#!/usr/bin/env bash
############################################################
###### #
##### Please AutoGenerated... ##
#### Do NOT was ###
### Manually It ####
## Change this Script... #####
# ######
############################################################
############################################################
#INSTALLATION INSTRUCTIONS #
##########################################################
#------------------------- for Debian Flavored Linux Distributions
#
#-------------------------------------------------------|
# 0/ Quick MISP Instance on Debian Based Linux - Status |
#-------------------------------------------------------|
#
# 20190302: Ubuntu 18.04.2 tested and working. -- sCl
# 20190208: Kali Linux tested and working. -- sCl
#
#
#-------------------------------------------------------------------------------------------------|
# 1/ For other Debian based Linux distributions, download script and run as **unprivileged** user |
#-------------------------------------------------------------------------------------------------|
#
# The following installs only MISP-core:
# $ curl -fsSL https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh | bash -s -- -c
#
# This will install MISP Core and misp-modules (recommended)
# $ curl -fsSL https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh | bash -s -- -c -M
#
#
#-------------------------------------------------------|
# 2/ For Kali, download and run Installer Script |
#-------------------------------------------------------|
#
# To install MISP on Kali copy paste the following to your r00t shell:
# # wget -O /tmp/misp-kali.sh https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh && bash /tmp/misp-kali.sh
# /!\ Please read the installer script before randomly doing the above.
# The script is tested on a plain vanilla Kali Linux Boot CD and installs quite a few dependencies.
#
#
#----------------------------------------------------------|
# 3/ The following script has been partially autogenerated |
#----------------------------------------------------------|
#
# To generate this script yourself, the following steps need to be taken.
# $ git clone https://github.com/SteveClement/xsnippet.git
# Make sure xsnippet resides somewhere in your $PATH - It is a shell script so a simple, copy to somewhere sane is enough.
# $ git clone https://github.com/MISP/MISP.git
# $ cd MISP/INSTALL ; ./INSTALL.tpl.sh
#
##
###
####----------------\
## Developer Note |
####--------------------------------------------------------------------------------------------------|
## In theory the order does not matter as everything is a self-contained function. |
# That said, ideally leave the order as is and do NOT change the lines as they are place-holders. |
# Script files that do NOT have a #_name.sh are scripts that have NO functions. This is by design. |
#-----------------------------------------------------------------------------------------------------|
#
# ToC #
#
#### BEGIN AUTOMATED SECTION ####
#
# $ eval "$(curl -fsSL https://raw.githubusercontent.com/MISP/MISP/2.4/docs/generic/globalVariables.md | grep -v \`\`\`)"
# $ MISPvars
MISPvars () {
debug "Setting generic ${LBLUE}MISP${NC} variables shared by all flavours" 2> /dev/null
# Local non-root MISP user
MISP_USER='misp'
MISP_PASSWORD='Password1234'
# The web server user
WWW_USER="www-data"
# MISP configuration variables
PATH_TO_MISP='/var/www/MISP'
if [ -z "$FQDN" ]; then
FQDN="misp.local"
fi
if [ -z "$MISP_BASEURL" ]; then
MISP_BASEURL='""'
fi
MISP_LIVE='1'
# Database configuration
DBHOST='localhost'
DBNAME='misp'
DBUSER_ADMIN='root'
DBPASSWORD_ADMIN="$(openssl rand -hex 32)"
DBUSER_MISP='misp'
DBPASSWORD_MISP="$(openssl rand -hex 32)"
# OpenSSL configuration
OPENSSL_CN=$FQDN
OPENSSL_C='LU'
OPENSSL_ST='State'
OPENSSL_L='Location'
OPENSSL_O='Organization'
OPENSSL_OU='Organizational Unit'
OPENSSL_EMAILADDRESS="info@$FQDN"
# GPG configuration
GPG_REAL_NAME='Autogenerated Key'
GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!'
GPG_EMAIL_ADDRESS='admin@admin.test'
GPG_KEY_LENGTH='2048'
GPG_PASSPHRASE='Password1234'
# debug alias to make sure people are not confused when blindly copy pasting blobs of code
alias debug="echo -e"
# checkAptLock alias to make sure people are not confused when blindly copy pasting blobs of code
alias checkAptLock="echo 'Function used in Installer to make sure apt is not locked'"
# php.ini configuration
upload_max_filesize=50M
post_max_size=50M
max_execution_time=300
memory_limit=512M
CAKE="$PATH_TO_MISP/app/Console/cake"
# sudo config to run $LUSER commands
if [[ "$(groups |grep -o 'staff')" == "staff" ]]; then
SUDO_USER="sudo -H -u ${MISP_USER} -g staff"
else
SUDO_USER="sudo -H -u ${MISP_USER}"
fi
SUDO_WWW="sudo -H -u ${WWW_USER} "
echo "The following DB Passwords were generated..."
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
echo "User (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"
}
# Leave empty for NO debug messages, if run with set -x or bash -x it will enable DEBUG by default
DEBUG=
case "$-" in
*x*) NO_PROGRESS=1; DEBUG=1 ;;
*) NO_PROGRESS=0 ;;
esac
## Function Section ##
## Usage of this script
usage () {
if [ "$0" == "bash" ]; then
WEB_INSTALL=1
SCRIPT_NAME="Web Installer Command"
else
SCRIPT_NAME=$0
fi
exec &> /dev/tty
space
echo -e "Please specify what type of ${LBLUE}MISP${NC} setup you want to install."
space
echo -e "${SCRIPT_NAME} -c | Install ONLY ${LBLUE}MISP${NC} Core" # core
echo -e " -M | ${LBLUE}MISP${NC} modules" # modules
echo -e " -D | ${LBLUE}MISP${NC} dashboard" # dashboard
echo -e " -V | Viper" # viper
echo -e " -m | Mail 2 ${LBLUE}MISP${NC}" # mail2
echo -e " -S | Experimental ssdeep correlations" # ssdeep
echo -e " -A | Install ${YELLOW}all${NC} of the above" # all
space
echo -e " -C | Only do ${YELLOW}pre-install checks and exit${NC}" # pre
space
echo -e " -u | Do an unattanded Install, no questions asked" # UNATTENDED
echo -e "${HIDDEN} -U | Attempt and upgrade of selected item${NC}" # UPGRADE
echo -e "${HIDDEN} -N | Nuke this MISP Instance${NC}" # NUKE
echo -e "${HIDDEN} -f | Force test install on current Ubuntu LTS schim, add -B for 18.04 -> 18.10, or -BB 18.10 -> 19.10)${NC}" # FORCE
echo -e "Options can be combined: ${SCRIPT_NAME} -c -V -D # Will install Core+Viper+Dashboard"
space
echo -e "Recommended is either a barebone MISP install (ideal for syncing from other instances) or"
echo -e "MISP + modules - ${SCRIPT_NAME} -c -M"
space
}
# Check if element is contained in array
containsElement () {
local e match="$1"
shift
for e; do [[ "$e" == "$match" ]] && return 0; done
return 1
}
checkOpt () {
# checkOpt feature
containsElement $1 "${options[@]}"
}
setOpt () {
options=()
for o in $@; do
case "$o" in
("-c") echo "core"; CORE=1 ;;
("-V") echo "viper"; VIPER=1 ;;
("-M") echo "modules"; MODULES=1 ;;
("-D") echo "dashboard"; DASHBOARD=1 ;;
("-m") echo "mail2"; MAIL2=1 ;;
("-S") echo "ssdeep"; SSDEEP=1 ;;
("-A") echo "all"; ALL=1 ;;
("-C") echo "pre"; PRE=1 ;;
("-U") echo "upgrade"; UPGRADE=1 ;;
("-N") echo "nuke"; NUKE=1 ;;
("-u") echo "unattended"; UNATTENDED=1 ;;
("-f") echo "force"; FORCE=1 ;;
(*) echo "$o is not a valid argument"; exit 1 ;;
esac
done
}
# Extract debian flavour
checkFlavour () {
if [ -z $(which lsb_release) ]; then
checkAptLock
sudo apt install lsb-release dialog -y
fi
FLAVOUR=$(lsb_release -s -i |tr [A-Z] [a-z])
if [ FLAVOUR == "ubuntu" ]; then
RELEASE=$(lsb_release -s -r)
debug "We detected the following Linux flavour: ${YELLOW}$(tr '[:lower:]' '[:upper:]' <<< ${FLAVOUR:0:1})${FLAVOUR:1} ${RELEASE}${NC}"
else
debug "We detected the following Linux flavour: ${YELLOW}$(tr '[:lower:]' '[:upper:]' <<< ${FLAVOUR:0:1})${FLAVOUR:1}${NC}"
fi
}
# Extract manufacturer
checkManufacturer () {
if [ -z $(which dmidecode) ]; then
checkAptLock
sudo apt install dmidecode -qy
fi
MANUFACTURER=$(sudo dmidecode -s system-manufacturer)
echo $MANUFACTURER
}
# Dynamic horizontal spacer
space () {
if [[ "$NO_PROGRESS" == "1" ]]; then
return
fi
# Check terminal width
num=`tput cols`
for i in `seq 1 $num`; do
echo -n "-"
done
echo ""
}
# Spinner so the user knows something is happening
spin()
{
if [[ "$NO_PROGRESS" == "1" ]]; then
return
fi
spinner="/|\\-/|\\-"
while :
do
for i in `seq 0 7`
do
echo -n "${spinner:$i:1}"
echo -en "\010"
sleep 0.$i
done
done
}
# Progress bar
progress () {
if [[ "$NO_PROGRESS" == "1" ]]; then
return
fi
bar="#"
if [[ $progress -ge 100 ]]; then
echo -ne "##################################################################################################### (100%)\r"
return
fi
progress=$[$progress+$1]
for p in $(seq 1 $progress); do
bar+="#"
echo -ne "$bar ($p%)\r"
done
echo -ne '\n'
}
# Check locale
checkLocale () {
debug "Checking Locale"
# If locale is missing, generate and install a common UTF-8
if [[ ! -f /etc/default/locale || $(wc -l /etc/default/locale| cut -f 1 -d\ ) == "1" ]]; then
checkAptLock
sudo DEBIAN_FRONTEND=noninteractive apt install locales -qy
sudo sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g' /etc/locale.gen
sudo locale-gen en_US.UTF-8
sudo update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8
fi
}
# Simple function to check command exit code
checkFail () {
if [[ $2 -ne 0 ]]; then
echo "iAmError: $1"
echo "The last command exited with error code: $2"
exit $2
fi
}
# Check if misp user is present and if run as root
checkID () {
debug "Checking if run as root and $MISP_USER is present"
if [[ $EUID == 0 ]]; then
echo "This script cannot be run as a root"
exit 1
elif [[ $(id $MISP_USER >/dev/null; echo $?) -ne 0 ]]; then
if [[ "$UNATTENDED" != "1" ]]; then
echo "There is NO user called '$MISP_USER' create a user '$MISP_USER' (y) or continue as $USER (n)? (y/n) "
read ANSWER
ANSWER=$(echo $ANSWER |tr [A-Z] [a-z])
else
ANSWER="y"
fi
if [[ $ANSWER == "y" ]]; then
sudo useradd -s /bin/bash -m -G adm,cdrom,sudo,dip,plugdev,www-data,staff $MISP_USER
echo $MISP_USER:$MISP_PASSWORD | sudo chpasswd
echo "User $MISP_USER added, password is: $MISP_PASSWORD"
elif [[ $ANSWER == "n" ]]; then
echo "Using $USER as install user, hope that is what you want."
