diff --git a/INSTALL/INSTALL.kali.txt b/INSTALL/INSTALL.kali.txt
index 6095f954a..e6545bdd3 100644
--- a/INSTALL/INSTALL.kali.txt
+++ b/INSTALL/INSTALL.kali.txt
@@ -19,539 +19,541 @@ function kaliOnRootR0ckz() {
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
- elif [[ $(id misp; echo $?) -ne 0 ]]; then
+ elif [[ $(id misp >/dev/null; echo $?) -ne 0 ]]; then
useradd -s /bin/bash -m -G adm,cdrom,sudo,dip,plugdev,www-data misp
echo $MISP_PASSWORD | passwd $MISP_USER --stdin
- cd ~$MISP_USER
else
echo "User ${MISP_USER} exists, skipping creation"
- cd ~$MISP_USER
fi
}
+function installMISPonKali() {
+ # MISP configuration variables
+ PATH_TO_MISP='/var/www/MISP'
+ MISP_BASEURL=''
+ MISP_LIVE='1'
+ CAKE="$PATH_TO_MISP/app/Console/cake"
+
+ # Database configuration
+ DBHOST='localhost'
+ DBNAME='misp'
+ DBUSER_ADMIN='root'
+ DBPASSWORD_ADMIN="$(openssl rand -hex 32)"
+ DBUSER_MISP='misp'
+ DBPASSWORD_MISP="$(openssl rand -hex 32)"
+
+ # Webserver configuration
+ FQDN='localhost'
+
+ # OpenSSL configuration
+ OPENSSL_CN='localhost'
+ OPENSSL_C='LU'
+ OPENSSL_ST='State'
+ OPENSSL_L='Location'
+ OPENSSL_O='Organization'
+ OPENSSL_OU='Organizational Unit'
+ OPENSSL_EMAILADDRESS='info@localhost'
+
+ # GPG configuration
+ GPG_REAL_NAME='Autogenerated Key'
+ GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!'
+ GPG_EMAIL_ADDRESS='admin@admin.test'
+ GPG_KEY_LENGTH='2048'
+ GPG_PASSPHRASE='Password1234'
+
+ # php.ini configuration
+ upload_max_filesize=50M
+ post_max_size=50M
+ max_execution_time=300
+ memory_limit=512M
+ PHP_INI=/etc/php/7.2/apache2/php.ini
+
+ # apt config
+ export DEBIAN_FRONTEND=noninteractive
+
+ # sudo config to run $LUSER commands
+ SUDO="sudo -E -u ${MISP_USER}"
+
+ echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
+ echo "User (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"
+
+ sudo apt update
+ sudo apt install -qy etckeeper
+ # Skip dist-upgrade for now, pulls in 500+ updated packages
+ #sudo apt -y dist-upgrade
+ sudo -E apt install -qy postfix
+
+ sudo -E apt install -qy \
+ curl gcc git gnupg-agent make openssl redis-server neovim zip libyara-dev python3-yara python3-redis python3-zmq \
+ mariadb-client \
+ mariadb-server \
+ apache2 apache2-doc apache2-utils \
+ libapache2-mod-php7.2 php7.2 php7.2-cli php7.2-mbstring php-pear php7.2-dev php7.2-json php7.2-xml php7.2-mysql php7.2-opcache php7.2-readline \
+ python3-dev python3-pip libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor \
+ libxml2-dev libxslt1-dev zlib1g-dev python3-setuptools
+
+ sudo -E apt install -qy rng-tools # This might fail on TPM grounds, enable the security chip in your BIOS
+ sudo service rng-tools start
+
+ sudo systemctl restart mariadb.service
+
+ sudo expect -f - <<-EOF
+ set timeout 10
+ spawn mysql_secure_installation
+ expect "Enter current password for root (enter for none):"
+ send -- "\r"
+ expect "Set root password?"
+ send -- "y\r"
+ expect "New password:"
+ send -- "${DBPASSWORD_ADMIN}\r"
+ expect "Re-enter new password:"
+ send -- "${DBPASSWORD_ADMIN}\r"
+ expect "Remove anonymous users?"
