2019-02-08 10:23:43 +01:00
#!/usr/bin/env bash
############################################################
###### #
##### Please AutoGenerated... ##
#### Do NOT was ###
### Manually It ####
## Change this Script... #####
# ######
############################################################
2019-02-08 11:19:27 +01:00
############################################################
#INSTALLATION INSTRUCTIONS #
##########################################################
2019-02-08 10:23:43 +01:00
#------------------------- for Debian Flavored Linux Distributions
#
2019-02-08 11:19:27 +01:00
#-------------------------------------------------------|
# 0/ Quick MISP Instance on Debian Based Linux - Status |
#-------------------------------------------------------|
#
2019-03-02 09:42:28 +01:00
# 20190302: Ubuntu 18.04.2 tested and working. -- sCl
# 20190208: Kali Linux tested and working. -- sCl
#
#
#-------------------------------------------------------------------------------------------------|
# 1/ For other Debian based Linux distributions, download script and run as **unprivileged** user |
#-------------------------------------------------------------------------------------------------|
#
# The following installs only MISP-core:
# $ curl -fsSL https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.debian.sh | bash -s -- -c
#
# This will install MISP Core and misp-modules (recommended)
# $ curl -fsSL https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.debian.sh | bash -s -- -c -M
2019-02-08 10:23:43 +01:00
#
#
2019-02-08 11:19:27 +01:00
#-------------------------------------------------------|
2019-03-02 09:42:28 +01:00
# 2/ For Kali, download and run Installer Script |
2019-02-08 11:19:27 +01:00
#-------------------------------------------------------|
#
2019-02-08 10:23:43 +01:00
# To install MISP on Kali copy paste the following to your r00t shell:
2019-02-08 11:19:27 +01:00
# # wget -O /tmp/misp-kali.sh https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.debian.sh && bash /tmp/misp-kali.sh
2019-02-08 10:23:43 +01:00
# /!\ Please read the installer script before randomly doing the above.
# The script is tested on a plain vanilla Kali Linux Boot CD and installs quite a few dependencies.
#
#
2019-02-08 11:19:27 +01:00
#----------------------------------------------------------|
# 3/ The following script has been partially autogenerated |
#----------------------------------------------------------|
#
2019-02-08 10:23:43 +01:00
# To generate this script yourself, the following steps need to be taken.
# $ git clone https://github.com/SteveClement/xsnippet.git
# Make sure xsnippet resides somewhere in your $PATH - It is a shell script so a simple, copy to somewhere sane is enough.
# $ git clone https://github.com/MISP/MISP.git
# $ cd MISP/INSTALL ; ./INSTALL.debian.tpl.sh
#
2019-02-08 11:19:27 +01:00
##
###
####----------------\
## Developer Note |
####--------------------------------------------------------------------------------------------------|
## In theory the order does not matter as everything is a self-contained function. |
# That said, ideally leave the order as is and do NOT change the lines as they are place-holders. |
# Script files that do NOT have a #_name.sh are scripts that have NO functions. This is by design. |
#-----------------------------------------------------------------------------------------------------|
#
# ToC #
#
#### BEGIN AUTOMATED SECTION ####
2019-02-09 16:23:48 +01:00
#
2019-02-08 10:23:43 +01:00
MISPvars ( ) {
2019-02-13 08:06:01 +01:00
debug " Setting generic ${ LBLUE } MISP ${ NC } variables shared by all flavours "
2019-02-08 10:23:43 +01:00
# Local non-root MISP user
MISP_USER = 'misp'
MISP_PASSWORD = 'Password1234'
2019-02-11 17:04:16 +01:00
# The web server user
WWW_USER = "www-data"
2019-02-08 10:23:43 +01:00
# MISP configuration variables
PATH_TO_MISP = '/var/www/MISP'
2019-02-11 17:04:16 +01:00
if [ -z " $FQDN " ] ; then
FQDN = "misp.local"
fi
if [ -z " $MISP_BASEURL " ] ; then
2019-02-08 10:23:43 +01:00
MISP_BASEURL = '""'
fi
2019-02-11 17:04:16 +01:00
2019-02-08 10:23:43 +01:00
MISP_LIVE = '1'
# Database configuration
DBHOST = 'localhost'
DBNAME = 'misp'
DBUSER_ADMIN = 'root'
DBPASSWORD_ADMIN = " $( openssl rand -hex 32) "
DBUSER_MISP = 'misp'
DBPASSWORD_MISP = " $( openssl rand -hex 32) "
# OpenSSL configuration
OPENSSL_CN = $FQDN
OPENSSL_C = 'LU'
OPENSSL_ST = 'State'
OPENSSL_L = 'Location'
OPENSSL_O = 'Organization'
OPENSSL_OU = 'Organizational Unit'
OPENSSL_EMAILADDRESS = " info@ $FQDN "
# GPG configuration
GPG_REAL_NAME = 'Autogenerated Key'
GPG_COMMENT = 'WARNING: MISP AutoGenerated Key consider this Key VOID!'
GPG_EMAIL_ADDRESS = 'admin@admin.test'
GPG_KEY_LENGTH = '2048'
GPG_PASSPHRASE = 'Password1234'
2019-02-11 17:04:16 +01:00
# debug alias to make sure people are not confused when blindly copy pasting blobs of code
2019-02-13 08:06:01 +01:00
alias debug = "echo -e"
2019-02-11 17:04:16 +01:00
# checkAptLock alias to make sure people are not confused when blindly copy pasting blobs of code
alias checkAptLock = "echo 'Function used in Installer to make sure apt is not locked'"
2019-02-08 10:23:43 +01:00
# php.ini configuration
upload_max_filesize = 50M
post_max_size = 50M
max_execution_time = 300
memory_limit = 512M
2019-02-11 17:04:16 +01:00
CAKE = " $PATH_TO_MISP /app/Console/cake "
2019-02-09 16:23:48 +01:00
2019-02-08 10:23:43 +01:00
# sudo config to run $LUSER commands
2019-02-10 12:29:23 +01:00
SUDO_USER = " sudo -H -u ${ MISP_USER } "
SUDO_WWW = " sudo -H -u ${ WWW_USER } "
2019-02-08 10:23:43 +01:00
2019-02-13 08:06:01 +01:00
echo "The following DB Passwords were generated..."
echo " Admin ( ${ DBUSER_ADMIN } ) DB Password: ${ DBPASSWORD_ADMIN } "
echo " User ( ${ DBUSER_MISP } ) DB Password: ${ DBPASSWORD_MISP } "
2019-02-08 10:23:43 +01:00
}
2019-02-09 16:23:48 +01:00
# Leave empty for NO debug messages, if run with set -x or bash -x it will enable DEBUG by default
2019-02-08 10:23:43 +01:00
DEBUG =
2019-02-11 07:49:30 +01:00
2019-02-09 16:23:48 +01:00
case " $- " in
*x*) NO_PROGRESS = 1; DEBUG = 1 ; ;
*) NO_PROGRESS = 0 ; ;
esac
2019-02-11 07:49:30 +01:00
2019-02-11 17:04:16 +01:00
## Function Section ##
2019-02-08 10:23:43 +01:00
## Usage of this script
usage ( ) {
2019-02-12 13:15:38 +01:00
if [ " $0 " = = "bash" ] ; then
WEB_INSTALL = 1
SCRIPT_NAME = "Web Installer Command"
else
SCRIPT_NAME = $0
fi
2019-02-13 05:48:39 +01:00
exec & > /dev/tty
2019-02-08 10:23:43 +01:00
space
2019-02-11 07:49:30 +01:00
echo -e " Please specify what type of ${ LBLUE } MISP ${ NC } setup you want to install. "
space
2019-02-12 13:15:38 +01:00
echo -e " ${ SCRIPT_NAME } -c | Install ONLY ${ LBLUE } MISP ${ NC } Core " # core
echo -e " -M | ${ LBLUE } MISP ${ NC } modules " # modules
echo -e " -D | ${ LBLUE } MISP ${ NC } dashboard " # dashboard
echo -e " -V | Viper" # viper
echo -e " -m | Mail 2 ${ LBLUE } MISP ${ NC } " # mail2
echo -e " -S | Experimental ssdeep correlations" # ssdeep
2019-02-11 07:49:30 +01:00
echo -e " -A | Install ${ YELLOW } all ${ NC } of the above " # all
2019-02-08 10:23:43 +01:00
space
2019-02-11 07:49:30 +01:00
echo -e " -C | Only do ${ YELLOW } pre-install checks and exit ${ NC } " # pre
2019-02-08 10:23:43 +01:00
space
2019-02-11 17:04:16 +01:00
echo -e " -u | Do an unattanded Install, no questions asked" # UNATTENDED
echo -e " ${ HIDDEN } -U | Attempt and upgrade of selected item ${ NC } " # UPGRADE
2019-02-28 09:06:52 +01:00
echo -e " ${ HIDDEN } -N | Nuke this MISP Instance ${ NC } " # NUKE
2019-02-11 17:04:16 +01:00
echo -e " ${ HIDDEN } -f | Force test install on current Ubuntu LTS schim, add -B for 18.04 -> 18.10, or -BB 18.10 -> 19.10) ${ NC } " # FORCE
2019-02-12 13:15:38 +01:00
echo -e " Options can be combined: ${ SCRIPT_NAME } -c -V -D # Will install Core+Viper+Dashboard "
2019-02-08 10:23:43 +01:00
space
2019-02-11 07:49:30 +01:00
echo -e "Recommended is either a barebone MISP install (ideal for syncing from other instances) or"
2019-02-12 13:15:38 +01:00
echo -e " MISP + modules - ${ SCRIPT_NAME } -c -M "
2019-02-11 07:49:30 +01:00
space
}
# Check if element is contained in array
containsElement ( ) {
local e match = " $1 "
shift
for e; do [ [ " $e " = = " $match " ] ] && return 0; done
return 1
2019-02-08 10:23:43 +01:00
}
checkOpt ( ) {
# checkOpt feature
containsElement $1 " ${ options [@] } "
}
setOpt ( ) {
options = ( )
2019-03-01 05:49:32 +01:00
for o in $@ ; do
2019-02-08 10:23:43 +01:00
case " $o " in
2019-02-10 12:29:23 +01:00
( "-c" ) echo "core" ; CORE = 1 ; ;
( "-V" ) echo "viper" ; VIPER = 1 ; ;
( "-M" ) echo "modules" ; MODULES = 1 ; ;
( "-D" ) echo "dashboard" ; DASHBOARD = 1 ; ;
( "-m" ) echo "mail2" ; MAIL2 = 1 ; ;
2019-02-12 13:15:38 +01:00
( "-S" ) echo "ssdeep" ; SSDEEP = 1 ; ;
2019-02-10 12:29:23 +01:00
( "-A" ) echo "all" ; ALL = 1 ; ;
( "-C" ) echo "pre" ; PRE = 1 ; ;
2019-02-11 17:04:16 +01:00
( "-U" ) echo "upgrade" ; UPGRADE = 1 ; ;
2019-02-28 09:06:52 +01:00
( "-N" ) echo "nuke" ; NUKE = 1 ; ;
2019-02-11 17:04:16 +01:00
( "-u" ) echo "unattended" ; UNATTENDED = 1 ; ;
( "-f" ) echo "force" ; FORCE = 1 ; ;
2019-02-12 13:15:38 +01:00
( *) echo " $o is not a valid argument " ; exit 1 ; ;
2019-02-10 14:01:56 +01:00
esac
2019-02-08 10:23:43 +01:00
done
}
# Extract debian flavour
checkFlavour ( ) {
2019-02-13 14:58:45 +01:00
if [ -z $( which lsb_release) ] ; then
2019-02-10 15:12:40 +01:00
checkAptLock
2019-02-13 14:58:45 +01:00
sudo apt install lsb-release dialog -y
2019-02-08 10:23:43 +01:00
fi
FLAVOUR = $( lsb_release -s -i | tr [ A-Z] [ a-z] )
2019-02-13 14:58:45 +01:00
if [ FLAVOUR = = "ubuntu" ] ; then
RELEASE = $( lsb_release -s -r)
debug " We detected the following Linux flavour: ${ YELLOW } $( tr '[:lower:]' '[:upper:]' <<< ${ FLAVOUR : 0 : 1 } ) ${ FLAVOUR : 1 } ${ RELEASE } ${ NC } "
else
debug " We detected the following Linux flavour: ${ YELLOW } $( tr '[:lower:]' '[:upper:]' <<< ${ FLAVOUR : 0 : 1 } ) ${ FLAVOUR : 1 } ${ NC } "
fi
2019-02-08 10:23:43 +01:00
}
2019-02-11 17:04:16 +01:00
# Extract manufacturer
checkManufacturer ( ) {
2019-02-14 02:53:39 +01:00
if [ -z $( which dmidecode) ] ; then
2019-02-11 17:04:16 +01:00
checkAptLock
2019-02-14 02:53:39 +01:00
sudo apt install dmidecode -qy
2019-02-11 17:04:16 +01:00
fi
MANUFACTURER = $( sudo dmidecode -s system-manufacturer)
echo $MANUFACTURER
}
2019-02-08 10:23:43 +01:00
# Dynamic horizontal spacer
space ( ) {
2019-02-09 16:23:48 +01:00
if [ [ " $NO_PROGRESS " = = "1" ] ] ; then
return
fi
2019-02-08 10:23:43 +01:00
# Check terminal width
num = ` tput cols`
for i in ` seq 1 $num ` ; do
echo -n "-"
done
echo ""
}
2019-02-13 07:00:31 +01:00
# Spinner so the user knows something is happening
spin( )
{
2019-02-13 14:58:45 +01:00
if [ [ " $NO_PROGRESS " = = "1" ] ] ; then
return
fi
2019-02-13 07:00:31 +01:00
spinner = "/|\\-/|\\-"
while :
do
for i in ` seq 0 7`
do
echo -n " ${ spinner : $i : 1 } "
echo -en "\010"
sleep 0.$i
done
done
}
# Progress bar
progress ( ) {
2019-02-13 14:58:45 +01:00
if [ [ " $NO_PROGRESS " = = "1" ] ] ; then
return
fi
2019-02-13 07:00:31 +01:00
bar = "#"
if [ [ $progress -ge 100 ] ] ; then
echo -ne "##################################################################################################### (100%)\r"
return
fi
progress = $[ $progress +$1 ]
for p in $( seq 1 $progress ) ; do
bar += "#"
echo -ne " $bar ( $p %)\r "
done
echo -ne '\n'
}
2019-02-08 10:23:43 +01:00
# Check locale
checkLocale ( ) {
2019-02-13 15:46:17 +01:00
debug "Checking Locale"
2019-02-09 16:23:48 +01:00
# If locale is missing, generate and install a common UTF-8
2019-02-28 02:12:17 +01:00
if [ [ ! -f /etc/default/locale || $( wc -l /etc/default/locale| cut -f 1 -d\ ) = = "1" ] ] ; then
2019-02-10 15:12:40 +01:00
checkAptLock
2019-02-28 02:12:17 +01:00
sudo DEBIAN_FRONTEND = noninteractive apt install locales -qy
sudo sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g' /etc/locale.gen
2019-02-08 10:23:43 +01:00
sudo locale-gen en_US.UTF-8
sudo update-locale LC_ALL = en_US.UTF-8 LANG = en_US.UTF-8
fi
}
# Simple function to check command exit code
checkFail ( ) {
if [ [ $2 -ne 0 ] ] ; then
echo " iAmError: $1 "
echo " The last command exited with error code: $2 "
exit $2
fi
}
# Check if misp user is present and if run as root
checkID ( ) {
2019-02-13 08:06:01 +01:00
debug " Checking if run as root and $MISP_USER is present "
2019-02-08 10:23:43 +01:00
if [ [ $EUID = = 0 ] ] ; then
2019-02-12 15:04:21 +01:00
echo "This script cannot be run as a root"
exit 1
elif [ [ $( id $MISP_USER >/dev/null; echo $? ) -ne 0 ] ] ; then
if [ [ " $UNATTENDED " != "1" ] ] ; then
2019-02-28 02:12:17 +01:00
echo " There is NO user called ' $MISP_USER ' create a user ' $MISP_USER ' (y) or continue as $USER (n)? (y/n) "
2019-02-12 15:04:21 +01:00
read ANSWER
ANSWER = $( echo $ANSWER | tr [ A-Z] [ a-z] )
else
ANSWER = "y"
fi
if [ [ $ANSWER = = "y" ] ] ; then
sudo useradd -s /bin/bash -m -G adm,cdrom,sudo,dip,plugdev,www-data,staff $MISP_USER
echo $MISP_USER :$MISP_PASSWORD | sudo chpasswd
echo " User $MISP_USER added, password is: $MISP_PASSWORD "
elif [ [ $ANSWER = = "n" ] ] ; then
echo " Using $USER as install user, hope that is what you want. "
2019-02-13 08:06:01 +01:00
echo -e " ${ RED } Adding $USER to groups www-data and staff ${ NC } "
2019-02-12 15:04:21 +01:00
MISP_USER = $USER
sudo adduser $MISP_USER staff
sudo adduser $MISP_USER www-data
else
echo "yes or no was asked, try again."
