forked from tracelabs/tlosint-live
-
Notifications
You must be signed in to change notification settings - Fork 0
/
build_tracelabsiso_recipe.sh
executable file
·165 lines (137 loc) · 5.35 KB
/
build_tracelabsiso_recipe.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
#!/bin/bash
# Log output to STDOUT and to a file.
export logPath="squid_setup.log"
exec &> >( tee -a $logPath)
##### Fix display output for GUI programs (when connecting via SSH)
export DISPLAY=:0.0
export TERM=xterm
##### Check if we are running as root - else this script will fail
function root_check {
if [[ "${EUID}" -ne 0 ]]; then
echo -e "[!] This script must be run as root" 1>&2
echo -e "[!] Quitting..." 1>&2
exit 1
else
internet_access
fi
}
##### Check Internet access
function internet_access {
#--- Can we ping google?
for i in {1..10}; do ping -c 1 -W ${i} www.google.com &>/dev/null && break; done
#--- Run this, if we can't
if [[ "$?" -ne 0 ]]; then
echo -e '[!]'" Possible DNS issues(?)" 1>&2
echo -e '[!]'" Will try and use DHCP to 'fix' the issue" 1>&2
chattr -i /etc/resolv.conf 2>/dev/null
dhclient -r
dhclient
dhclient eth0 2>/dev/null
dhclient wlan0 2>/dev/null
#--- Wait and see what happens
sleep 15s
_TMP="true"
_CMD="$(ping -c 1 8.8.8.8 &>/dev/null)"
if [[ "$?" -ne 0 && "$_TMP" == "true" ]]; then
_TMP="false"
echo -e '[!]'" No Internet access" 1>&2
echo -e '[!]'" You will need to manually fix the issue, before re-running this script" 1>&2
fi
_CMD="$(ping -c 1 www.google.com &>/dev/null)"
if [[ "$?" -ne 0 && "$_TMP" == "true" ]]; then
_TMP="false"
echo -e '[!]'" Possible DNS issues(?)" 1>&2
echo -e '[!]'" You will need to manually fix the issue, before re-running this script" 1>&2
fi
if [[ "$_TMP" == "false" ]]; then
(dmidecode | grep -iq virtual) && echo -e " [i] VM Detected"
(dmidecode | grep -iq virtual) && echo -e " [i] Try switching network adapter mode (e.g. NAT/Bridged)"
echo -e '[!]'" You will need to manually fix the issue, before re-running this script, trying anyway" 1>&2
tlosint-install
fi
else
echo -e " [i] Detected Internet access" 1>&2
tlosint-install
fi
}
##### tlosint-live installation
function tlosint-install {
##### OS Version
OS_VERSION=$(cat /etc/issue)
kali_path="/opt/live-build-config"
tl_path="/opt/tlosint-live"
# check for kali live build on system
if [ -d "$kali_path" ]; then
# check for tlosint-live on system
if [ -d "$tl_path" ]; then
# check for not using Kali
if [ "$OS_VERSION" != "Kali GNU/Linux Rolling \n \l" ]; then
apt-get -qq install gnupg
# download kali signing key
wget -q 'https://archive.kali.org/archive-key.asc'
gpg --import archive-key.asc
rm -f archive-key.asc
# put key where apt will be expecting it
gpg --export 44C6513A8E4FB3D30875F758ED444FF07D8D0BF6 > /usr/share/keyrings/kali-archive-keyring.gpg
cat /etc/apt/sources.list > /etc/apt/sources.list.orig
echo "deb http://http.kali.org/kali kali-rolling main non-free contrib" > /etc/apt/sources.list
wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2022.1_all.deb
dpkg -i kali-archive-keyring_2022.1_all.deb
rm kali-archive-keyring_2022.1_all.deb
apt-get update -qq
else
# save host system apt settings
cat /etc/apt/sources.list > /etc/apt/sources.list.orig
fi
apt-get update -qq -y
dpkg --configure -a
apt --fix-broken install
echo "[+] Updates done ... "
apt-get install curl git -y
apt-get install live-build -y
apt-get install cdebootstrap -y
echo "[+] Live build pre-requisites installed ... "
# Copy all the files required for the Tracelabs ISO to the latest Kali live-build repo
cp -rfv $tl_path/kali-config/variant-tracelabs/ $kali_path/kali-config/
cp -rfv $tl_path/kali-config/common/hooks/normal $kali_path/kali-config/common/hooks/
cp -rfv $tl_path/kali-config/common/includes.chroot/etc/* $kali_path/kali-config/common/includes.chroot/etc/
cp -rfv $tl_path/kali-config/common/includes.chroot/usr/* $kali_path/kali-config/common/includes.chroot/usr/
echo "[+] Kali ISO build process starting ... "
##### removing version check to allow build on ubuntu (DON'T REMOVE, NEED THIS FOR CI\CD)
#sed -i '161s/.*/#exit 1/' /opt/live-build-config/build.sh
#sed -i '166s/.*/#exit 1/' /opt/live-build-config/build.sh
#sed -i '177s/.*/#exit 1/' /opt/live-build-config/build.sh
#sed -i '182s/.*/#exit 1/' /opt/live-build-config/build.sh
#sed -i '181s/.*/#exit 1/' /opt/live-build-config/build.sh
# fix memtest error, setting to none
sed -i 's/--memtest memtest86+/--memtest none/g' $kali_path/auto/config
$kali_path/build.sh --verbose --variant tracelabs
#rm -f kali-archive-keyring_2020.2_all.deb
# restore original apt settings
cat /etc/apt/sources.list.orig > /etc/apt/sources.list
rm -f /etc/apt/sources.list.orig
# if tlosint-live not in place
else
file_path=$(realpath $0)
repo_path=$(dirname "$file_path")
cp -r "$repo_path" "$tl_path"
tlosint-install
fi
# if live-build-config not in place
else
# Clone the Kali live-build and Tracelabs repositories
echo "[+] tlosint-live & live-build-config directories not found, creating."
git clone https://gitlab.com/kalilinux/build-scripts/live-build-config.git /opt/live-build-config
#copy current branch for building
file_path=$(realpath $0)
repo_path=$(dirname "$file_path")
cp -r "$repo_path" "$tl_path"
tlosint-install
fi
}
root_check
#clean up
iso_path=$(find /opt/live-build-config -name "*.iso")
mv "$iso_path" /opt/
rm -rf "$kali_path"
rm -rf "$tl_path"