+ send -- "y\r"
+ expect "Disallow root login remotely?"
+ send -- "y\r"
+ expect "Remove test database and access to it?"
+ send -- "y\r"
+ expect "Reload privilege tables now?"
+ send -- "y\r"
+ expect eof
+ EOF
+
+ sudo a2dismod status
+ sudo a2enmod ssl rewrite
+ sudo a2dissite 000-default
+ sudo a2ensite default-ssl
+
+ sudo pear channel-update pear.php.net
+ sudo pear install Crypt_GPG
+ sudo pecl channel-update pecl.php.net
+
+ yes '' |sudo pecl install redis
+
+ echo "extension=redis.so" | sudo tee /etc/php/7.2/mods-available/redis.ini
+
+ sudo phpenmod redis
+
+ sudo update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
+ sudo update-alternatives --install /usr/bin/python python /usr/bin/python3.6 2
+
+ sudo mkdir $PATH_TO_MISP
+ sudo chown www-data:www-data $PATH_TO_MISP
+ cd $PATH_TO_MISP
+ sudo -u www-data git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
+
+ sudo -u www-data git config core.filemode false
+
+ cd $PATH_TO_MISP/app/files/scripts
+ sudo -u www-data git clone https://github.com/CybOXProject/python-cybox.git
+ sudo -u www-data git clone https://github.com/STIXProject/python-stix.git
+ cd $PATH_TO_MISP/app/files/scripts/python-cybox
+ sudo pip3 install .
+ cd $PATH_TO_MISP/app/files/scripts/python-stix
+ sudo pip3 install .
+
+ cd $PATH_TO_MISP/app/files/scripts/
+ sudo -u www-data git clone https://github.com/CybOXProject/mixbox.git
+ cd $PATH_TO_MISP/app/files/scripts/mixbox
+ sudo pip3 install .
+
+ cd $PATH_TO_MISP
+ sudo -u www-data git submodule init
+ sudo -u www-data git submodule update
+ # Make git ignore filesystem permission differences for submodules
+ sudo -u www-data git submodule foreach git config core.filemode false
+
+ # install PyMISP
+ cd $PATH_TO_MISP/PyMISP
+ sudo pip3 install .
+
+ cd $PATH_TO_MISP/app
+ sudo mkdir /var/www/.composer ; sudo chown www-data:www-data /var/www/.composer
+ sudo -u www-data php composer.phar require kamisama/cake-resque:4.1.2
+ sudo -u www-data php composer.phar config vendor-dir Vendor
+ sudo -u www-data php composer.phar install
+
+ sudo -u www-data cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
+
+ sudo chown -R www-data:www-data $PATH_TO_MISP
+ sudo chmod -R 750 $PATH_TO_MISP
+ sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
+ sudo chmod -R g+ws $PATH_TO_MISP/app/files
+ sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
+
+ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
+ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
+ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant all privileges on $DBNAME.* to '$DBUSER_MISP'@'localhost';"
+ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
+
+ sudo -u www-data cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
+
+ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
+ -subj "/C=${OPENSSL_C}/ST=${OPENSSL_ST}/L=${OPENSSL_L}/O=${OPENSSL_O}/OU=${OPENSSL_OU}/CN=${OPENSSL_CN}/emailAddress=${OPENSSL_EMAILADDRESS}" \
+ -keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt
+
+ cd /var/www
+ sudo mkdir misp-dashboard
+ sudo chown www-data:www-data misp-dashboard
+ sudo -u www-data git clone https://github.com/MISP/misp-dashboard.git
+ cd misp-dashboard
+ sudo /var/www/misp-dashboard/install_dependencies.sh
+ sudo sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
+ sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
+ sudo -u www-data bash /var/www/misp-dashboard/start_all.sh
+
+ sudo apt install libapache2-mod-wsgi-py3 -y
+
+ echo "
+ ServerAdmin admin@localhost.lu
+ ServerName misp.local
+
+ Redirect permanent / https://localhost
+