echo -e "${RED}Adding $USER to groups www-data and staff${NC}"
MISP_USER=$USER
sudo adduser $MISP_USER staff
sudo adduser $MISP_USER www-data
else
echo "yes or no was asked, try again."
sudo adduser $MISP_USER staff
sudo adduser $MISP_USER www-data
exit 1
fi
else
echo "User ${MISP_USER} exists, skipping creation"
echo -e "${RED}Adding $MISP_USER to groups www-data and staff${NC}"
sudo adduser $MISP_USER staff
sudo adduser $MISP_USER www-data
fi
}
# pre-install check to make sure what we will be installing on, is ready and not a half installed system
preInstall () {
# preInstall needs to be able to be called before ANY action. Install/Upgrade/AddTool
# Pre install wants to be the place too where the following is checked and set via ENV_VAR:
# Check if composer is installed and functioning
# Check if misp db is installed (API call would confirm that the DB indeed works)
# Check apache config (Maybe try to talk to the server via api, this would confirm quite a lot)
# Check if workers are running/installed, maybe kick them if they are not
# /var/www/MISP/app/Config/[bootstrap,databases,core,config].php exists
# /var/www/MISP perms are correct (for $SUDO_WWW useage)
#
# Check if $PATH_TO_MISP exists and is writable by $WWW_USER
[[ -d "$PATH_TO_MISP" ]] && PATH_TO_MISP_EXISTS=1 && echo "$PATH_TO_MISP exists"
# .git exists and git is working for $WWW_USER
[[ -d "$PATH_TO_MISP/.git" ]] && PATH_TO_GIT_EXISTS=1 && echo "$PATH_TO_MISP/.git exists" && cd $PATH_TO_MISP && $SUDO_WWW git status
# .gnupg exists and working correctly
[[ -d "$PATH_TO_MISP/.gnupg" ]] && PATH_TO_GNUPG_EXISTS=1 && echo "$PATH_TO_MISP/.gnupg exists"
# Extract username, password and dbname
##cat database.php |grep -v // |grep -e database -e login -e password |tr -d \' |tr -d \ |tr -d , |tr -d \>
DBPASSWORD_MISP=$(cat database.php |grep -v // |grep -e password |tr -d \' |tr -d \ |tr -d , |tr -d \> |cut -f 2 -d=)
DBUSER_MISP=$(cat database.php |grep -v // |grep -e login |tr -d \' |tr -d \ |tr -d , |tr -d \> |cut -f 2 -d=)
DBNAME=$(cat database.php |grep -v // |grep -e database |tr -d \' |tr -d \ |tr -d , |tr -d \> |cut -f 2 -d=)
AUTH_KEY=$(mysql --disable-column-names -B -u $DBUSER_MISP -p"$DBPASSWORD_MISP" $DBNAME -e 'SELECT authkey FROM users WHERE role_id=1 LIMIT 1')
# Check if db exists
[[ -d "/var/lib/mysql/$DBNAME" ]] && MISP_DB_DIR_EXISTS=1 && echo "/var/lib/mysql/$DBNAME exists"
echo -e "${RED}Place-holder, not implemented yet.${NC}"
exit
}
# Upgrade function
upgrade () {
headerJSON="application/json"
Acc="Accept:"
Autho="Authorization:"
CT="Content-Type:"
MISP_BASEURL="https://127.0.0.1"
cd $PATH_TO_MISP/app ; $SUDO_WWW php composer.phar update $SUDO_WWW php composer.phar self-update
for URN in $(echo "galaxies warninglists noticelists objectTemplates taxonomies"); do
curl --header "$Autho $AUTH_KEY" --header "$Acc $headerJSON" --header "$CT $headerJSON" -k -X POST $MISP_BASEURL/$URN/update
done
echo -e "${RED}Place-holder, not implemented yet.${NC}"
exit
}
# check is /usr/local/src is RW by misp user
checkUsrLocalSrc () {
echo ""
if [[ -e /usr/local/src ]]; then
WRITEABLE=$(sudo -H -u $MISP_USER touch /usr/local/src 2> /dev/null ; echo $?)
if [[ "$WRITEABLE" == "0" ]]; then
echo "Good, /usr/local/src exists and is writeable as $MISP_USER"
else
# TODO: The below might be shorter, more elegant and more modern
#[[ -n $KALI ]] || [[ -n $UNATTENDED ]] && echo "Just do it"
sudo chmod 2775 /usr/local/src
sudo chown root:staff /usr/local/src
fi
else
echo "/usr/local/src does not exist, creating."
mkdir -p /usr/local/src
sudo chmod 2775 /usr/local/src
# FIXME: This might fail on distros with no staff user
sudo chown root:staff /usr/local/src
fi
}
kaliSpaceSaver () {
# Future function in case Kali overlay on LiveCD is full
echo "${RED}Not implement${NC}"
}
# Because Kali is l33t we make sure we run as root
kaliOnRootR0ckz () {
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
elif [[ $(id $MISP_USER >/dev/null; echo $?) -ne 0 ]]; then
useradd -s /bin/bash -m -G adm,cdrom,sudo,dip,plugdev,www-data,staff $MISP_USER
echo $MISP_USER:$MISP_PASSWORD | chpasswd
else
# TODO: Make sure we consider this further down the road
echo "User ${MISP_USER} exists, skipping creation"
fi
}
setBaseURL () {
debug "Setting Base URL"
CONN=$(ip -br -o -4 a |grep UP |head -1 |tr -d "UP")
IFACE=`echo $CONN |awk {'print $1'}`
IP=`echo $CONN |awk {'print $2'}| cut -f1 -d/`
if [[ $(checkManufacturer) != "innotek GmbH" ]]; then
debug "We guess that this is a physical machine and cannot possibly guess what the MISP_BASEURL might be."
if [[ "$UNATTENDED" != "1" ]]; then
echo "You can now enter your own MISP_BASEURL, if you wish to NOT do that, the MISP_BASEURL will be empty, which will work, but ideally you configure it afterwards."
echo "Do you want to change it now? (y/n) "
read ANSWER
ANSWER=$(echo $ANSWER |tr [A-Z] [a-z])
if [[ "$ANSWER" == "y" ]]; then
if [[ ! -z $IP ]]; then
echo "It seems you have an interface called $IFACE UP with the following IP: $IP - FYI"
echo "Thus your Base URL could be: https://$IP"
fi
echo "Please enter the Base URL, e.g: 'https://example.org'"
echo ""
echo -n "Enter Base URL: "
read MISP_BASEURL
else
MISP_BASEURL='""'
fi
else
MISP_BASEURL="https://misp.local"
# Webserver configuration
FQDN='misp.local'
fi
elif [[ $KALI == "1" ]]; then
MISP_BASEURL="https://misp.local"
# Webserver configuration
FQDN='misp.local'
else
MISP_BASEURL='https://localhost:8443'
IP=$(ip addr show | awk '$1 == "inet" {gsub(/\/.*$/, "", $2); print $2}' |grep -v "127.0.0.1" |tail -1)
sudo iptables -t nat -A OUTPUT -p tcp --dport 8443 -j DNAT --to ${IP}:443
# Webserver configuration
FQDN='localhost.localdomain'
fi
}
# Test and install software RNG
installRNG () {
sudo modprobe tpm-rng 2> /dev/null
if [ "$?" -eq "0" ]; then
echo tpm-rng | sudo tee -a /etc/modules
fi
checkAptLock
sudo apt install -qy rng-tools # This might fail on TPM grounds, enable the security chip in your BIOS
sudo service rng-tools start
if [ "$?" -eq "1" ]; then
sudo apt purge -qy rng-tools
sudo apt install -qy haveged
sudo /etc/init.d/haveged start
fi
}
# Kali upgrade
kaliUpgrade () {
debug "Running various Kali upgrade tasks"
sudo apt update
checkAptLock
sudo DEBIAN_FRONTEND=noninteractive apt install --only-upgrade bash libc6 -y
sudo DEBIAN_FRONTEND=noninteractive apt autoremove -y
}
# Disables sleep
disableSleep () {
debug "Disabling sleep etc if run from a Laptop as the install might take some time…" > /dev/tty
gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-timeout 0 2> /dev/null
gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-timeout 0 2> /dev/null
gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-type nothing 2> /dev/null
gsettings set org.gnome.desktop.screensaver lock-enabled false 2> /dev/null
gsettings set org.gnome.desktop.screensaver idle-activation-enabled false 2> /dev/null
setterm -blank 0 -powersave off -powerdown 0
xset s 0 0 2> /dev/null
xset dpms 0 0 2> /dev/null
xset dpms force off
xset s off 2> /dev/null
service sleepd stop
kill $(lsof | grep 'sleepd' | awk '{print $2}')
checkAptLock
}
# Remove alias if present
if [[ $(type -t checkAptLock) == "alias" ]]; then unalias checkAptLock; fi
# Simple function to make sure APT is not locked
checkAptLock () {
SLEEP=3
while [ "$DONE" != "0" ]; do
sudo apt-get check 2> /dev/null > /dev/null && DONE=0
echo -e "${LBLUE}apt${NC} is maybe ${RED}locked${NC}, waiting ${RED}$SLEEP${NC} seconds." > /dev/tty
sleep $SLEEP
SLEEP=$[$SLEEP+3]
done
unset DONE
}
# Install Php 7.0 dependencies
installDepsPhp70 () {
debug "Installing PHP 7.0 dependencies"
PHP_ETC_BASE=/etc/php/7.0
PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
sudo apt update
sudo apt install -qy \
libapache2-mod-php \
php php-cli \
php-dev \
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
php-pear \
php-redis php-gnupg \
php-gd
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do
sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
done
}
# Install Php 7.3 deps
installDepsPhp73 () {
debug "Installing PHP 7.3 dependencies"
PHP_ETC_BASE=/etc/php/7.3
PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
sudo apt update
checkAptLock
sudo apt install -qy \
libapache2-mod-php7.3 \
php7.3 php7.3-cli \
php7.3-dev \
php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php7.3-mbstring \
php-pear \
php-redis php-gnupg \
php-gd
}
# Installing core dependencies
installDeps () {
debug "Installing core dependencies"
checkAptLock
sudo apt update
sudo apt install -qy etckeeper
# Skip dist-upgrade for now, pulls in 500+ updated packages
#sudo apt -y dist-upgrade
gitMail=$(git config --global --get user.email ; echo $?)
