mirror of https://github.com/MISP/MISP
Added misp-wipe.sh
parent
d9cd550da0
commit
46da419dc3
|
@ -0,0 +1 @@
|
|||
MISPPath=/var/www/MISP
|
|
@ -0,0 +1,93 @@
|
|||
#@IgnoreInspection BashAddShebang
|
||||
#/!bin/sh
|
||||
##
|
||||
## script to wipe MISP on debian/ubuntu
|
||||
##
|
||||
## Adapted from misp-backup by daverstephens@gmail.com
|
||||
## https://github.com/daverstephens/The-SOC-Shop
|
||||
## and @alexanderjaeger
|
||||
## https://github.com/deralexxx/misp-backup
|
||||
|
||||
##
|
||||
## This script can be used to reset a MISP instance
|
||||
## by clearing all events, orgs and users.
|
||||
## It is highy recommended ## to run misp-backup.sh first!
|
||||
##
|
||||
## Tested against MISP 2.4.55
|
||||
##
|
||||
## Run the script as the standard user with the command below
|
||||
##
|
||||
## cp misp-wipe.conf.sample misp-wipe.conf
|
||||
## vi misp-wipe.conf # adjust values
|
||||
## sudo sh -x misp-wipe.sh 2>&1 | tee misp-wipe.log
|
||||
##
|
||||
## Time to set some variables
|
||||
##
|
||||
|
||||
|
||||
FILE=./misp-wipe.conf
|
||||
SQL=./misp-wipe.sql
|
||||
|
||||
# Source configuration file
|
||||
if [ -f $FILE ];
|
||||
then
|
||||
echo "File $FILE exists."
|
||||
. $FILE
|
||||
else
|
||||
echo "Config File $FILE does not exist. Please enter values manually"
|
||||
## MySQL stuff
|
||||
echo 'Please enter your MySQL root account username'
|
||||
read MySQLRUser
|
||||
echo 'Please enter your MySQL root account password'
|
||||
read MySQLRPass
|
||||
echo 'What would you like to call the backup archive?'
|
||||
echo 'Eg. MISPBackup'
|
||||
read OutputFileName
|
||||
echo 'Where would you like to save the file?'
|
||||
echo 'Eg. /tmp'
|
||||
read OutputDirName
|
||||
fi
|
||||
|
||||
|
||||
# Fill in any missing values with defaults
|
||||
|
||||
# MISP path
|
||||
MISPPath=${MISPPath:-$(locate MISP/app/webroot/index.php|sed 's/\/app\/webroot\/index\.php//')}
|
||||
# Output
|
||||
OutputFileName=${OutputFileName:-MISP-Backup}
|
||||
OutputDirName=${OutputDirName:-/tmp}
|
||||
# database.php
|
||||
MySQLUUser=$(grep -o -P "(?<='login' => ').*(?=')" $MISPPath/app/Config/database.php)
|
||||
MySQLUPass=$(grep -o -P "(?<='password' => ').*(?=')" $MISPPath/app/Config/database.php)
|
||||
MISPDB=$(grep -o -P "(?<='database' => ').*(?=')" $MISPPath/app/Config/database.php)
|
||||
DB_Port=$(grep -o -P "(?<='port' => ).*(?=,)" $MISPPath/app/Config/database.php)
|
||||
MISPDBHost=$(grep -o -P "(?<='host' => ').*(?=')" $MISPPath/app/Config/database.php)
|
||||
# config.php
|
||||
Salt=$(grep -o -P "(?<='salt' => ').*(?=')" $MISPPath/app/Config/config.php)
|
||||
BaseURL=$(grep -o -P "(?<='baseurl' => ').*(?=')" $MISPPath/app/Config/config.php)
|
||||
OrgName=$(grep -o -P "(?<='org' => ').*(?=')" $MISPPath/app/Config/config.php)
|
||||
LogEmail=$(grep -o -P "(?<='email' => ').*(?=')" $MISPPath/app/Config/config.php|head -1)
|
||||
AdminEmail=$(grep -o -P "(?<='contact' => ').*(?=')" $MISPPath/app/Config/config.php)
|
||||
GnuPGEmail=$(sed -n -e '/GnuPG/,$p' $MISPPath/app/Config/config.php|grep -o -P "(?<='email' => ').*(?=')")
|
||||
GnuPGHomeDir=$(grep -o -P "(?<='homedir' => ').*(?=')" $MISPPath/app/Config/config.php)
|
||||
GnuPGPass=$(grep -o -P "(?<='password' => ').*(?=')" $MISPPath/app/Config/config.php)
|
||||
|
||||
echo "Wiping MySQL tables"
|
||||
MySQLRUser=${MySQLRUser:-$MySQLUUser}
|
||||
MySQLRPass=${MySQLRPass:-$MySQLUPass}
|
||||
mysql -u $MySQLRUser -p$MySQLRPass $MISPDB < $SQL
|
||||
|
||||
echo "Inserting default values to MySQL tables"
|
||||
TMP=/tmp/misp-wipe-$$.sql
|
||||
cd $MISPPath
|
||||
sed -n '/Default values for initial installation/ { s///; :a; n; p; ba; }' INSTALL/MYSQL.sql | egrep -v '(admin_settings|db_version)' > $TMP
|
||||
mysql -u $MySQLRUser -p$MySQLRPass $MISPDB < $TMP
|
||||
rm -f $TMP
|
||||
|
||||
echo "Wiping files"
|
||||
git clean -f -x app/webroot/img/orgs
|
||||
#git clean -f -x app/webroot/img/custom
|
||||
git clean -f -x app/tmp/logs/
|
||||
git clean -f -d -x app/files
|
||||
|
||||
echo 'MISP Wipe Complete!!!'
|
|
@ -0,0 +1,35 @@
|
|||
-- Clear tables that should be empty
|
||||
TRUNCATE `attributes`;
|
||||
TRUNCATE `correlations`;
|
||||
TRUNCATE `events`;
|
||||
TRUNCATE `event_delegations`;
|
||||
TRUNCATE `event_tags`;
|
||||
TRUNCATE `favourite_tags`;
|
||||
TRUNCATE `jobs`;
|
||||
TRUNCATE `logs`;
|
||||
TRUNCATE `posts`;
|
||||
TRUNCATE `servers`;
|
||||
TRUNCATE `shadow_attributes`;
|
||||
TRUNCATE `shadow_attribute_correlations`;
|
||||
TRUNCATE `sharing_groups`;
|
||||
TRUNCATE `sharing_group_orgs`;
|
||||
TRUNCATE `sharing_group_servers`;
|
||||
TRUNCATE `sightings`;
|
||||
TRUNCATE `threads`;
|
||||
|
||||
-- Clear tables that have defaults
|
||||
TRUNCATE `feeds`;
|
||||
TRUNCATE `regexp`;
|
||||
TRUNCATE `roles`;
|
||||
TRUNCATE `threat_levels`;
|
||||
TRUNCATE `templates`;
|
||||
TRUNCATE `template_elements`;
|
||||
TRUNCATE `template_element_attributes`;
|
||||
TRUNCATE `template_element_files`;
|
||||
TRUNCATE `template_element_texts`;
|
||||
|
||||
-- Remove entries from tables and reset index
|
||||
DELETE FROM `users` WHERE id > 2;
|
||||
ALTER TABLE `users` AUTO_INCREMENT = 3;
|
||||
DELETE FROM `organisations` WHERE id > 2;
|
||||
ALTER TABLE `organisations` AUTO_INCREMENT = 3;
|
Loading…
Reference in New Issue