sudo adduser $MISP_USER staff
2019-02-09 16:23:48 +01:00
sudo adduser $MISP_USER www-data
2019-02-08 10:23:43 +01:00
exit 1
fi
else
echo " User ${ MISP_USER } exists, skipping creation "
2019-02-13 08:06:01 +01:00
echo -e " ${ RED } Adding $MISP_USER to groups www-data and staff ${ NC } "
2019-02-09 16:23:48 +01:00
sudo adduser $MISP_USER staff
sudo adduser $MISP_USER www-data
2019-02-08 10:23:43 +01:00
fi
}
2019-02-11 07:49:30 +01:00
# pre-install check to make sure what we will be installing on, is ready and not a half installed system
preInstall ( ) {
2019-02-21 08:02:05 +01:00
# preInstall needs to be able to be called before ANY action. Install/Upgrade/AddTool
# Pre install wants to be the place too where the following is checked and set via ENV_VAR:
# Check if composer is installed and functioning
# Check if misp db is installed (API call would confirm that the DB indeed works)
# Check apache config (Maybe try to talk to the server via api, this would confirm quite a lot)
# Check if workers are running/installed, maybe kick them if they are not
# /var/www/MISP/app/Config/[bootstrap,databases,core,config].php exists
# /var/www/MISP perms are correct (for $SUDO_WWW useage)
#
# Check if $PATH_TO_MISP exists and is writable by $WWW_USER
[ [ -d " $PATH_TO_MISP " ] ] && PATH_TO_MISP_EXISTS = 1 && echo " $PATH_TO_MISP exists "
# .git exists and git is working for $WWW_USER
[ [ -d " $PATH_TO_MISP /.git " ] ] && PATH_TO_GIT_EXISTS = 1 && echo " $PATH_TO_MISP /.git exists " && cd $PATH_TO_MISP && $SUDO_WWW git status
# .gnupg exists and working correctly
[ [ -d " $PATH_TO_MISP /.gnupg " ] ] && PATH_TO_GNUPG_EXISTS = 1 && echo " $PATH_TO_MISP /.gnupg exists "
# Extract username, password and dbname
##cat database.php |grep -v // |grep -e database -e login -e password |tr -d \' |tr -d \ |tr -d , |tr -d \>
DBPASSWORD_MISP = $( cat database.php | grep -v // | grep -e password | tr -d \' | tr -d \ | tr -d , | tr -d \> | cut -f 2 -d= )
DBUSER_MISP = $( cat database.php | grep -v // | grep -e login | tr -d \' | tr -d \ | tr -d , | tr -d \> | cut -f 2 -d= )
DBNAME = $( cat database.php | grep -v // | grep -e database | tr -d \' | tr -d \ | tr -d , | tr -d \> | cut -f 2 -d= )
AUTH_KEY = $( mysql --disable-column-names -B -u $DBUSER_MISP -p" $DBPASSWORD_MISP " $DBNAME -e 'SELECT authkey FROM users WHERE role_id=1 LIMIT 1' )
# Check if db exists
[ [ -d " /var/lib/mysql/ $DBNAME " ] ] && MISP_DB_DIR_EXISTS = 1 && echo " /var/lib/mysql/ $DBNAME exists "
2019-02-11 17:04:16 +01:00
echo -e " ${ RED } Place-holder, not implemented yet. ${ NC } "
exit
}
# Upgrade function
upgrade ( ) {
2019-02-21 08:02:05 +01:00
headerJSON = "application/json"
Acc = "Accept:"
Autho = "Authorization:"
CT = "Content-Type:"
MISP_BASEURL = "https://127.0.0.1"
cd $PATH_TO_MISP /app ; $SUDO_WWW php composer.phar update $SUDO_WWW php composer.phar self-update
for URN in $( echo "galaxies warninglists noticelists objectTemplates taxonomies" ) ; do
curl --header " $Autho $AUTH_KEY " --header " $Acc $headerJSON " --header " $CT $headerJSON " -k -X POST $MISP_BASEURL /$URN /update
done
2019-02-11 17:04:16 +01:00
echo -e " ${ RED } Place-holder, not implemented yet. ${ NC } "
2019-02-11 07:49:30 +01:00
exit
}
2019-02-08 10:23:43 +01:00
# check is /usr/local/src is RW by misp user
checkUsrLocalSrc ( ) {
2019-02-10 15:12:40 +01:00
echo ""
if [ [ -e /usr/local/src ] ] ; then
2019-02-11 06:35:11 +01:00
WRITEABLE = $( sudo -H -u $MISP_USER touch /usr/local/src 2> /dev/null ; echo $? )
if [ [ " $WRITEABLE " = = "0" ] ] ; then
2019-02-10 15:12:40 +01:00
echo " Good, /usr/local/src exists and is writeable as $MISP_USER "
2019-02-10 12:29:23 +01:00
else
2019-02-10 15:12:40 +01:00
# TODO: The below might be shorter, more elegant and more modern
2019-03-01 05:49:32 +01:00
#[[ -n $KALI ]] || [[ -n $UNATTENDED ]] && echo "Just do it"
2019-03-02 09:42:28 +01:00
sudo chmod 2775 /usr/local/src
sudo chown root:staff /usr/local/src
2019-02-08 10:23:43 +01:00
fi
2019-02-10 15:12:40 +01:00
else
echo "/usr/local/src does not exist, creating."
2019-03-02 09:42:28 +01:00
mkdir -p /usr/local/src
2019-02-10 15:12:40 +01:00
sudo chmod 2775 /usr/local/src
2019-03-02 09:42:28 +01:00
# FIXME: This might fail on distros with no staff user
2019-02-10 15:12:40 +01:00
sudo chown root:staff /usr/local/src
2019-02-08 10:23:43 +01:00
fi
}
2019-02-11 17:04:16 +01:00
kaliSpaceSaver ( ) {
# Future function in case Kali overlay on LiveCD is full
echo " ${ RED } Not implement ${ NC } "
}
2019-02-08 10:23:43 +01:00
# Because Kali is l33t we make sure we run as root
kaliOnRootR0ckz ( ) {
if [ [ $EUID -ne 0 ] ] ; then
echo "This script must be run as root"
exit 1
elif [ [ $( id $MISP_USER >/dev/null; echo $? ) -ne 0 ] ] ; then
2019-02-09 16:23:48 +01:00
useradd -s /bin/bash -m -G adm,cdrom,sudo,dip,plugdev,www-data,staff $MISP_USER
2019-02-08 10:23:43 +01:00
echo $MISP_USER :$MISP_PASSWORD | chpasswd
else
# TODO: Make sure we consider this further down the road
echo " User ${ MISP_USER } exists, skipping creation "
fi
}
2019-02-11 17:04:16 +01:00
setBaseURL ( ) {
2019-02-13 08:06:01 +01:00
debug "Setting Base URL"
2019-02-28 09:06:52 +01:00
CONN = $( ip -br -o -4 a | grep UP | head -1 | tr -d "UP" )
IFACE = ` echo $CONN | awk { 'print $1' } `
IP = ` echo $CONN | awk { 'print $2' } | cut -f1 -d/`
2019-02-11 17:04:16 +01:00
if [ [ $( checkManufacturer) != "innotek GmbH" ] ] ; then
debug "We guess that this is a physical machine and cannot possibly guess what the MISP_BASEURL might be."
2019-03-01 05:49:32 +01:00
if [ [ " $UNATTENDED " != "1" ] ] ; then
2019-02-13 13:01:04 +01:00
echo "You can now enter your own MISP_BASEURL, if you wish to NOT do that, the MISP_BASEURL will be empty, which will work, but ideally you configure it afterwards."
2019-02-11 17:04:16 +01:00
echo "Do you want to change it now? (y/n) "
read ANSWER
ANSWER = $( echo $ANSWER | tr [ A-Z] [ a-z] )
2019-02-28 09:06:52 +01:00
if [ [ " $ANSWER " = = "y" ] ] ; then
if [ [ ! -z $IP ] ] ; then
echo " It seems you have an interface called $IFACE UP with the following IP: $IP - FYI "
echo " Thus your Base URL could be: https:// $IP "
fi
2019-02-11 17:04:16 +01:00
echo "Please enter the Base URL, e.g: 'https://example.org'"
2019-02-28 09:06:52 +01:00
echo ""
2019-02-11 17:04:16 +01:00
echo -n "Enter Base URL: "
read MISP_BASEURL
else
MISP_BASEURL = '""'
fi
else
MISP_BASEURL = "https://misp.local"
# Webserver configuration
FQDN = 'misp.local'
fi
2019-02-12 15:04:21 +01:00
elif [ [ $KALI = = "1" ] ] ; then
MISP_BASEURL = "https://misp.local"
# Webserver configuration
FQDN = 'misp.local'
2019-02-11 17:04:16 +01:00
else
2019-02-12 15:04:21 +01:00
MISP_BASEURL = 'https://localhost:8443'
2019-02-11 17:04:16 +01:00
# Webserver configuration
FQDN = 'localhost.localdomain'
fi
}
2019-02-08 10:23:43 +01:00
# Test and install software RNG
installRNG ( ) {
2019-02-13 08:06:01 +01:00
sudo modprobe tpm-rng 2> /dev/null
2019-03-01 05:49:32 +01:00
if [ " $? " -eq "0" ] ; then
2019-02-13 08:06:01 +01:00
echo tpm-rng | sudo tee -a /etc/modules
2019-02-08 10:23:43 +01:00
fi
2019-02-10 15:12:40 +01:00
checkAptLock
2019-02-13 08:06:01 +01:00
sudo apt install -qy rng-tools # This might fail on TPM grounds, enable the security chip in your BIOS
sudo service rng-tools start
2019-02-08 10:23:43 +01:00
2019-03-01 05:49:32 +01:00
if [ " $? " -eq "1" ] ; then
2019-02-13 08:06:01 +01:00
sudo apt purge -qy rng-tools
sudo apt install -qy haveged
sudo /etc/init.d/haveged start
2019-02-08 10:23:43 +01:00
fi
}
2019-02-09 16:23:48 +01:00
# Kali upgrade
kaliUpgrade ( ) {
2019-02-13 14:58:45 +01:00
debug "Running various Kali upgrade tasks"
2019-02-09 16:23:48 +01:00
sudo apt update
2019-02-10 15:12:40 +01:00
checkAptLock
sudo DEBIAN_FRONTEND = noninteractive apt install --only-upgrade bash libc6 -y
2019-02-11 17:04:16 +01:00
sudo DEBIAN_FRONTEND = noninteractive apt autoremove -y
2019-02-09 16:23:48 +01:00
}
# Disables sleep
disableSleep ( ) {
2019-02-13 08:06:01 +01:00
debug "Disabling sleep etc if run from a Laptop as the install might take some time…" > /dev/tty
2019-02-09 16:23:48 +01:00
gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-timeout 0 2> /dev/null
gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-timeout 0 2> /dev/null
2019-02-13 05:48:39 +01:00
gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-type nothing 2> /dev/null
gsettings set org.gnome.desktop.screensaver lock-enabled false 2> /dev/null
gsettings set org.gnome.desktop.screensaver idle-activation-enabled false 2> /dev/null
2019-02-11 17:04:16 +01:00
setterm -blank 0 -powersave off -powerdown 0
2019-02-09 16:23:48 +01:00
xset s 0 0 2> /dev/null
xset dpms 0 0 2> /dev/null
2019-02-11 17:04:16 +01:00
xset dpms force off
2019-02-09 16:23:48 +01:00
xset s off 2> /dev/null
2019-02-11 17:04:16 +01:00
service sleepd stop
kill $( lsof | grep 'sleepd' | awk '{print $2}' )
checkAptLock
2019-02-09 16:23:48 +01:00
}
2019-02-11 17:04:16 +01:00
# Remove alias if present
2019-02-10 15:12:40 +01:00
if [ [ $( type -t checkAptLock) = = "alias" ] ] ; then unalias checkAptLock; fi
2019-02-11 17:04:16 +01:00
# Simple function to make sure APT is not locked
2019-02-10 15:12:40 +01:00
checkAptLock ( ) {
2019-02-08 13:18:12 +01:00
SLEEP = 3
2019-02-08 12:41:35 +01:00
while [ " $DONE " != "0" ] ; do
2019-02-10 15:12:40 +01:00
sudo apt-get check 2> /dev/null > /dev/null && DONE = 0
2019-02-13 08:06:01 +01:00
echo -e " ${ LBLUE } apt ${ NC } is maybe ${ RED } locked ${ NC } , waiting ${ RED } $SLEEP ${ NC } seconds. " > /dev/tty
2019-02-08 13:18:12 +01:00
sleep $SLEEP
SLEEP = $[ $SLEEP +3]
2019-02-08 12:41:35 +01:00
done
unset DONE
2019-02-08 10:23:43 +01:00
}
2019-02-28 04:03:52 +01:00
# Install Php 7.0 dependencies
installDepsPhp70 ( ) {
debug "Installing PHP 7.0 dependencies"
PHP_ETC_BASE = /etc/php/7.0
PHP_INI = ${ PHP_ETC_BASE } /apache2/php.ini
sudo apt update
sudo apt install -qy \
libapache2-mod-php \
php php-cli \
php-dev \
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
php-pear \
php-redis php-gnupg
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do
sudo sed -i " s/^\( $key \).*/\1 = $( eval echo \$ { $key } ) / " $PHP_INI
done
}
2019-02-10 15:12:40 +01:00
# Install Php 7.3 deps
installDepsPhp73 ( ) {
2019-02-13 08:06:01 +01:00
debug "Installing PHP 7.3 dependencies"
2019-02-10 15:12:40 +01:00
PHP_ETC_BASE = /etc/php/7.3
PHP_INI = ${ PHP_ETC_BASE } /apache2/php.ini
sudo apt update
checkAptLock
sudo apt install -qy \
libapache2-mod-php7.3 \
php7.3 php7.3-cli \
php7.3-dev \
php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php7.3-mbstring \
php-pear \
php-redis php-gnupg
}
2019-02-08 10:23:43 +01:00
# Installing core dependencies
installDeps ( ) {
2019-02-13 14:58:45 +01:00
debug "Installing core dependencies"
2019-02-10 15:12:40 +01:00
checkAptLock
2019-02-09 16:23:48 +01:00
sudo apt update
sudo apt install -qy etckeeper
2019-02-08 10:23:43 +01:00
# Skip dist-upgrade for now, pulls in 500+ updated packages
#sudo apt -y dist-upgrade
gitMail = $( git config --global --get user.email ; echo $? )
2019-03-01 05:49:32 +01:00
if [ " $? " -eq "1" ] ; then
2019-02-08 10:23:43 +01:00
git config --global user.email "root@kali.lan"
fi
gitUser = $( git config --global --get user.name ; echo $? )
2019-03-01 05:49:32 +01:00
if [ " $? " -eq "1" ] ; then
2019-02-08 10:23:43 +01:00
git config --global user.name "Root User"
fi
2019-02-10 12:29:23 +01:00
[ [ -n $KALI ] ] || [ [ -n $UNATTENDED ] ] && sudo DEBIAN_FRONTEND = noninteractive apt install -qy postfix || sudo apt install -qy postfix
2019-02-08 10:23:43 +01:00
2019-02-09 16:23:48 +01:00
sudo apt install -qy \
2019-02-28 02:12:17 +01:00
curl gcc git gnupg-agent make openssl redis-server neovim unzip zip libyara-dev python3-yara python3-redis python3-zmq sqlite3 \
2019-02-08 10:23:43 +01:00
mariadb-client \
mariadb-server \
apache2 apache2-doc apache2-utils \
python3-dev python3-pip libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor \
