS

Looks like this got renamed to TAP... ?

Error with setup.py when using SSH keys

Setup script finishes with password authentication. When choosing Private/Public Key, it crashes after prompting for password.

Enter your password for the remote SSH server:
Traceback (most recent call last):
File "setup.py", line 262, in
child.expect("password")
File "/usr/lib/python2.7/dist-packages/pexpect/spawnbase.py", line 315, in expect
timeout, searchwindowsize, async)
File "/usr/lib/python2.7/dist-packages/pexpect/spawnbase.py", line 339, in expect_list
return exp.expect_loop(timeout)
File "/usr/lib/python2.7/dist-packages/pexpect/expect.py", line 102, in expect_loop
return self.eof(e)
File "/usr/lib/python2.7/dist-packages/pexpect/expect.py", line 49, in eof
raise EOF(msg)
pexpect.exceptions.EOF: End Of File (EOF). Exception style platform.
<pexpect.pty_spawn.spawn object at 0x7f91b411e3d0>
command: /usr/bin/ssh
args: ['/usr/bin/ssh', '[email protected]', '-p', '22']
searcher: None
buffer (last 100 chars): ''
before (last 100 chars): "nently added 'x.x.x.x' (ECDSA) to the list of known hosts.\r\r\nPermission denied (publickey).\r\r\n"
after: <class 'pexpect.exceptions.EOF'>
match: None
match_index: None
exitstatus: 255
flag_eof: True
pid: 29743
child_fd: 6
closed: False
timeout: 30
delimiter: <class 'pexpect.exceptions.EOF'>
logfile: None
logfile_read: None
logfile_send: None
maxread: 2000
ignorecase: False
searchwindowsize: None
delaybeforesend: 0.05
delayafterclose: 0.1
delayafterterminate: 0.1
root@xxx-TAP:/home/xxx/tap#

Error with setup when using Password.

Everything seems to run fine under Ubuntu 18.04 until the password encrypting phase. See below:

[*] Encrypting the password now..
Traceback (most recent call last):
  File "setup.py", line 206, in <module>
    password = encryptAES(password)
  File "setup.py", line 77, in encryptAES
    return str(aes) + "::::" + secret
TypeError: must be str, not bytes

setup.py is seriously flawed

setup.py is seriously flawed, at least when running on Raspberry Pi.
Corrected the errors in a way that is is working for me.

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#
# quick script for installing tap
#
##
import subprocess,re,os,shutil,sys
import base64
from src.core.tapcore import ssh_keygen
from src.core.tapcore import motd
from src.core.tapcore import set_background
import getpass
import sys
try:
    import pexpect
except ImportError:
    subprocess.Popen("apt-get -y install python-pexpect", shell=True).wait()
    try:
        import pexpect
    except ImportError:
        print("Install python-pexpect first, then re-run setup.")
        sys.exit(1)

print("[*] Installing some base modules requested...")
subprocess.Popen("apt-get -y install nfs-common tree htop tshark smbclient", shell=True).wait()

# add customized metasploit banner
if os.path.isdir("/root/.msf4/"): 
    print("[*] Metasploit installed, installing custom banner and timestamp to /root/.msf4/config")
    filewrite = open("/root/.msf4/config", "w")
    filewrite.write("[framework/core]\nSessionLogging=true\nLogLevel=5\nTimestampOutput=true\nPromptTimeFormat=%I:%H:%S\nConsoleLogging=true\nprompt=%grn[%grn%T] %grnTrustedSec %whiMSF%whi (s:%grn%S %whij:%grn%J%whi)\nload sounds\n[framework/ui/console]")
    filewrite.close()

def kill_tap():
    proc = subprocess.Popen("ps -au | grep tap", stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
    for line in proc.stdout:
        try:
            match = re.search("tap.py", line)
            if match:
                print("[*] Killing running version of TAP..")
                line = line.split(" ")
                pid = line[6]
                subprocess.Popen("kill %s" % (pid), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait()
                print("[*] Killed the TAP process: " + pid)

        except: pass

        try:
            # kill the heartbeat health check
            match = re.search("heartbeat.py", line)
            if match:
                print("[*] Killing running version of TAP HEARTBEAT..")
                line = line.split(" ")
                pid = line[6]
                subprocess.Popen("kill %s" % (pid), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait()
                print("[*] Killed the Heartbeat TAP process: " + pid)
        except: pass