if [ "$?" -eq "1" ]; then
git config --global user.email "root@kali.lan"
fi
gitUser=$(git config --global --get user.name ; echo $?)
if [ "$?" -eq "1" ]; then
git config --global user.name "Root User"
fi
[[ -n $KALI ]] || [[ -n $UNATTENDED ]] && sudo DEBIAN_FRONTEND=noninteractive apt install -qy postfix || sudo apt install -qy postfix
sudo apt install -qy \
curl gcc git gnupg-agent make openssl redis-server neovim unzip zip libyara-dev python3-yara python3-redis python3-zmq sqlite3 \
mariadb-client \
mariadb-server \
apache2 apache2-doc apache2-utils \
python3-dev python3-pip libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor \
libxml2-dev libxslt1-dev zlib1g-dev python3-setuptools expect
installRNG
}
# On Kali, the redis start-up script is broken. This tries to fix it.
fixRedis () {
# As of 20190124 redis-server init.d scripts are broken and need to be replaced
sudo mv /etc/init.d/redis-server /etc/init.d/redis-server_`date +%Y%m%d`
echo '#! /bin/sh
### BEGIN INIT INFO
# Provides: redis-server
# Required-Start: $syslog
# Required-Stop: $syslog
# Should-Start: $local_fs
# Should-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: redis-server - Persistent key-value db
# Description: redis-server - Persistent key-value db
### END INIT INFO
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/bin/redis-server
DAEMON_ARGS=/etc/redis/redis.conf
NAME=redis-server
DESC=redis-server
PIDFILE=/var/run/redis.pid
test -x $DAEMON || exit 0
test -x $DAEMONBOOTSTRAP || exit 0
set -e
case "$1" in
start)
echo -n "Starting $DESC: "
touch $PIDFILE
chown redis:redis $PIDFILE
if start-stop-daemon --start --quiet --umask 007 --pidfile $PIDFILE --chuid redis:redis --exec $DAEMON -- $DAEMON_ARGS
then
echo "$NAME."
else
echo "failed"
fi
;;
stop)
echo -n "Stopping $DESC: "
if start-stop-daemon --stop --retry 10 --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON
then
echo "$NAME."
else
echo "failed"
fi
rm -f $PIDFILE
;;
restart|force-reload)
${0} stop
${0} start
;;
*)
echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac
exit 0' | sudo tee /etc/init.d/redis-server
sudo chmod 755 /etc/init.d/redis-server
sudo /etc/init.d/redis-server start
}
# generate MISP apache conf
genApacheConf () {
echo "
ServerAdmin admin@localhost.lu
ServerName misp.local
Redirect permanent / https://misp.local
LogLevel warn
ErrorLog /var/log/apache2/misp.local_error.log
CustomLog /var/log/apache2/misp.local_access.log combined
ServerSignature Off
ServerAdmin admin@localhost.lu
ServerName misp.local
DocumentRoot $PATH_TO_MISP/app/webroot
Options -Indexes
AllowOverride all
Require all granted
Order allow,deny
allow from all
SSLEngine On
SSLCertificateFile /etc/ssl/private/misp.local.crt
SSLCertificateKeyFile /etc/ssl/private/misp.local.key
# SSLCertificateChainFile /etc/ssl/private/misp-chain.crt
LogLevel warn
ErrorLog /var/log/apache2/misp.local_error.log
CustomLog /var/log/apache2/misp.local_access.log combined
ServerSignature Off
Header set X-Content-Type-Options nosniff
Header set X-Frame-Options DENY
" | tee /etc/apache2/sites-available/misp-ssl.conf
}
# Add git pull update mechanism to rc.local - TODO: Make this better
gitPullAllRCLOCAL () {
sed -i -e '$i \git_dirs="/usr/local/src/misp-modules/ /var/www/misp-dashboard /usr/local/src/faup /usr/local/src/mail_to_misp /usr/local/src/misp-modules /usr/local/src/viper /var/www/misp-dashboard"\n' /etc/rc.local
sed -i -e '$i \for d in $git_dirs; do\n' /etc/rc.local
sed -i -e '$i \ echo "Updating ${d}"\n' /etc/rc.local
sed -i -e '$i \ cd $d && sudo git pull &\n' /etc/rc.local
sed -i -e '$i \done\n' /etc/rc.local
}
# Composer on php 7.0 does not need any special treatment the provided phar works well
alias composer70='composer72'
# Composer on php 7.2 does not need any special treatment the provided phar works well
composer72 () {
cd $PATH_TO_MISP/app
mkdir /var/www/.composer ; chown www-data:www-data /var/www/.composer
$SUDO_WWW php composer.phar require kamisama/cake-resque:4.1.2
$SUDO_WWW php composer.phar config vendor-dir Vendor
$SUDO_WWW php composer.phar install
}
# Composer on php 7.3 needs a recent version of composer.phar
composer73 () {
cd $PATH_TO_MISP/app
mkdir /var/www/.composer ; chown www-data:www-data /var/www/.composer
# Update composer.phar
# If hash changes, check here: https://getcomposer.org/download/ and replace with the correct one
# Current Sum for: v1.8.3
SHA384_SUM='48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5'
sudo -H -u www-data php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
sudo -H -u www-data php -r "if (hash_file('SHA384', 'composer-setup.php') === '$SHA384_SUM') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); exit(137); } echo PHP_EOL;"
checkFail "composer.phar checksum failed, please investigate manually. " $?
sudo -H -u www-data php composer-setup.php
sudo -H -u www-data php -r "unlink('composer-setup.php');"
$SUDO_WWW php composer.phar require kamisama/cake-resque:4.1.2
$SUDO_WWW php composer.phar config vendor-dir Vendor
$SUDO_WWW php composer.phar install
}
# Enable various core services
enableServices () {
update-rc.d mysql enable
update-rc.d apache2 enable
update-rc.d redis-server enable
}
# Generate rc.local
genRCLOCAL () {
if [ ! -e /etc/rc.local ]; then
echo '#!/bin/sh -e' | tee -a /etc/rc.local
echo 'exit 0' | tee -a /etc/rc.local
chmod u+x /etc/rc.local
fi
sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
}
# Run PyMISP tests
runTests () {
sudo sed -i -E "s~url\ =\ (.*)~url\ =\ '${MISP_BASEURL}'~g" $PATH_TO_MISP/PyMISP/tests/testlive_comprehensive.py
sudo sed -i -E "s/key\ =\ (.*)/key\ =\ '${AUTH_KEY}'/g" $PATH_TO_MISP/PyMISP/tests/testlive_comprehensive.py
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/PyMISP/
sudo -H -u $WWW_USER sh -c "cd $PATH_TO_MISP/PyMISP && git submodule foreach git pull origin master"
sudo -H -u $WWW_USER ${PATH_TO_MISP}/venv/bin/pip install -e $PATH_TO_MISP/PyMISP/.[fileobjects,neo,openioc,virustotal,pdfexport]
sudo -H -u $WWW_USER git clone https://github.com/viper-framework/viper-test-files.git $PATH_TO_MISP/PyMISP/tests/viper-test-files
sudo -H -u $WWW_USER sh -c "cd $PATH_TO_MISP/PyMISP && ${PATH_TO_MISP}/venv/bin/python tests/testlive_comprehensive.py"
}
# Nuke the install, meaning remove all MISP data but no packages, this makes testing the installer faster
nuke () {
echo -e "${RED}YOU ARE ABOUT TO DELETE ALL MISP DATA! Sleeping 10, 9, 8...${NC}"
sleep 10
sudo rm -rvf /usr/local/src/{misp-modules,viper,mail_to_misp,LIEF,faup}
sudo rm -rvf /var/www/MISP
sudo mysqladmin drop misp
sudo mysql -e "DROP USER misp@localhost"
}
# Final function to let the user know what happened
theEnd () {
space
echo "Admin (root) DB Password: $DBPASSWORD_ADMIN" |$SUDO_USER tee /home/${MISP_USER}/mysql.txt
echo "User (misp) DB Password: $DBPASSWORD_MISP" |$SUDO_USER tee -a /home/${MISP_USER}/mysql.txt
echo "Authkey: $AUTH_KEY" |$SUDO_USER tee -a /home/${MISP_USER}/MISP-authkey.txt
clear
space
echo -e "${LBLUE}MISP${NC} Installed, access here: ${MISP_BASEURL}"
echo
echo "User: admin@admin.test"
echo "Password: admin"
space
[[ -n $KALI ]] || [[ -n $DASHBOARD ]] || [[ -n $ALL ]] && echo -e "${LBLUE}MISP${NC} Dashboard, access here: ${MISP_BASEURL}:8001"
[[ -n $KALI ]] || [[ -n $DASHBOARD ]] || [[ -n $ALL ]] && space
[[ -n $KALI ]] || [[ -n $VIPER ]] || [[ -n $ALL ]] && echo -e "viper-web installed, access here: ${MISP_BASEURL}:8888"
[[ -n $KALI ]] || [[ -n $VIPER ]] || [[ -n $ALL ]] && echo -e "viper-cli configured with your ${LBLUE}MISP${NC} ${RED}Site Admin Auth Key${NC}"
[[ -n $KALI ]] || [[ -n $VIPER ]] || [[ -n $ALL ]] && echo
[[ -n $KALI ]] || [[ -n $VIPER ]] || [[ -n $ALL ]] && echo "User: admin"
[[ -n $KALI ]] || [[ -n $VIPER ]] || [[ -n $ALL ]] && echo "Password: Password1234"
[[ -n $KALI ]] || [[ -n $VIPER ]] || [[ -n $ALL ]] && space
echo -e "The following files were created and need either ${RED}protection or removal${NC} (${YELLOW}shred${NC} on the CLI)"
echo "/home/${MISP_USER}/mysql.txt"
echo -e "${RED}Contents:${NC}"
cat /home/${MISP_USER}/mysql.txt
echo "/home/${MISP_USER}/MISP-authkey.txt"
echo -e "${RED}Contents:${NC}"
cat /home/${MISP_USER}/MISP-authkey.txt
space
echo -e "The ${RED}LOCAL${NC} system credentials:"
echo "User: ${MISP_USER}"
echo "Password: ${MISP_PASSWORD} # Or the password you used of your custom user"
space
echo "To enable outgoing mails via postfix set a permissive SMTP server for the domains you want to contact:"
echo
echo "sudo postconf -e 'relayhost = example.com'"
echo "sudo postfix reload"
space
echo -e "Enjoy using ${LBLUE}MISP${NC}. For any issues see here: https://github.com/MISP/MISP/issues"
space
if [[ "$UNATTENDED" == "1" ]]; then
echo -e "${RED}Unattended install!${NC}"
echo -e "This means we guessed the Base URL, it might be wrong, please double check."