libxml2-dev libxslt1-dev zlib1g-dev python3-setuptools expect
installRNG
}
# On Kali, the redis start-up script is broken. This tries to fix it.
fixRedis ( ) {
# As of 20190124 redis-server init.d scripts are broken and need to be replaced
2019-02-09 16:23:48 +01:00
sudo mv /etc/init.d/redis-server /etc/init.d/redis-server_` date +%Y%m%d`
2019-02-08 10:23:43 +01:00
echo ' #! /bin/sh
### BEGIN INIT INFO
# Provides: redis-server
# Required-Start: $syslog
# Required-Stop: $syslog
# Should-Start: $local_fs
# Should-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: redis-server - Persistent key-value db
# Description: redis-server - Persistent key-value db
### END INIT INFO
PATH = /usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON = /usr/bin/redis-server
DAEMON_ARGS = /etc/redis/redis.conf
NAME = redis-server
DESC = redis-server
PIDFILE = /var/run/redis.pid
test -x $DAEMON || exit 0
test -x $DAEMONBOOTSTRAP || exit 0
set -e
case " $1 " in
start)
echo -n " Starting $DESC : "
touch $PIDFILE
chown redis:redis $PIDFILE
if start-stop-daemon --start --quiet --umask 007 --pidfile $PIDFILE --chuid redis:redis --exec $DAEMON -- $DAEMON_ARGS
then
echo " $NAME . "
else
echo "failed"
fi
; ;
stop)
echo -n " Stopping $DESC : "
if start-stop-daemon --stop --retry 10 --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON
then
echo " $NAME . "
else
echo "failed"
fi
rm -f $PIDFILE
; ;
restart| force-reload)
${ 0 } stop
${ 0 } start
; ;
*)
echo " Usage: /etc/init.d/ $NAME {start|stop|restart|force-reload} " >& 2
exit 1
; ;
esac
2019-02-09 16:23:48 +01:00
exit 0' | sudo tee /etc/init.d/redis-server
sudo chmod 755 /etc/init.d/redis-server
sudo /etc/init.d/redis-server start
2019-02-08 10:23:43 +01:00
}
# generate MISP apache conf
genApacheConf ( ) {
echo " <VirtualHost _default_:80>
ServerAdmin admin@localhost.lu
ServerName misp.local
Redirect permanent / https://misp.local
LogLevel warn
ErrorLog /var/log/apache2/misp.local_error.log
CustomLog /var/log/apache2/misp.local_access.log combined
ServerSignature Off
</VirtualHost>
<VirtualHost _default_:443>
ServerAdmin admin@localhost.lu
ServerName misp.local
DocumentRoot $PATH_TO_MISP /app/webroot
<Directory $PATH_TO_MISP /app/webroot>
Options -Indexes
AllowOverride all
Require all granted
Order allow,deny
allow from all
</Directory>
SSLEngine On
SSLCertificateFile /etc/ssl/private/misp.local.crt
SSLCertificateKeyFile /etc/ssl/private/misp.local.key
# SSLCertificateChainFile /etc/ssl/private/misp-chain.crt
LogLevel warn
ErrorLog /var/log/apache2/misp.local_error.log
CustomLog /var/log/apache2/misp.local_access.log combined
ServerSignature Off
Header set X-Content-Type-Options nosniff
Header set X-Frame-Options DENY
</VirtualHost>" | tee /etc/apache2/sites-available/misp-ssl.conf
}
# Add git pull update mechanism to rc.local - TODO: Make this better
gitPullAllRCLOCAL ( ) {
sed -i -e '$i \git_dirs="/usr/local/src/misp-modules/ /var/www/misp-dashboard /usr/local/src/faup /usr/local/src/mail_to_misp /usr/local/src/misp-modules /usr/local/src/viper /var/www/misp-dashboard"\n' /etc/rc.local
sed -i -e '$i \for d in $git_dirs; do\n' /etc/rc.local
sed -i -e '$i \ echo "Updating ${d}"\n' /etc/rc.local
sed -i -e '$i \ cd $d && sudo git pull &\n' /etc/rc.local
sed -i -e '$i \done\n' /etc/rc.local
}
2019-02-28 02:12:17 +01:00
# Composer on php 7.0 does not need any special treatment the provided phar works well
alias composer70 = 'composer72'
2019-02-08 10:23:43 +01:00
# Composer on php 7.2 does not need any special treatment the provided phar works well
composer72 ( ) {
cd $PATH_TO_MISP /app
mkdir /var/www/.composer ; chown www-data:www-data /var/www/.composer
$SUDO_WWW php composer.phar require kamisama/cake-resque:4.1.2
$SUDO_WWW php composer.phar config vendor-dir Vendor
$SUDO_WWW php composer.phar install
}
# Composer on php 7.3 needs a recent version of composer.phar
composer73 ( ) {
cd $PATH_TO_MISP /app
mkdir /var/www/.composer ; chown www-data:www-data /var/www/.composer
# Update composer.phar
# If hash changes, check here: https://getcomposer.org/download/ and replace with the correct one
# Current Sum for: v1.8.3
SHA384_SUM = '48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5'
sudo -H -u www-data php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
sudo -H -u www-data php -r " if (hash_file('SHA384', 'composer-setup.php') === ' $SHA384_SUM ') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); exit(137); } echo PHP_EOL; "
checkFail "composer.phar checksum failed, please investigate manually. " $?
sudo -H -u www-data php composer-setup.php
sudo -H -u www-data php -r "unlink('composer-setup.php');"
$SUDO_WWW php composer.phar require kamisama/cake-resque:4.1.2
$SUDO_WWW php composer.phar config vendor-dir Vendor
$SUDO_WWW php composer.phar install
}
# Enable various core services
enableServices ( ) {
update-rc.d mysql enable
update-rc.d apache2 enable
update-rc.d redis-server enable
}
# Generate rc.local
genRCLOCAL ( ) {
if [ ! -e /etc/rc.local ] ; then
echo '#!/bin/sh -e' | tee -a /etc/rc.local
echo 'exit 0' | tee -a /etc/rc.local
chmod u+x /etc/rc.local
fi
sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
}
2019-03-01 05:50:25 +01:00
# Run PyMISP tests
runTests ( ) {
2019-03-01 07:01:04 +01:00
sudo sed -i -E " s~url\ =\ (.*)~url\ =\ ' ${ MISP_BASEURL } '~g " $PATH_TO_MISP /PyMISP/tests/testlive_comprehensive.py
2019-03-01 05:50:25 +01:00
sudo sed -i -E " s/key\ =\ (.*)/key\ =\ ' ${ AUTH_KEY } '/g " $PATH_TO_MISP /PyMISP/tests/testlive_comprehensive.py
sudo chown -R $WWW_USER :$WWW_USER $PATH_TO_MISP /PyMISP/
sudo -H -u $WWW_USER sh -c " cd $PATH_TO_MISP /PyMISP && git submodule foreach git pull origin master "
sudo -H -u $WWW_USER ${ PATH_TO_MISP } /venv/bin/pip install -e $PATH_TO_MISP /PyMISP/.[ fileobjects,neo,openioc,virustotal,pdfexport]
sudo -H -u $WWW_USER git clone https://github.com/viper-framework/viper-test-files.git $PATH_TO_MISP /PyMISP/tests/viper-test-files
sudo -H -u $WWW_USER sh -c " cd $PATH_TO_MISP /PyMISP && ${ PATH_TO_MISP } /venv/bin/python tests/testlive_comprehensive.py "
}
2019-02-28 09:06:52 +01:00
# Nuke the install, meaning remove all MISP data but no packages, this makes testing the installer faster
nuke ( ) {
echo -e " ${ RED } YOU ARE ABOUT TO DELETE ALL MISP DATA! Sleeping 10, 9, 8... ${ NC } "
sleep 10
sudo rm -rvf /usr/local/src/{ misp-modules,viper,mail_to_misp,LIEF,faup}
sudo rm -rvf /var/www/MISP
sudo mysqladmin drop misp
sudo mysql -e "DROP USER misp@localhost"
}
2019-02-08 10:23:43 +01:00
# Final function to let the user know what happened
theEnd ( ) {
space
2019-03-01 04:57:04 +01:00
echo " Admin (root) DB Password: $DBPASSWORD_ADMIN " | $SUDO_USER tee /home/${ MISP_USER } /mysql.txt
echo " User (misp) DB Password: $DBPASSWORD_MISP " | $SUDO_USER tee -a /home/${ MISP_USER } /mysql.txt
echo " Authkey: $AUTH_KEY " | $SUDO_USER tee -a /home/${ MISP_USER } /MISP-authkey.txt
2019-02-08 10:23:43 +01:00
clear
space
2019-02-13 13:01:04 +01:00
echo -e " ${ LBLUE } MISP ${ NC } Installed, access here: ${ MISP_BASEURL } "
2019-02-11 17:26:04 +01:00
echo
2019-02-08 10:23:43 +01:00
echo "User: admin@admin.test"
echo "Password: admin"
space
2019-02-13 15:46:17 +01:00
[ [ -n $KALI ] ] || [ [ -n $DASHBOARD ] ] || [ [ -n $ALL ] ] && echo -e " ${ LBLUE } MISP ${ NC } Dashboard, access here: ${ MISP_BASEURL } :8001 "
[ [ -n $KALI ] ] || [ [ -n $DASHBOARD ] ] || [ [ -n $ALL ] ] && space
[ [ -n $KALI ] ] || [ [ -n $VIPER ] ] || [ [ -n $ALL ] ] && echo -e " viper-web installed, access here: ${ MISP_BASEURL } :8888 "
[ [ -n $KALI ] ] || [ [ -n $VIPER ] ] || [ [ -n $ALL ] ] && echo -e " viper-cli configured with your ${ LBLUE } MISP ${ NC } ${ RED } Site Admin Auth Key ${ NC } "
[ [ -n $KALI ] ] || [ [ -n $VIPER ] ] || [ [ -n $ALL ] ] && echo
[ [ -n $KALI ] ] || [ [ -n $VIPER ] ] || [ [ -n $ALL ] ] && echo "User: admin"
[ [ -n $KALI ] ] || [ [ -n $VIPER ] ] || [ [ -n $ALL ] ] && echo "Password: Password1234"
[ [ -n $KALI ] ] || [ [ -n $VIPER ] ] || [ [ -n $ALL ] ] && space
2019-02-11 17:26:04 +01:00
echo -e " The following files were created and need either ${ RED } protection or removal ${ NC } ( ${ YELLOW } shred ${ NC } on the CLI) "
2019-02-08 10:23:43 +01:00
echo " /home/ ${ MISP_USER } /mysql.txt "
2019-02-11 17:26:04 +01:00
echo -e " ${ RED } Contents: ${ NC } "
2019-02-08 10:23:43 +01:00
cat /home/${ MISP_USER } /mysql.txt
2019-02-11 17:26:04 +01:00
echo " /home/ ${ MISP_USER } /MISP-authkey.txt "
echo -e " ${ RED } Contents: ${ NC } "
2019-02-08 10:23:43 +01:00
cat /home/${ MISP_USER } /MISP-authkey.txt
space
2019-02-11 17:26:04 +01:00
echo -e " The ${ RED } LOCAL ${ NC } system credentials: "
2019-02-08 10:23:43 +01:00
echo " User: ${ MISP_USER } "
2019-02-11 17:26:04 +01:00
echo " Password: ${ MISP_PASSWORD } # Or the password you used of your custom user "
2019-02-08 10:23:43 +01:00
space
echo "To enable outgoing mails via postfix set a permissive SMTP server for the domains you want to contact:"
2019-02-11 17:26:04 +01:00
echo
2019-02-08 10:23:43 +01:00
echo "sudo postconf -e 'relayhost = example.com'"
echo "sudo postfix reload"
space
2019-02-11 17:26:04 +01:00
echo -e " Enjoy using ${ LBLUE } MISP ${ NC } . For any issues see here: https://github.com/MISP/MISP/issues "
2019-02-13 13:01:04 +01:00
space
2019-02-21 08:02:05 +01:00
if [ [ " $UNATTENDED " = = "1" ] ] ; then
2019-02-13 13:01:04 +01:00
echo -e " ${ RED } Unattended install! ${ NC } "
echo -e "This means we guessed the Base URL, it might be wrong, please double check."