# here we encrypt via aes, will return encrypted string based on secret key which is random
def encryptAES(data):
    # the character used for padding--with a block cipher such as AES, the value
    # you encrypt must be a multiple of BLOCK_SIZE in length.  This character is
    # used to ensure that your value is always a multiple of BLOCK_SIZE
    PADDING = '{'
    BLOCK_SIZE = 32
    # one-liner to sufficiently pad the text to be encrypted
    pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING
    # random value here to randomize builds
    a = 50 * 5
    # one-liners to encrypt/encode and decrypt/decode a string
    # encrypt with AES, encode with base64
    EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))
    DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)
    secret = os.urandom(BLOCK_SIZE)
    cipher = AES.new(secret)
    secret = base64.b64encode(secret)
    aes = EncodeAES(cipher, data)
    return aes.decode("utf-8") + "::::" + secret.decode("utf-8")

print (r"""
                                                                      
TTTTTTTTTTTTTTTTTTTTTTT         AAA               PPPPPPPPPPPPPPPPP   
T:::::::::::::::::::::T        A:::A              P::::::::::::::::P  
T:::::::::::::::::::::T       A:::::A             P::::::PPPPPP:::::P 
T:::::TT:::::::TT:::::T      A:::::::A            PP:::::P     P:::::P
TTTTTT  T:::::T  TTTTTT     A:::::::::A             P::::P     P:::::P
        T:::::T            A:::::A:::::A            P::::P     P:::::P
        T:::::T           A:::::A A:::::A           P::::PPPPPP:::::P 
        T:::::T          A:::::A   A:::::A          P:::::::::::::PP  
        T:::::T         A:::::A     A:::::A         P::::PPPPPPPPP    
        T:::::T        A:::::AAAAAAAAA:::::A        P::::P            
        T:::::T       A:::::::::::::::::::::A       P::::P            
        T:::::T      A:::::AAAAAAAAAAAAA:::::A      P::::P            
      TT:::::::TT   A:::::A             A:::::A   PP::::::PP          
      T:::::::::T  A:::::A               A:::::A  P::::::::P          
      T:::::::::T A:::::A                 A:::::A P::::::::P          
      TTTTTTTTTTTAAAAAAA                   AAAAAAAPPPPPPPPPP          
                                                                    
        The TrustedSec Attack Platform
        Written by: Dave Kennedy (@HackingDave)

        https://github.com/trustedsec/tap

       The self contained-deployable penetration testing kit
""")

print(""" 
Welcome to the TAP installer. TAP is a remote connection setup tool that will install a remote
pentest platform for you and automatically reverse SSH out back to home.
 """)

if os.path.isfile("/etc/init.d/tap"):
    answer = input("TAP detected. Do you want to uninstall [y/n:] ")
    if answer.lower() == "yes" or answer.lower() == "y":
        answer = "uninstall"

if not os.path.isfile("/etc/init.d/tap"):
    answer = input("Do you want to start the installation of TAP: [y/n]: ")

# if they said yes
if answer.lower() == "y" or answer.lower() == "yes":
        print("[*] Checking to see if TAP is currently running...")

        # kill running processes
        kill_tap()

        print("[*] Beginning installation. This should only take a moment.")
        # if directories aren't there then create them
        if not os.path.isdir("/usr/share/tap"):
                os.makedirs("/usr/share/tap")

        
        # install to rc.local
        print("[*] Adding TAP into startup through init scripts..")
        if os.path.isdir("/etc/init.d"):
            # remove old startup
            if os.path.isfile("/etc/init.d/tap"): os.remove("/etc/init.d/tap")

            # startup script here
            fileopen = open("src/core/startup_tap", "r")
            config = fileopen.read()
            filewrite = open("/etc/init.d/tap", "w")
            filewrite.write(config)
            filewrite.close()
            print("[*] Triggering update-rc.d on TAP to automatic start...")
            subprocess.Popen("chmod +x /etc/init.d/tap", shell=True).wait()
            subprocess.Popen("update-rc.d tap defaults", shell=True).wait()

