From 057778b68c2ca9f5a631f4526483ffc19a5f4f92 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Wed, 28 Mar 2018 16:10:57 +0200 Subject: [PATCH] - Added some new defaults 2Gig Ram 25Gig Hdd - Port forwards added 80/22/8001 -> 8080/2222/8001 - Update to php7.1 php.ini --- deploy.sh | 14 ++++++- misp.json | 21 +++++++++- scripts/bootstrap.sh | 94 ++++++++++++++++++++++++++------------------ 3 files changed, 88 insertions(+), 41 deletions(-) diff --git a/deploy.sh b/deploy.sh index cb494c1..232ecb2 100755 --- a/deploy.sh +++ b/deploy.sh @@ -1,5 +1,8 @@ #!/usr/bin/env bash +# Timing creation +TIME_START=$(date +%s) + # Latest version of misp VER=$(curl -s https://api.github.com/repos/MISP/MISP/tags |jq -r '.[0] | .name') # Latest commit hash of misp @@ -19,6 +22,9 @@ PACKER_LOG=1 # Make sure we have a current work directory PWD=`pwd` +# Fetching latest MISP LICENSE +/usr/bin/wget -q -O /tmp/LICENSE https://raw.githubusercontent.com/MISP/MISP/2.4/LICENSE + # Place holder, this fn() should be used to anything signing related function signify() { @@ -63,8 +69,8 @@ if [ "${LATEST_COMMIT}" != "$(cat /tmp/misp-latest.sha)" ]; then # Sign and transfer files for FILE in ${FILE_LIST}; do gpg --armor --output ${FILE}.asc --detach-sig ${FILE} - rsync -azv --progress ${FILE} ${REL_USER}@${REL_SERVER}:export/MISP_${VER}@${LATEST_COMMIT} - rsync -azv --progress ${FILE}.asc ${REL_USER}@${REL_SERVER}:export/MISP_${VER}@${LATEST_COMMIT} + rsync -azvq --progress ${FILE} ${REL_USER}@${REL_SERVER}:export/MISP_${VER}@${LATEST_COMMIT} + rsync -azvq --progress ${FILE}.asc ${REL_USER}@${REL_SERVER}:export/MISP_${VER}@${LATEST_COMMIT} ssh ${REL_USER}@${REL_SERVER} rm export/latest ssh ${REL_USER}@${REL_SERVER} ln -s MISP_${VER}@${LATEST_COMMIT} export/latest ssh ${REL_USER}@${REL_SERVER} chmod -R +r export @@ -83,6 +89,10 @@ if [ "${LATEST_COMMIT}" != "$(cat /tmp/misp-latest.sha)" ]; then rm packer_virtualbox-iso_virtualbox-iso_sha512.checksum.asc rm MISP_${VER}@${LATEST_COMMIT}-vmware.zip.asc echo ${LATEST_COMMIT} > /tmp/misp-latest.sha + TIME_END=$(date +%s) + TIME_DELTA=$(expr ${TIME_END} - ${TIME_START}) + + echo "The generation took ${TIME_DELTA} seconds" else echo "Current MISP version ${VER}@${LATEST_COMMIT} is up to date." fi diff --git a/misp.json b/misp.json index ad93108..19e57da 100644 --- a/misp.json +++ b/misp.json @@ -3,8 +3,10 @@ "ssh_name": "misp", "ssh_pass": "Password1234", "hostname": "misp", + "vm_version": "2.4", + "vm_description": "MISP, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently.", "vm_name": "MISP_demo", - "disk_size": "10000" + "disk_size": "25000" }, "builders": [{ @@ -14,7 +16,20 @@ "format": "ova", "vm_name": "{{user `vm_name`}}", + "export_opts": + [ + "--manifest", + "--vsys", "0", + "--eulafile", "/tmp/LICENSE", + "--description", "{{user `vm_description`}}", + "--version", "{{user `vm_version`}}" + ], + "vboxmanage": [ + ["modifyvm", "{{.Name}}", "--memory", "2048"], + ["modifyvm", "{{.Name}}", "--natpf1", "ssh,tcp,,2222,,22" ], + ["modifyvm", "{{.Name}}", "--natpf1", "http,tcp,,8080,,80" ], + ["modifyvm", "{{.Name}}", "--natpf1", "dashboard,tcp,,8001,127.0.0.1,8001" ], ["modifyvm", "{{.Name}}", "--vram", "32"] ], @@ -70,6 +85,10 @@ "shutdown_command": "echo {{user `ssh_pass`}} | sudo -S shutdown -P now", + "vmx_data": { + "memsize": "2048" + }, + "boot_command" : [ "", "/install/vmlinuz noapic ", diff --git a/scripts/bootstrap.sh b/scripts/bootstrap.sh index 63bf794..cd49255 100644 --- a/scripts/bootstrap.sh +++ b/scripts/bootstrap.sh @@ -1,36 +1,36 @@ #!