+ LogLevel warn
+ ErrorLog /var/log/apache2/misp.local_error.log
+ CustomLog /var/log/apache2/misp.local_access.log combined
+ ServerSignature Off
+
+
+
+ ServerAdmin admin@localhost.lu
+ ServerName misp.local
+ DocumentRoot $PATH_TO_MISP/app/webroot
+
+
+ Options -Indexes
+ AllowOverride all
+ Require all granted
+ Order allow,deny
+ allow from all
+
+
+ SSLEngine On
+ SSLCertificateFile /etc/ssl/private/misp.local.crt
+ SSLCertificateKeyFile /etc/ssl/private/misp.local.key
+ # SSLCertificateChainFile /etc/ssl/private/misp-chain.crt
+
+ LogLevel warn
+ ErrorLog /var/log/apache2/misp.local_error.log
+ CustomLog /var/log/apache2/misp.local_access.log combined
+ ServerSignature Off
+ " | sudo tee /etc/apache2/sites-available/misp-ssl.conf
+ EOF
+
+ echo "127.0.0.1 misp.local" | sudo tee -a /etc/hosts
+
+ echo "
+ ServerAdmin admin@misp.local
+ ServerName misp.local
+
+ DocumentRoot /var/www/misp-dashboard
+
+ WSGIDaemonProcess misp-dashboard \
+ user=misp group=misp \
+ python-home=/var/www/misp-dashboard/DASHENV \
+ processes=1 \
+ threads=15 \
+ maximum-requests=5000 \
+ listen-backlog=100 \
+ queue-timeout=45 \
+ socket-timeout=60 \
+ connect-timeout=15 \
+ request-timeout=60 \
+ inactivity-timeout=0 \
+ deadlock-timeout=60 \
+ graceful-timeout=15 \
+ eviction-timeout=0 \
+ shutdown-timeout=5 \
+ send-buffer-size=0 \
+ receive-buffer-size=0 \
+ header-buffer-size=0 \
+ response-buffer-size=0 \
+ server-metrics=Off
+
+ WSGIScriptAlias / /var/www/misp-dashboard/misp-dashboard.wsgi
+
+
+ WSGIProcessGroup misp-dashboard
+ WSGIApplicationGroup %{GLOBAL}
+ Require all granted
+
+
+ LogLevel info
+ ErrorLog /var/log/apache2/misp-dashboard.local_error.log
+ CustomLog /var/log/apache2/misp-dashboard.local_access.log combined
+ ServerSignature Off
+ " | sudo tee /etc/apache2/sites-available/misp-dashboard.conf
+
+ sudo a2dissite default-ssl
+ sudo a2ensite misp-ssl
+ sudo a2ensite misp-dashboard
+
+ for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
+ do
+ sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
+ done
+
+ sudo systemctl restart apache2
+
+ sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
+
+ sudo -u www-data cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
+ sudo -u www-data cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
+ sudo -u www-data cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
+ sudo -u www-data cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
+
+ echo " 'Database/Mysql',
+ //'datasource' => 'Database/Postgres',
+ 'persistent' => false,
+ 'host' => '$DBHOST',
+ 'login' => '$DBUSER_MISP',
+ 'port' => 3306, // MySQL & MariaDB
+ //'port' => 5432, // PostgreSQL
+ 'password' => '$DBPASSWORD_MISP',
+ 'database' => '$DBNAME',
+ 'prefix' => '',
+ 'encoding' => 'utf8',
+ );
+ }" | sudo -u www-data tee $PATH_TO_MISP/app/Config/database.php
+
+ sudo chown -R www-data:www-data $PATH_TO_MISP/app/Config
+ sudo chmod -R 750 $PATH_TO_MISP/app/Config
+ sudo $CAKE Live $MISP_LIVE
+ sudo $CAKE Baseurl $MISP_BASEURL
+
+ cat >/tmp/gen-key-script < /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
+ sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
+ sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
+ sudo sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh\n' /etc/rc.local
+ sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
+ sudo -u www-data bash $PATH_TO_MISP/app/Console/worker/start.sh
+ cd /usr/local/src/
+ sudo git clone https://github.com/MISP/misp-modules.git
+ cd misp-modules
+ # pip3 install
+ sudo pip3 install -I -r REQUIREMENTS
+ sudo pip3 install -I .