space
fi
if [[ "$USER" != "$MISP_USER" ]]; then
sudo su - ${MISP_USER}
fi
}
## End Function Section Nothing allowed in .md after this line ##
aptUpgrade () {
debug "Upgrading system"
checkAptLock
sudo apt-get update
sudo apt-get upgrade -qy
}
# check if sudo is installed
checkSudoKeeper () {
echo "Checking for sudo and installing etckeeper"
if [[ ! -f $(which sudo) ]]; then
echo "Please enter your root password below to install etckeeper"
su -c "apt install etckeeper -y"
echo "Please enter your root password below to install sudo"
su -c "apt install sudo -y"
echo "Please enter your root password below to add $MISP_USER to sudo group"
su -c "adduser $MISP_USER sudo"
echo "We added $MISP_USER to group sudo and now we need to log out and in again."
exit
else
sudo apt update
sudo apt install etckeeper -y
fi
}
installCoreDeps () {
debug "Installing core dependencies"
# Install the dependencies: (some might already be installed)
sudo apt-get install curl gcc git gpg-agent make python python3 openssl redis-server sudo vim zip unzip virtualenv libfuzzy-dev sqlite3 -qy
# Install MariaDB (a MySQL fork/alternative)
sudo apt-get install mariadb-client mariadb-server -qy
# Install Apache2
sudo apt-get install apache2 apache2-doc apache2-utils -qy
# install Mitre's STIX and its dependencies by running the following commands:
sudo apt-get install python3-dev python3-pip libxml2-dev libxslt1-dev zlib1g-dev python-setuptools -qy
sudo apt-get install python3-pip -qy
sudo apt install expect -qy
}
# Install Php 7.3 deps
installDepsPhp73 () {
debug "Installing PHP 7.3 dependencies"
PHP_ETC_BASE=/etc/php/7.3
PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
sudo apt update
checkAptLock
sudo apt install -qy \
libapache2-mod-php7.3 \
php7.3 php7.3-cli \
php7.3-dev \
php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php7.3-mbstring \
php-pear \
php-redis php-gnupg \
php-gd
}
# Install Php 7.2 dependencies
installDepsPhp72 () {
debug "Installing PHP 7.2 dependencies"
PHP_ETC_BASE=/etc/php/7.2
PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
sudo apt update
sudo apt install -qy \
libapache2-mod-php \
php php-cli \
php-dev \
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
php-pear \
php-redis php-gnupg \
php-gd
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do
sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
done
}
# Install Php 7.0 dependencies
installDepsPhp70 () {
debug "Installing PHP 7.0 dependencies"
PHP_ETC_BASE=/etc/php/7.0
PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
sudo apt update
sudo apt install -qy \
libapache2-mod-php \
php php-cli \
php-dev \
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
php-pear \
php-redis php-gnupg \
php-gd
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do
sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
done
}
prepareDB () {
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
debug "Setting up database"
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
pw=$MISP_PASSWORD
expect -f - <<-EOF
set timeout 10
spawn sudo -k mysql_secure_installation
expect "*?assword*"
send -- "$pw\r"
expect "Enter current password for root (enter for none):"
send -- "\r"
expect "Set root password?"
send -- "y\r"
expect "New password:"
send -- "${DBPASSWORD_ADMIN}\r"
expect "Re-enter new password:"
send -- "${DBPASSWORD_ADMIN}\r"
expect "Remove anonymous users?"
send -- "y\r"
expect "Disallow root login remotely?"
send -- "y\r"
expect "Remove test database and access to it?"
send -- "y\r"
expect "Reload privilege tables now?"
send -- "y\r"
expect eof
EOF
sudo apt-get purge -y expect ; sudo apt autoremove -qy
fi
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant all privileges on $DBNAME.* to '$DBUSER_MISP'@'localhost';"
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
# Import the empty MISP database from MYSQL.sql
sudo -u www-data cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
}
apacheConfig () {
debug "Generating Apache config"
sudo cp ${PATH_TO_MISP}/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
# If a valid SSL certificate is not already created for the server,
# create a self-signed certificate:
sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
-subj "/C=${OPENSSL_C}/ST=${OPENSSL_ST}/L=${OPENSSL_L}/O=${OPENSSL_O}/OU=${OPENSSL_OU}/CN=${OPENSSL_CN}/emailAddress=${OPENSSL_EMAILADDRESS}" \
-keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt
# Enable modules, settings, and default of SSL in Apache
sudo a2dismod status
sudo a2enmod ssl
sudo a2enmod rewrite
sudo a2enmod headers
sudo a2dissite 000-default
sudo a2ensite default-ssl
# Apply all changes
sudo systemctl restart apache2
# activate new vhost
sudo a2dissite default-ssl
sudo a2ensite misp-ssl
# Restart apache
sudo systemctl restart apache2
}
installCore () {
debug "Installing ${LBLUE}MISP${NC} core"
# Download MISP using git in the /var/www/ directory.
sudo mkdir ${PATH_TO_MISP}
sudo chown www-data:www-data ${PATH_TO_MISP}
cd ${PATH_TO_MISP}
sudo -u www-data git clone https://github.com/MISP/MISP.git ${PATH_TO_MISP}
sudo -u www-data git submodule update --init --recursive
# Make git ignore filesystem permission differences for submodules
sudo -u www-data git submodule foreach --recursive git config core.filemode false
# Make git ignore filesystem permission differences
sudo -u www-data git config core.filemode false
# Create a python3 virtualenv
sudo -u www-data virtualenv -p python3 ${PATH_TO_MISP}/venv
# make pip happy
sudo mkdir /var/www/.cache/
sudo chown www-data:www-data /var/www/.cache
cd ${PATH_TO_MISP}/app/files/scripts
sudo -H -u www-data git clone https://github.com/CybOXProject/python-cybox.git
sudo -H -u www-data git clone https://github.com/STIXProject/python-stix.git
sudo -H -u www-data git clone https://github.com/MAECProject/python-maec.git
# install mixbox to accommodate the new STIX dependencies:
sudo -H -u www-data git clone https://github.com/CybOXProject/mixbox.git
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/python-maec
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install .
# install STIX2.0 library to support STIX 2.0 export:
cd ${PATH_TO_MISP}/cti-python-stix2
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install .
# install PyMISP
cd ${PATH_TO_MISP}/PyMISP
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install .
# install pydeep
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
# install lief
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip
# install python-magic
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic
# Install Crypt_GPG and Console_CommandLine
sudo pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
sudo pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
}
installCake () {
debug "Installing CakePHP"
# Once done, install CakeResque along with its dependencies
# if you intend to use the built in background jobs:
cd ${PATH_TO_MISP}/app
# Make composer cache happy
# /!\ composer on Ubuntu when invoked with sudo -u doesn't set $HOME to /var/www but keeps it /home/misp \!/
sudo mkdir /var/www/.composer ; sudo chown www-data:www-data /var/www/.composer
sudo -H -u www-data php composer.phar require kamisama/cake-resque:4.1.2
sudo -H -u www-data php composer.phar config vendor-dir Vendor
sudo -H -u www-data php composer.phar install
# Enable CakeResque with php-redis
sudo phpenmod redis
sudo phpenmod gnupg
# To use the scheduler worker for scheduled tasks, do the following:
sudo -u www-data cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
# If you have multiple MISP instances on the same system, don't forget to have a different Redis per MISP instance for the CakeResque workers
# The default Redis port can be updated in Plugin/CakeResque/Config/config.php
}
# Main function to fix permissions to something sane
permissions () {
debug "Setting permissions"
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
sudo chmod -R 750 ${PATH_TO_MISP}
sudo chmod -R g+ws ${PATH_TO_MISP}/app/tmp
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
}
configMISP () {
debug "Generating ${LBLUE}MISP${NC} config files"
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
sudo -u www-data cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
sudo -u www-data cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
sudo -u www-data cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
sudo -u www-data cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
echo " 'Database/Mysql',
//'datasource' => 'Database/Postgres',
'persistent' => false,
'host' => '$DBHOST',
'login' => '$DBUSER_MISP',
'port' => 3306, // MySQL & MariaDB
//'port' => 5432, // PostgreSQL
'password' => '$DBPASSWORD_MISP',
'database' => '$DBNAME',
'prefix' => '',
'encoding' => 'utf8',
);
