forked from mercolino/mhn_kippo_graphs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdeploy_cowrie_MySQL.sh
89 lines (65 loc) · 2.67 KB
/
deploy_cowrie_MySQL.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
#!/bin/bash
set -e
set -x
if [ $# -ne 2 ]
then
echo "Wrong number of arguments supplied."
echo "Usage: $0 <server_url> <deploy_key>."
exit 1
fi
server_url=$1
deploy_key=$2
wget $server_url/static/registration.txt -O registration.sh
chmod 755 registration.sh
# Note: this will export the HPF_* variables
. ./registration.sh $server_url $deploy_key "cowrie-mysql"
apt-get update
apt-get -y install python-twisted python-crypto python-pyasn1 python-gmpy2 python-zope.interface python-dev openssl python-openssl git python-pip supervisor authbind python-mysqldb openssh-server
# Create non-root cowrie user
useradd -d /home/cowrie -s /bin/bash -m cowrie -g users
# Get the cowrie source
cd /opt
git clone https://github.com/micheloosterhof/cowrie.git cowrie
cd cowrie
# Cowrie's configuration file
cp cowrie.cfg.dist cowrie.cfg
sed -i 's/hostname = svr04/hostname = server/g' cowrie.cfg
sed -i 's/#report_public_ip = true/report_public_ip = true/g' cowrie.cfg
sed -i 's/#listen_port = 2222/listen_port = 22/g' cowrie.cfg
sed -i 's/ssh_version_string = SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2/ssh_version_string = SSH-2.0-OpenSSH_6.7p1 Ubuntu-5ubuntu1.3/g' cowrie.cfg
sed -i 's/#\[database_hpfeeds\]/[database_hpfeeds]/g' cowrie.cfg
sed -i "s/#server = hpfeeds.mysite.org/server = $HPF_HOST/g" cowrie.cfg
sed -i "s/#port = 10000/port = $HPF_PORT/g" cowrie.cfg
sed -i "s/#identifier = abc123/identifier = $HPF_IDENT/g" cowrie.cfg
sed -i "s/#secret = secret/secret = $HPF_SECRET/g" cowrie.cfg
sed -i 's/#debug=false/debug=false/' cowrie.cfg
sed -i 's/#\[output_mysql\]/[output_mysql]/g' cowrie.cfg
sed -i "s/#host = localhost/host = $HPF_HOST/g" cowrie.cfg
sed -i "s/#database = cowrie/database = cowrie_${HPF_IDENT//-/_}/g" cowrie.cfg
sed -i 's/#username = cowrie/username = cowrie/g' cowrie.cfg
sed -i "s/#password = secret/password = $HPF_SECRET/g" cowrie.cfg
sed -i 's/#port = 3306/port = 3306/' cowrie.cfg
#Fix permissions for cowrie user
chown -R cowrie:users /opt/cowrie/
# authbind to listen as non-root on port 22
touch /etc/authbind/byport/22
chown cowrie /etc/authbind/byport/22
chmod 770 /etc/authbind/byport/22
# Setup start.sh cowrie file to enable authbind
cp start.sh start.sh.backup
sed -i 's/AUTHBIND_ENABLED=no/AUTHBIND_ENABLED=yes/g' start.sh
sed -i 's/authbind --deep twistd -l/authbind --deep twistd -n -l/g' start.sh
chmod 775 start.sh
# Config for supervisor
cat > /etc/supervisor/conf.d/cowrie.conf <<EOF
[program:cowrie]
command=su cowrie -c "sh /opt/cowrie/start.sh"
directory=/opt/cowrie
stdout_logfile=/opt/cowrie/log/cowrie.out
stderr_logfile=/opt/cowrie/log/cowrie.err
autostart=true
autorestart=true
stopasgroup=true
killasgroup=true
EOF
supervisorctl update