+ sudo pip3 install maec lief python-magic wand yara
+ sudo pip3 install git+https://github.com/kbandla/pydeep.git
+ sudo pip3 install stix2
+ sudo gem install pygments.rb
+ sudo gem install asciidoctor-pdf --pre
+ sudo -u www-data misp-modules -l 0.0.0.0 -s &
+ cd /usr/local/src/
+ sudo apt-get install -y libssl-dev swig python3-ssdeep p7zip-full unrar-free sqlite python3-pyclamd exiftool radare2
+ sudo pip3 install SQLAlchemy PrettyTable python-magic
+ sudo git clone https://github.com/viper-framework/viper.git
+ cd viper
+ sudo git submodule init
+ sudo git submodule update
+ sudo pip3 install -r requirements.txt
+ sudo pip3 uninstall yara -y
+ /usr/local/src/viper/viper-cli -h
+ /usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 &
+ echo 'PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper:/var/www/MISP/app/Console"' |sudo tee /etc/environment
+ sed -i "s/^misp_url\ =/misp_url\ =\ http:\/\/localhost/g" ~/.viper/viper.conf
+ sed -i "s/^misp_key\ =/misp_key\ =\ $AUTH_KEY/g" ~/.viper/viper.conf
+
+ while [ "$(sqlite3 ~/.viper/admin.db 'UPDATE auth_user SET password="pbkdf2_sha256$100000$iXgEJh8hz7Cf$vfdDAwLX8tko1t0M1TLTtGlxERkNnltUnMhbv56wK/U="'; echo $?)" -ne "0" ]; do
+ echo "Updating viper-web admin password, giving process time to start-up, sleeping 5, 4, 3,…"
+ sleep 6
+ done
+
+ sudo chown -R www-data:www-data $PATH_TO_MISP
+ sudo chmod -R 750 $PATH_TO_MISP
+ sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
+ sudo chmod -R g+ws $PATH_TO_MISP/app/files
+ sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
+
+ # TODO: fix faup
+ cd /usr/local/src/
+ sudo apt-get install -y cmake
+ sudo git clone https://github.com/MISP/mail_to_misp.git
+ sudo git clone git://github.com/stricaud/faup.git faup
+ sudo chown -R ${MISP_USER}:${MISP_USER} faup mail_to_misp
+ cd faup
+ git checkout 96f2a9a51428869cac2473422b70ace890d5d95d
+ mkdir -p build
+ cd build
+ cmake .. && make
+ sudo make install
+ sudo ldconfig
+ cd ../../
+ cd mail_to_misp
+ sudo pip3 install -r requirements.txt
+ cp mail_to_misp_config.py-example mail_to_misp_config.py
+ sed -i "s/^misp_url\ =\ 'YOUR_MISP_URL'/misp_url\ =\ 'http:\/\/localhost'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
+ sed -i "s/^misp_key\ =\ 'YOUR_KEY_HERE'/misp_key\ =\ '$AUTH_KEY'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
+ echo ""
+ echo "Admin (root) DB Password: $DBPASSWORD_ADMIN" > ~/mysql.txt
+ echo "User (misp) DB Password: $DBPASSWORD_MISP" >> ~/mysql.txt
+ echo "Authkey: $AUTH_KEY" > ~/MISP-authkey.txt
+ echo "-------------------------------------------------------------------------"
+ cat ~/mysql.txt
+ cat ~/MISP-authkey.txt
+
+ echo "-------------------------------------------------------------------------"
+ echo "MISP Installed, access here: https://127.0.0.1"
+ echo "MISP Dashboard, access here: http://127.0.0.1:8001"
+ echo "User: admin@admin.test"
+ echo "Password: admin"
+ echo "-------------------------------------------------------------------------"
+ echo "The LOCAL user created is called ${MISP_USER} and has password: ${MISP_PASSWORD}"
+ echo "-------------------------------------------------------------------------"