}" | sudo -u www-data tee $PATH_TO_MISP/app/Config/database.php
# Important! Change the salt key in ${PATH_TO_MISP}/app/Config/config.php
# The salt key must be a string at least 32 bytes long.
# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
# and make sure the file permissions are still OK
sudo chown -R www-data:www-data ${PATH_TO_MISP}/app/Config
sudo chmod -R 750 ${PATH_TO_MISP}/app/Config
}
# Core cake commands
coreCAKE () {
debug "Running core Cake commands to set sane defaults for ${LBLUE}MISP${NC}"
$SUDO_WWW -E $CAKE userInit -q
# This makes sure all Database upgrades are done, without logging in.
$SUDO_WWW $CAKE Admin updateDatabase
# Setup some more MISP default via cake CLI
# The default install is Python in a virtualenv, setting accordingly
$SUDO_WWW $CAKE Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python"
# Tune global time outs
$SUDO_WWW $CAKE Admin setSetting "Session.autoRegenerate" 0
$SUDO_WWW $CAKE Admin setSetting "Session.timeout" 600
$SUDO_WWW $CAKE Admin setSetting "Session.cookieTimeout" 3600
# Change base url, either with this CLI command or in the UI
$SUDO_WWW $CAKE Baseurl $MISP_BASEURL
# example: 'baseurl' => 'https://',
# alternatively, you can leave this field empty if you would like to use relative pathing in MISP
# 'baseurl' => '',
# Enable GnuPG
$SUDO_WWW $CAKE Admin setSetting "GnuPG.email" "$GPG_EMAIL_ADDRESS"
$SUDO_WWW $CAKE Admin setSetting "GnuPG.homedir" "$PATH_TO_MISP/.gnupg"
$SUDO_WWW $CAKE Admin setSetting "GnuPG.password" "$GPG_PASSPHRASE"
# Enable installer org and tune some configurables
$SUDO_WWW $CAKE Admin setSetting "MISP.host_org_id" 1
$SUDO_WWW $CAKE Admin setSetting "MISP.email" "info@admin.test"
$SUDO_WWW $CAKE Admin setSetting "MISP.disable_emailing" true
$SUDO_WWW $CAKE Admin setSetting "MISP.contact" "info@admin.test"
$SUDO_WWW $CAKE Admin setSetting "MISP.disablerestalert" true
$SUDO_WWW $CAKE Admin setSetting "MISP.showCorrelationsOnIndex" true
$SUDO_WWW $CAKE Admin setSetting "MISP.default_event_tag_collection" 0
# Provisional Cortex tunes
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_enable" false
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_port" 9000
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_timeout" 120
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_authkey" ""
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_peer" false
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_host" false
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_ssl_allow_self_signed" true
# Various plugin sightings settings
$SUDO_WWW $CAKE Admin setSetting "Plugin.Sightings_policy" 0
$SUDO_WWW $CAKE Admin setSetting "Plugin.Sightings_anonymise" false
$SUDO_WWW $CAKE Admin setSetting "Plugin.Sightings_range" 365
# Plugin CustomAuth tuneable
$SUDO_WWW $CAKE Admin setSetting "Plugin.CustomAuth_disable_logout" false
# RPZ Plugin settings
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_policy" "DROP"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_walled_garden" "127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_serial" "\$date00"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_refresh" "2h"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_retry" "30m"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_expiry" "30d"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_minimum_ttl" "1h"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_ttl" "1w"
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_ns" "localhost."
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_ns_alt" ""
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_email" "root.localhost"
# Force defaults to make MISP Server Settings less RED
$SUDO_WWW $CAKE Admin setSetting "MISP.language" "eng"
$SUDO_WWW $CAKE Admin setSetting "MISP.proposals_block_attributes" false
# Redis block
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_host" "127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_port" 6379
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_database" 13
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_password" ""
# Force defaults to make MISP Server Settings less YELLOW
$SUDO_WWW $CAKE Admin setSetting "MISP.ssdeep_correlation_threshold" 40
$SUDO_WWW $CAKE Admin setSetting "MISP.extended_alert_subject" false
$SUDO_WWW $CAKE Admin setSetting "MISP.default_event_threat_level" 4
$SUDO_WWW $CAKE Admin setSetting "MISP.newUserText" "Dear new MISP user,\\n\\nWe would hereby like to welcome you to the \$org MISP community.\\n\\n Use the credentials below to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nPassword: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
$SUDO_WWW $CAKE Admin setSetting "MISP.passwordResetText" "Dear MISP user,\\n\\nA password reset has been triggered for your account. Use the below provided temporary password to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nYour temporary password: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
$SUDO_WWW $CAKE Admin setSetting "MISP.enableEventBlacklisting" true
$SUDO_WWW $CAKE Admin setSetting "MISP.enableOrgBlacklisting" true
$SUDO_WWW $CAKE Admin setSetting "MISP.log_client_ip" false
$SUDO_WWW $CAKE Admin setSetting "MISP.log_auth" false
$SUDO_WWW $CAKE Admin setSetting "MISP.disableUserSelfManagement" false
$SUDO_WWW $CAKE Admin setSetting "MISP.block_event_alert" false
$SUDO_WWW $CAKE Admin setSetting "MISP.block_event_alert_tag" "no-alerts=\"true\""
$SUDO_WWW $CAKE Admin setSetting "MISP.block_old_event_alert" false
$SUDO_WWW $CAKE Admin setSetting "MISP.block_old_event_alert_age" ""
$SUDO_WWW $CAKE Admin setSetting "MISP.incoming_tags_disabled_by_default" false
$SUDO_WWW $CAKE Admin setSetting "MISP.footermidleft" "This is an initial install"
$SUDO_WWW $CAKE Admin setSetting "MISP.footermidright" "Please configure and harden accordingly"
$SUDO_WWW $CAKE Admin setSetting "MISP.welcome_text_top" "Initial Install, please configure"
# TODO: Make sure $FLAVOUR is correct
$SUDO_WWW $CAKE Admin setSetting "MISP.welcome_text_bottom" "Welcome to MISP on $FLAVOUR, change this message in MISP Settings"
# Force defaults to make MISP Server Settings less GREEN
$SUDO_WWW $CAKE Admin setSetting "Security.password_policy_length" 12
$SUDO_WWW $CAKE Admin setSetting "Security.password_policy_complexity" '/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/'
# Set MISP Live
$SUDO_WWW $CAKE Live $MISP_LIVE
}
# This updates Galaxies, ObjectTemplates, Warninglists, Noticelists, Templates
updateGOWNT () {
debug "Updating Galaxies, ObjectTemplates, Warninglists, Noticelists and Templates"
AUTH_KEY=$(mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e "SELECT authkey FROM users;" | tail -1)
# Update the galaxies…
# TODO: Fix updateGalaxies
$SUDO_WWW $CAKE Admin updateGalaxies
# Updating the taxonomies…
$SUDO_WWW $CAKE Admin updateTaxonomies
# Updating the warning lists…
$SUDO_WWW $CAKE Admin updateWarningLists
# Updating the notice lists…
$SUDO_WWW $CAKE Admin updateNoticeLists
# Updating the object templates…
# TODO: FIXME: updateObjectTemplates (currently throws: usage udpateNoticeLists)
##$SUDO_WWW $CAKE Admin updateObjectTemplates
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/objectTemplates/update
}
# Generate GnuPG key
setupGnuPG () {
if [ ! -d $PATH_TO_MISP/.gnupg ]; then
# The email address should match the one set in the config.php
# set in the configuration menu in the administration menu configuration file
echo "%echo Generating a default key
Key-Type: default
Key-Length: $GPG_KEY_LENGTH
Subkey-Type: default
Name-Real: $GPG_REAL_NAME
Name-Comment: $GPG_COMMENT
Name-Email: $GPG_EMAIL_ADDRESS
Expire-Date: 0
Passphrase: $GPG_PASSPHRASE
# Do a commit here, so that we can later print "done"
%commit
%echo done" > /tmp/gen-key-script
$SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
# Export the public key to the webroot
$SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
fi
}
logRotation () {
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
# To rotate these logs install the supplied logrotate script:
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
sudo chmod 0640 /etc/logrotate.d/misp
}
backgroundWorkers () {
debug "Setting up background workers"
# To make the background workers start on boot
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
if [ ! -e /etc/rc.local ]
then
echo '#!/bin/sh -e' | sudo tee -a /etc/rc.local
echo 'exit 0' | sudo tee -a /etc/rc.local
sudo chmod u+x /etc/rc.local
fi
# Start the workers
$SUDO_WWW bash $PATH_TO_MISP/app/Console/worker/start.sh
# Add the following lines before the last line (exit 0). Make sure that you replace www-data with your apache user:
sudo sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
sudo sed -i -e '$i \sudo -u www-data bash ${PATH_TO_MISP}/app/Console/worker/start.sh > /tmp/worker_start_rc.local.log\n' /etc/rc.local
}
# Main MISP Modules install function
mispmodules () {
# FIXME: this is broken, ${PATH_TO_MISP} is litteral
##sudo sed -i -e '$i \sudo -u www-data /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s > /tmp/misp-modules_rc.local.log &\n' /etc/rc.local
cd /usr/local/src/
## TODO: checkUsrLocalSrc in main doc
debug "Cloning misp-modules"
$SUDO_USER git clone https://github.com/MISP/misp-modules.git
cd misp-modules
# some misp-modules dependencies
sudo apt-get install libpq5 libjpeg-dev libfuzzy-dev -y
# If you build an egg, the user you build it as need write permissions in the CWD
sudo chgrp $WWW_USER .
sudo chmod g+w .
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
sudo chgrp staff .
