Bashscript for security fun

2015-08-23 23:00:00
Posted in: Security Fun
Views: 3317

Using a bashscript to combine security checks


Currently the following applications are used:

  • clamav
  • rkunter
  • rhkrootkit
  • nmap
Still working on shorewall...

Warning! This script is not to be used in live enviroments. I wrote it to see what's possible. The script is not tested outside my virtual machine.

#!/bin/bash
# autorun yes | sudo bash securityChecker.sh


#############################
#		  WARNINGS			#
############################# 
# 1. this script will install: rkhunter chrootkit clamscan shorewall
# 2. if one of the above mentioned applications is active this script will kill it
# 3. for use on VM's nice 19 seems to work best on I5
# 4. when using cleanup all files including SHOREWALL shall be removed 


#Black        0;30     Dark Gray     1;30
#Blue         0;34     Light Blue    1;34
#Green        0;32     Light Green   1;32
#Cyan         0;36     Light Cyan    1;36
#Red          0;31     Light Red     1;31
#Purple       0;35     Light Purple  1;35
#Brown/Orange 0;33     Yellow        1;33
#Light Gray   0;37     White         1;37


#############################
#	configuration settings	#
#############################
global_mode=normal														#hidden, quiet, normal, speak, debug
global_nice=19															#cpu load of the applications being started by this script
global_logFile='securityOutput.txt'										#logfile (allways active)
progs=("rkhunter" "chkrootkit" "clamav" "nmap")							#the applications/tools this script uses

rkhunter='sudo rkhunter --update --check'								#rkhunter parameters
chkrootkit='sudo chkrootkit'											#chkrootkit parameters
clamav='sudo freshclam && clamscan'										#clamav parameters
nmap='sudo nmap localhost'												#nmap parameters
	
clean="apt-get autoremove"												#clean system
basic="apt-get update"													#system update command
upgrade="apt-get upgrade"												#system upgrade command

red='\033[0;31m'														#used for alerts
green='\033[0;32m'														#used for succes
blue='\033[0;34m'														#used for titlel
NC='\033[0m' 															#no color			



#############################
#		output options		#
#############################
outputToAll(){
	outputToLog				
	if [ $global_mode = "normal" ];then
		outputToScreen	
	fi
	if [ $global_mode = "speak" ];then
		outputToSound
	fi
	if [ $global_mode = "debug" ];then
		outputToDebug
	fi
}
outputToScreen(){
	echo "$global_output"	
}
outputToLog(){
	echo "$global_output" >> "$global_logFile"
}
outputToSound(){
	echo "$global_output" | espeak -p 40 -s 150
}
outputToDebug(){
	( set -o posix ; set ) 												

}




#############################
#		business logic		#
#############################
checkOS(){
	global_os_found="false"
	if [[ $(uname -a | grep Ubuntu | wc -l) > 0 ]];then
		global_os_found="Ubuntu"
	fi
	if [[ $(uname -a | grep Debian | wc -l) > 0 ]];then
		global_os_found="Debian"
	fi
}

checkIfInstalled(){
	global_command_response=$(find /var/lib/ | grep "$global_test" | wc -l)				#we expect more then 0 when installed
	if [[ $global_command_response  > 0 ]];then
		global_file_found="true"
	else
		global_file_found="false"
	fi
}

checkIfRunning(){
	global_command_response=$(ps -ef | grep -v grep | grep "$global_test" | wc -l)		#we expect 0 when not running
	if [[ $global_command_response = 0 ]];then
		echo $global_test"not running"
		global_ps_running="false"
	else
		echo -e $global_test"${red}is running${NC}"
		global_ps_running="true"
	fi
}

startPs(){
	yes|nice=$global_nice ${!global_test}													#get configured parameters and start function
}


#############################
#		controller			#
#############################
global_output=''
outputToAll
outputToAll
global_output='GTB security checker started, please wait..'
outputToAll

#os check loop
global_output='1/5 Checking the OS'
echo -e "${blue}"
outputToAll 
echo -e "${NC}"
checkOS
if [[ "$global_os_found" != "false" ]];then
	global_output='  Your OS ('$global_os_found') is recognized and supported'
	echo -e "${green}"
	outputToAll 
	echo -e "${NC}"
else
	global_output="  Your OS is not recognized. System wil now exit"
	echo -e "${red}"
	outputToAll 
	echo -e "${NC}"
	exit
fi

#install loop
global_output='2/5 Starting tool / file check'
echo -e "${blue}"
outputToAll 
echo -e "${NC}"
for i in "${progs[@]}"
do
   :
   global_test=$i
   checkIfInstalled
	if [ "$global_file_found" = "true" ];then
		global_output='  '$i' installed'
		echo -e "${green}"
		outputToAll 
		echo -e "${NC}"
	else
		global_output='  '$i' not found, starting installation'
		echo -e "${red}"
		outputToAll 
		echo -e "${NC}"
		apt-get install $i							#remove this to a new function (install software)
		global_output='  '$i' installed, this script wil restart in 5 seconds. please wait..'
		echo -e "${green}"
		outputToAll
		echo -e "${NC}"
		sleep 5
		sudo bash securityChecker.sh
		exit
	fi
   
done

#system update
global_output='3/5 Updating the operating system'
echo -e "${blue}"
outputToAll 
echo -e "${NC}"
global_test=clean
global_output=$(startPs)
outputToAll
global_test=basic
global_output=$(startPs)
outputToAll
global_test=upgrade
global_output=$(startPs)
outputToAll


#kill loop
global_output='4/5 Killing processes we need'
echo -e "${blue}"
outputToAll 
echo -e "${NC}"

for i in "${progs[@]}"
do
   :
   global_test=$i
   checkIfRunning
   if [ "$global_ps_running" = "false" ]; then
		echo $i" not running" 
   else
		echo $i" is running, kill kill"
   fi
done





#start loop
global_output='5/5 Starting processes'
echo -e "${blue}"
outputToAll 
echo -e "${NC}"

for i in "${progs[@]}"
do
   :
   global_test=$i
   global_output="starting: "$i
   outputToAll
   #echo $i "installed and ready, starting"
   global_output=$(startPs)
   outputToAll
done

#if global_mode=hidden start cleanup loop


global_output='securiy checker completed, no errors found'
outputToAll



# include back-up script 
# get files from repo
# run checks below
# zip files and move to ...


why-guy add:

Last Tweets: