oaass · April 12, 2023 00:54 · Darksoul-root · Jul 31, 2021
diff --git a/thpsetup.py b/thpsetup.py
 #!/bin/bash

 echo ""
 echo "=========================================================================="
 echo "= Pentest Attack Machine Setup                                           ="
 echo "= Based on the setup from The Hacker Playbook                            ="
 echo "=========================================================================="
 echo ""

 # Prepare tools folder
 echo "[+] Creating tools folder in /opt"
 mkdir /opt/tools/
 echo ""

 # Setting up metasploit with postgresql
 echo "[+] Setting up metasploit with postgresql"
 service postgresql start
 service metasploit start
 echo ""

 # Adding postgresql and metasploit services rc.d defaults
 echo "[+] Adding postgresql and metasploit to rc.d defaults"
 update-rc.d -f postgresql defaults
 update-rc.d -f metasploit defaults
 echo ""

 # Discover Scripts - Passive reconnaissance
 echo "[+] Installing Discover Scripts"
 cd /opt/tools/
 git clone https://github.com/leebaird/discover.git
 cd /opt/tools/discover/
 /opt/tools/discover/setup.sh
 echo ""

 # SMBexec - Grab hashes out of the Domain Controller and reverse shells
 # Step 1: Select option 1
 # Step 2: Select option 4
 # Step 3: Select option 5
 echo "[+] Installing SMBexec"
 cd /tmp/
 git clone https://github.com/pentestgeek/smbexec.git
 cd /tmp/smbexec/
 echo "[+] Select option 1"
 /tmp/smbexec/install.sh
 echo "[*] Where did you install SMBexec?: "
 read smbexecpath
 $smbexecpath/smbexec/install.sh
 echo ""

 # Veil - Create Python based Meterpreter executable
 echo "[+] Installing Veil Framework"
 cd /opt/tools/
 git clone https://github.com/Veil-Framework/Veil-Evasion.git Veil
 cd /opt/tools/Veil/setup
 /opt/tools/Veil/setup/setup.sh
 echo ""

 # WCE (Windows Credential Editor) - Pulls passwords from memory
 echo "[+] Downloading and installing WCE (Windows Credential Editor)"
 mkdir /opt/tools/wce/
 cd /tmp/
 wget http://www.ampliasecurity.com/research/wce_v1_41beta_universal.zip
 unzip -d /opt/tools/wce/ wce_v1_41beta_universal.zip
 rm -f wce_v1_41beta_universal.zip
 echo ""

 # Mimikatz - Pulls passwords from memory
 echo "[+] Installing Mimikatz"
 mkdir /opt/tools/mimikatz/
 cd /tmp/
 wget https://github.com/gentilkiwi/mimikatz/releases/download/2.0.0-alpha-20150122/mimikatz_trunk.zip
 unzip -d /opt/tools/mimikatz/ mimikatz_trunk.zip
 rm -f mimikatz_trunk.zip
 echo ""

 # PeepingTom - Website snapshots
 echo "[+] Installing PeepingTom"
 cd /opt/tools/
 git clone https://bitbucket.org/LaNMaSteR53/peepingtom.git
 cd /opt/tools/peepingtom/
 wget https://gist.githubusercontent.com/nopslider/5984316/raw/423b02c53d225fe8dfb4e2df9a20bc800cc78e2c/gnmap.pl
 echo ""

 # Download appropriate PhantomJS package
 if $(uname -m | grep '64'); then
    wget http://phantomjs.googlecode.com/files/phantomjs-1.9.2-linux-x86_64.tar.bz2
    tar xf phantomjs-1.9.2-linux-x86_64.tar.bz2
    cp /opt/tools/peepingtom/phantomjs-1.9.2-linux-x86_64/bin/phantomjs .
 else
    wget http://phantomjs.googlecode.com/files/phantomjs-1.9.2-linux-i686.tar.bz2
    tar xf phantomjs-1.9.2-linux-i686.tar.bz2
    cp /opt/tools/peepingtom/phantomjs-1.9.2-linux-i686/bin/phantomjs .
 fi
 echo ""

 # Nmap script - Quicker scanning and smarter identification
 echo "[+] Installing nmap scripts"
 cd /usr/share/nmap/scripts/
 wget https://raw.githubusercontent.com/hdm/scan-tools/master/nse/banner-plus.nse
 echo ""

