forked from arm0red/scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkali-post-install
executable file
·128 lines (112 loc) · 5.24 KB
/
kali-post-install
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#!/bin/bash
clear
# _____ _
# | _ | | |
# __ _ _ __ _ __ ___ | |/' | _ __ ___ __| |
# / _` | '__| '_ ` _ \| /| || '__/ _ \/ _` |
# | (_| | | | | | | | \ |_/ /| | | __/ (_| |
# \__,_|_| |_| |_| |_|\___(_)_| \___|\__,_|
base64 -d <<<"H4sIAAAAAAAAA22NQQoAIQhF957CXQ0MeKHgdxAPP1+tWUSKEs+nqV4DESdTlbvtOfSDeeo8k7kb
iyNr7D9gW7opJl8tQINOOoN3jeOkFmBJwuq56PVd5VCnZovHSt/XB/DCEXqgKkJ0PEHj6SWpyAe/
8We1GwEAAA==" | gunzip
echo -e "\e[31;1m ***** \e[34;1m arm0.red Security \e[31;1m *****\e[0m"
echo -e "\e[31;1m ***** \e[34;1m Kali Post Install v1.8 \e[31;1m *****\e[0m"
# These changes are needed to make APT reuests encrypted with https
echo -e "\e[31;1m ***** \e[34;1m ADDING APT HTTPS SUPPORT \e[31;1m *****\e[0m"
sudo apt install apt-transport-https
sudo sed -i 's/http\:\/\//https\:\/\//g' /etc/apt/sources.list
echo ""
echo -e "\e[31;1m ***** \e[34;1m UPDATING APT PACKAGES \e[31;1m *****\e[0m"
sudo apt update && sudo apt full-upgrade -y
echo ""
# This is just a simple command line speedtest script
echo -e "\e[31;1m ***** INSTALLING \e[34;1m Speedtest-cli \e[31;1m *****\e[0m"
sudo apt install speedtest-cli -y
echo ""
# These packages are needed to connect to the TOR network
echo -e "\e[31;1m ***** INSTALLING \e[34;1m TOR \e[31;1m packages*****\e[0m"
sudo apt install tor torbrowser-launcher tor-geoipdb onionbalance onioncircuits onionshare vanguards -y
echo ""
# This package is used to force all traffic over the TOR network
echo -e "\e[31;1m ***** INSTALLING \e[34;1m Kali-AnonSurf \e[31;1m forked by \e[34;1m trackmastersteve \e[31;1m *****\e[0m"
sudo apt install git -y
mkdir ~/Code/
cd ~/Code/
git clone https://github.com/trackmastersteve/kali-anonsurf.git
cd kali-anonsurf
sudo ./installer.sh
echo ""
# Replacing insecure default SSH server keys with new ones
echo -e "\e[31;1m ***** CHANGING DEFAULT \e[34;1m SSH SERVER KEYS \e[31;1m *****\e[0m"
sudo mkdir /etc/ssh/default_kali_keys
sudo mv /etc/ssh/ssh_host_* /etc/ssh/default_kali_keys/
sudo dpkg-reconfigure openssh-server
echo "Old Keys:"
sudo md5sum /etc/ssh/default_kali_keys/*
echo "New Keys:"
sudo md5sum /etc/ssh/*
echo ""
# Generating new SSH client keys
echo -e "\e[31;1m ***** Generating new \e[34;1m SSH client keys \e[31;1m *****\e[0m"
ssh-keygen -t rsa
echo ""
# Generating new PGP keys
echo -e "\e[31;1m ***** Generating new \e[34;1m PGP keys \e[31;1m *****\e[0m"
gpg --gen-key
echo -e "\e[31;1m ***** SETTING UP \e[34;1m METASPLOIT DATABASE \e[31;1m *****\e[0m"
sudo systemctl start postgresql
sudo msfdb init
echo ""
# Installing Microsoft Visual Studio Code package
echo -e "\e[31;1m ***** INSTALLING \e[34;1m Microsoft Visual Studio Code \e[31;1m *****\e[0m"
# Download the Microsoft GPG key, and convert it from OpenPGP ASCII armor format to GnuPG format
curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
# Move the file into your apt trusted keys directory (requires root)
sudo install -o root -g root -m 644 packages.microsoft.gpg /etc/apt/trusted.gpg.d/
# Add the VS Code Repository
sudo sh -c 'echo "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/microsoft.gpg] https://packages.microsoft.com/repos/vscode stable main" > /etc/apt/sources.list.d/vscode.list'
# Update and install Visual Studio Code
sudo apt update && sudo apt install code -y
# Giving the option to install the Keybase package
read -r -p "Do you want to install '64'-Bit or '32'-Bit Keybase? [64/32/Skip] (WARNING: Having this on your computer will make it less 'quiet' on the network!" response
# 64-Bit Keybase
if [[ $response =~ ^([64])+$ ]]
then
echo -e "\e[31;1m ***** INSTALLING \e[34;1m KEYBASE \e[31;1m *****\e[0m"
curl --remote-name https://prerelease.keybase.io/keybase_amd64.deb
sudo apt install ./keybase_amd64.deb
run_keybase
echo ""
# 32-Bit Keybase
elif [[ $response =~ ^([32])+$ ]]
then
echo -e "\e[31;1m ***** INSTALLING \e[34;1m KEYBASE \e[31;1m *****\e[0m"
curl --remote-name https://prerelease.keybase.io/keybase_i386.deb
sudo apt install ./keybase_i386.deb
run_keybase -g # run without GUI; it is not supported on 32-bit Linux
echo ""
else
echo "\e[31;1m Skipping \e[34;1m Keybase \e[31;1m installation...\e[0m"
fi
echo -e "\e[31;1m ***** Converting \e[34;1m Keybase repo \e[31;1m to https. *****\e[0m"
sudo sh -c 'echo "deb https://prerelease.keybase.io/deb stable main" > /etc/apt/sources.list.d/keybase.list'
# Giving the option to install the PIA VPN package
echo -e "\e[31;1m ***** \e[34;1m Private Internet Access VPN is recommended \e[31;1m *****\e[0m"
echo -e "\e[31;1m ***** You can signup at \e[34;1m https://www.privateinternetaccess.com/pages/pia-2yr-deal/arm0red \e[31;1m *****\e[0m"
read -r -p "Do you want to install it now? [y/N] " response
if [[ $response =~ ^([Yy][eE][sS]|[yY])+$ ]]
then
echo -e "\e[31;1m ***** \e[34;1m INSTALLING PRIVATE INTERNET ACCESS \e[31;1m *****\e[0m"
curl --remote-name https://installers.privateinternetaccess.com/download/pia-linux-3.0.1-06696.run
~/Downloads/pia-linux*.run
else
echo -e "\e[1;32mSkipping PIA Installation.\e[0m"
fi
echo -e "\e[31;1m A REBOOT IS REQUIRED. \e[0m"
read -r -p "Do you want to reboot now? [y/N] " response
if [[ $response =~ ^([Yy][eE][sS]|[yY])+$ ]]
then
sudo systemctl reboot
else
echo -e "\e[1;32mSome changes won't take effect until you reboot!\e[0m"
fi