+ echo "Viper installed, access here: http://127.0.0.1:8888"
+ ewcho "viper-cli configured with your MISP Site Admin Auth Key"
+ echo "User: admin"
+ echo "Password: Password1234"
+ echo "-------------------------------------------------------------------------"
+ echo "To enable outgoing mails via postfix set a permissive SMTP server for the domains you want to contact:"
+ echo "sudo postconf -e 'relayhost = example.com'"
+ echo "sudo postfix reload"
+ echo "-------------------------------------------------------------------------"
+ echo "Enjoy using MISP. For any issues see here: https://github.com/MISP/MISP/issues"
+}
+
kaliOnRootR0ckz
+installMISPonKali
-# MISP configuration variables
-PATH_TO_MISP='/var/www/MISP'
-MISP_BASEURL=''
-MISP_LIVE='1'
-CAKE="$PATH_TO_MISP/app/Console/cake"
-
-# Database configuration
-DBHOST='localhost'
-DBNAME='misp'
-DBUSER_ADMIN='root'
-DBPASSWORD_ADMIN="$(openssl rand -hex 32)"
-DBUSER_MISP='misp'
-DBPASSWORD_MISP="$(openssl rand -hex 32)"
-
-# Webserver configuration
-FQDN='localhost'
-
-# OpenSSL configuration
-OPENSSL_CN='localhost'
-OPENSSL_C='LU'
-OPENSSL_ST='State'
-OPENSSL_L='Location'
-OPENSSL_O='Organization'
-OPENSSL_OU='Organizational Unit'
-OPENSSL_EMAILADDRESS='info@localhost'
-
-# GPG configuration
-GPG_REAL_NAME='Autogenerated Key'
-GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!'
-GPG_EMAIL_ADDRESS='admin@admin.test'
-GPG_KEY_LENGTH='2048'
-GPG_PASSPHRASE='Password1234'
-
-# php.ini configuration
-upload_max_filesize=50M
-post_max_size=50M
-max_execution_time=300
-memory_limit=512M
-PHP_INI=/etc/php/7.2/apache2/php.ini
-
-# apt config
-export DEBIAN_FRONTEND=noninteractive
-
-# sudo config to run $LUSER commands
-SUDO="sudo -E -u ${MISP_USER}"
-
-echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
-echo "User (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"
-
-sudo apt update
-sudo apt install -qy etckeeper
-# Skip dist-upgrade for now, pulls in 500+ updated packages
-#sudo apt -y dist-upgrade
-sudo -E apt install -qy postfix
-
-sudo -E apt install -qy \
-curl gcc git gnupg-agent make openssl redis-server neovim zip libyara-dev python3-yara python3-redis python3-zmq \
-mariadb-client \
-mariadb-server \
-apache2 apache2-doc apache2-utils \
-libapache2-mod-php7.2 php7.2 php7.2-cli php7.2-mbstring php-pear php7.2-dev php7.2-json php7.2-xml php7.2-mysql php7.2-opcache php7.2-readline \
-python3-dev python3-pip libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor \
-libxml2-dev libxslt1-dev zlib1g-dev python3-setuptools
-
-sudo -E apt install -qy rng-tools # This might fail on TPM grounds, enable the security chip in your BIOS
-sudo service rng-tools start
-
-sudo systemctl restart mariadb.service
-
-sudo expect -f - <<-EOF
- set timeout 10
- spawn mysql_secure_installation
- expect "Enter current password for root (enter for none):"
- send -- "\r"
- expect "Set root password?"
- send -- "y\r"
- expect "New password:"
- send -- "${DBPASSWORD_ADMIN}\r"
- expect "Re-enter new password:"
- send -- "${DBPASSWORD_ADMIN}\r"
- expect "Remove anonymous users?"
- send -- "y\r"
- expect "Disallow root login remotely?"