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install -I .
sudo apt install ruby-pygments.rb -y
sudo gem install asciidoctor-pdf --pre
# install additional dependencies for extended object generation and extraction
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install wand yara pathlib
# Start misp-modules as a service
sudo cp etc/systemd/system/misp-modules.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable --now misp-modules
# Sleep 9 seconds to give misp-modules a chance to spawn
sleep 9
# Enable Enrichment, set better timeouts
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_services_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_hover_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_timeout" 300
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_hover_timeout" 150
# TODO:"Investigate why the next one fails"
#$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_asn_history_enabled" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_cve_enabled" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_dns_enabled" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_services_url" "http://127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "Plugin.Enrichment_services_port" 6666
# Enable Import modules, set better timeout
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_services_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_services_url" "http://127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_services_port" 6666
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_timeout" 300
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_ocr_enabled" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Import_csvimport_enabled" true
# Enable Export modules, set better timeout
$SUDO_WWW $CAKE Admin setSetting "Plugin.Export_services_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.Export_services_url" "http://127.0.0.1"
$SUDO_WWW $CAKE Admin setSetting "Plugin.Export_services_port" 6666
$SUDO_WWW $CAKE Admin setSetting "Plugin.Export_timeout" 300
$SUDO_WWW $CAKE Admin setSetting "Plugin.Export_pdfexport_enabled" true
}
# Main MISP Dashboard install function
mispDashboard () {
debug "Install misp-dashboard"
# Install pyzmq to main MISP venv
debug "Installing PyZMQ"
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install pyzmq
cd /var/www
sudo mkdir misp-dashboard
sudo chown www-data:www-data misp-dashboard
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git
cd misp-dashboard
sudo -H /var/www/misp-dashboard/install_dependencies.sh
sudo sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
sudo sed -i '/Listen 80/a Listen 0.0.0.0:8001' /etc/apache2/ports.conf
sudo apt install libapache2-mod-wsgi-py3 -y
echo "
ServerAdmin admin@misp.local
ServerName misp.local
DocumentRoot /var/www/misp-dashboard
WSGIDaemonProcess misp-dashboard \
user=misp group=misp \
python-home=/var/www/misp-dashboard/DASHENV \
processes=1 \
threads=15 \
maximum-requests=5000 \
listen-backlog=100 \
queue-timeout=45 \
socket-timeout=60 \
connect-timeout=15 \
request-timeout=60 \
inactivity-timeout=0 \
deadlock-timeout=60 \
graceful-timeout=15 \
eviction-timeout=0 \
shutdown-timeout=5 \
send-buffer-size=0 \
receive-buffer-size=0 \
header-buffer-size=0 \
response-buffer-size=0 \
server-metrics=Off
WSGIScriptAlias / /var/www/misp-dashboard/misp-dashboard.wsgi
WSGIProcessGroup misp-dashboard
WSGIApplicationGroup %{GLOBAL}
Require all granted
LogLevel info
ErrorLog /var/log/apache2/misp-dashboard.local_error.log
CustomLog /var/log/apache2/misp-dashboard.local_access.log combined
ServerSignature Off
" | sudo tee /etc/apache2/sites-available/misp-dashboard.conf
# Enable misp-dashboard in apache and reload
sudo a2ensite misp-dashboard
sudo systemctl restart apache2
# Needs to be started after apache2 is reloaded so the port status check works
$SUDO_WWW bash /var/www/misp-dashboard/start_all.sh
# Add misp-dashboard to rc.local to start on boot.
sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh > /tmp/misp-dashboard_rc.local.log\n' /etc/rc.local
}
dashboardCAKE () {
# Enable ZeroMQ for misp-dashboard
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_event_notifications_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_object_notifications_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_object_reference_notifications_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_attribute_notifications_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_sighting_notifications_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_user_notifications_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_organisation_notifications_enable" true
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_port" 50000
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_redis_host" "localhost"
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_redis_port" 6379
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_redis_database" 1
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_redis_namespace" "mispq"
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_include_attachments" false
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_tag_notifications_enable" false
$SUDO_WWW $CAKE Admin setSetting "Plugin.ZeroMQ_audit_notifications_enable" false
}
# Main mail2misp install function
mail2misp () {
debug "Installing Mail2${LBLUE}MISP${NC}"
cd /usr/local/src/
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
$SUDO_USER git clone https://github.com/MISP/mail_to_misp.git
$SUDO_USER git clone git://github.com/stricaud/faup.git faup
$SUDO_USER git clone git://github.com/stricaud/gtcaca.git gtcaca
sudo chown -R ${MISP_USER}:${MISP_USER} faup mail_to_misp gtcaca
cd gtcaca
$SUDO_USER mkdir -p build
cd build
$SUDO_USER cmake .. && $SUDO_USER make
sudo make install
cd ../../faup
$SUDO_USER mkdir -p build
cd build
$SUDO_USER cmake .. && $SUDO_USER make
sudo make install
sudo ldconfig
cd ../../mail_to_misp
$SUDO_USER virtualenv -p python3 venv
$SUDO_USER ./venv/bin/pip install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip
$SUDO_USER ./venv/bin/pip install -r requirements.txt
$SUDO_USER cp mail_to_misp_config.py-example mail_to_misp_config.py
##$SUDO cp mail_to_misp_config.py-example mail_to_misp_config.py
$SUDO_USER sed -i "s/^misp_url\ =\ 'YOUR_MISP_URL'/misp_url\ =\ 'https:\/\/localhost'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
$SUDO_USER sed -i "s/^misp_key\ =\ 'YOUR_KEY_HERE'/misp_key\ =\ '${AUTH_KEY}'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
}
ssdeep () {
debug "Install ssdeep 2.14.1"
cd /usr/local/src
$SUDO_USER wget https://github.com/ssdeep-project/ssdeep/releases/download/release-2.14.1/ssdeep-2.14.1.tar.gz
$SUDO_USER tar zxvf ssdeep-2.14.1.tar.gz
cd ssdeep-2.14.1
$SUDO_USER ./configure --datadir=/usr --prefix=/usr --localstatedir=/var --sysconfdir=/etc
$SUDO_USER make
sudo make install
#installing ssdeep_php
sudo pecl channel-update pecl.php.net
sudo pecl install ssdeep
# You should add "extension=ssdeep.so" to mods-available - Check /etc/php for your current version
echo "extension=ssdeep.so" | sudo tee ${PHP_ETC_BASE}/mods-available/ssdeep.ini
sudo phpenmod ssdeep
sudo service apache2 restart
}
# Main Viper install function
viper () {
debug "Installing Viper dependencies"
cd /usr/local/src/
sudo apt-get install \
libssl-dev swig python3-ssdeep p7zip-full unrar-free sqlite python3-pyclamd exiftool radare2 \
python3-magic python3-sqlalchemy python3-prettytable libffi-dev libfreetype6-dev libpng-dev -qy
echo "Cloning Viper"
$SUDO_USER git clone https://github.com/viper-framework/viper.git
sudo chown -R $MISP_USER:$MISP_USER viper
cd viper
echo "Creating virtualenv"
$SUDO_USER virtualenv -p python3 venv
echo "Submodule update"
# TODO: Check for current user install permissions
$SUDO_USER git submodule update --init --recursive
##$SUDO git submodule update --init --recursive
echo "Pip install deps"
$SUDO_USER ./venv/bin/pip install SQLAlchemy PrettyTable python-magic
echo "pip install scrapy"
$SUDO_USER ./venv/bin/pip install scrapy
echo "install lief"
$SUDO_USER ./venv/bin/pip install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip
echo "pip install reqs"
$SUDO_USER ./venv/bin/pip install -r requirements.txt
$SUDO_USER sed -i '1 s/^.*$/\#!\/usr\/local\/src\/viper\/venv\/bin\/python/' viper-cli
$SUDO_USER sed -i '1 s/^.*$/\#!\/usr\/local\/src\/viper\/venv\/bin\/python/' viper-web
echo "Launching viper-cli"
$SUDO_USER /usr/local/src/viper/viper-cli -h > /dev/null
echo "Launching viper-web"
$SUDO_USER /usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 &
echo 'PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper:/var/www/MISP/app/Console"' |sudo tee /etc/environment
echo ". /etc/environment" >> /home/${MISP_USER}/.profile
# TODO: Perms, MISP_USER_HOME, nasty hack cuz Kali on R00t
if [ -f /home/${MISP_USER}/.viper/viper.conf ]; then
VIPER_HOME="/home/${MISP_USER}/.viper"
else
VIPER_HOME="${HOME}/.viper"
fi
echo "Setting misp_url/misp_key"
$SUDO_USER sed -i "s/^misp_url\ =/misp_url\ =\ http:\/\/localhost/g" ${VIPER_HOME}/viper.conf
$SUDO_USER sed -i "s/^misp_key\ =/misp_key\ =\ $AUTH_KEY/g" ${VIPER_HOME}/viper.conf
# Reset admin password to: admin/Password1234
echo "Fixing admin.db with default password"
while [ "$(sudo sqlite3 ${VIPER_HOME}/admin.db 'UPDATE auth_user SET password="pbkdf2_sha256$100000$iXgEJh8hz7Cf$vfdDAwLX8tko1t0M1TLTtGlxERkNnltUnMhbv56wK/U="'; echo $?)" -ne "0" ]; do
# FIXME This might lead to a race condition, the while loop is sub-par
sudo chown $MISP_USER:$MISP_USER ${VIPER_HOME}/admin.db
echo "Updating viper-web admin password, giving process time to start-up, sleeping 5, 4, 3,…"
sleep 6
done
# Add viper-web to rc.local to be started on boot
sudo sed -i -e '$i \sudo -u misp /usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 > /tmp/viper-web_rc.local.log &\n' /etc/rc.local
}
# No functions scripts:
## apt-upgrade.sh ##
## postfix.sh ##
## interfaces.sh ##
#
### END AUTOMATED SECTION ###
# This function will generate the main installer.
# It is a helper function for the maintainers for the installer.
colors () {
# Some colors for easier debug and better UX (not colorblind compatible, PR welcome)
RED='\033[0;31m'
GREEN='\033[0;32m'
LBLUE='\033[1;34m'
YELLOW='\033[0;33m'
HIDDEN='\e[8m'
NC='\033[0m'
}
generateInstaller () {
if [ ! -f $(which xsnippet) ]; then
echo 'xsnippet is NOT installed. Clone the repository below and copy the xsnippet shell script somehwere in your $PATH'
echo "git clone https://github.com/SteveClement/xsnippet.git"
exit 1
fi
if [[ $(echo $0 |grep -e '^\.\/') != "./INSTALL.tpl.sh" ]]; then
echo -e "${RED}iAmError!${NC}"
echo -e "To generate the installer call it with './INSTALL.tpl.sh' otherwise things will break."
echo -e "You called: ${RED}$0${NC}"
exit 1
fi
mkdir installer ; cd installer
cp ../INSTALL.tpl.sh .