        # setting background
        #print("[*] Setting background..")
        #set_background()
                
        # install git and update everything
        print("[*] Updating everything beforehand...")
        subprocess.Popen("apt-get update && apt-get --force-yes -y upgrade && apt-get --force-yes -y dist-upgrade", shell=True).wait()
        subprocess.Popen("apt-get --force-yes -y install git python-crypto python-pexpect openssh-server net-tools", shell=True).wait()
        from Crypto.Cipher import AES
        choice = input("Do you want to keep TAP updated? (requires internet) [y/n]: ")
        if choice == "y" or choice == "yes":
            print("[*] Checking out latest TAP to /usr/share/tap")
            # if old files are there
            if os.path.isdir("/usr/share/tap/"):
                    shutil.rmtree('/usr/share/tap')
            if not os.path.isdir("/usr/share/tap"):
                os.makedirs("/usr/share/tap")
            subprocess.Popen("cd /usr/share/;git clone https://github.com/trustedsec/tap tap/", shell=True).wait()
            print("[*] Finished. If you want to update tap go to /usr/share/tap and type 'git pull'")
            AUTO_UPDATE="ON"
        else:
            print("[*] Copying setup files over...")
            AUTO_UPDATE="OFF"
            if os.path.isdir("/usr/share/tap/"):
                shutil.rmtree('/usr/share/tap')
            if not os.path.isdir("/usr/share/tap"):
                os.makedirs("/usr/share/tap")
            subprocess.Popen("cp -rf * /usr/share/tap/", shell=True).wait()


        print("[*] Next we need to configure the remote SSH server you will want to tunnel over.")
        print("[*] This is the main remote SSH server you have running on the Internet that TAP will call back to.")
        print("\nWe need to figure out which method you want to use. The first method will use SSH keys\nfor authentication (preferred). This will generate a pub/priv key pair on your machine\nand automatically upload the key to the remote server. When that happens, a password\nwill not be needed then. The second method will use an actual password for authentication\non the remote server. The password is encrypted with AES but not in a secure format (decryption keys are stored locally, need to be).\n\n")
        choice1 = input("Choice 1: Use SSH keys, Choice 2: Use password (1,2)[1]: ")
        password = ""
        if choice1 == "1" or choice1 == "":
            choice1 = "ssh_keys"
        else:
            choice1 = "password"

        # generate ssh_key gen from setcore
        if choice1 == "ssh_keys":
            print("[*] SSH Key generation was selected, we will begin the process now.")
            #password = getpass.getpass("Enter the passphrase for your new SSH key: ")
            password = ""
            ssh_keygen(password)

        # if we are just using straight passwords
        if choice1 == "password":
            print("[*] This will ask for a username on the REMOTE system (root not recommended)")
            print("The username and password being requested would be the username and password needed to log into the REMOTE system that you have exposed on the Internet for the reverse SSH connection. For example, the TAP box needs to connect OUTBOUND to a box on the Internet - this would be the username and password for that system. ROOT access is NOT needed. This is a simple SSH tunnel. Recommend restricted account in case this box gets taken and has creds on it. Better preference is to use SSH keys.")
            username = input("Enter username for ssh [root]: ")
            if username == "": 
                username = "root"
            else:                                    
                password = getpass.getpass("Enter password for %s: " % (username))
    
        if password != "":
            print("[*] Encrypting the password now..")
            password = encryptAES(password) 
            store = password.split("::::")
            password = store[0]
            key = store[1]

            # if the key directory isnt created, do it real quick
            if not os.path.isdir("/root/.tap"):
                os.makedirs("/root/.tap")
            filewrite = open("/root/.tap/store", "w")
            filewrite.write(key)
            filewrite.close()

        print("[!] Warning when specifying hostname - this implies that the remote TAP device will have DNS - otherwise this will fail.")
        host = input("Enter the remote IP or hostname for SSH connect (remote external server): ")
        port = input("Enter the PORT to the reverse SSH connect (remote external SSH port)[22]: ")
        if port == "": port = "22"
        print("[*] This next option will be the LOCAL port on the EXTERNAL box you will need to SSH into when TAP calls back. For example, when the SSH connection is sent from the TAP device to the box on the Internet, a local port is created on the remote box, so if you wanted to get into the tap, you would first SSH into the remote box, then ssh username@localhost -p <port you specify below>.")
        localport = input("Enter the LOCAL port that will be on the remote SSH box [10003]: ")
        socks = input("Enter the LOCAL port that will be used for the SOCKS HTTP proxy [10004]: ")
        if localport == "": localport = "10003"
        if socks == "": socks = "10004"
        if AUTO_UPDATE == "ON":
            print("[*] The update server is a path to pull NEW versions of the TAP device. Using git isn't recommended if you customize your builds for your TAP devices. By default this will pull from git pull https://github.com/trustedsec/tap - recommended you change this.")
            print("[*] For this field - you want to put every command you would run if you aren't using git, for example - wget https://yourcompany.com/tap.tar.gz;tar -zxvf tap.tar.gz")
            updates = input("Enter the commands for your update server [trustedsec (default)]: ")
            if updates == "": updates = "git pull"
            commands = input("Enter URL to text file of commands (ex. https://yourwebsite.com/commands.txt): ")
            if commands == "": print("[!] No update server detected, will leave this blank.")
        else:
            updates = ""
            print("""The next option allows you to specify a URL to execute commands.\nThis is used if you mess up and don't have reverse SSH access. Place a file in this location and TAP will execute the commands.""")
            commands = input("Enter URL to text file of commands (ex. https://yourwebsite.com/commands.txt): ")
            if commands == "": print("[!] No update server detected, will leave this blank.")
            print("[*] Creating the config file.")

