test backport fix for hostname

... leaving comment for DNS variant

README.md

@@ -1,5 +1,3 @@
-[![Gitter](https://img.shields.io/gitter/room/nwjs/nw.js.svg?maxAge=2592000)](https://gitter.im/dtag-dev-sec/tpotce)
-
 # T-Pot 16.10 Image Creator
 
 This repository contains the necessary files to create the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)**  ISO image.

installer/bin/dcres.sh

@@ -60,7 +60,7 @@ if [ $myUPTIME -gt 4 ];
     echo "### Removing obsolete container data ..."
     docker rm -v $(docker ps -aq)
     echo "### Removing obsolete image data ..."
-    docker rmi $(docker images | grep "^<none>" | awk '{print $3}')
+    docker rmi $(docker images | grep "<none>" | awk '{print $3}')
     echo "### Starting T-Pot services ..."
     for i in $myIMAGES
       do

installer/bin/myip.sh

@@ -0,0 +1,96 @@
+#!/bin/bash
+
+## Get my external IP
+
+timeout=2   # seconds to wait for a reply before trying next server
+verbose=1   # prints which server was used to STDERR
+
+dnslist=(
+    "dig +short            myip.opendns.com        @resolver1.opendns.com"
+    "dig +short            myip.opendns.com        @resolver2.opendns.com"
+    "dig +short            myip.opendns.com        @resolver3.opendns.com"
+    "dig +short            myip.opendns.com        @resolver4.opendns.com"
+    "dig +short    -t txt  o-o.myaddr.l.google.com @ns1.google.com"
+    "dig +short -4 -t a    whoami.akamai.net       @ns1-1.akamaitech.net"
+    "dig +short            whoami.akamai.net       @ns1-1.akamaitech.net"
+)
+
+httplist=(
+    4.ifcfg.me
+    alma.ch/myip.cgi
+    api.infoip.io/ip
+    api.ipify.org
+    bot.whatismyipaddress.com
+    canhazip.com
+    checkip.amazonaws.com
+    eth0.me
+    icanhazip.com
+    ident.me
+    ipecho.net/plain
+    ipinfo.io/ip
+    ipof.in/txt
+    ip.tyk.nu
+    l2.io/ip
+    smart-ip.net/myip
+    tnx.nl/ip
+    wgetip.com
+    whatismyip.akamai.com
+)
+
+
+
+# function to shuffle the global array "array"
+shuffle() {
+   local i tmp size max rand
+   size=${#array[*]}
+   max=$(( 32768 / size * size ))
+   for ((i=size-1; i>0; i--)); do
+      while (( (rand=$RANDOM) >= max )); do :; done
+      rand=$(( rand % (i+1) ))
+      tmp=${array[i]} array[i]=${array[rand]} array[rand]=$tmp
+   done
+}
+
+
+# if we have dig and a list of dns methods, try that first
+if hash dig 2>/dev/null && [ ${#dnslist[*]} -gt 0 ]; then
+    eval array=( \"\${dnslist[@]}\" )
+    shuffle
+
+    for cmd in "${array[@]}"; do
+        [ "$verbose" == 1 ] && echo Trying: $cmd 1>&2
+        ip=$(timeout $timeout $cmd)
+        if [ -n "$ip" ]; then
+            echo $ip
+            exit
+        fi
+    done
+fi
+
+
+# if we haven't succeeded with DNS, try HTTP
+
+if [ ${#httplist[*]} == 0 ]; then
+    echo "No hosts in httplist array!" >&2
+    exit 1
+fi
+
+# use curl or wget, depending on which one we find
+curl_or_wget=$(if hash curl 2>/dev/null; then echo curl; elif hash wget 2>/dev/null; then echo "wget -qO-"; fi);
+
+if [ -z "$curl_or_wget" ]; then
+    echo "Neither curl nor wget found. Cannot use http method." >&2
+    exit 1
+fi
+
+eval array=( \"\${httplist[@]}\" )
+shuffle
+
+for url in "${array[@]}"; do
+    [ "$verbose" == 1 ] && echo Trying: $curl_or_wget -s "$url" 1>&2
+    ip=$(timeout $timeout $curl_or_wget -s "$url")
+    if [ -n "$ip" ]; then
+        echo $ip
+        exit
+    fi
+done

installer/data/ews/conf/ews.cfg

@@ -15,6 +15,7 @@ username = community-01-user
 token = foth{a5maiCee8fineu7
 rhost_first = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
 rhost_second = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
+ignorecert = false
 
