chandradeoarya · June 5, 2024 02:41
diff --git a/linux-project-permission-ssh.sh b/linux-project-permission-ssh.sh
 #!/bin/bash

 # Create some directories and files
 mkdir -p /var/www/html
 mkdir -p /var/backups
 mkdir -p /etc/company

 # Create users and groups
 groupadd webadmin
 useradd -m -G webadmin alice
 useradd -m -G webadmin bob
 useradd -m attacker

 # Set up bad permissions
 chmod 777 /var/www/html
 chmod 777 /etc/company
 chmod 777 /var/backups

 # Create a hidden malicious script
 echo -e "#!/bin/bash\nrm -rf /var/www/html" > /var/www/html/.hidden_malicious.sh
 chmod +x /var/www/html/.hidden_malicious.sh

 # Create some sensitive files
 echo "Database password: db_pass" > /etc/company/db_password.txt
 echo "Backup schedule: daily at midnight" > /var/backups/schedule.txt

 # Set wrong ownership
 chown attacker:webadmin /var/www/html
 chown attacker:webadmin /etc/company
 chown attacker:webadmin /var/backups

 # Create another script in the wrong place
 echo -e "#!/bin/bash\necho 'Hello World'" > /usr/local/bin/hello.sh
 chmod 777 /usr/local/bin/hello.sh

 # Secure the script with wrong permissions
 chmod 777 /usr/local/bin/hello.sh

 # Add a sudoers misconfiguration
 echo "attacker ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

 # Change some file permissions to read-only
 chmod 444 /etc/company/db_password.txt
 chmod 444 /var/backups/schedule.txt

 # Create a SSH key for the attacker
 mkdir /home/attacker/.ssh
 ssh-keygen -t rsa -N "" -f /home/attacker/.ssh/id_rsa
 cat /home/attacker/.ssh/id_rsa.pub >> /home/attacker/.ssh/authorized_keys
 chmod 700 /home/attacker/.ssh
 chmod 600 /home/attacker/.ssh/authorized_keys
 chown -R attacker:attacker /home/attacker/.ssh

 # Output a completion message
 echo "Scenario setup complete. Good luck!"
	#!/bin/bash

	# Create some directories and files
	mkdir -p /var/www/html
	mkdir -p /var/backups
	mkdir -p /etc/company

	# Create users and groups
	groupadd webadmin
	useradd -m -G webadmin alice
	useradd -m -G webadmin bob
	useradd -m attacker

	# Set up bad permissions
	chmod 777 /var/www/html
	chmod 777 /etc/company
	chmod 777 /var/backups

	# Create a hidden malicious script
	echo -e "#!/bin/bash\nrm -rf /var/www/html" > /var/www/html/.hidden_malicious.sh
	chmod +x /var/www/html/.hidden_malicious.sh

	# Create some sensitive files
	echo "Database password: db_pass" > /etc/company/db_password.txt
	echo "Backup schedule: daily at midnight" > /var/backups/schedule.txt

	# Set wrong ownership
	chown attacker:webadmin /var/www/html
	chown attacker:webadmin /etc/company
	chown attacker:webadmin /var/backups

	# Create another script in the wrong place
	echo -e "#!/bin/bash\necho 'Hello World'" > /usr/local/bin/hello.sh
	chmod 777 /usr/local/bin/hello.sh

	# Secure the script with wrong permissions
	chmod 777 /usr/local/bin/hello.sh

	# Add a sudoers misconfiguration
	echo "attacker ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

	# Change some file permissions to read-only
	chmod 444 /etc/company/db_password.txt
	chmod 444 /var/backups/schedule.txt

	# Create a SSH key for the attacker
	mkdir /home/attacker/.ssh
	ssh-keygen -t rsa -N "" -f /home/attacker/.ssh/id_rsa
	cat /home/attacker/.ssh/id_rsa.pub >> /home/attacker/.ssh/authorized_keys
	chmod 700 /home/attacker/.ssh
	chmod 600 /home/attacker/.ssh/authorized_keys
	chown -R attacker:attacker /home/attacker/.ssh

	# Output a completion message
	echo "Scenario setup complete. Good luck!"