casualscripter/remnux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

now incl. tcpdump

Browse Source
This commit is contained in:
Patrick Neumann 2016-07-03 00:28:19 +02:00
parent 2d6da1164d
commit 4bdf3d5991
1 changed files with 54 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
remnux5_inetsim_script
View File

@ -25,14 +25,15 @@
# (for more there is an german PDF!) # (for more there is an german PDF!)
# #
# REQUIREMENTS: # REQUIREMENTS:
# remnux-5.0-live-cd.iso (from https://remnux.org/) # remnux-5.0-live-cd.iso
# (from https://sourceforge.net/projects/remnux/files/version5/)
# #
# BUGS: # BUGS:
# --- # ---
# #
# NOTES: # NOTES:
# Does run on REMnux >= 4. # Does run on REMnux 4 and 5.
# Does NOT run on REMnux <= 3. # Does NOT run on REMnux <= 3 or => 6!
# #
# AUTHOR: # AUTHOR:
# Patrick Neumann, patrick@neumannsland.de # Patrick Neumann, patrick@neumannsland.de
@ -41,16 +42,16 @@
# (privately) # (privately)
# #
# VERSION: # VERSION:
# 0.6 (beta) # 0.9 (Beta)
# #
# LINK TO THE MOST CURRENT VERSION: # LINK TO THE MOST CURRENT VERSION:
# https://raw.githubusercontent.com/casualscripter/remnux-stuff/master/remnux5_inetsim_script # https://raw.githubusercontent.com/casualscripter/remnux-stuff/master/remnux5_inetsim_script
# #
# CREATED: # CREATED:
# 29.05.2015 # 02.07.2016
# #
# COPYRIGHT (C): # COPYRIGHT (C):
# 2015 - Patrick Neumann # 2015-2016 - Patrick Neumann
# #
# LICENSE: # LICENSE:
# This program is free software: you can redistribute it and/or modify # This program is free software: you can redistribute it and/or modify
@ -68,7 +69,8 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
# #
# HISTORY: # HISTORY:
# 0.6 - Patrick Neumann - Initial (public) release # 0.6 (Alpha) - Patrick Neumann - Initial (public) release
# 0.9 (Beta) - Patrick Neumann - added network capturing
#=============================================================================== #===============================================================================
#=== CONFIGURATION ============================================================= #=== CONFIGURATION =============================================================
@ -89,6 +91,9 @@ readonly LOG_TARGET_LABEL="LOGTARGET"
# Most commonly it will be: "eth0". # Most commonly it will be: "eth0".
readonly ETHDEV="eth0" readonly ETHDEV="eth0"
# Custom timezone (the default in REMnux is "EST5EDT")
readonly TIMEZONE="Europe/Berlin"
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# Check for root privileges. # Check for root privileges.
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
@ -167,6 +172,14 @@ case "${1}" in
exit 1 exit 1
fi fi
#-------------------------------------------------------------------------------
# Configuring custom timezone.
#-------------------------------------------------------------------------------
if [ ! -L "/etc/localtime" ] ; then
/bin/rm "/etc/localtime"
/bin/ln -s "/usr/share/zoneinfo/${TIMEZONE}" "/etc/localtime"
fi
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# Deactivating automatic network configuration. # Deactivating automatic network configuration.
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
@ -189,7 +202,7 @@ case "${1}" in
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
/sbin/ip addr add 10.20.30.1/24 dev "${ETHDEV}" /sbin/ip addr add 10.20.30.1/24 dev "${ETHDEV}"
/sbin/ip link set "${ETHDEV}" up /sbin/ip link set "${ETHDEV}" promisc on up
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# Configuring and starting the "inetsim" service. # Configuring and starting the "inetsim" service.
@ -271,7 +284,7 @@ EOF
/bin/busybox udhcpd -S "${LOG_TARGET}/udhcpd/udhcpd.conf" /bin/busybox udhcpd -S "${LOG_TARGET}/udhcpd/udhcpd.conf"
sleep 1 /bin/sleep 1
if [ ! -f "/var/run/udhcpd.pid" ] ; then if [ ! -f "/var/run/udhcpd.pid" ] ; then
/bin/echo -e " \e[1;31;40m\"udhcpd\" start/reload failed - EXIT!\e[0m" /bin/echo -e " \e[1;31;40m\"udhcpd\" start/reload failed - EXIT!\e[0m"
@ -279,6 +292,25 @@ EOF
exit 1 exit 1
fi fi
#-------------------------------------------------------------------------------
# Start (simple) sniffing.
#-------------------------------------------------------------------------------
if [ ! -d "${LOG_TARGET}/tcpdump" ] ; then
/bin/mkdir "${LOG_TARGET}/tcpdump"
fi
/usr/bin/nohup /usr/sbin/tcpdump \
-s 0 -B 4096 -w "${LOG_TARGET}/tcpdump/capture.pcap" \
> "${LOG_TARGET}/tcpdump/out.txt" 2>&1 &
/bin/sleep 1
if [ ! -f "${LOG_TARGET}/tcpdump/capture.pcap" ] ; then
/bin/echo -e " \e[1;31;40m\"starting tcpdump failed - EXIT!\e[0m"
/bin/echo
exit 1
fi
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# Ready for collecting... # Ready for collecting...
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
@ -315,6 +347,13 @@ EOF
/bin/sed --in-place 's/$/\r/' "${LOG_TARGET}/iptables/save" /bin/sed --in-place 's/$/\r/' "${LOG_TARGET}/iptables/save"
#-------------------------------------------------------------------------------
# Stop sniffing (MS-Windows friendly).
#-------------------------------------------------------------------------------
/bin/kill -INT $( /usr/bin/pgrep "tcpdump" )
/bin/sed --in-place 's/$/\r/' "${LOG_TARGET}/tcpdump/out.txt"
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# Stopping "inetsim" service, save data (MS-Windows friendly) and cleanup. # Stopping "inetsim" service, save data (MS-Windows friendly) and cleanup.
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
@ -356,7 +395,7 @@ EOF
/bin/kill -INT "${UDHCPD_PID}" /bin/kill -INT "${UDHCPD_PID}"
sleep 1 /bin/sleep 1
if /usr/bin/pgrep -f "/bin/busybox udhcpd" > /dev/null 2>&1 ; then if /usr/bin/pgrep -f "/bin/busybox udhcpd" > /dev/null 2>&1 ; then
/bin/echo -e " \e[1;31;40m\"udhcpd\" stop failed - EXIT!\e[0m" /bin/echo -e " \e[1;31;40m\"udhcpd\" stop failed - EXIT!\e[0m"
@ -376,6 +415,11 @@ EOF
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
/bin/sync /bin/sync
#-------------------------------------------------------------------------------
# Loosen rights for non-administrators.
#-------------------------------------------------------------------------------
/bin/chmod -R +r "${LOG_TARGET}"
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# ... stopped. # ... stopped.
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------