# Pull code snippets out of Main Install Documents
for f in `echo INSTALL.ubuntu1804.md xINSTALL.debian9.md INSTALL.kali.md xINSTALL.debian_testing.md xINSTALL.tsurugi.md xINSTALL.debian9-postgresql.md xINSTALL.ubuntu1804.with.webmin.md`; do
xsnippet . ../../docs/${f}
done
# Pull out code snippets from generic Install Documents
for f in `echo globalVariables.md mail_to_misp-debian.md MISP_CAKE_init.md misp-dashboard-debian.md misp-modules-debian.md gnupg.md ssdeep-debian.md sudo_etckeeper.md supportFunctions.md viper-debian.md`; do
xsnippet . ../../docs/generic/${f}
done
# TODO: Fix the below.
# $ for f in `echo ls [0-9]_*`; do
# $ perl -pe 's/## ${f} ##/`cat ${f}`/ge' -i INSTALL.sh
# $ done
#
# Temporary copy/paste holder
perl -pe 's/^## 0_global-vars.sh ##/`cat 0_global-vars.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_apt-upgrade.sh ##/`cat 0_apt-upgrade.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_sudoKeeper.sh ##/`cat 0_sudoKeeper.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_installCoreDeps.sh ##/`cat 0_installCoreDeps.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_installDepsPhp73.sh ##/`cat 0_installDepsPhp73.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_installDepsPhp72.sh ##/`cat 0_installDepsPhp72.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_installDepsPhp70.sh ##/`cat 0_installDepsPhp70.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 1_prepareDB.sh ##/`cat 1_prepareDB.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 1_apacheConfig.sh ##/`cat 1_apacheConfig.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 1_mispCoreInstall.sh ##/`cat 1_mispCoreInstall.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 1_installCake.sh ##/`cat 1_installCake.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 2_permissions.sh ##/`cat 2_permissions.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 2_configMISP.sh ##/`cat 2_configMISP.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_support-functions.sh ##/`cat 0_support-functions.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 2_gnupg.sh ##/`cat 2_gnupg.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 2_logRotation.sh ##/`cat 2_logRotation.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 2_backgroundWorkers.sh ##/`cat 2_backgroundWorkers.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 2_core-cake.sh ##/`cat 2_core-cake.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 3_misp-modules.sh ##/`cat 3_misp-modules.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 4_misp-dashboard-cake.sh ##/`cat 4_misp-dashboard-cake.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 4_misp-dashboard.sh ##/`cat 4_misp-dashboard.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 5_mail_to_misp.sh ##/`cat 5_mail_to_misp.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 6_viper.sh ##/`cat 6_viper.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 6_ssdeep.sh ##/`cat 6_ssdeep.sh`/ge' -i INSTALL.tpl.sh
cp INSTALL.tpl.sh ../INSTALL.sh
cd ..
for ALGO in $(echo "1 256 384 512"); do
shasum -a ${ALGO} INSTALL.sh > INSTALL.sh.sha${ALGO}
done
rm -rf installer
echo -e "${LBLUE}Generated INSTALL.sh${NC}"
exit 0
}
# Simple debug function with message
# Make sure no alias exists
if [[ $(type -t debug) == "alias" ]]; then unalias debug; fi
debug () {
echo -e "${RED}Next step:${NC} ${GREEN}$1${NC}" > /dev/tty
if [ ! -z $DEBUG ]; then
NO_PROGRESS=1
echo -e "${RED}Debug Mode${NC}, press ${LBLUE}enter${NC} to continue..." > /dev/tty
exec 3>&1
read
else
# [Set up conditional redirection](https://stackoverflow.com/questions/8756535/conditional-redirection-in-bash)
#exec 3>&1 &>/dev/null
:
fi
}
installSupported () {
space
echo "Proceeding with the installation of MISP core"
space
# Set Base URL - functionLocation('generic/supportFunctions.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && setBaseURL
progress 4
# Check if sudo is installed and etckeeper - functionLocation('generic/sudo_etckeeper.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && checkSudoKeeper 2> /dev/null > /dev/null
progress 4
# Set locale if not set - functionLocation('generic/supportFunctions.md')
checkLocale
# Upgrade system to make sure we install the latest packages - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && aptUpgrade 2> /dev/null > /dev/null
progress 4
# TODO: Double check how the user is added and subsequently used during the install.
# TODO: Work on possibility to install as user X and install MISP for user Y
# TODO: Check if logout needed. (run SUDO_USER in installer)
#
# TODO: Double check how to properly handle postfix
#
# Pull in all possible MISP Environment variables - functionLocation('generic/globalVariables.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && MISPvars
progress 4
# Check if MISP user is installed and we do not run as root - functionLocation('generic/supportFunctions.md')
checkID
progress 4
# Starting friendly UI spinner
#spin &
#SPIN_PID=$!
#disown
#trap "kill -9 $SPIN_PID" `seq 0 15`
# Install Core Dependencies - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installCoreDeps
progress 4
if [[ "$1" =~ ^PHP= ]]; then
PHP_VER=$(echo $1 |cut -f2 -d=)
if [[ "$PHP_VER" == "7.2" ]]; then
# Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp72
elif [[ "$PHP_VER" == "7.3" ]]; then
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp73
elif [[ "$PHP_VER" == "7.0" ]]; then
# Install PHP 7.0 Dependencies - functionLocation('generic/supportFunctions.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp70
fi
else
# Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp72
fi
progress 4
# Install Core MISP - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installCore
progress 4
# Install PHP Cake - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installCake
progress 4
# Make sure permissions are sane - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && permissions 2> /dev/null > /dev/null
progress 4
# TODO: Mysql install functions, make it upgrade safe, double check
# Setup Databse - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && prepareDB 2> /dev/null > /dev/null
progress 4
# Roll Apache Config - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && apacheConfig 2> /dev/null > /dev/null
progress 4
# Setup log logrotate - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && logRotation 2> /dev/null > /dev/null
progress 4
# Generate MISP Config files - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && configMISP 2> /dev/null > /dev/null
progress 4
# Generate GnuPG key - functionLocation('generic/gnupg.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && setupGnuPG 2> /dev/null > /dev/null
progress 4
# Setup and start background workers - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && backgroundWorkers 2> /dev/null > /dev/null
progress 4
# Run cake CLI for the core installation - functionLocation('generic/MISP_CAKE_init.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && coreCAKE 2> /dev/null > /dev/null
progress 4
# Update Galaxies, Template Objects, Warning Lists, Notice Lists, Taxonomies - functionLocation('generic/MISP_CAKE_init.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && updateGOWNT 2> /dev/null > /dev/null
progress 4
# Disable spinner
#(kill $SPIN_PID 2>&1) >/dev/null
# Check if /usr/local/src is writeable by target install user - functionLocation('generic/supportFunctions.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && checkUsrLocalSrc
progress 4
## Resume spinner
#spin &
#SPIN_PID=$!
#disown
#trap "kill -9 $SPIN_PID" `seq 0 15`
# Install misp-modules - functionLocation('generic/misp-modules-debian.md')
[[ -n $MODULES ]] || [[ -n $ALL ]] && mispmodules
progress 4
# Install Viper - functionLocation('generic/viper-debian.md')
[[ -n $VIPER ]] || [[ -n $ALL ]] && viper
progress 4
# Install ssdeep - functionLocation('generic/ssdeep-debian.md')
[[ -n $SSDEEP ]] || [[ -n $ALL ]] && ssdeep
progress 4
# Install misp-dashboard - functionLocation('generic/misp-dashboard-debian.md')
[[ -n $DASHBOARD ]] || [[ -n $ALL ]] && mispDashboard ; dashboardCAKE 2> /dev/null > /dev/null
progress 4
# Install Mail2MISP - functionLocation('generic/mail_to_misp-debian.md')
[[ -n $MAIL2 ]] || [[ -n $ALL ]] && mail2misp
progress 2
# Run tests
runTests
progress 2
# Run final script to inform the User what happened - functionLocation('generic/supportFunctions.md')
theEnd
}
# Main Kalin Install function
installMISPonKali () {
# Kali might have a bug on installs where libc6 is not up to date, this forces bash and libc to update - functionLocation('')
kaliUpgrade 2> /dev/null > /dev/null
# Set locale if not set - functionLocation('generic/supportFunctions.md')
checkLocale
# Set Base URL - functionLocation('generic/supportFunctions.md')
setBaseURL
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
installDepsPhp73 2> /dev/null > /dev/null
# Set custom Kali only variables and tweaks
space
# The following disables sleep on kali/gnome
### FIXME: Disabling for now, maybe source of some issues.
##disableSleep 2> /dev/null > /dev/null
##debug "Sleeping 3 seconds to make sure the disable sleep does not confuse the execution of the script."