- send -- "y\r"
- expect "Remove test database and access to it?"
- send -- "y\r"
- expect "Reload privilege tables now?"
- send -- "y\r"
- expect eof
-EOF
-
-sudo a2dismod status
-sudo a2enmod ssl rewrite
-sudo a2dissite 000-default
-sudo a2ensite default-ssl
-
-sudo pear channel-update pear.php.net
-sudo pear install Crypt_GPG
-sudo pecl channel-update pecl.php.net
-
-yes '' |sudo pecl install redis
-
-echo "extension=redis.so" | sudo tee /etc/php/7.2/mods-available/redis.ini
-
-sudo phpenmod redis
-
-sudo update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
-sudo update-alternatives --install /usr/bin/python python /usr/bin/python3.6 2
-
-sudo mkdir $PATH_TO_MISP
-sudo chown www-data:www-data $PATH_TO_MISP
-cd $PATH_TO_MISP
-sudo -u www-data git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
-
-sudo -u www-data git config core.filemode false
-
-cd $PATH_TO_MISP/app/files/scripts
-sudo -u www-data git clone https://github.com/CybOXProject/python-cybox.git
-sudo -u www-data git clone https://github.com/STIXProject/python-stix.git
-cd $PATH_TO_MISP/app/files/scripts/python-cybox
-sudo pip3 install .
-cd $PATH_TO_MISP/app/files/scripts/python-stix
-sudo pip3 install .
-
-cd $PATH_TO_MISP/app/files/scripts/
-sudo -u www-data git clone https://github.com/CybOXProject/mixbox.git
-cd $PATH_TO_MISP/app/files/scripts/mixbox
-sudo pip3 install .
-
-cd $PATH_TO_MISP
-sudo -u www-data git submodule init
-sudo -u www-data git submodule update
-# Make git ignore filesystem permission differences for submodules
-sudo -u www-data git submodule foreach git config core.filemode false
-
-# install PyMISP
-cd $PATH_TO_MISP/PyMISP
-sudo pip3 install .
-
-cd $PATH_TO_MISP/app
-sudo mkdir /var/www/.composer ; sudo chown www-data:www-data /var/www/.composer
-sudo -u www-data php composer.phar require kamisama/cake-resque:4.1.2
-sudo -u www-data php composer.phar config vendor-dir Vendor
-sudo -u www-data php composer.phar install
-
-sudo -u www-data cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
-
-sudo chown -R www-data:www-data $PATH_TO_MISP
-sudo chmod -R 750 $PATH_TO_MISP
-sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
-sudo chmod -R g+ws $PATH_TO_MISP/app/files
-sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
-
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant all privileges on $DBNAME.* to '$DBUSER_MISP'@'localhost';"
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
-
-sudo -u www-data cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
-
-sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
--subj "/C=${OPENSSL_C}/ST=${OPENSSL_ST}/L=${OPENSSL_L}/O=${OPENSSL_O}/OU=${OPENSSL_OU}/CN=${OPENSSL_CN}/emailAddress=${OPENSSL_EMAILADDRESS}" \
--keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt
-
-cd /var/www
-sudo mkdir misp-dashboard
-sudo chown www-data:www-data misp-dashboard
-sudo -u www-data git clone https://github.com/MISP/misp-dashboard.git
-cd misp-dashboard
-sudo /var/www/misp-dashboard/install_dependencies.sh
-sudo sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
-sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
-sudo -u www-data bash /var/www/misp-dashboard/start_all.sh
-
-sudo apt install libapache2-mod-wsgi-py3 -y
-
-echo "
- ServerAdmin admin@localhost.lu
- ServerName misp.local
-
- Redirect permanent / https://localhost
-
- LogLevel warn
- ErrorLog /var/log/apache2/misp.local_error.log
- CustomLog /var/log/apache2/misp.local_access.log combined