 # PowerSploit - Scripts for post exploitation
 echo "[+] Installing PowerSploit"
 cd /opt/tools/
 git clone https://github.com/mattifestation/PowerSploit.git
 cd /opt/tools/PowerSploit/
 wget https://raw.githubusercontent.com/obscuresec/random/master/StartListener.py
 wget https://raw.githubusercontent.com/darkoperator/powershell_scripts/master/ps_encoder.py
 echo ""

 # Responder - Used to gain NTLM challenge/response
 echo "[+] Installing Responder"
 cd /opt/tools/
 git clone https://github.com/SpiderLabs/Responder.git
 echo ""

 # SET (Social Engineering Toolkit) - Pre-installed on Kali Linux
 echo "[+] Installing SET (Social Engineering Toolkit)"
 cd /opt/tools/
 git clone https://github.com/trustedsec/social-engineer-toolkit.git set
 cd /opt/tools/set/
 /opt/tools/set/setup.py install
 echo ""

 # Bypassuac - Used to bypass UAC in post exploitation
 # → https://www.trustedsec.com/downloads/
 echo "[+] Installing Bypass UAC"
 cd /tmp/
 wget https://www.trustedsec.com/files/bypassuac.zip
 unzip bypassuac.zip
 cp bypassuac/bypassuac.rb /opt/metasploit/apps/pro/msf3/scripts/meterpreter/
 mv bypassuac/uac/ /opt/metasploit/apps/pro/msf3/data/exploits/
 rm -Rf bypassuac
 echo ""

 # BeEF - cross-site scripting framework
 # â†’ http://beefproject.com/
 echo "[+] Installing BeEF"
 apt-get install beef-xss
 echo ""

 # PEDA - Python Exploit Development Assistance for GDB
 # â†’ Repository: https://github.com/longld/peda
 echo "[+] Installing PEDA"
 git clone https://github.com/longld/peda.git /opt/peda
 echo "source /opt/peda/peda.py" >> ~/.gdbinit
 echo ""

 # The End
 echo "[+] All tools installed successfully!"
 echo "[+] ~~~ Happy Hacking! ~~~"
 echo ""
	#!/bin/bash

	echo ""
	echo "=========================================================================="
	echo "= Pentest Attack Machine Setup ="
	echo "= Based on the setup from The Hacker Playbook ="
	echo "=========================================================================="
	echo ""

	# Prepare tools folder
	echo "[+] Creating tools folder in /opt"
	mkdir /opt/tools/
	echo ""

	# Setting up metasploit with postgresql
	echo "[+] Setting up metasploit with postgresql"
	service postgresql start
	service metasploit start
	echo ""

	# Adding postgresql and metasploit services rc.d defaults
	echo "[+] Adding postgresql and metasploit to rc.d defaults"
	update-rc.d -f postgresql defaults
	update-rc.d -f metasploit defaults
	echo ""

	# Discover Scripts - Passive reconnaissance
	echo "[+] Installing Discover Scripts"
	cd /opt/tools/
	git clone https://github.com/leebaird/discover.git
	cd /opt/tools/discover/
	/opt/tools/discover/setup.sh
	echo ""

	# SMBexec - Grab hashes out of the Domain Controller and reverse shells
	# Step 1: Select option 1
	# Step 2: Select option 4
	# Step 3: Select option 5
	echo "[+] Installing SMBexec"
	cd /tmp/
	git clone https://github.com/pentestgeek/smbexec.git
	cd /tmp/smbexec/
	echo "[+] Select option 1"
	/tmp/smbexec/install.sh
	echo "[*] Where did you install SMBexec?: "
	read smbexecpath
	$smbexecpath/smbexec/install.sh
	echo ""

	# Veil - Create Python based Meterpreter executable
	echo "[+] Installing Veil Framework"
	cd /opt/tools/
	git clone https://github.com/Veil-Framework/Veil-Evasion.git Veil
	cd /opt/tools/Veil/setup
	/opt/tools/Veil/setup/setup.sh
	echo ""

	# WCE (Windows Credential Editor) - Pulls passwords from memory
	echo "[+] Downloading and installing WCE (Windows Credential Editor)"
	mkdir /opt/tools/wce/
	cd /tmp/
	wget http://www.ampliasecurity.com/research/wce_v1_41beta_universal.zip
	unzip -d /opt/tools/wce/ wce_v1_41beta_universal.zip
	rm -f wce_v1_41beta_universal.zip
	echo ""

	# Mimikatz - Pulls passwords from memory
	echo "[+] Installing Mimikatz"
	mkdir /opt/tools/mimikatz/
	cd /tmp/
	wget https://github.com/gentilkiwi/mimikatz/releases/download/2.0.0-alpha-20150122/mimikatz_trunk.zip
	unzip -d /opt/tools/mimikatz/ mimikatz_trunk.zip
	rm -f mimikatz_trunk.zip
	echo ""

	# PeepingTom - Website snapshots
	echo "[+] Installing PeepingTom"
	cd /opt/tools/
	git clone https://bitbucket.org/LaNMaSteR53/peepingtom.git
	cd /opt/tools/peepingtom/
	wget https://gist.githubusercontent.com/nopslider/5984316/raw/423b02c53d225fe8dfb4e2df9a20bc800cc78e2c/gnmap.pl
	echo ""

	# Download appropriate PhantomJS package
	if $(uname -m \| grep '64'); then
	wget http://phantomjs.googlecode.com/files/phantomjs-1.9.2-linux-x86_64.tar.bz2
	tar xf phantomjs-1.9.2-linux-x86_64.tar.bz2
	cp /opt/tools/peepingtom/phantomjs-1.9.2-linux-x86_64/bin/phantomjs .
	else
	wget http://phantomjs.googlecode.com/files/phantomjs-1.9.2-linux-i686.tar.bz2
	tar xf phantomjs-1.9.2-linux-i686.tar.bz2
	cp /opt/tools/peepingtom/phantomjs-1.9.2-linux-i686/bin/phantomjs .
	fi
	echo ""

	# Nmap script - Quicker scanning and smarter identification
	echo "[+] Installing nmap scripts"
	cd /usr/share/nmap/scripts/
	wget https://raw.githubusercontent.com/hdm/scan-tools/master/nse/banner-plus.nse
	echo ""

	# PowerSploit - Scripts for post exploitation
	echo "[+] Installing PowerSploit"
	cd /opt/tools/
	git clone https://github.com/mattifestation/PowerSploit.git
	cd /opt/tools/PowerSploit/
	wget https://raw.githubusercontent.com/obscuresec/random/master/StartListener.py
	wget https://raw.githubusercontent.com/darkoperator/powershell_scripts/master/ps_encoder.py
	echo ""

	# Responder - Used to gain NTLM challenge/response
	echo "[+] Installing Responder"
	cd /opt/tools/
	git clone https://github.com/SpiderLabs/Responder.git
	echo ""

	# SET (Social Engineering Toolkit) - Pre-installed on Kali Linux
	echo "[+] Installing SET (Social Engineering Toolkit)"
	cd /opt/tools/
	git clone https://github.com/trustedsec/social-engineer-toolkit.git set
	cd /opt/tools/set/
	/opt/tools/set/setup.py install
	echo ""

	# Bypassuac - Used to bypass UAC in post exploitation
	# → https://www.trustedsec.com/downloads/
	echo "[+] Installing Bypass UAC"
	cd /tmp/
	wget https://www.trustedsec.com/files/bypassuac.zip
	unzip bypassuac.zip
	cp bypassuac/bypassuac.rb /opt/metasploit/apps/pro/msf3/scripts/meterpreter/
	mv bypassuac/uac/ /opt/metasploit/apps/pro/msf3/data/exploits/
	rm -Rf bypassuac
	echo ""

	# BeEF - cross-site scripting framework
	# â†’ http://beefproject.com/
	echo "[+] Installing BeEF"
	apt-get install beef-xss
	echo ""

	# PEDA - Python Exploit Development Assistance for GDB
	# â†’ Repository: https://github.com/longld/peda
	echo "[+] Installing PEDA"
	git clone https://github.com/longld/peda.git /opt/peda
	echo "source /opt/peda/peda.py" >> ~/.gdbinit
	echo ""

	# The End
	echo "[+] All tools installed successfully!"
	echo "[+] ~~~ Happy Hacking! ~~~"
	echo ""