space
fi
2019-02-11 11:50:50 +01:00
if [ [ " $USER " != " $MISP_USER " ] ] ; then
sudo su - ${ MISP_USER }
fi
2019-02-08 10:23:43 +01:00
}
2019-02-11 17:04:16 +01:00
## End Function Section Nothing allowed in .md after this line ##
2019-02-08 10:23:43 +01:00
2019-02-09 16:23:48 +01:00
aptUpgrade ( ) {
2019-02-13 08:06:01 +01:00
debug "Upgrading system"
2019-02-10 15:12:40 +01:00
checkAptLock
2019-02-09 16:23:48 +01:00
sudo apt-get update
2019-02-14 02:43:31 +01:00
sudo apt-get upgrade -qy
2019-02-09 16:23:48 +01:00
}
2019-02-08 10:23:43 +01:00
# check if sudo is installed
checkSudoKeeper ( ) {
2019-02-13 08:06:01 +01:00
echo "Checking for sudo and installing etckeeper"
2019-02-09 16:23:48 +01:00
if [ [ ! -f $( which sudo) ] ] ; then
2019-02-21 08:02:05 +01:00
echo "Please enter your root password below to install etckeeper"
2019-02-09 16:23:48 +01:00
su -c "apt install etckeeper -y"
2019-02-21 08:02:05 +01:00
echo "Please enter your root password below to install sudo"
2019-02-09 16:23:48 +01:00
su -c "apt install sudo -y"
2019-02-21 08:02:05 +01:00
echo " Please enter your root password below to add $MISP_USER to sudo group "
su -c " adduser $MISP_USER sudo "
echo " We added $MISP_USER to group sudo and now we need to log out and in again. "
exit
2019-02-08 10:23:43 +01:00
else
sudo apt install etckeeper -y
fi
}
2019-02-13 13:01:04 +01:00
installCoreDeps ( ) {
2019-02-13 08:06:01 +01:00
debug "Installing core dependencies"
2019-02-09 16:23:48 +01:00
# Install the dependencies: (some might already be installed)
2019-02-28 02:12:17 +01:00
sudo apt-get install curl gcc git gpg-agent make python python3 openssl redis-server sudo vim zip unzip virtualenv libfuzzy-dev sqlite3 -qy
2019-02-09 16:23:48 +01:00
# Install MariaDB (a MySQL fork/alternative)
2019-02-14 02:43:31 +01:00
sudo apt-get install mariadb-client mariadb-server -qy
2019-02-09 16:23:48 +01:00
# Install Apache2
2019-02-14 02:43:31 +01:00
sudo apt-get install apache2 apache2-doc apache2-utils -qy
2019-02-09 16:23:48 +01:00
# install Mitre's STIX and its dependencies by running the following commands:
2019-02-14 02:43:31 +01:00
sudo apt-get install python3-dev python3-pip libxml2-dev libxslt1-dev zlib1g-dev python-setuptools -qy
2019-02-09 16:23:48 +01:00
2019-02-14 02:43:31 +01:00
sudo apt-get install python3-pip -qy
sudo apt install expect -qy
2019-02-09 16:23:48 +01:00
}
# Install Php 7.3 deps
installDepsPhp73 ( ) {
2019-02-13 08:06:01 +01:00
debug "Installing PHP 7.3 dependencies"
2019-02-09 16:23:48 +01:00
PHP_ETC_BASE = /etc/php/7.3
PHP_INI = ${ PHP_ETC_BASE } /apache2/php.ini
sudo apt update
2019-02-10 15:12:40 +01:00
checkAptLock
sudo apt install -qy \
libapache2-mod-php7.3 \
php7.3 php7.3-cli \
php7.3-dev \
php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php7.3-mbstring \
php-pear \
php-redis php-gnupg
2019-02-09 16:23:48 +01:00
}
# Install Php 7.2 dependencies
installDepsPhp72 ( ) {
2019-02-13 08:06:01 +01:00
debug "Installing PHP 7.2 dependencies"
2019-02-09 16:23:48 +01:00
PHP_ETC_BASE = /etc/php/7.2
PHP_INI = ${ PHP_ETC_BASE } /apache2/php.ini
sudo apt update
sudo apt install -qy \
libapache2-mod-php \
php php-cli \
php-dev \
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
2019-02-28 02:12:17 +01:00
php-pear \
2019-02-09 16:23:48 +01:00
php-redis php-gnupg
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do
sudo sed -i " s/^\( $key \).*/\1 = $( eval echo \$ { $key } ) / " $PHP_INI
done
}
2019-02-28 04:03:52 +01:00
# Install Php 7.0 dependencies
installDepsPhp70 ( ) {
debug "Installing PHP 7.0 dependencies"
PHP_ETC_BASE = /etc/php/7.0
PHP_INI = ${ PHP_ETC_BASE } /apache2/php.ini
sudo apt update
sudo apt install -qy \
libapache2-mod-php \
php php-cli \
php-dev \
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
php-pear \
php-redis php-gnupg
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do
sudo sed -i " s/^\( $key \).*/\1 = $( eval echo \$ { $key } ) / " $PHP_INI
done
}
2019-02-09 16:23:48 +01:00
prepareDB ( ) {
2019-02-28 09:06:52 +01:00
if [ [ ! -e /var/lib/mysql/misp/users.ibd ] ] ; then
debug "Setting up database"
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
pw = $MISP_PASSWORD
expect -f - <<-EOF
set timeout 10
spawn sudo -k mysql_secure_installation
expect "*?assword*"
send -- " $pw \r "
expect "Enter current password for root (enter for none):"
send -- "\r"
expect "Set root password?"
send -- "y\r"
expect "New password:"
send -- " ${ DBPASSWORD_ADMIN } \r "
expect "Re-enter new password:"
send -- " ${ DBPASSWORD_ADMIN } \r "
expect "Remove anonymous users?"
send -- "y\r"
expect "Disallow root login remotely?"
send -- "y\r"
expect "Remove test database and access to it?"
send -- "y\r"
expect "Reload privilege tables now?"
send -- "y\r"
expect eof
2019-02-09 16:23:48 +01:00
EOF
2019-02-28 09:06:52 +01:00
sudo apt-get purge -y expect ; sudo apt autoremove -qy
fi
2019-02-09 16:23:48 +01:00
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e " create database $DBNAME ; "
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e " grant usage on *.* to $DBNAME @localhost identified by ' $DBPASSWORD_MISP '; "
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e " grant all privileges on $DBNAME .* to ' $DBUSER_MISP '@'localhost'; "
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
# Import the empty MISP database from MYSQL.sql
sudo -u www-data cat $PATH_TO_MISP /INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
}
apacheConfig ( ) {
2019-02-13 08:06:01 +01:00
debug "Generating Apache config"
2019-02-09 16:23:48 +01:00
sudo cp ${ PATH_TO_MISP } /INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
# If a valid SSL certificate is not already created for the server,
# create a self-signed certificate:
sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
-subj " /C= ${ OPENSSL_C } /ST= ${ OPENSSL_ST } /L= ${ OPENSSL_L } /O= ${ OPENSSL_O } /OU= ${ OPENSSL_OU } /CN= ${ OPENSSL_CN } /emailAddress= ${ OPENSSL_EMAILADDRESS } " \
-keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt
# Enable modules, settings, and default of SSL in Apache
sudo a2dismod status
sudo a2enmod ssl
sudo a2enmod rewrite
sudo a2enmod headers
sudo a2dissite 000-default
sudo a2ensite default-ssl
# Apply all changes
sudo systemctl restart apache2
# activate new vhost
sudo a2dissite default-ssl
sudo a2ensite misp-ssl
# Restart apache
sudo systemctl restart apache2
}
installCore ( ) {
2019-02-13 08:06:01 +01:00
debug " Installing ${ LBLUE } MISP ${ NC } core "
2019-02-09 16:23:48 +01:00
# Download MISP using git in the /var/www/ directory.
sudo mkdir ${ PATH_TO_MISP }
sudo chown www-data:www-data ${ PATH_TO_MISP }
cd ${ PATH_TO_MISP }
sudo -u www-data git clone https://github.com/MISP/MISP.git ${ PATH_TO_MISP }
sudo -u www-data git submodule update --init --recursive
# Make git ignore filesystem permission differences for submodules
sudo -u www-data git submodule foreach --recursive git config core.filemode false
# Make git ignore filesystem permission differences
sudo -u www-data git config core.filemode false
# Create a python3 virtualenv
sudo -u www-data virtualenv -p python3 ${ PATH_TO_MISP } /venv
# make pip happy
sudo mkdir /var/www/.cache/
sudo chown www-data:www-data /var/www/.cache
cd ${ PATH_TO_MISP } /app/files/scripts
sudo -H -u www-data git clone https://github.com/CybOXProject/python-cybox.git
sudo -H -u www-data git clone https://github.com/STIXProject/python-stix.git
sudo -H -u www-data git clone https://github.com/MAECProject/python-maec.git
2019-02-14 15:39:08 +01:00
2019-02-09 16:23:48 +01:00
# install mixbox to accommodate the new STIX dependencies:
sudo -H -u www-data git clone https://github.com/CybOXProject/mixbox.git
cd ${ PATH_TO_MISP } /app/files/scripts/mixbox
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install .
cd ${ PATH_TO_MISP } /app/files/scripts/python-cybox
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install .
cd ${ PATH_TO_MISP } /app/files/scripts/python-stix
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install .
cd $PATH_TO_MISP /app/files/scripts/python-maec
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install .
# install STIX2.0 library to support STIX 2.0 export:
cd ${ PATH_TO_MISP } /cti-python-stix2
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install .
# install PyMISP
cd ${ PATH_TO_MISP } /PyMISP
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install .
2019-02-10 14:09:19 +01:00
# install pydeep
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install git+https://github.com/kbandla/pydeep.git
# install lief
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip
# install python-magic
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install python-magic
2019-02-09 16:23:48 +01:00
# Install Crypt_GPG and Console_CommandLine
sudo pear install ${ PATH_TO_MISP } /INSTALL/dependencies/Console_CommandLine/package.xml
sudo pear install ${ PATH_TO_MISP } /INSTALL/dependencies/Crypt_GPG/package.xml
}
installCake ( ) {
2019-02-13 08:06:01 +01:00
debug "Installing CakePHP"
2019-03-01 05:49:32 +01:00
# Once done, install CakeResque along with its dependencies
2019-02-09 16:23:48 +01:00
# if you intend to use the built in background jobs:
cd ${ PATH_TO_MISP } /app
# Make composer cache happy
# /!\ composer on Ubuntu when invoked with sudo -u doesn't set $HOME to /var/www but keeps it /home/misp \!/
sudo mkdir /var/www/.composer ; sudo chown www-data:www-data /var/www/.composer
sudo -H -u www-data php composer.phar require kamisama/cake-resque:4.1.2
sudo -H -u www-data php composer.phar config vendor-dir Vendor
sudo -H -u www-data php composer.phar install
# Enable CakeResque with php-redis
sudo phpenmod redis
sudo phpenmod gnupg
# To use the scheduler worker for scheduled tasks, do the following:
sudo -u www-data cp -fa ${ PATH_TO_MISP } /INSTALL/setup/config.php ${ PATH_TO_MISP } /app/Plugin/CakeResque/Config/config.php
# If you have multiple MISP instances on the same system, don't forget to have a different Redis per MISP instance for the CakeResque workers
# The default Redis port can be updated in Plugin/CakeResque/Config/config.php
}
# Main function to fix permissions to something sane
permissions ( ) {
2019-02-13 08:06:01 +01:00
debug "Setting permissions"
2019-02-09 16:23:48 +01:00
sudo chown -R ${ WWW_USER } :${ WWW_USER } ${ PATH_TO_MISP }
sudo chmod -R 750 ${ PATH_TO_MISP }
sudo chmod -R g+ws ${ PATH_TO_MISP } /app/tmp
sudo chmod -R g+ws ${ PATH_TO_MISP } /app/files
sudo chmod -R g+ws $PATH_TO_MISP /app/files/scripts/tmp
}
configMISP ( ) {
2019-02-13 08:06:01 +01:00
debug " Generating ${ LBLUE } MISP ${ NC } config files "
2019-02-09 16:23:48 +01:00
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
sudo -u www-data cp -a ${ PATH_TO_MISP } /app/Config/bootstrap.default.php ${ PATH_TO_MISP } /app/Config/bootstrap.php
sudo -u www-data cp -a ${ PATH_TO_MISP } /app/Config/database.default.php ${ PATH_TO_MISP } /app/Config/database.php
sudo -u www-data cp -a ${ PATH_TO_MISP } /app/Config/core.default.php ${ PATH_TO_MISP } /app/Config/core.php
sudo -u www-data cp -a ${ PATH_TO_MISP } /app/Config/config.default.php ${ PATH_TO_MISP } /app/Config/config.php
echo " <?php
class DATABASE_CONFIG {
public \$ default = array(
'datasource' = > 'Database/Mysql' ,
//'datasource' = > 'Database/Postgres' ,
'persistent' = > false,
'host' = > '$DBHOST' ,
'login' = > '$DBUSER_MISP' ,
'port' = > 3306, // MySQL & MariaDB
//'port' = > 5432, // PostgreSQL
'password' = > '$DBPASSWORD_MISP' ,
'database' = > '$DBNAME' ,
'prefix' = > '' ,
'encoding' = > 'utf8' ,
) ;
} " | sudo -u www-data tee $PATH_TO_MISP /app/Config/database.php
# Important! Change the salt key in ${PATH_TO_MISP}/app/Config/config.php
# The salt key must be a string at least 32 bytes long.
# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
# and make sure the file permissions are still OK
sudo chown -R www-data:www-data ${ PATH_TO_MISP } /app/Config
sudo chmod -R 750 ${ PATH_TO_MISP } /app/Config
}
2019-02-08 10:23:43 +01:00
# Core cake commands
coreCAKE ( ) {
2019-02-13 08:06:01 +01:00
debug " Running core Cake commands to set sane defaults for ${ LBLUE } MISP ${ NC } "