- ServerSignature Off
-
-
-
- ServerAdmin admin@localhost.lu
- ServerName misp.local
- DocumentRoot $PATH_TO_MISP/app/webroot
-
-
- Options -Indexes
- AllowOverride all
- Require all granted
- Order allow,deny
- allow from all
-
-
- SSLEngine On
- SSLCertificateFile /etc/ssl/private/misp.local.crt
- SSLCertificateKeyFile /etc/ssl/private/misp.local.key
-# SSLCertificateChainFile /etc/ssl/private/misp-chain.crt
-
- LogLevel warn
- ErrorLog /var/log/apache2/misp.local_error.log
- CustomLog /var/log/apache2/misp.local_access.log combined
- ServerSignature Off
-" | sudo tee /etc/apache2/sites-available/misp-ssl.conf
-EOF
-
-echo "127.0.0.1 misp.local" | sudo tee -a /etc/hosts
-
-echo "
- ServerAdmin admin@misp.local
- ServerName misp.local
-
- DocumentRoot /var/www/misp-dashboard
-
- WSGIDaemonProcess misp-dashboard \
- user=misp group=misp \
- python-home=/var/www/misp-dashboard/DASHENV \
- processes=1 \
- threads=15 \
- maximum-requests=5000 \
- listen-backlog=100 \
- queue-timeout=45 \
- socket-timeout=60 \
- connect-timeout=15 \
- request-timeout=60 \
- inactivity-timeout=0 \
- deadlock-timeout=60 \
- graceful-timeout=15 \
- eviction-timeout=0 \
- shutdown-timeout=5 \
- send-buffer-size=0 \
- receive-buffer-size=0 \
- header-buffer-size=0 \
- response-buffer-size=0 \
- server-metrics=Off
-
- WSGIScriptAlias / /var/www/misp-dashboard/misp-dashboard.wsgi
-
-
- WSGIProcessGroup misp-dashboard
- WSGIApplicationGroup %{GLOBAL}
- Require all granted
-
-
- LogLevel info
- ErrorLog /var/log/apache2/misp-dashboard.local_error.log
- CustomLog /var/log/apache2/misp-dashboard.local_access.log combined
- ServerSignature Off
-" | sudo tee /etc/apache2/sites-available/misp-dashboard.conf
-
-sudo a2dissite default-ssl
-sudo a2ensite misp-ssl
-sudo a2ensite misp-dashboard
-
-for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
-do
- sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
-done
-
-sudo systemctl restart apache2
-
-sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
-
-sudo -u www-data cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
-sudo -u www-data cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
-sudo -u www-data cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
-sudo -u www-data cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
-
-echo " 'Database/Mysql',
- //'datasource' => 'Database/Postgres',
- 'persistent' => false,
- 'host' => '$DBHOST',
- 'login' => '$DBUSER_MISP',
- 'port' => 3306, // MySQL & MariaDB
- //'port' => 5432, // PostgreSQL
- 'password' => '$DBPASSWORD_MISP',
- 'database' => '$DBNAME',
- 'prefix' => '',
- 'encoding' => 'utf8',
- );
-}" | sudo -u www-data tee $PATH_TO_MISP/app/Config/database.php
-
-sudo chown -R www-data:www-data $PATH_TO_MISP/app/Config
-sudo chmod -R 750 $PATH_TO_MISP/app/Config
-sudo $CAKE Live $MISP_LIVE
-sudo $CAKE Baseurl $MISP_BASEURL
-
-cat >/tmp/gen-key-script < /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
-sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
-sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
-sudo sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh\n' /etc/rc.local
-sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
-sudo -u www-data bash $PATH_TO_MISP/app/Console/worker/start.sh
-cd /usr/local/src/
-sudo git clone https://github.com/MISP/misp-modules.git
-cd misp-modules
-# pip3 install
-sudo pip3 install -I -r REQUIREMENTS
-sudo pip3 install -I .