        # determine if SSH keys are in use 
        if choice1 == "ssh_keys":
            ssh_keys = "ON"
            print("[*] We need to upload the public key to the remote server, enter the password for the remote server (once) to upload when prompted.")
            # clearing known hosts
            if os.path.isfile("/root/.ssh/known_hosts"):
                print("[!] Removing old known_hosts files..")                    
                os.remove("/root/.ssh/known_hosts")

            # pull public key into memory

            fileopen = open("/root/.ssh/id_rsa.pub", "r")
            pub = fileopen.read()
            # spawn pexpect to add key
            print("[*] Spawning SSH connection and modifying authorized hosts.")
            print("[*] Below will ask for a username and password, this is for the REMOTE server exposed on the Internet. This is a one time thing where the TAP device will upload and add the SSH keys to the remote system in order to handle SSH authentication. This is the PW for your external server on the Internet.")
            username = input("Enter the username for the REMOTE account to log into the EXTERNAL server: ")
            if username == "": username = "root"
            child = pexpect.spawn("ssh %s@%s -p %s" % (username,host,port))
            password_onetime = getpass.getpass("Enter your password for the remote SSH server: ")
            i = child.expect(['The authenticity of host', 'password', 'Connection refused'])
            if i == 0:
                child.sendline("yes")
                child.expect("password")
                child.sendline(password_onetime)

            if i == 1:
                child.sendline(password_onetime)

            if i ==2:
                print ("Cannot connect to server - connection refused. Please check the port and try again.")
                sys.exit()

            # here we need to verify that we actually log in with the right password
            i = child.expect(['Permission denied, please try again.', 'Last login:'])
            if i == 0:
                print("[!] ERROR!!!! You typed in the wrong password.")
                password_onetime = getpass.getpass("Lets try this again. Enter your SSH password: ")
                child.sendline(password_onetime)
                # second time fat fingering, no dice bro
                i = child.expect(['Permission denied, please try again.'])
                if i == 0:
                    print("[!] Sorry boss, still denied. Figure out the password and run setup again.")
                    print("[!] Exiting TAP setup...")
                    # exit TAP here
                    sys.exit()
                # successfully logged in
                else:
                    print("[*] Successfully logged into the system, good to go from here!")

            if i == 1:
                print("[*] Successfully logged into the system, good to go from here!")

            # next we grab the hostname so we can enter it in the authorized keys for a description
            fileopen = open("/etc/hostname", "r")
            hostname = fileopen.read()
            # add a space
            child.sendline("echo '' >> ~/.ssh/authorized_keys")
            # comment code for authorized list
            child.sendline("echo '# TAP box for hostname: %s' >> ~/.ssh/authorized_keys" % (hostname))
            # actual ssh key
            child.sendline("echo '%s' >> ~/.ssh/authorized_keys" % (pub))
            print("[*] Key for %s added to the external box: %s" % (hostname, host))
                   
        else:
            ssh_keys ="OFF"

        # do you want to log everything
        print("TAP has the ability to log every command used via SSH. This is useful for customers who want log files of the pentest. All logs are saved in /var/log/messages")
        log_everything = input("Do you want to log everything? yes or no [yes] ")
        if log_everything == "": log_everything = "yes"
        log_everything = log_everything.upper()