2019-02-09 16:23:48 +01:00
$SUDO_WWW -E $CAKE userInit -q
2019-02-08 10:23:43 +01:00
2019-02-10 12:29:23 +01:00
# This makes sure all Database upgrades are done, without logging in.
$SUDO_WWW $CAKE Admin updateDatabase
2019-02-08 10:23:43 +01:00
# Setup some more MISP default via cake CLI
2019-02-11 08:15:59 +01:00
# The default install is Python in a virtualenv, setting accordingly
$SUDO_WWW $CAKE Admin setSetting "MISP.python_bin" " ${ PATH_TO_MISP } /venv/bin/python "
2019-02-08 10:23:43 +01:00
# Tune global time outs
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "Session.autoRegenerate" 0
$SUDO_WWW $CAKE Admin setSetting "Session.timeout" 600
$SUDO_WWW $CAKE Admin setSetting "Session.cookieTimeout" 3600
2019-02-08 10:23:43 +01:00
# Change base url, either with this CLI command or in the UI
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Baseurl $MISP_BASEURL
2019-02-08 10:23:43 +01:00
# example: 'baseurl' => 'https://<your.FQDN.here>',
# alternatively, you can leave this field empty if you would like to use relative pathing in MISP
# 'baseurl' => '',
# Enable GnuPG
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "GnuPG.email" " $GPG_EMAIL_ADDRESS "
$SUDO_WWW $CAKE Admin setSetting "GnuPG.homedir" " $PATH_TO_MISP /.gnupg "
$SUDO_WWW $CAKE Admin setSetting "GnuPG.password" " $GPG_PASSPHRASE "
2019-02-08 10:23:43 +01:00
# Enable installer org and tune some configurables
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "MISP.host_org_id" 1
$SUDO_WWW $CAKE Admin setSetting "MISP.email" "info@admin.test"
$SUDO_WWW $CAKE Admin setSetting "MISP.disable_emailing" true
$SUDO_WWW $CAKE Admin setSetting "MISP.contact" "info@admin.test"
$SUDO_WWW $CAKE Admin setSetting "MISP.disablerestalert" true
$SUDO_WWW $CAKE Admin setSetting "MISP.showCorrelationsOnIndex" true
2019-02-10 12:29:23 +01:00
$SUDO_WWW $CAKE Admin setSetting "MISP.default_event_tag_collection" 0
2019-02-08 10:23:43 +01:00
# Provisional Cortex tunes
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_enable" false
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_port" 9000
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_timeout" 120
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_authkey" ""
# Mysteriously removed?
#$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_timeout" 120
# Mysteriously removed?
#$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_authkey" ""
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_peer" false
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_host" false
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_ssl_allow_self_signed" true
2019-02-08 10:23:43 +01:00
# Various plugin sightings settings
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "Plugin.Sightings_policy" 0
$SUDO_WWW $CAKE Admin setSetting "Plugin.Sightings_anonymise" false
$SUDO_WWW $CAKE Admin setSetting "Plugin.Sightings_range" 365
2019-02-08 10:23:43 +01:00
# Plugin CustomAuth tuneable
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "Plugin.CustomAuth_disable_logout" false
2019-02-08 10:23:43 +01:00
# RPZ Plugin settings
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_policy" "DROP"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_walled_garden" "127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_serial" "\$date00"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_refresh" "2h"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_retry" "30m"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_expiry" "30d"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_minimum_ttl" "1h"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_ttl" "1w"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_ns" "localhost."
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_ns_alt" ""
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_email" "root.localhost"
2019-02-08 10:23:43 +01:00
# Force defaults to make MISP Server Settings less RED
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "MISP.language" "eng"
$SUDO_WWW $CAKE Admin setSetting "MISP.proposals_block_attributes" false
2019-02-08 10:23:43 +01:00
# Redis block
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_host" "127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_port" 6379
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_database" 13
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_password" ""
2019-02-08 10:23:43 +01:00
# Force defaults to make MISP Server Settings less YELLOW
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "MISP.ssdeep_correlation_threshold" 40
$SUDO_WWW $CAKE Admin setSetting "MISP.extended_alert_subject" false
$SUDO_WWW $CAKE Admin setSetting "MISP.default_event_threat_level" 4
$SUDO_WWW $CAKE Admin setSetting "MISP.newUserText" "Dear new MISP user,\\n\\nWe would hereby like to welcome you to the \$org MISP community.\\n\\n Use the credentials below to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nPassword: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
$SUDO_WWW $CAKE Admin setSetting "MISP.passwordResetText" "Dear MISP user,\\n\\nA password reset has been triggered for your account. Use the below provided temporary password to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nYour temporary password: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
$SUDO_WWW $CAKE Admin setSetting "MISP.enableEventBlacklisting" true
$SUDO_WWW $CAKE Admin setSetting "MISP.enableOrgBlacklisting" true
$SUDO_WWW $CAKE Admin setSetting "MISP.log_client_ip" false
$SUDO_WWW $CAKE Admin setSetting "MISP.log_auth" false
$SUDO_WWW $CAKE Admin setSetting "MISP.disableUserSelfManagement" false
$SUDO_WWW $CAKE Admin setSetting "MISP.block_event_alert" false
$SUDO_WWW $CAKE Admin setSetting "MISP.block_event_alert_tag" "no-alerts=\"true\""
$SUDO_WWW $CAKE Admin setSetting "MISP.block_old_event_alert" false
$SUDO_WWW $CAKE Admin setSetting "MISP.block_old_event_alert_age" ""
$SUDO_WWW $CAKE Admin setSetting "MISP.incoming_tags_disabled_by_default" false
$SUDO_WWW $CAKE Admin setSetting "MISP.footermidleft" "This is an initial install"
$SUDO_WWW $CAKE Admin setSetting "MISP.footermidright" "Please configure and harden accordingly"
$SUDO_WWW $CAKE Admin setSetting "MISP.welcome_text_top" "Initial Install, please configure"
2019-02-08 10:23:43 +01:00
# TODO: Make sure $FLAVOUR is correct
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "MISP.welcome_text_bottom" " Welcome to MISP on $FLAVOUR , change this message in MISP Settings "
2019-02-08 10:23:43 +01:00
# Force defaults to make MISP Server Settings less GREEN
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin setSetting "Security.password_policy_length" 12
$SUDO_WWW $CAKE Admin setSetting "Security.password_policy_complexity" '/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/'
2019-02-08 10:23:43 +01:00
# Set MISP Live
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Live $MISP_LIVE
2019-02-08 10:23:43 +01:00
}
# This updates Galaxies, ObjectTemplates, Warninglists, Noticelists, Templates
updateGOWNT ( ) {
2019-02-13 08:06:01 +01:00
debug "Updating Galaxies, ObjectTemplates, Warninglists, Noticelists and Templates"
2019-02-08 10:23:43 +01:00
AUTH_KEY = $( mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e "SELECT authkey FROM users;" | tail -1)
# Update the galaxies…
# TODO: Fix updateGalaxies
2019-02-09 16:23:48 +01:00
##$SUDO_WWW $CAKE Admin updateGalaxies
2019-02-08 10:23:43 +01:00
curl --header " Authorization: $AUTH_KEY " --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/galaxies/update
# Updating the taxonomies…
2019-02-09 16:23:48 +01:00
$SUDO_WWW $CAKE Admin updateTaxonomies
2019-02-08 10:23:43 +01:00
# Updating the warning lists…
# TODO: Fix updateWarningLists
2019-02-09 16:23:48 +01:00
##$SUDO_WWW $CAKE Admin updateWarningLists
2019-02-08 10:23:43 +01:00
curl --header " Authorization: $AUTH_KEY " --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/warninglists/update
# Updating the notice lists…
2019-02-09 16:23:48 +01:00
## $SUDO_WWW $CAKE Admin updateNoticeLists
2019-02-08 10:23:43 +01:00
curl --header " Authorization: $AUTH_KEY " --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/noticelists/update
# Updating the object templates…
2019-02-09 16:23:48 +01:00
##$SUDO_WWW $CAKE Admin updateObjectTemplates
2019-02-08 10:23:43 +01:00
curl --header " Authorization: $AUTH_KEY " --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/objectTemplates/update
}
# Generate GnuPG key
setupGnuPG ( ) {
2019-02-08 11:33:19 +01:00
if [ ! -d $PATH_TO_MISP /.gnupg ] ; then
2019-02-08 10:23:43 +01:00
# The email address should match the one set in the config.php
# set in the configuration menu in the administration menu configuration file
echo " %echo Generating a default key
Key-Type: default
Key-Length: $GPG_KEY_LENGTH
Subkey-Type: default
Name-Real: $GPG_REAL_NAME
Name-Comment: $GPG_COMMENT
Name-Email: $GPG_EMAIL_ADDRESS
Expire-Date: 0
Passphrase: $GPG_PASSPHRASE
# Do a commit here, so that we can later print "done"
%commit
%echo done " > /tmp/gen-key-script
$SUDO_WWW gpg --homedir $PATH_TO_MISP /.gnupg --batch --gen-key /tmp/gen-key-script
# Export the public key to the webroot
$SUDO_WWW sh -c " gpg --homedir $PATH_TO_MISP /.gnupg --export --armor $GPG_EMAIL_ADDRESS " | $SUDO_WWW tee $PATH_TO_MISP /app/webroot/gpg.asc
fi
}
2019-02-09 16:23:48 +01:00
logRotation ( ) {
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
# To rotate these logs install the supplied logrotate script:
sudo cp ${ PATH_TO_MISP } /INSTALL/misp.logrotate /etc/logrotate.d/misp
sudo chmod 0640 /etc/logrotate.d/misp
}
backgroundWorkers ( ) {
2019-02-13 08:06:01 +01:00
debug "Setting up background workers"
2019-02-09 16:23:48 +01:00
# To make the background workers start on boot
sudo chmod +x $PATH_TO_MISP /app/Console/worker/start.sh
if [ ! -e /etc/rc.local ]
then
echo '#!/bin/sh -e' | sudo tee -a /etc/rc.local
echo 'exit 0' | sudo tee -a /etc/rc.local
sudo chmod u+x /etc/rc.local
fi
# Start the workers
$SUDO_WWW bash $PATH_TO_MISP /app/Console/worker/start.sh
# Add the following lines before the last line (exit 0). Make sure that you replace www-data with your apache user:
sudo sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
sudo sed -i -e '$i \sudo -u www-data bash ${PATH_TO_MISP}/app/Console/worker/start.sh > /tmp/worker_start_rc.local.log\n' /etc/rc.local
}
2019-02-08 10:23:43 +01:00
# Main MISP Modules install function
mispmodules ( ) {
2019-02-11 08:15:59 +01:00
# FIXME: this is broken, ${PATH_TO_MISP} is litteral
2019-02-27 05:47:40 +01:00
##sudo sed -i -e '$i \sudo -u www-data /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s > /tmp/misp-modules_rc.local.log &\n' /etc/rc.local
2019-02-08 10:23:43 +01:00
cd /usr/local/src/
2019-02-11 08:15:59 +01:00
## TODO: checkUsrLocalSrc in main doc
2019-03-02 09:42:28 +01:00
debug "Cloning misp-modules"
2019-02-12 15:04:21 +01:00
$SUDO_USER git clone https://github.com/MISP/misp-modules.git
2019-02-08 10:23:43 +01:00
cd misp-modules
# some misp-modules dependencies
sudo apt-get install libpq5 libjpeg-dev libfuzzy-dev -y
2019-02-11 06:35:11 +01:00
# If you build an egg, the user you build it as need write permissions in the CWD
sudo chgrp $WWW_USER .
2019-02-12 15:04:21 +01:00
sudo chmod g+w .
2019-02-28 02:12:17 +01:00
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install ReportLab
2019-02-09 16:23:48 +01:00
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install -I -r REQUIREMENTS
2019-02-11 06:35:11 +01:00
sudo chgrp staff .
2019-02-09 16:23:48 +01:00
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install -I .
2019-02-08 10:23:43 +01:00
sudo apt install ruby-pygments.rb -y
sudo gem install asciidoctor-pdf --pre
2019-02-10 14:09:19 +01:00
2019-02-08 10:23:43 +01:00
# install additional dependencies for extended object generation and extraction
2019-02-10 14:09:19 +01:00
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install wand yara pathlib
2019-02-27 05:47:40 +01:00
# Start misp-modules as a service
sudo cp etc/systemd/system/misp-modules.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable --now misp-modules
2019-02-08 10:23:43 +01:00
2019-02-09 16:23:48 +01:00
# Sleep 9 seconds to give misp-modules a chance to spawn
sleep 9
# Enable Enrichment, set better timeouts
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_services_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_hover_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_timeout" 300
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_hover_timeout" 150
# TODO:"Investigate why the next one fails"
#$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_asn_history_enabled" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_cve_enabled" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_dns_enabled" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_services_url" "http://127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_services_port" 6666
# Enable Import modules, set better timeout
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_services_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_services_url" "http://127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_services_port" 6666
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_timeout" 300
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_ocr_enabled" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_csvimport_enabled" true
# Enable Export modules, set better timeout
$SUDO_WWW $CAKE Admin setSetting "Plugin.Export_services_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Export_services_url" "http://127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "Plugin.Export_services_port" 6666
$SUDO_WWW $CAKE Admin setSetting "Plugin.Export_timeout" 300
$SUDO_WWW $CAKE Admin setSetting "Plugin.Export_pdfexport_enabled" true
2019-02-08 10:23:43 +01:00
}
# Main MISP Dashboard install function
mispDashboard ( ) {
2019-02-13 08:06:01 +01:00
debug "Install misp-dashboard"
2019-02-11 08:15:59 +01:00
# Install pyzmq to main MISP venv
2019-02-13 05:48:39 +01:00
debug "Installing PyZMQ"