-sudo pip3 install maec lief python-magic wand yara
-sudo pip3 install git+https://github.com/kbandla/pydeep.git
-sudo pip3 install stix2
-sudo gem install pygments.rb
-sudo gem install asciidoctor-pdf --pre
-sudo -u www-data misp-modules -l 0.0.0.0 -s &
-cd /usr/local/src/
-sudo apt-get install -y libssl-dev swig python3-ssdeep p7zip-full unrar-free sqlite python3-pyclamd exiftool radare2
-sudo pip3 install SQLAlchemy PrettyTable python-magic
-sudo git clone https://github.com/viper-framework/viper.git
-cd viper
-sudo git submodule init
-sudo git submodule update
-sudo pip3 install -r requirements.txt
-sudo pip3 uninstall yara -y
-/usr/local/src/viper/viper-cli -h
-/usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 &
-echo 'PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper:/var/www/MISP/app/Console"' |sudo tee /etc/environment
-sed -i "s/^misp_url\ =/misp_url\ =\ http:\/\/localhost/g" ~/.viper/viper.conf
-sed -i "s/^misp_key\ =/misp_key\ =\ $AUTH_KEY/g" ~/.viper/viper.conf
-
-while [ "$(sqlite3 ~/.viper/admin.db 'UPDATE auth_user SET password="pbkdf2_sha256$100000$iXgEJh8hz7Cf$vfdDAwLX8tko1t0M1TLTtGlxERkNnltUnMhbv56wK/U="'; echo $?)" -ne "0" ]; do
- echo "Updating viper-web admin password, giving process time to start-up, sleeping 5, 4, 3,…"
- sleep 6
-done
-
-sudo chown -R www-data:www-data $PATH_TO_MISP
-sudo chmod -R 750 $PATH_TO_MISP
-sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
-sudo chmod -R g+ws $PATH_TO_MISP/app/files
-sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
-
-# TODO: fix faup
-cd /usr/local/src/
-sudo apt-get install -y cmake
-sudo git clone https://github.com/MISP/mail_to_misp.git
-sudo git clone git://github.com/stricaud/faup.git faup
-sudo chown -R ${MISP_USER}:${MISP_USER} faup mail_to_misp
-cd faup
-git checkout 96f2a9a51428869cac2473422b70ace890d5d95d
-mkdir -p build
-cd build
-cmake .. && make
-sudo make install
-sudo ldconfig
-cd ../../
-cd mail_to_misp
-sudo pip3 install -r requirements.txt
-cp mail_to_misp_config.py-example mail_to_misp_config.py
-sed -i "s/^misp_url\ =\ 'YOUR_MISP_URL'/misp_url\ =\ 'http:\/\/localhost'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
-sed -i "s/^misp_key\ =\ 'YOUR_KEY_HERE'/misp_key\ =\ '$AUTH_KEY'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
-echo ""
-echo "Admin (root) DB Password: $DBPASSWORD_ADMIN" > ~/mysql.txt
-echo "User (misp) DB Password: $DBPASSWORD_MISP" >> ~/mysql.txt
-echo "Authkey: $AUTH_KEY" > ~/MISP-authkey.txt
-echo "-------------------------------------------------------------------------"
-cat ~/mysql.txt
-cat ~/MISP-authkey.txt
-
-echo "-------------------------------------------------------------------------"
-echo "MISP Installed, access here: https://127.0.0.1"
-echo "MISP Dashboard, access here: http://127.0.0.1:8001"
-echo "User: admin@admin.test"
-echo "Password: admin"
-echo "-------------------------------------------------------------------------"
-echo "The LOCAL user created is called ${MISP_USER} and has password: ${MISP_PASSWORD}"
-echo "-------------------------------------------------------------------------"
-echo "Viper installed, access here: http://127.0.0.1:8888"
-ewcho "viper-cli configured with your MISP Site Admin Auth Key"
-echo "User: admin"
-echo "Password: Password1234"
-echo "-------------------------------------------------------------------------"
-echo "To enable outgoing mails via postfix set a permissive SMTP server for the domains you want to contact:"
-echo "sudo postconf -e 'relayhost = example.com'"
-echo "sudo postfix reload"
-echo "-------------------------------------------------------------------------"
-echo "Enjoy using MISP. For any issues see here: https://github.com/MISP/MISP/issues"