 [HPFEED]
 hpfeed = false
@@ -75,3 +76,8 @@ targetip =
 eMobility = true
 nodeid = emobility-community-01
 logfile = /data/eMobility/log/centralsystemEWS.log
+
+[CONPOT]
+conpot = true
+nodeid = conpot-community-01
+logfile = /data/conpot/log/conpot.json

installer/data/systemd/netdata.service

@@ -7,6 +7,7 @@ After=docker.service
 Restart=always
 ExecStartPre=-/usr/bin/docker stop netdata
 ExecStartPre=-/usr/bin/docker rm -v netdata
+ExecStartPre=-/bin/chmod 666 /var/run/docker.sock
 ExecStart=/usr/bin/docker run --name netdata --net=host --cap-add=SYS_PTRACE --rm=true -v /proc:/host/proc:ro -v /sys:/host/sys:ro -v /var/run/docker.sock:/var/run/docker.sock dtagdevsec/netdata:latest1610
 ExecStop=/usr/bin/docker stop netdata 
 

installer/etc/rc.local

@@ -2,7 +2,7 @@
 # Let's add the first local ip to the /etc/issue and external ip to ews.ip file
 source /etc/environment
 myLOCALIP=$(hostname -I | awk '{ print $1 }')
-myEXTIP=$(curl -s myexternalip.com/raw)
+myEXTIP=$(/usr/bin/myip.sh)
 sed -i "s#IP:.*#IP: $myLOCALIP ($myEXTIP)#" /etc/issue
 sed -i "s#SSH:.*#SSH: ssh -l tsec -p 64295 $myLOCALIP#" /etc/issue
 sed -i "s#WEB:.*#WEB: https://$myLOCALIP:64297#" /etc/issue

installer/install.sh

@@ -3,7 +3,7 @@
 # T-Pot post install script                            #
 # Ubuntu server 16.04.0, x64                           #
 #                                                      #
-# v16.10.0 by mo, DTAG, 2016-10-28                     #
+# v16.10.0 by mo, DTAG, 2016-12-03                     #
 ########################################################
 
 # Some global vars
@@ -23,7 +23,7 @@ fuECHO () {
 }
 
 fuRANDOMWORD () {
-  local myWORDFILE=/usr/share/dict/names
+  local myWORDFILE="$1"
   local myLINES=$(cat $myWORDFILE  | wc -l)
   local myRANDOM=$((RANDOM % $myLINES))
   local myNUM=$((myRANDOM * myRANDOM % $myLINES + 1))
@@ -189,9 +189,10 @@ tee -a /etc/network/interfaces <<EOF
 ### This configuration was tested with the IntelNUC series
 ### If problems occur you can try and change wpa-driver to "iwlwifi"
 ### Do not forget to enter a ssid in /etc/wpa_supplicant/wireless8021x.conf
+### The Intel NUC uses wlpXsY notation instead of wlanX
 #
-#auto wlan0
-#iface wlan0 inet dhcp
+#auto wlp2s0
+#iface wlp2s0 inet dhcp
 #        wpa-driver wext
 #        wpa-conf /etc/wpa_supplicant/wireless8021x.conf
 EOF
@@ -272,35 +273,18 @@ pip install --upgrade pip
 pip install alerta
 fuECHO "### Installing wetty."
 ln -s /usr/bin/nodejs /usr/bin/node
-npm install git://github.com/t3chn0m4g3/wetty -g
-
-# Let's add the docker repository
-fuECHO "### Adding the docker repository."
-apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
-tee /etc/apt/sources.list.d/docker.list <<EOF
-deb https://apt.dockerproject.org/repo ubuntu-xenial main
-EOF
-
-# Let's pull some updates
-fuECHO "### Pulling Updates."
-apt-get update -y
-
-# Let's install docker
-fuECHO "### Installing docker-engine."
-fuECHO "### You can safely ignore the [FAILED] message,"
-fuECHO "### which is caused by a bug in the docker installer."
-apt-get install docker-engine=1.12.2-0~xenial -y || true && sleep 5
+npm install https://github.com/t3chn0m4g3/wetty -g
 