2019-02-11 08:15:59 +01:00
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install pyzmq
2019-02-08 10:23:43 +01:00
cd /var/www
sudo mkdir misp-dashboard
sudo chown www-data:www-data misp-dashboard
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git
cd misp-dashboard
sudo -H /var/www/misp-dashboard/install_dependencies.sh
sudo sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
sudo sed -i '/Listen 80/a Listen 0.0.0.0:8001' /etc/apache2/ports.conf
sudo apt install libapache2-mod-wsgi-py3 -y
echo " <VirtualHost *:8001>
ServerAdmin admin@misp.local
ServerName misp.local
DocumentRoot /var/www/misp-dashboard
WSGIDaemonProcess misp-dashboard \
user = misp group = misp \
python-home= /var/www/misp-dashboard/DASHENV \
processes = 1 \
threads = 15 \
maximum-requests= 5000 \
listen-backlog= 100 \
queue-timeout= 45 \
socket-timeout= 60 \
connect-timeout= 15 \
request-timeout= 60 \
inactivity-timeout= 0 \
deadlock-timeout= 60 \
graceful-timeout= 15 \
eviction-timeout= 0 \
shutdown-timeout= 5 \
send-buffer-size= 0 \
receive-buffer-size= 0 \
header-buffer-size= 0 \
response-buffer-size= 0 \
server-metrics= Off
WSGIScriptAlias / /var/www/misp-dashboard/misp-dashboard.wsgi
<Directory /var/www/misp-dashboard>
WSGIProcessGroup misp-dashboard
WSGIApplicationGroup %{ GLOBAL}
Require all granted
</Directory>
LogLevel info
ErrorLog /var/log/apache2/misp-dashboard.local_error.log
CustomLog /var/log/apache2/misp-dashboard.local_access.log combined
ServerSignature Off
</VirtualHost>" | sudo tee /etc/apache2/sites-available/misp-dashboard.conf
2019-02-10 12:29:23 +01:00
# Enable misp-dashboard in apache and reload
2019-02-08 10:23:43 +01:00
sudo a2ensite misp-dashboard
2019-02-11 06:35:11 +01:00
sudo systemctl restart apache2
2019-02-08 10:23:43 +01:00
2019-02-10 12:29:23 +01:00
# Needs to be started after apache2 is reloaded so the port status check works
$SUDO_WWW bash /var/www/misp-dashboard/start_all.sh
2019-02-08 10:23:43 +01:00
# Add misp-dashboard to rc.local to start on boot.
sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh > /tmp/misp-dashboard_rc.local.log\n' /etc/rc.local
}
dashboardCAKE ( ) {
# Enable ZeroMQ for misp-dashboard
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_enable" true
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_event_notifications_enable" true
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_object_notifications_enable" true
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_object_reference_notifications_enable" true
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_attribute_notifications_enable" true
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_sighting_notifications_enable" true
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_user_notifications_enable" true
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_organisation_notifications_enable" true
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_port" 50000
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_redis_host" "localhost"
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_redis_port" 6379
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_redis_database" 1
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_redis_namespace" "mispq"
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_include_attachments" false
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_tag_notifications_enable" false
sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_audit_notifications_enable" false
}
# Main mail2misp install function
mail2misp ( ) {
2019-02-13 08:06:01 +01:00
debug " Installing Mail2 ${ LBLUE } MISP ${ NC } "
2019-02-08 10:23:43 +01:00
cd /usr/local/src/
2019-03-01 07:01:04 +01:00
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
2019-02-12 15:04:21 +01:00
$SUDO_USER git clone https://github.com/MISP/mail_to_misp.git
$SUDO_USER git clone git://github.com/stricaud/faup.git faup
2019-03-01 07:01:04 +01:00
$SUDO_USER git clone git://github.com/stricaud/gtcaca.git gtcaca
sudo chown -R ${ MISP_USER } :${ MISP_USER } faup mail_to_misp gtcaca
cd gtcaca
$SUDO_USER mkdir -p build
cd build
$SUDO_USER cmake .. && $SUDO_USER make
sudo make install
cd ../../faup
2019-02-12 15:04:21 +01:00
$SUDO_USER mkdir -p build
2019-02-08 10:23:43 +01:00
cd build
2019-02-12 15:04:21 +01:00
$SUDO_USER cmake .. && $SUDO_USER make
2019-02-08 10:23:43 +01:00
sudo make install
sudo ldconfig
cd ../../mail_to_misp
2019-02-12 15:04:21 +01:00
$SUDO_USER virtualenv -p python3 venv
$SUDO_USER ./venv/bin/pip install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip
$SUDO_USER ./venv/bin/pip install -r requirements.txt
$SUDO_USER cp mail_to_misp_config.py-example mail_to_misp_config.py
2019-02-08 10:23:43 +01:00
##$SUDO cp mail_to_misp_config.py-example mail_to_misp_config.py
2019-02-12 15:04:21 +01:00
$SUDO_USER sed -i "s/^misp_url\ =\ 'YOUR_MISP_URL'/misp_url\ =\ 'https:\/\/localhost'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
$SUDO_USER sed -i " s/^misp_key\ =\ 'YOUR_KEY_HERE'/misp_key\ =\ ' ${ AUTH_KEY } '/g " /usr/local/src/mail_to_misp/mail_to_misp_config.py
2019-02-08 10:23:43 +01:00
}
2019-02-12 13:15:38 +01:00
ssdeep ( ) {
2019-02-13 08:06:01 +01:00
debug "Install ssdeep 2.14.1"
2019-02-12 13:15:38 +01:00
cd /usr/local/src
2019-02-12 15:04:21 +01:00
$SUDO_USER wget https://github.com/ssdeep-project/ssdeep/releases/download/release-2.14.1/ssdeep-2.14.1.tar.gz
$SUDO_USER tar zxvf ssdeep-2.14.1.tar.gz
2019-02-12 13:15:38 +01:00
cd ssdeep-2.14.1
2019-02-12 15:04:21 +01:00
$SUDO_USER ./configure --datadir= /usr --prefix= /usr --localstatedir= /var --sysconfdir= /etc
$SUDO_USER make
2019-02-12 13:15:38 +01:00
sudo make install
#installing ssdeep_php
sudo pecl install ssdeep
# You should add "extension=ssdeep.so" to mods-available - Check /etc/php for your current version
echo "extension=ssdeep.so" | sudo tee ${ PHP_ETC_BASE } /mods-available/ssdeep.ini
sudo phpenmod ssdeep
sudo service apache2 restart
}
2019-02-08 10:23:43 +01:00
# Main Viper install function
viper ( ) {
debug "Installing Viper dependencies"
2019-02-13 08:06:01 +01:00
cd /usr/local/src/
2019-02-08 12:00:16 +01:00
sudo apt-get install \
libssl-dev swig python3-ssdeep p7zip-full unrar-free sqlite python3-pyclamd exiftool radare2 \
2019-02-14 15:39:08 +01:00
python3-magic python3-sqlalchemy python3-prettytable libffi-dev libfreetype6-dev libpng-dev -qy
2019-02-13 08:06:01 +01:00
echo "Cloning Viper"
2019-02-12 15:04:21 +01:00
$SUDO_USER git clone https://github.com/viper-framework/viper.git
sudo chown -R $MISP_USER :$MISP_USER viper
2019-02-08 10:23:43 +01:00
cd viper
2019-02-13 08:06:01 +01:00
echo "Creating virtualenv"
2019-02-12 15:04:21 +01:00
$SUDO_USER virtualenv -p python3 venv
2019-02-13 08:06:01 +01:00
echo "Submodule update"
2019-02-08 10:23:43 +01:00
# TODO: Check for current user install permissions
2019-02-12 15:04:21 +01:00
$SUDO_USER git submodule update --init --recursive
2019-02-08 10:23:43 +01:00
##$SUDO git submodule update --init --recursive
2019-02-13 08:06:01 +01:00
echo "Pip install deps"
2019-02-12 15:04:21 +01:00
$SUDO_USER ./venv/bin/pip install SQLAlchemy PrettyTable python-magic
2019-02-13 08:06:01 +01:00
echo "pip install scrapy"
2019-02-12 15:04:21 +01:00
$SUDO_USER ./venv/bin/pip install scrapy
2019-02-13 08:06:01 +01:00
echo "install lief"
2019-02-12 15:04:21 +01:00
$SUDO_USER ./venv/bin/pip install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip
2019-02-13 08:06:01 +01:00
echo "pip install reqs"
2019-02-12 15:04:21 +01:00
$SUDO_USER ./venv/bin/pip install -r requirements.txt
$SUDO_USER sed -i '1 s/^.*$/\#!\/usr\/local\/src\/viper\/venv\/bin\/python/' viper-cli
$SUDO_USER sed -i '1 s/^.*$/\#!\/usr\/local\/src\/viper\/venv\/bin\/python/' viper-web
2019-02-13 08:06:01 +01:00
echo "Launching viper-cli"
2019-02-28 02:12:17 +01:00
$SUDO_USER /usr/local/src/viper/viper-cli -h > /dev/null
2019-02-13 08:06:01 +01:00
echo "Launching viper-web"
2019-02-28 02:12:17 +01:00
$SUDO_USER /usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 &
2019-02-08 10:23:43 +01:00
echo 'PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper:/var/www/MISP/app/Console"' | sudo tee /etc/environment
echo ". /etc/environment" >> /home/${ MISP_USER } /.profile
2019-02-08 12:00:16 +01:00
# TODO: Perms, MISP_USER_HOME, nasty hack cuz Kali on R00t
if [ -f /home/${ MISP_USER } /.viper/viper.conf ] ; then
VIPER_HOME = " /home/ ${ MISP_USER } /.viper "
else
2019-02-08 12:20:17 +01:00
VIPER_HOME = " ${ HOME } /.viper "
2019-02-08 12:00:16 +01:00
fi
2019-02-13 08:06:01 +01:00
echo "Setting misp_url/misp_key"
2019-02-12 15:04:21 +01:00
$SUDO_USER sed -i "s/^misp_url\ =/misp_url\ =\ http:\/\/localhost/g" ${ VIPER_HOME } /viper.conf
$SUDO_USER sed -i " s/^misp_key\ =/misp_key\ =\ $AUTH_KEY /g " ${ VIPER_HOME } /viper.conf
2019-02-08 10:23:43 +01:00
# Reset admin password to: admin/Password1234
2019-02-13 08:06:01 +01:00
echo "Fixing admin.db with default password"
2019-02-28 02:12:17 +01:00
while [ " $( sudo sqlite3 ${ VIPER_HOME } /admin.db 'UPDATE auth_user SET password="pbkdf2_sha256$100000$iXgEJh8hz7Cf$vfdDAwLX8tko1t0M1TLTtGlxERkNnltUnMhbv56wK/U="' ; echo $? ) " -ne "0" ] ; do
2019-02-08 10:23:43 +01:00
# FIXME This might lead to a race condition, the while loop is sub-par
2019-02-12 15:04:21 +01:00
sudo chown $MISP_USER :$MISP_USER ${ VIPER_HOME } /admin.db
2019-02-08 10:23:43 +01:00
echo "Updating viper-web admin password, giving process time to start-up, sleeping 5, 4, 3,…"
sleep 6
done
# Add viper-web to rc.local to be started on boot
sudo sed -i -e '$i \sudo -u misp /usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 > /tmp/viper-web_rc.local.log &\n' /etc/rc.local
}
# No functions scripts:
## apt-upgrade.sh ##
## postfix.sh ##
## interfaces.sh ##
2019-02-09 16:23:48 +01:00
#
2019-02-08 10:23:43 +01:00
### END AUTOMATED SECTION ###
2019-02-08 11:19:27 +01:00
# This function will generate the main installer.
# It is a helper function for the maintainers for the installer.
2019-02-11 17:04:16 +01:00
colors ( ) {
# Some colors for easier debug and better UX (not colorblind compatible, PR welcome)
RED = '\033[0;31m'
GREEN = '\033[0;32m'
LBLUE = '\033[1;34m'
YELLOW = '\033[0;33m'
HIDDEN = '\e[8m'
NC = '\033[0m'
}
2019-02-08 10:23:43 +01:00
generateInstaller ( ) {
if [ ! -f $( which xsnippet) ] ; then
echo 'xsnippet is NOT installed. Clone the repository below and copy the xsnippet shell script somehwere in your $PATH'
echo "git clone https://github.com/SteveClement/xsnippet.git"
exit 1
fi
2019-02-11 11:50:50 +01:00
if [ [ $( echo $0 | grep -e '^\.\/' ) != "./INSTALL.debian.tpl.sh" ] ] ; then
echo -e " ${ RED } iAmError! ${ NC } "
echo -e "To generate the installer call it with './INSTALL.debian.tpl.sh' otherwise things will break."
echo -e " You called: ${ RED } $0 ${ NC } "
exit 1
fi
2019-02-08 10:23:43 +01:00
mkdir installer ; cd installer
cp ../INSTALL.debian.tpl.sh .
2019-02-08 11:19:27 +01:00
# Pull code snippets out of Main Install Documents
2019-02-21 08:02:05 +01:00
for f in ` echo INSTALL.ubuntu1804.md xINSTALL.debian9.md INSTALL.kali.md xINSTALL.debian_testing.md xINSTALL.tsurugi.md xINSTALL.debian9-postgresql.md xINSTALL.ubuntu1804.with.webmin.md` ; do
2019-02-08 10:23:43 +01:00
xsnippet . ../../docs/${ f }
done
2019-02-08 11:19:27 +01:00
# Pull out code snippets from generic Install Documents
2019-02-08 10:23:43 +01:00
for f in ` echo globalVariables.md mail_to_misp-debian.md MISP_CAKE_init.md misp-dashboard-debian.md misp-modules-debian.md gnupg.md ssdeep-debian.md sudo_etckeeper.md supportFunctions.md viper-debian.md` ; do
xsnippet . ../../docs/generic/${ f }
done
2019-02-08 11:19:27 +01:00
# TODO: Fix the below.
2019-02-08 10:23:43 +01:00
# $ for f in `echo ls [0-9]_*`; do
# $ perl -pe 's/## ${f} ##/`cat ${f}`/ge' -i INSTALL.debian.sh
# $ done
#
# Temporary copy/paste holder
perl -pe 's/^## 0_global-vars.sh ##/`cat 0_global-vars.sh`/ge' -i INSTALL.debian.tpl.sh
2019-02-09 16:23:48 +01:00
perl -pe 's/^## 0_apt-upgrade.sh ##/`cat 0_apt-upgrade.sh`/ge' -i INSTALL.debian.tpl.sh
2019-02-08 10:23:43 +01:00
perl -pe 's/^## 0_sudoKeeper.sh ##/`cat 0_sudoKeeper.sh`/ge' -i INSTALL.debian.tpl.sh
2019-02-09 16:23:48 +01:00
perl -pe 's/^## 0_installCoreDeps.sh ##/`cat 0_installCoreDeps.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 0_installDepsPhp73.sh ##/`cat 0_installDepsPhp73.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 0_installDepsPhp72.sh ##/`cat 0_installDepsPhp72.sh`/ge' -i INSTALL.debian.tpl.sh
2019-02-28 04:03:52 +01:00
perl -pe 's/^## 0_installDepsPhp70.sh ##/`cat 0_installDepsPhp70.sh`/ge' -i INSTALL.debian.tpl.sh
2019-02-09 16:23:48 +01:00
perl -pe 's/^## 1_prepareDB.sh ##/`cat 1_prepareDB.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 1_apacheConfig.sh ##/`cat 1_apacheConfig.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 1_mispCoreInstall.sh ##/`cat 1_mispCoreInstall.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 1_installCake.sh ##/`cat 1_installCake.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 2_permissions.sh ##/`cat 2_permissions.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 2_configMISP.sh ##/`cat 2_configMISP.sh`/ge' -i INSTALL.debian.tpl.sh
2019-02-08 10:23:43 +01:00
perl -pe 's/^## 0_support-functions.sh ##/`cat 0_support-functions.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 2_gnupg.sh ##/`cat 2_gnupg.sh`/ge' -i INSTALL.debian.tpl.sh
2019-02-09 16:23:48 +01:00
perl -pe 's/^## 2_logRotation.sh ##/`cat 2_logRotation.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 2_backgroundWorkers.sh ##/`cat 2_backgroundWorkers.sh`/ge' -i INSTALL.debian.tpl.sh
2019-02-08 10:23:43 +01:00
perl -pe 's/^## 2_core-cake.sh ##/`cat 2_core-cake.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 3_misp-modules.sh ##/`cat 3_misp-modules.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 4_misp-dashboard-cake.sh ##/`cat 4_misp-dashboard-cake.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 4_misp-dashboard.sh ##/`cat 4_misp-dashboard.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 5_mail_to_misp.sh ##/`cat 5_mail_to_misp.sh`/ge' -i INSTALL.debian.tpl.sh
perl -pe 's/^## 6_viper.sh ##/`cat 6_viper.sh`/ge' -i INSTALL.debian.tpl.sh
2019-02-12 13:15:38 +01:00
perl -pe 's/^## 6_ssdeep.sh ##/`cat 6_ssdeep.sh`/ge' -i INSTALL.debian.tpl.sh
2019-02-08 10:23:43 +01:00
cp INSTALL.debian.tpl.sh ../INSTALL.debian.sh
cd ..