        # write out the config file
        filewrite = open("/usr/share/tap/config", "w")
        filewrite.write("# tap config options\n\n")
        filewrite.write("# The username for the ssh connection\nUSERNAME=%s\n# The password for the reverse ssh connection\nPASSWORD=%s\n# The reverse ssh ipaddr or hostname\nIPADDR=%s\n# The port for the reverse connect\nPORT=%s\n" % (username, password,host,port))
        filewrite.write("# SSH check is in seconds\nSSH_CHECK_INTERVAL=60\n")
        filewrite.write("# The local SSH port on the reverse SSH host\nLOCAL_PORT=%s\n" % (localport))
        filewrite.write("# Where to pull updates from\nUPDATE_SERVER=%s\n" % (updates))
        filewrite.write("# URL for command updates - ENSURE THAT THE FIRST LINE OF TEXT FILE HAS: 'EXECUTE COMMANDS' or it will not execute anything!\nCOMMAND_UPDATES=%s\n" % (commands))
        filewrite.write("# SPECIFY IF TAP WILL AUTOMATICALLY UPDATE OR NOT\nAUTO_UPDATE=%s\n" % (AUTO_UPDATE))
        filewrite.write("# SPECIFY IF SSH KEYS ARE IN USE OR NOT\nSSH_KEYS=%s\n" % (ssh_keys))
        filewrite.write("# LOG EVERY COMMAND VIA SSH? YES OR NO - ALL LOGS GO TO /var/log/messages\nLOG_EVERYTHING=%s\n" % (log_everything))
        filewrite.write("# THIS IS USED TO TUNNEL SOCKS HTTP TRAFFIC FOR LINUX UPDATES\nSOCKS_PROXY_PORT=%s\n" % (socks))
        filewrite.close()

        # set the background
        # background()
        
        # update motd
        client = input("What customer are you deploying this to: ")
        motd(client)

        # configuring permissions
        subprocess.Popen("chmod +x /usr/share/tap/tap.py;chmod +x /usr/share/tap/src/core/heartbeat.py", shell=True).wait()

        # ensure proxychains is installed
        print("[*] Installing proxychains-ng for SOCKS5 proxy support.")
        subprocess.Popen("git clone https://github.com/rofl0r/proxychains-ng proxy;cd proxy;./configure && make && make install;cd ..;rm -rf proxy", shell=True).wait()

        # enable root login
        print("[*] Enabling SSH-Server and allow remote root login.. Please ensure and test this ahead of time.")
        data = open("/etc/ssh/sshd_config", "r").read()
        filewrite = open("/etc/ssh/sshd_config", "w")
        data = data.replace("PermitRootLogin without-password", "PermitRootLogin yes")
        filewrite.write(data)
        filewrite.close()
        print("[*] Restarting the SSH service after changes.")
        subprocess.Popen("service ssh restart", shell=True).wait()
        print("[*] Installation complete. Edit /usr/share/tap/config in order to config tap to your liking..")
        print("[*] Pulling the PenTesters Framework - when installation finishes go to /pentest/ptf, ./ptf, and install all (use modules/install_update_all")
        if not os.path.isdir("/pentest/"): os.makedirs("/pentest")
        if not os.path.isdir("/pentest/ptf"):
            subprocess.Popen("cd /pentest;git clone https://github.com/trustedsec/ptf ptf", shell=True).wait()
                
        # start TAP, yes or no?
        choice = input("Would you like to start TAP now? [y/n]: ")
        if choice == "yes" or choice == "y":
            subprocess.Popen("/etc/init.d/tap start", shell=True).wait()

        print("[*] All finished, now run the following command to install all of your tools: ")
        ptf = input("[-] Do you want to install all PTF modules now? [yes][no]: ")
        if ptf == "yes" or ptf == "y":
            print("[*] Installing PTF modules/install_update_all...")
            os.chdir("/pentest/ptf")
            child = pexpect.spawn("python ptf")
            child.expect("ptf")
            child.sendline("use modules/install_update_all")
            child.interact()
                
        else:
            print("[*] cd /pentest/ptf, ./ptf, use modules/install_update_all")

# uninstall tap
if answer == "uninstall":
    os.remove("/etc/init.d/tap")
    subprocess.Popen("rm -rf /usr/share/tap", shell=True)
    subprocess.Popen("rm -rf /etc/init.d/tap", shell=True)
    print("[*] Checking to see if tap is currently running...")
    kill_tap()
    print("[*] TAP has been uninstalled. Manually kill the process if it is still running.")

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.

Jobs

Jooble