##sleep 3
# Kali specific dependencies - functionLocation('generic/supportFunctions.md')
debug "Installing dependencies"
installDeps
# Install Core Dependencies - functionLocation('INSTALL.ubuntu1804.md')
installCoreDeps
debug "Enabling redis and gnupg modules"
phpenmod -v 7.3 redis
phpenmod -v 7.3 gnupg
debug "Apache2 ops: dismod: status php7.2 - dissite: 000-default enmod: ssl rewrite headers php7.3 ensite: default-ssl"
a2dismod status 2> /dev/null > /dev/null
a2dismod php7.2 2> /dev/null > /dev/null
a2enmod ssl rewrite headers php7.3 2> /dev/null > /dev/null
a2dissite 000-default 2> /dev/null > /dev/null
a2ensite default-ssl 2> /dev/null > /dev/null
debug "Restarting mysql.service"
systemctl restart mysql.service 2> /dev/null > /dev/null
debug "Fixing redis rc script on Kali"
fixRedis 2> /dev/null > /dev/null
debug "git clone, submodule update everything"
mkdir $PATH_TO_MISP
chown www-data:www-data $PATH_TO_MISP
cd $PATH_TO_MISP
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
$SUDO_WWW git config core.filemode false
cd $PATH_TO_MISP
$SUDO_WWW git submodule update --init --recursive 2> /dev/null > /dev/null
# Make git ignore filesystem permission differences for submodules
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
cd $PATH_TO_MISP/app/files/scripts
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git 2> /dev/null > /dev/null
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git 2> /dev/null > /dev/null
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git 2> /dev/null > /dev/null
$SUDO_WWW git clone https://github.com/MAECProject/python-maec.git 2> /dev/null > /dev/null
mkdir /var/www/.cache/
MISP_USER_HOME=$(sudo -Hiu $MISP_USER env | grep HOME |cut -f 2 -d=)
mkdir $MISP_USER_HOME/.cache
chown $MISP_USER:$MISP_USER $MISP_USER_HOME/.cache
chown www-data:www-data /var/www/.cache
debug "Generating rc.local"
genRCLOCAL
debug "Setting up main MISP virtualenv"
# Needs virtualenv
sudo -u www-data virtualenv -p python3 ${PATH_TO_MISP}/venv
debug "Installing MISP dashboard"
mispDashboard
debug "Installing python-cybox"
cd $PATH_TO_MISP/app/files/scripts/python-cybox
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install . 2> /dev/null > /dev/null
debug "Installing python-stix"
cd $PATH_TO_MISP/app/files/scripts/python-stix
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install . 2> /dev/null > /dev/null
debug "Install maec"
cd $PATH_TO_MISP/app/files/scripts/python-maec
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install . 2> /dev/null > /dev/null
# install STIX2.0 library to support STIX 2.0 export
debug "Installing cti-python-stix2"
cd ${PATH_TO_MISP}/cti-python-stix2
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install -I . 2> /dev/null > /dev/null
debug "Installing mixbox"
cd $PATH_TO_MISP/app/files/scripts/mixbox
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install . 2> /dev/null > /dev/null
# install PyMISP
debug "Installing PyMISP"
cd $PATH_TO_MISP/PyMISP
sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install . 2> /dev/null > /dev/null
# install pydeep
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git 2> /dev/null > /dev/null
# install lief
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip 2> /dev/null > /dev/null
# install python-magic
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic 2> /dev/null > /dev/null
# Install Crypt_GPG and Console_CommandLine
debug "Installing pear Console_CommandLine"
pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
debug "Installing pear Crypt_GPG"
pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
debug "Installing composer with php 7.3 updates"
composer73
$SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
chown -R www-data:www-data $PATH_TO_MISP
chmod -R 750 $PATH_TO_MISP
chmod -R g+ws $PATH_TO_MISP/app/tmp
chmod -R g+ws $PATH_TO_MISP/app/files
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
debug "Setting up database"
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
echo "
set timeout 10
spawn mysql_secure_installation
expect \"Enter current password for root (enter for none):\"
send -- \"\r\"
expect \"Set root password?\"
send -- \"y\r\"
expect \"New password:\"
send -- \"${DBPASSWORD_ADMIN}\r\"
expect \"Re-enter new password:\"
send -- \"${DBPASSWORD_ADMIN}\r\"
expect \"Remove anonymous users?\"
send -- \"y\r\"
expect \"Disallow root login remotely?\"
send -- \"y\r\"
expect \"Remove test database and access to it?\"
send -- \"y\r\"
expect \"Reload privilege tables now?\"
send -- \"y\r\"
expect eof" | expect -f -
mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "CREATE DATABASE $DBNAME;"
mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "GRANT USAGE ON *.* TO $DBNAME@localhost IDENTIFIED BY '$DBPASSWORD_MISP';"
mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "GRANT ALL PRIVILEGES ON $DBNAME.* TO '$DBUSER_MISP'@'localhost';"
mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "FLUSH PRIVILEGES;"
enableServices
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
echo " 'Database/Mysql',
//'datasource' => 'Database/Postgres',
'persistent' => false,
'host' => '$DBHOST',
'login' => '$DBUSER_MISP',
'port' => 3306, // MySQL & MariaDB
//'port' => 5432, // PostgreSQL
'password' => '$DBPASSWORD_MISP',
'database' => '$DBNAME',
'prefix' => '',
'encoding' => 'utf8',
);
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php 2> /dev/null > /dev/null
else
echo "There might be a database already existing here: /var/lib/mysql/misp/users.ibd"
echo "Skipping any creations…"
sleep 3
fi
debug "Generating Certificate"
openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
-subj "/C=${OPENSSL_C}/ST=${OPENSSL_ST}/L=${OPENSSL_L}/O=${OPENSSL_O}/OU=${OPENSSL_OU}/CN=${OPENSSL_CN}/emailAddress=${OPENSSL_EMAILADDRESS}" \
-keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt
debug "Generating Apache Conf"
genApacheConf
echo "127.0.0.1 misp.local" | tee -a /etc/hosts
debug "Disabling site default-ssl, enabling misp-ssl"
a2dissite default-ssl
a2ensite misp-ssl
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do
sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
done
debug "Restarting Apache2"
systemctl restart apache2
debug "Setting up logrotate"
cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
chmod 0640 /etc/logrotate.d/misp
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
chown -R www-data:www-data $PATH_TO_MISP/app/Config
chmod -R 750 $PATH_TO_MISP/app/Config
debug "Setting up GnuPG"
setupGnuPG 2> /dev/null > /dev/null
debug "Adding workers to systemd"
chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
sudo cp $PATH_TO_MISP/INSTALL/misp-workers.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable --now misp-workers
debug "Running Core Cake commands"
coreCAKE 2> /dev/null > /dev/null
dashboardCAKE 2> /dev/null > /dev/null
debug "Update: Galaxies, Template Objects, Warning Lists, Notice Lists, Taxonomies"
updateGOWNT 2> /dev/null > /dev/null
gitPullAllRCLOCAL
checkUsrLocalSrc
debug "Installing misp-modules"
mispmodules
debug "Installing Viper"
viper
debug "Installing ssdeep"
ssdeep
phpenmod -v 7.3 ssdeep
debug "Setting permissions"
permissions
debug "Running Then End!"
theEnd
}
# End installMISPonKali ()
## End Function Section ##
colors
debug "Checking if we are run as the installer template"
if [[ "$0" == "./INSTALL.tpl.sh" || "$(echo $0 |grep -o -e 'INSTALL.tpl.sh')" == "INSTALL.tpl.sh" ]]; then
generateInstaller
fi
space
debug "Setting MISP variables"
MISPvars
debug "Checking Linux distribution and flavour..."
checkFlavour
debug "Checking for parameters or Unattended Kali Install"
if [[ $# == 0 && $0 != "/tmp/misp-kali.sh" ]]; then
usage
exit
else
debug "Setting install options with given parameters."
# The setOpt/checkOpt function lives in generic/supportFunctions.md
setOpt $@
checkOpt core && echo "${LBLUE}MISP${NC} ${GREEN}core${NC} selected"
checkOpt viper && echo "${GREEN}Viper${NC} selected"
checkOpt modules && echo "${LBLUE}MISP${NC} ${GREEN}modules${NC} selected"
checkOpt dashboard && echo "${LBLUE}MISP${NC} ${GREEN}dashboard${NC} selected"
checkOpt mail2 && echo "${GREEN}Mail 2${NC} ${LBLUE}MISP${NC} selected"
checkOpt all && echo "${GREEN}All options${NC} selected"
checkOpt pre && echo "${GREEN}Pre-flight checks${NC} selected"
checkOpt unattended && echo "${GREEN}unattended${NC} install selected"
checkOpt upgrade && echo "${GREEN}upgrade${NC} install selected"
checkOpt force && echo "${GREEN}force${NC} install selected"
# Check if at least core is selected if no other options that do not require core are set
if [[ "$CORE" != "1" && "$ALL" != "1" && "$UPGRADE" != "1" && "$PRE" != "1" && "$0" != "/tmp/misp-kali.sh" ]]; then
space
usage
echo "You need to at least select core, or -A to install everything."
echo "$0 -c # Is the minima for install options"
exit 1
fi
fi
# Add upgrade option to do upgrade pre flight
[[ -n $PRE ]] && preInstall
[[ -n $UPGRADE ]] && upgrade
[[ -n $NUKE ]] && nuke && exit
# If Ubuntu is detected, figure out which release it is and run the according scripts
if [ "${FLAVOUR}" == "ubuntu" ]; then
RELEASE=$(lsb_release -s -r| tr [A-Z] [a-z])
if [ "${RELEASE}" == "18.04" ]; then
echo "Install on Ubuntu 18.04 LTS fully supported."
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
installSupported && exit || exit
fi
if [ "${RELEASE}" == "18.10" ]; then
echo "Install on Ubuntu 18.10 partially supported, bye."
installSupported && exit || exit
fi
if [ "${RELEASE}" == "19.04" ]; then
echo "Install on Ubuntu 19.04 not supported, bye"
exit 1
fi
if [ "${RELEASE}" == "19.10" ]; then
echo "Install on Ubuntu 19.10 not supported, bye"
exit 1
fi
echo "Installation done!"
exit
fi
# If Debian is detected, figure out which release it is and run the according scripts
if [ "${FLAVOUR}" == "debian" ]; then
CODE=$(lsb_release -s -c| tr [A-Z] [a-z])
if [ "${CODE}" == "buster" ]; then
echo "Install on Debian testing fully supported."
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
installSupported PHP=7.3 && exit || exit
fi
if [ "${CODE}" == "sid" ]; then
echo "Install on Debian unstable not fully supported."
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
installSupported PHP=7.3 && exit || exit
fi
if [ "${CODE}" == "stretch" ]; then
echo "Install on Debian stable fully supported."
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
installSupported PHP=7.0 && exit || exit
fi
echo "Installation done!"
exit 0
fi
# If Tsurugi is detected, figure out which release it is and run the according scripts
if [ "${FLAVOUR}" == "tsurugi" ]; then
CODE=$(lsb_release -s -c| tr [A-Z] [a-z])
if [ "${CODE}" == "bamboo" ]; then
echo "Install on Tsurugi Lab partially supported."
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
fi
if [ "${CODE}" == "soy sauce" ]; then
echo "Install on Tsurugi Acquire partially supported."
echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues"
fi
echo "Installation done!"
exit 0
fi
# If Kali Linux is detected, run the acccording scripts
if [ "${FLAVOUR}" == "kali" ]; then
KALI=1
kaliOnRootR0ckz
installMISPonKali
echo "Installation done!"
exit
fi