 # Let's add proxy settings to docker defaults
 if [ -f $myPROXYFILEPATH ];
 then fuECHO "### Setting up the proxy for docker."
 myPROXY=$(cat $myPROXYFILEPATH)
 tee -a /etc/default/docker <<EOF
-export http_proxy=$myPROXY
-export https_proxy=$myPROXY
-export HTTP_PROXY=$myPROXY
-export HTTPS_PROXY=$myPROXY
-export no_proxy=localhost,127.0.0.1,.sock
+http_proxy=$myPROXY
+https_proxy=$myPROXY
+HTTP_PROXY=$myPROXY
+HTTPS_PROXY=$myPROXY
+no_proxy=localhost,127.0.0.1,.sock
 EOF
 fi
 
@@ -311,11 +295,9 @@ adduser --system --no-create-home --uid 2000 --disabled-password --disabled-logi
 
 # Let's set the hostname
 fuECHO "### Setting a new hostname."
-myHOST=$(curl -s www.nsanamegenerator.com | html2text | tr A-Z a-z | awk '{print $1}')
-if [ "$myHOST" = "" ]; then
-  fuECHO "### Failed to fetch name from remote, using local cache."
-  myHOST=$(fuRANDOMWORD)
-fi
+a=$(fuRANDOMWORD /usr/share/dict/a.txt)
+n=$(fuRANDOMWORD /usr/share/dict/n.txt)
+myHOST=$a$n
 hostnamectl set-hostname $myHOST
 sed -i 's#127.0.1.1.*#127.0.1.1\t'"$myHOST"'#g' /etc/hosts
 
@@ -367,7 +349,6 @@ for name in $(cat /root/tpot/data/images.conf)
   do
     docker pull dtagdevsec/$name:latest1610
   done
-#fi
 
 # Let's add the daily update check with a weekly clean interval
 fuECHO "### Modifying update checks."

preseed/tpot.seed

@@ -100,7 +100,7 @@ tasksel tasksel/first multiselect ubuntu-server
 ########################
 ### Package Installation
 ########################
-d-i pkgsel/include string apache2-utils apparmor apt-transport-https aufs-tools bash-completion build-essential ca-certificates cgroupfs-mount curl dialog dstat ethtool genisoimage git glances html2text htop iptables iw libltdl7 lm-sensors man nginx-extras nodejs npm ntp openssh-server openssl syslinux psmisc pv python-pip vim wireless-tools wpasupplicant
+d-i pkgsel/include string apache2-utils apparmor apt-transport-https aufs-tools bash-completion build-essential ca-certificates cgroupfs-mount curl dialog dnsutils docker.io dstat ethtool genisoimage git glances html2text htop iptables iw libltdl7 lm-sensors man nginx-extras nodejs npm ntp openssh-server openssl syslinux psmisc pv python-pip vim wireless-tools wpasupplicant
 
 #################
 ### Update Policy
@@ -116,7 +116,7 @@ in-target grub-install --force $(debconf-get partman-auto/disk); \
 in-target update-grub; \
 cp /opt/tpot/rc.local.install /target/etc/rc.local; \
 cp -r /opt/tpot/ /target/root/; \
-cp /opt/tpot/usr/share/dict/names /target/usr/share/dict/names
+cp /opt/tpot/usr/share/dict/* /target/usr/share/dict/
 
 ##########
 ### Reboot