rm -rf installer
2019-02-09 16:23:48 +01:00
echo -e " ${ LBLUE } Generated INSTALL.debian.sh ${ NC } "
2019-02-08 10:23:43 +01:00
exit 0
}
# Simple debug function with message
2019-02-09 16:23:48 +01:00
# Make sure no alias exists
if [ [ $( type -t debug) = = "alias" ] ] ; then unalias debug; fi
2019-02-08 10:23:43 +01:00
debug ( ) {
2019-02-13 15:09:19 +01:00
echo -e " ${ RED } Next step: ${ NC } ${ GREEN } $1 ${ NC } " > /dev/tty
2019-02-08 10:23:43 +01:00
if [ ! -z $DEBUG ] ; then
2019-02-13 14:58:45 +01:00
NO_PROGRESS = 1
2019-02-13 15:09:19 +01:00
echo -e " ${ RED } Debug Mode ${ NC } , press ${ LBLUE } enter ${ NC } to continue... " > /dev/tty
2019-02-13 05:48:39 +01:00
exec 3>& 1
2019-02-08 10:23:43 +01:00
read
2019-02-13 05:48:39 +01:00
else
# [Set up conditional redirection](https://stackoverflow.com/questions/8756535/conditional-redirection-in-bash)
#exec 3>&1 &>/dev/null
:
2019-02-08 10:23:43 +01:00
fi
}
2019-02-28 04:03:52 +01:00
installSupported ( ) {
2019-02-08 10:23:43 +01:00
space
echo "Proceeding with the installation of MISP core"
space
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Set Base URL - functionLocation('generic/supportFunctions.md')
2019-02-11 17:04:16 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && setBaseURL
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 17:04:16 +01:00
2019-02-13 08:06:01 +01:00
# Check if sudo is installed and etckeeper - functionLocation('generic/sudo_etckeeper.md')
2019-02-13 05:48:39 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && checkSudoKeeper 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-21 08:02:05 +01:00
# Set locale if not set - functionLocation('generic/supportFunctions.md')
checkLocale
# Upgrade system to make sure we install the latest packages - functionLocation('INSTALL.ubuntu1804.md')
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && aptUpgrade 2> /dev/null > /dev/null
progress 4
2019-02-11 06:35:11 +01:00
# TODO: Double check how the user is added and subsequently used during the install.
# TODO: Work on possibility to install as user X and install MISP for user Y
# TODO: Check if logout needed. (run SUDO_USER in installer)
2019-02-09 16:23:48 +01:00
# <snippet-begin add-user.sh>
2019-02-11 06:35:11 +01:00
# TODO: Double check how to properly handle postfix
2019-02-09 16:23:48 +01:00
# <snippet-begin postfix.sh>
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Pull in all possible MISP Environment variables - functionLocation('generic/globalVariables.md')
2019-02-11 17:04:16 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && MISPvars
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Check if MISP user is installed and we do not run as root - functionLocation('generic/supportFunctions.md')
2019-02-12 15:04:21 +01:00
checkID
2019-02-13 07:00:31 +01:00
progress 4
2019-02-12 15:04:21 +01:00
2019-02-13 08:06:01 +01:00
# Starting friendly UI spinner
2019-02-13 13:01:04 +01:00
#spin &
#SPIN_PID=$!
#disown
#trap "kill -9 $SPIN_PID" `seq 0 15`
2019-02-13 08:06:01 +01:00
# Install Core Dependencies - functionLocation('INSTALL.ubuntu1804.md')
2019-02-14 02:43:31 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && installCoreDeps
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-28 04:03:52 +01:00
if [ [ " $1 " = ~ ^PHP= ] ] ; then
PHP_VER = $( echo $1 | cut -f2 -d= )
if [ [ " $PHP_VER " = = "7.2" ] ] ; then
# Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md')
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && installDepsPhp72
elif [ [ " $PHP_VER " = = "7.3" ] ] ; then
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && installDepsPhp73
elif [ [ " $PHP_VER " = = "7.0" ] ] ; then
# Install PHP 7.0 Dependencies - functionLocation('generic/supportFunctions.md')
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && installDepsPhp70
fi
else
# Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md')
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && installDepsPhp72
fi
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Install Core MISP - functionLocation('INSTALL.ubuntu1804.md')
2019-02-11 17:04:16 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && installCore
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Install PHP Cake - functionLocation('INSTALL.ubuntu1804.md')
2019-02-11 17:04:16 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && installCake
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Make sure permissions are sane - functionLocation('INSTALL.ubuntu1804.md')
2019-02-13 05:48:39 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && permissions 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
# TODO: Mysql install functions, make it upgrade safe, double check
2019-02-13 08:06:01 +01:00
# Setup Databse - functionLocation('INSTALL.ubuntu1804.md')
2019-02-13 05:48:39 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && prepareDB 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Roll Apache Config - functionLocation('INSTALL.ubuntu1804.md')
2019-02-13 05:48:39 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && apacheConfig 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Setup log logrotate - functionLocation('INSTALL.ubuntu1804.md')
2019-02-13 05:48:39 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && logRotation 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Generate MISP Config files - functionLocation('INSTALL.ubuntu1804.md')
2019-02-13 05:48:39 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && configMISP 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Generate GnuPG key - functionLocation('generic/gnupg.md')
2019-02-13 05:48:39 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && setupGnuPG 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Setup and start background workers - functionLocation('INSTALL.ubuntu1804.md')
2019-02-13 05:48:39 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && backgroundWorkers 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Run cake CLI for the core installation - functionLocation('generic/MISP_CAKE_init.md')
2019-02-13 05:48:39 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && coreCAKE 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Update Galaxies, Template Objects, Warning Lists, Notice Lists, Taxonomies - functionLocation('generic/MISP_CAKE_init.md')
2019-02-13 05:48:39 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && updateGOWNT 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Disable spinner
2019-02-13 13:01:04 +01:00
#(kill $SPIN_PID 2>&1) >/dev/null
2019-02-13 08:06:01 +01:00
# Check if /usr/local/src is writeable by target install user - functionLocation('generic/supportFunctions.md')
2019-02-11 17:04:16 +01:00
[ [ -n $CORE ] ] || [ [ -n $ALL ] ] && checkUsrLocalSrc
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 13:01:04 +01:00
## Resume spinner
#spin &
#SPIN_PID=$!
#disown
#trap "kill -9 $SPIN_PID" `seq 0 15`
2019-02-13 08:06:01 +01:00
# Install misp-modules - functionLocation('generic/misp-modules-debian.md')
2019-02-11 01:40:51 +01:00
[ [ -n $MODULES ] ] || [ [ -n $ALL ] ] && mispmodules
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Install Viper - functionLocation('generic/viper-debian.md')
2019-02-11 01:40:51 +01:00
[ [ -n $VIPER ] ] || [ [ -n $ALL ] ] && viper
2019-02-13 07:00:31 +01:00
progress 4
2019-02-11 06:35:11 +01:00
2019-02-13 08:06:01 +01:00
# Install ssdeep - functionLocation('generic/ssdeep-debian.md')
2019-02-12 15:04:21 +01:00
[ [ -n $SSDEEP ] ] || [ [ -n $ALL ] ] && ssdeep
2019-02-13 07:00:31 +01:00
progress 4
2019-02-12 15:04:21 +01:00
2019-02-13 08:06:01 +01:00
# Install misp-dashboard - functionLocation('generic/misp-dashboard-debian.md')
2019-02-13 05:48:39 +01:00
[ [ -n $DASHBOARD ] ] || [ [ -n $ALL ] ] && mispDashboard ; dashboardCAKE 2> /dev/null > /dev/null
2019-02-13 07:00:31 +01:00
progress 4
2019-02-10 12:29:23 +01:00
2019-02-13 08:06:01 +01:00
# Install Mail2MISP - functionLocation('generic/mail_to_misp-debian.md')
2019-02-11 17:56:00 +01:00
[ [ -n $MAIL2 ] ] || [ [ -n $ALL ] ] && mail2misp
2019-03-01 05:58:32 +01:00
progress 2
2019-02-11 01:40:51 +01:00
2019-03-01 05:50:25 +01:00
# Run tests
runTests
2019-03-01 05:58:32 +01:00
progress 2
2019-03-01 05:50:25 +01:00
2019-02-13 08:06:01 +01:00
# Run final script to inform the User what happened - functionLocation('generic/supportFunctions.md')
2019-02-11 01:40:51 +01:00
theEnd
2019-02-08 10:23:43 +01:00
}
# Main Kalin Install function
installMISPonKali ( ) {
2019-02-13 14:58:45 +01:00
# Kali might have a bug on installs where libc6 is not up to date, this forces bash and libc to update - functionLocation('')
2019-02-13 05:48:39 +01:00
kaliUpgrade 2> /dev/null > /dev/null
2019-02-13 15:09:19 +01:00
2019-02-13 15:46:17 +01:00
# Set locale if not set - functionLocation('generic/supportFunctions.md')
2019-02-13 15:09:19 +01:00
checkLocale
2019-02-13 15:46:17 +01:00
# Set Base URL - functionLocation('generic/supportFunctions.md')
setBaseURL
2019-02-13 14:58:45 +01:00
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
2019-02-13 05:48:39 +01:00
installDepsPhp73 2> /dev/null > /dev/null
2019-02-13 15:46:17 +01:00
2019-02-08 16:47:31 +01:00
# Set custom Kali only variables and tweaks
2019-02-08 10:23:43 +01:00
space
2019-02-09 16:23:48 +01:00
# The following disables sleep on kali/gnome
2019-02-13 15:09:19 +01:00
### FIXME: Disabling for now, maybe source of some issues.
##disableSleep 2> /dev/null > /dev/null
##debug "Sleeping 3 seconds to make sure the disable sleep does not confuse the execution of the script."
