diff --git a/deploy.sh b/deploy.sh index 581650b..bf66906 100755 --- a/deploy.sh +++ b/deploy.sh @@ -61,7 +61,7 @@ if [ "${LATEST_COMMIT}" != "$(cat /tmp/misp-latest.sha)" ]; then # Current file list of everything to gpg sign and transfer - FILE_LIST="MISP_${VER}@${LATEST_COMMIT}-vmware.zip output-virtualbox-iso/MISP_${VER}@${LATEST_COMMIT}.ova packer_virtualbox-iso_virtualbox-iso_sha1.checksum packer_virtualbox-iso_virtualbox-iso_sha256.checksum packer_virtualbox-iso_virtualbox-iso_sha384.checksum packer_virtualbox-iso_virtualbox-iso_sha512.checksum MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha1 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha256 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha384 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha512 mysql.txt" + FILE_LIST="MISP_${VER}@${LATEST_COMMIT}-vmware.zip output-virtualbox-iso/MISP_${VER}@${LATEST_COMMIT}.ova packer_virtualbox-iso_virtualbox-iso_sha1.checksum packer_virtualbox-iso_virtualbox-iso_sha256.checksum packer_virtualbox-iso_virtualbox-iso_sha384.checksum packer_virtualbox-iso_virtualbox-iso_sha512.checksum MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha1 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha256 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha384 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha512" # Create the latest MISP export directory ssh ${REL_USER}@${REL_SERVER} mkdir -p export/MISP_${VER}@${LATEST_COMMIT} @@ -79,7 +79,6 @@ if [ "${LATEST_COMMIT}" != "$(cat /tmp/misp-latest.sha)" ]; then ssh ${REL_USER}@${REL_SERVER} cd export ; tree -T "MISP VM Images" -H https://www.circl.lu/misp-images/ -o index.html # Remove files for next run - rm mysql.txt rm -r output-virtualbox-iso rm -r output-vmware-iso rm *.checksum *.zip *.sha* diff --git a/misp.json b/misp.json index a13f3d1..4b62211 100644 --- a/misp.json +++ b/misp.json @@ -29,7 +29,9 @@ ["modifyvm", "{{.Name}}", "--memory", "2048"], ["modifyvm", "{{.Name}}", "--natpf1", "ssh,tcp,,2222,0.0.0.0,22" ], ["modifyvm", "{{.Name}}", "--natpf1", "http,tcp,,8080,,80" ], + ["modifyvm", "{{.Name}}", "--natpf1", "https,tcp,,8443,,443" ], ["modifyvm", "{{.Name}}", "--natpf1", "dashboard,tcp,,8001,0.0.0.0,8001" ], + ["modifyvm", "{{.Name}}", "--natpf1", "viper,tcp,,8888,0.0.0.0,8888" ], ["modifyvm", "{{.Name}}", "--natpf1", "misp-modules,tcp,,1666,0.0.0.0,6666" ], ["modifyvm", "{{.Name}}", "--vram", "32"] ], diff --git a/scripts/bootstrap.sh b/scripts/bootstrap.sh index cb832fb..861c32b 100644 --- a/scripts/bootstrap.sh +++ b/scripts/bootstrap.sh @@ -72,7 +72,7 @@ GPG_REAL_NAME='Autogenerated Key' GPG_COMMENT='WARNING: MISP AutoGenerated VM consider this Key VOID!' GPG_EMAIL_ADDRESS='admin@admin.test' GPG_KEY_LENGTH='2048' -GPG_PASSPHRASE='' +GPG_PASSPHRASE='Password1234' # php.ini configuration upload_max_filesize=50M @@ -412,13 +412,14 @@ sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_organisation sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "GnuPG.email" "admin@admin.test" sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "GnuPG.homedir" "/var/www/MISP/.gnupg" +sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "GnuPG.password" "Password1234" sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.host_org_id" 1 sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.email" "info@admin.test" sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.disable_emailing" true sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.contact" "info@admin.test" sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.disablerestalert" true sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.showCorrelationsOnIndex" true -sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "Session.autoRegenerate" false +sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "Session.autoRegenerate" 0 sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "Session.timeout" 600 sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "Session.cookie_timeout" 3600 @@ -435,7 +436,7 @@ cat >/tmp/gen-key-script < /dev/null 2>&1 @@ -517,6 +519,38 @@ sudo pip3 install stix2 > /dev/null 2>&1 # With initd: # sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local +echo "--- Installing viper-framework ---" +cd /usr/local/src/ +apt-get install -y libssl-dev swig python3-ssdeep p7zip-full unrar sqlite python3-pyclamd exiftool radare2 +pip3 install SQLAlchemy PrettyTable python-magic 2>&1 +git clone https://github.com/viper-framework/viper.git +cd viper +git submodule init +git submodule update +pip3 install -r requirements.txt > /dev/null 2>&1 +sudo -u misp /usr/local/src/viper/viper-cli -h > /dev/null 2>&1 +sudo -u misp /usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 & +echo 'PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper"' |sudo tee /etc/environment + +echo "--- Installing mail2misp ---" +cd /usr/local/src/ +sudo apt-get install -y cmake +sudo git clone https://github.com/MISP/mail_to_misp.git +sudo git clone git://github.com/stricaud/faup.git +cd faup +sudo mkdir -p build +cd build +sudo cmake .. && sudo make +sudo make install +sudo ldconfig +cd ../../ +cd mail_to_misp +sudo pip3 install -r requirements.txt > /dev/null 2>&1 +sudo cp mail_to_misp_config.py-example mail_to_misp_config.py + +echo "--- Generating Certificate ---" +sudo openssl req -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=LU/ST=/L=Luxembourg/O=CIRCL/OU=VM AutoGen/CN=localhost/emailAddress=admin@admin.test" -keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt + echo "--- Setting the permissions… ---" sudo chown -R www-data:www-data $PATH_TO_MISP @@ -553,12 +587,24 @@ sudo $PATH_TO_MISP/app/Console/cake Baseurl "" echo "--- Enabling MISP new pub/sub feature (ZeroMQ)… ---" sudo apt-get install -y pkg-config python-redis python-zmq python3-zmq > /dev/null 2>&1 +echo "--- Configuring viper ---" +sed -i "s/^misp_url\ =/misp_url\ =\ http:\/\/localhost/g" ~/.viper/viper.conf +sed -i "s/^misp_key\ =/misp_key\ =\ $AUTH_KEY/g" ~/.viper/viper.conf +# Setting viper-web admin user password to 'Password1234' +sqlite3 ~/.viper/admin.db 'UPDATE auth_user SET password="pbkdf2_sha256$100000$iXgEJh8hz7Cf$vfdDAwLX8tko1t0M1TLTtGlxERkNnltUnMhbv56wK/U="' + +echo "--- Configuring mail2misp ---" +sudo sed -i "s/^misp_url\ =\ 'YOUR_MISP_URL'/misp_url\ =\ 'http:\/\/localhost'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py +sudo sed -i "s/^misp_key\ =\ 'YOUR_KEY_HERE'/misp_key\ =\ '$AUTH_KEY'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py + echo "--- Setting the permissions… ---" sudo chown -R www-data:www-data $PATH_TO_MISP sudo chmod -R 750 $PATH_TO_MISP sudo chmod -R g+ws $PATH_TO_MISP/app/tmp sudo chmod -R g+ws $PATH_TO_MISP/app/files sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp +sudo chmod 700 $PATH_TO_MISP/.gnupg +sudo chown -R misp:misp ~misp/.viper echo "--- Setting Baseurl ---" sudo $PATH_TO_MISP/app/Console/cake Baseurl "" @@ -569,7 +615,8 @@ echo "Web interface (default network settings): $MISP_BASEURL" echo "MISP admin: admin@admin.test/admin" echo "Shell/SSH: misp/Password1234" echo "MySQL: $DBUSER_ADMIN/$DBPASSWORD_ADMIN - $DBUSER_MISP/$DBPASSWORD_MISP" -echo "MySQL: $DBUSER_ADMIN/$DBPASSWORD_ADMIN - $DBUSER_MISP/$DBPASSWORD_MISP" > mysql.txt +echo "MySQL: $DBUSER_ADMIN/$DBPASSWORD_ADMIN - $DBUSER_MISP/$DBPASSWORD_MISP" > ~/mysql.txt +chown misp:misp ~/mysql.txt TIME_END=$(date +%s)