/usr/bin/env bash ## Source of the vercomp function: https://stackoverflow.com/questions/4023830/how-to-compare-two-strings-in-dot-separated-version-format-in-bash -# vercomp () { -# if [[ $1 == $2 ]] -# then -# return 0 -# fi -# local IFS=. -# local i ver1=($1) ver2=($2) -# # fill empty fields in ver1 with zeros -# for ((i=${#ver1[@]}; i<${#ver2[@]}; i++)) -# do -# ver1[i]=0 -# done -# for ((i=0; i<${#ver1[@]}; i++)) -# do -# if [[ -z ${ver2[i]} ]] -# then -# # fill empty fields in ver2 with zeros -# ver2[i]=0 -# fi -# if ((10#${ver1[i]} > 10#${ver2[i]})) -# then -# return 1 -# fi -# if ((10#${ver1[i]} < 10#${ver2[i]})) -# then -# return 2 -# fi -# done -# return 0 -# } +##vercomp () { +## if [[ $1 == $2 ]] +## then +## return 0 +## fi +## local IFS=. +## local i ver1=($1) ver2=($2) +## # fill empty fields in ver1 with zeros +## for ((i=${#ver1[@]}; i<${#ver2[@]}; i++)) +## do +## ver1[i]=0 +## done +## for ((i=0; i<${#ver1[@]}; i++)) +## do +## if [[ -z ${ver2[i]} ]] +## then +## # fill empty fields in ver2 with zeros +## ver2[i]=0 +## fi +## if ((10#${ver1[i]} > 10#${ver2[i]})) +## then +## return 1 +## fi +## if ((10#${ver1[i]} < 10#${ver2[i]})) +## then +## return 2 +## fi +## done +## return 0 +##} MISP_BRANCH='2.4' @@ -55,6 +55,9 @@ MISP_BASEURL='' MISP_LIVE='1' FQDN='localhost' +# Timing creation +TIME_START=$(date +%s) + # OpenSSL configuration OPENSSL_C='LU' OPENSSL_ST='State' @@ -77,12 +80,13 @@ max_execution_time=300 memory_limit=512M PHP_INI=/etc/php/7.1/apache2/php.ini ## Starting Ubuntu 18.04 php71 is default -# vercomp 18.04 ${UBUNTU_VERSION} -# case $? in -# 0) op='=';PHP_INI=/etc/php/7.1/apache2/php.ini;; -# 1) op='>';PHP_INI=/etc/php/7.1/apache2/php.ini;; -# 2) op='<';PHP_INI=/etc/php/7.0/apache2/php.ini;; -# esac +##vercomp 18.04 ${UBUNTU_VERSION} +##case $? in +## 0) op='=';PHP_INI='/etc/php/7.1/apache2/php.ini';; +## 1) op='>';PHP_INI='/etc/php/7.1/apache2/php.ini';; +## 2) op='<';PHP_INI='/etc/php/7.0/apache2/php.ini';; +##esac +PHP_INI='/etc/php/7.1/apache2/php.ini' @@ -201,6 +205,14 @@ sudo python setup.py install > /dev/null 2>&1 # install STIX2.0 library to support STIX 2.0 export: sudo pip3 install stix2 > /dev/null 2>&1 +echo "--- Installing misp-dashboard ---" +cd /var/www +sudo mkdir misp-dashboard +sudo chown www-data:www-data misp-dashboard +sudo -u www-data git clone https://github.com/MISP/misp-dashboard.git +cd misp-dashboard +sudo /var/www/misp-dashboard/install_dependencies.sh + echo "--- Retrieving CakePHP… ---" # CakePHP is included as a submodule of MISP, execute the following commands to let git fetch it: cd $PATH_TO_MISP @@ -336,8 +348,6 @@ EOF sudo chown -R www-data:www-data $PATH_TO_MISP/app/Config sudo chmod -R 750 $PATH_TO_MISP/app/Config # Set some MISP directives with the command line tool -##sudo $PATH_TO_MISP/app/Console/cake Baseurl "" -##sudo -u www-data /var/www/MISP/app/Console/cake Baseurl http:// sudo $PATH_TO_MISP/app/Console/cake Live $MISP_LIVE @@ -440,6 +450,8 @@ curl -k -X POST -H "Authorization: $AUTH_KEY" -H "Accept: application/json" -v h echo "--- Updating the taxonomies… ---" curl -k -X POST -H "Authorization: $AUTH_KEY" -H "Accept: application/json" -v http://127.0.0.1/taxonomies/update > /dev/null 2>&1 +echo "--- Setting Baseurl ---" +sudo $PATH_TO_MISP/app/Console/cake Baseurl "" # echo "--- Enabling MISP new pub/sub feature (ZeroMQ)… ---" # # ZeroMQ depends on the Python client for Redis @@ -475,3 +487,9 @@ echo "Web interface (default network settings): $MISP_BASEURL" echo "MISP admin: admin@admin.test/admin" echo "Shell/SSH: misp/Password1234" echo "MySQL: $DBUSER_ADMIN/$DBPASSWORD_ADMIN - $DBUSER_MISP/$DBPASSWORD_MISP" + + +TIME_END=$(date +%s) +TIME_DELTA=$(expr ${TIME_END} - ${TIME_START}) + +echo "The generation took ${TIME_DELTA} seconds"