##sleep 3
2019-02-08 10:23:43 +01:00
2019-02-14 02:43:31 +01:00
# Kali specific dependencies - functionLocation('generic/supportFunctions.md')
2019-02-08 10:23:43 +01:00
debug "Installing dependencies"
2019-02-14 02:43:31 +01:00
installDeps
2019-02-08 10:23:43 +01:00
2019-02-14 02:43:31 +01:00
# Install Core Dependencies - functionLocation('INSTALL.ubuntu1804.md')
installCoreDeps
2019-02-13 15:09:19 +01:00
2019-02-08 10:23:43 +01:00
debug "Enabling redis and gnupg modules"
phpenmod -v 7.3 redis
phpenmod -v 7.3 gnupg
debug "Apache2 ops: dismod: status php7.2 - dissite: 000-default enmod: ssl rewrite headers php7.3 ensite: default-ssl"
2019-02-13 05:48:39 +01:00
a2dismod status 2> /dev/null > /dev/null
a2dismod php7.2 2> /dev/null > /dev/null
a2enmod ssl rewrite headers php7.3 2> /dev/null > /dev/null
a2dissite 000-default 2> /dev/null > /dev/null
a2ensite default-ssl 2> /dev/null > /dev/null
2019-02-08 10:23:43 +01:00
debug "Restarting mysql.service"
2019-02-13 05:48:39 +01:00
systemctl restart mysql.service 2> /dev/null > /dev/null
2019-02-08 10:23:43 +01:00
debug "Fixing redis rc script on Kali"
2019-02-13 05:48:39 +01:00
fixRedis 2> /dev/null > /dev/null
2019-02-08 10:23:43 +01:00
debug "git clone, submodule update everything"
mkdir $PATH_TO_MISP
chown www-data:www-data $PATH_TO_MISP
cd $PATH_TO_MISP
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
$SUDO_WWW git config core.filemode false
cd $PATH_TO_MISP
2019-02-13 05:48:39 +01:00
$SUDO_WWW git submodule update --init --recursive 2> /dev/null > /dev/null
2019-02-08 10:23:43 +01:00
# Make git ignore filesystem permission differences for submodules
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
cd $PATH_TO_MISP /app/files/scripts
2019-02-13 05:48:39 +01:00
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git 2> /dev/null > /dev/null
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git 2> /dev/null > /dev/null
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git 2> /dev/null > /dev/null
$SUDO_WWW git clone https://github.com/MAECProject/python-maec.git 2> /dev/null > /dev/null
2019-02-11 08:38:54 +01:00
2019-02-08 10:23:43 +01:00
mkdir /var/www/.cache/
2019-02-09 16:23:48 +01:00
MISP_USER_HOME = $( sudo -Hiu $MISP_USER env | grep HOME | cut -f 2 -d= )
2019-02-08 10:23:43 +01:00
mkdir $MISP_USER_HOME /.cache
2019-02-09 16:23:48 +01:00
chown $MISP_USER :$MISP_USER $MISP_USER_HOME /.cache
2019-02-08 10:23:43 +01:00
chown www-data:www-data /var/www/.cache
2019-02-09 16:23:48 +01:00
debug "Generating rc.local"
genRCLOCAL
2019-02-08 16:47:31 +01:00
debug "Setting up main MISP virtualenv"
2019-02-09 16:23:48 +01:00
# Needs virtualenv
2019-02-08 15:41:42 +01:00
sudo -u www-data virtualenv -p python3 ${ PATH_TO_MISP } /venv
2019-02-13 05:48:39 +01:00
debug "Installing MISP dashboard"
mispDashboard
2019-02-08 16:47:31 +01:00
debug "Installing python-cybox"
2019-02-08 10:23:43 +01:00
cd $PATH_TO_MISP /app/files/scripts/python-cybox
2019-02-13 05:48:39 +01:00
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install . 2> /dev/null > /dev/null
2019-02-11 08:15:59 +01:00
2019-02-08 10:23:43 +01:00
debug "Installing python-stix"
cd $PATH_TO_MISP /app/files/scripts/python-stix
2019-02-13 05:48:39 +01:00
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install . 2> /dev/null > /dev/null
2019-02-11 08:15:59 +01:00
debug "Install maec"
cd $PATH_TO_MISP /app/files/scripts/python-maec
2019-02-13 05:48:39 +01:00
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install . 2> /dev/null > /dev/null
2019-02-11 08:15:59 +01:00
# install STIX2.0 library to support STIX 2.0 export
2019-02-08 10:23:43 +01:00
debug "Installing cti-python-stix2"
cd ${ PATH_TO_MISP } /cti-python-stix2
2019-02-13 05:48:39 +01:00
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install -I . 2> /dev/null > /dev/null
2019-02-11 08:15:59 +01:00
2019-02-08 10:23:43 +01:00
debug "Installing mixbox"
cd $PATH_TO_MISP /app/files/scripts/mixbox
2019-02-13 05:48:39 +01:00
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install . 2> /dev/null > /dev/null
2019-02-11 08:15:59 +01:00
2019-02-08 10:23:43 +01:00
# install PyMISP
debug "Installing PyMISP"
cd $PATH_TO_MISP /PyMISP
2019-02-13 05:48:39 +01:00
sudo -H -u www-data ${ PATH_TO_MISP } /venv/bin/pip install . 2> /dev/null > /dev/null
2019-02-08 10:23:43 +01:00
2019-02-11 08:15:59 +01:00
# install pydeep
2019-02-13 05:48:39 +01:00
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install git+https://github.com/kbandla/pydeep.git 2> /dev/null > /dev/null
2019-02-11 08:15:59 +01:00
# install lief
2019-02-13 05:48:39 +01:00
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip 2> /dev/null > /dev/null
2019-02-11 08:15:59 +01:00
# install python-magic
2019-02-13 05:48:39 +01:00
$SUDO_WWW ${ PATH_TO_MISP } /venv/bin/pip install python-magic 2> /dev/null > /dev/null
2019-02-11 08:15:59 +01:00
2019-02-08 10:23:43 +01:00
# Install Crypt_GPG and Console_CommandLine
debug "Installing pear Console_CommandLine"
pear install ${ PATH_TO_MISP } /INSTALL/dependencies/Console_CommandLine/package.xml
debug "Installing pear Crypt_GPG"
pear install ${ PATH_TO_MISP } /INSTALL/dependencies/Crypt_GPG/package.xml
2019-02-11 08:15:59 +01:00
2019-02-08 10:23:43 +01:00
debug "Installing composer with php 7.3 updates"
composer73
$SUDO_WWW cp -fa $PATH_TO_MISP /INSTALL/setup/config.php $PATH_TO_MISP /app/Plugin/CakeResque/Config/config.php
chown -R www-data:www-data $PATH_TO_MISP
chmod -R 750 $PATH_TO_MISP
chmod -R g+ws $PATH_TO_MISP /app/tmp
chmod -R g+ws $PATH_TO_MISP /app/files
chmod -R g+ws $PATH_TO_MISP /app/files/scripts/tmp
debug "Setting up database"
2019-02-28 09:06:52 +01:00
if [ [ ! -e /var/lib/mysql/misp/users.ibd ] ] ; then
2019-02-08 10:23:43 +01:00
echo "
set timeout 10
spawn mysql_secure_installation
expect \" Enter current password for root ( enter for none) :\"
send -- \" \r \"
expect \" Set root password?\"
send -- \" y\r \"
expect \" New password:\"
send -- \" ${ DBPASSWORD_ADMIN } \r \"
expect \" Re-enter new password:\"
send -- \" ${ DBPASSWORD_ADMIN } \r \"
expect \" Remove anonymous users?\"
send -- \" y\r \"
expect \" Disallow root login remotely?\"
send -- \" y\r \"
expect \" Remove test database and access to it?\"
send -- \" y\r \"
expect \" Reload privilege tables now?\"
send -- \" y\r \"
expect eof" | expect -f -
2019-02-28 02:12:17 +01:00
mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e " CREATE DATABASE $DBNAME ; "
mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e " GRANT USAGE ON *.* TO $DBNAME @localhost IDENTIFIED BY ' $DBPASSWORD_MISP '; "
mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e " GRANT ALL PRIVILEGES ON $DBNAME .* TO ' $DBUSER_MISP '@'localhost'; "
mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "FLUSH PRIVILEGES;"
2019-02-08 10:23:43 +01:00
enableServices
$SUDO_WWW cat $PATH_TO_MISP /INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
echo " <?php
class DATABASE_CONFIG {
public \$ default = array(
'datasource' = > 'Database/Mysql' ,
//'datasource' = > 'Database/Postgres' ,
'persistent' = > false,
'host' = > '$DBHOST' ,
'login' = > '$DBUSER_MISP' ,
'port' = > 3306, // MySQL & MariaDB
//'port' = > 5432, // PostgreSQL
'password' = > '$DBPASSWORD_MISP' ,
'database' = > '$DBNAME' ,
'prefix' = > '' ,
'encoding' = > 'utf8' ,
) ;
2019-02-13 05:48:39 +01:00
} " | $SUDO_WWW tee $PATH_TO_MISP /app/Config/database.php 2> /dev/null > /dev/null
2019-02-08 10:23:43 +01:00
else
echo "There might be a database already existing here: /var/lib/mysql/misp/users.ibd"
echo "Skipping any creations…"
sleep 3
fi
debug "Generating Certificate"
openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
-subj " /C= ${ OPENSSL_C } /ST= ${ OPENSSL_ST } /L= ${ OPENSSL_L } /O= ${ OPENSSL_O } /OU= ${ OPENSSL_OU } /CN= ${ OPENSSL_CN } /emailAddress= ${ OPENSSL_EMAILADDRESS } " \
-keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt
debug "Generating Apache Conf"
genApacheConf
echo "127.0.0.1 misp.local" | tee -a /etc/hosts
debug "Disabling site default-ssl, enabling misp-ssl"
a2dissite default-ssl
a2ensite misp-ssl
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do
sed -i " s/^\( $key \).*/\1 = $( eval echo \$ { $key } ) / " $PHP_INI
done
debug "Restarting Apache2"
systemctl restart apache2
debug "Setting up logrotate"
cp $PATH_TO_MISP /INSTALL/misp.logrotate /etc/logrotate.d/misp
chmod 0640 /etc/logrotate.d/misp
$SUDO_WWW cp -a $PATH_TO_MISP /app/Config/bootstrap.default.php $PATH_TO_MISP /app/Config/bootstrap.php
$SUDO_WWW cp -a $PATH_TO_MISP /app/Config/core.default.php $PATH_TO_MISP /app/Config/core.php
$SUDO_WWW cp -a $PATH_TO_MISP /app/Config/config.default.php $PATH_TO_MISP /app/Config/config.php
chown -R www-data:www-data $PATH_TO_MISP /app/Config
chmod -R 750 $PATH_TO_MISP /app/Config
debug "Setting up GnuPG"
2019-02-13 05:48:39 +01:00
setupGnuPG 2> /dev/null > /dev/null
2019-02-08 10:23:43 +01:00
2019-02-27 05:47:40 +01:00
debug "Adding workers to systemd"
2019-02-08 10:23:43 +01:00
chmod +x $PATH_TO_MISP /app/Console/worker/start.sh
2019-02-27 05:47:40 +01:00
sudo cp $PATH_TO_MISP /INSTALL/misp-workers.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable --now misp-workers
2019-02-08 10:23:43 +01:00
debug "Running Core Cake commands"
2019-02-13 05:48:39 +01:00
coreCAKE 2> /dev/null > /dev/null
dashboardCAKE 2> /dev/null > /dev/null
2019-02-08 10:23:43 +01:00
debug "Update: Galaxies, Template Objects, Warning Lists, Notice Lists, Taxonomies"
2019-02-13 05:48:39 +01:00
updateGOWNT 2> /dev/null > /dev/null
2019-02-08 10:23:43 +01:00
gitPullAllRCLOCAL
2019-02-10 12:29:23 +01:00
checkUsrLocalSrc
2019-02-08 10:23:43 +01:00
debug "Installing misp-modules"
mispmodules
debug "Installing Viper"
viper
2019-02-12 13:15:38 +01:00
debug "Installing ssdeep"
ssdeep
2019-02-12 15:04:21 +01:00
phpenmod -v 7.3 ssdeep
2019-02-12 13:15:38 +01:00
2019-02-08 10:23:43 +01:00
debug "Setting permissions"
permissions
debug "Running Then End!"
theEnd
}
2019-02-12 13:15:38 +01:00
# End installMISPonKali ()
2019-02-08 10:23:43 +01:00
2019-02-11 17:04:16 +01:00
## End Function Section ##
colors
2019-02-08 10:23:43 +01:00
debug "Checking if we are run as the installer template"
2019-02-11 11:50:50 +01:00
if [ [ " $0 " = = "./INSTALL.debian.tpl.sh" || " $( echo $0 | grep -o -e 'INSTALL.debian.tpl.sh' ) " = = "INSTALL.debian.tpl.sh" ] ] ; then
2019-02-08 10:23:43 +01:00
generateInstaller
fi
2019-02-11 06:35:11 +01:00
space
debug "Setting MISP variables"
MISPvars
debug "Checking Linux distribution and flavour..."
checkFlavour
debug "Checking for parameters or Unattended Kali Install"
2019-02-10 14:01:56 +01:00
if [ [ $# = = 0 && $0 != "/tmp/misp-kali.sh" ] ] ; then
2019-02-08 10:23:43 +01:00
usage
2019-03-01 05:49:32 +01:00
exit
2019-02-08 10:23:43 +01:00
else
debug "Setting install options with given parameters."
2019-02-10 12:29:23 +01:00
# The setOpt/checkOpt function lives in generic/supportFunctions.md
2019-02-08 10:23:43 +01:00
setOpt $@
2019-02-10 12:29:23 +01:00
checkOpt core && echo " ${ LBLUE } MISP ${ NC } ${ GREEN } core ${ NC } selected "
checkOpt viper && echo " ${ GREEN } Viper ${ NC } selected "
checkOpt modules && echo " ${ LBLUE } MISP ${ NC } ${ GREEN } modules ${ NC } selected "
checkOpt dashboard && echo " ${ LBLUE } MISP ${ NC } ${ GREEN } dashboard ${ NC } selected "
checkOpt mail2 && echo " ${ GREEN } Mail 2 ${ NC } ${ LBLUE } MISP ${ NC } selected "
checkOpt all && echo " ${ GREEN } All options ${ NC } selected "
checkOpt pre && echo " ${ GREEN } Pre-flight checks ${ NC } selected "
checkOpt unattended && echo " ${ GREEN } unattended ${ NC } install selected "
2019-02-11 17:04:16 +01:00
checkOpt upgrade && echo " ${ GREEN } upgrade ${ NC } install selected "
checkOpt force && echo " ${ GREEN } force ${ NC } install selected "
# Check if at least core is selected if no other options that do not require core are set
if [ [ " $CORE " != "1" && " $ALL " != "1" && " $UPGRADE " != "1" && " $PRE " != "1" && " $0 " != "/tmp/misp-kali.sh" ] ] ; then
space
usage
echo "You need to at least select core, or -A to install everything."
echo " $0 -c # Is the minima for install options "
exit 1
fi
2019-02-08 10:23:43 +01:00
fi
2019-02-11 17:04:16 +01:00
# Add upgrade option to do upgrade pre flight
2019-02-11 07:49:30 +01:00
[ [ -n $PRE ] ] && preInstall
2019-02-11 17:04:16 +01:00
[ [ -n $UPGRADE ] ] && upgrade
2019-03-01 05:58:32 +01:00
[ [ -n $NUKE ] ] && nuke && exit
2019-02-28 09:06:52 +01:00
2019-02-11 06:35:11 +01:00
# If Ubuntu is detected, figure out which release it is and run the according scripts
2019-02-08 10:23:43 +01:00
if [ " ${ FLAVOUR } " = = "ubuntu" ] ; then
RELEASE = $( lsb_release -s -r| tr [ A-Z] [ a-z] )
if [ " ${ RELEASE } " = = "18.04" ] ; then
echo "Install on Ubuntu 18.04 LTS fully supported."
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
2019-02-28 04:03:52 +01:00
installSupported && exit || exit
2019-02-08 10:23:43 +01:00
fi
if [ " ${ RELEASE } " = = "18.10" ] ; then
2019-02-11 06:35:11 +01:00
echo "Install on Ubuntu 18.10 partially supported, bye."
2019-02-28 04:03:52 +01:00
installSupported && exit || exit
2019-02-08 10:23:43 +01:00
fi
if [ " ${ RELEASE } " = = "19.04" ] ; then
echo "Install on Ubuntu 19.04 not supported, bye"
exit 1
fi
if [ " ${ RELEASE } " = = "19.10" ] ; then
echo "Install on Ubuntu 19.10 not supported, bye"
exit 1
fi
echo "Installation done!"
2019-02-13 07:00:31 +01:00
exit
2019-02-08 10:23:43 +01:00
fi
2019-02-11 06:35:11 +01:00
# If Debian is detected, figure out which release it is and run the according scripts
2019-02-08 10:23:43 +01:00
if [ " ${ FLAVOUR } " = = "debian" ] ; then
CODE = $( lsb_release -s -c| tr [ A-Z] [ a-z] )
if [ " ${ CODE } " = = "buster" ] ; then
echo "Install on Debian testing fully supported."
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
2019-02-28 04:03:52 +01:00
installSupported PHP = 7.3 && exit || exit
2019-02-08 10:23:43 +01:00
fi
if [ " ${ CODE } " = = "sid" ] ; then
echo "Install on Debian unstable not fully supported."
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
2019-02-28 04:03:52 +01:00
installSupported PHP = 7.3 && exit || exit
2019-02-08 10:23:43 +01:00
fi
if [ " ${ CODE } " = = "stretch" ] ; then
echo "Install on Debian stable fully supported."
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
2019-02-28 04:03:52 +01:00
installSupported PHP = 7.0 && exit || exit
2019-02-08 10:23:43 +01:00
fi
echo "Installation done!"
exit 0
fi
2019-02-11 06:35:11 +01:00
# If Tsurugi is detected, figure out which release it is and run the according scripts
2019-02-08 10:23:43 +01:00
if [ " ${ FLAVOUR } " = = "tsurugi" ] ; then
CODE = $( lsb_release -s -c| tr [ A-Z] [ a-z] )
if [ " ${ CODE } " = = "bamboo" ] ; then
2019-02-11 06:35:11 +01:00
echo "Install on Tsurugi Lab partially supported."
2019-02-08 10:23:43 +01:00
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
fi
if [ " ${ CODE } " = = "soy sauce" ] ; then
2019-02-11 06:35:11 +01:00
echo "Install on Tsurugi Acquire partially supported."
2019-02-08 10:23:43 +01:00
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
fi
echo "Installation done!"
exit 0
fi
2019-02-11 06:35:11 +01:00
# If Kali Linux is detected, run the acccording scripts
2019-02-08 10:23:43 +01:00
if [ " ${ FLAVOUR } " = = "kali" ] ; then
2019-02-10 12:29:23 +01:00
KALI = 1
2019-02-08 10:23:43 +01:00
kaliOnRootR0ckz
installMISPonKali
echo "Installation done!"
2019-02-11 06:35:11 +01:00
exit
2019-02-08 10:23:43 +01:00
fi