LibertaCasa
/
public-shell
8
0
Fork 0
Code Issues 5 Pull Requests Projects Releases Wiki Activity

Improvements 14/08/2021 

Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
Georg Pfuetzenreuter 2021-08-14 20:38:16 +02:00
parent c27753da86
commit 39e54cc83b
Signed by: Georg
GPG Key ID: 1DAF57F49F8E8F22
6 changed files with 96 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -1 +1,4 @@
Hosts configurations related to our POC shell service.
If you want to try it out, ask in #libcasa.info.
We currently support Arch Linux and Ubuntu after activation over IRC, but aim to support more operating systems including a better management process in the future.

2
base/help.sh Normal file
View File

@ -0,0 +1,2 @@
#!/bin/sh
USER=$(whoami) /usr/local/bin/catgirl -KRh irc.liberta.casa -j '#help' -qr 'Shell Help'

79
lcpubsh/bin/generate.sh
View File

@ -1,48 +1,55 @@
#!/bin/sh
# georg@lysergic.dev
set -e
echo "Shell generation invoked." | nc -N 127.0.0.2 2424
OUTPUT="nc -N 127.0.0.2 2424"
echo "Shell generation invoked." | $OUTPUT
if [ ! "$#" -eq 0 ]; then
user="$(echo "$1" |tr '[:upper:]' '[:lower:]')"
case "$2" in
"archlinux")
os="archlinux"
image="lc-archlinux-userbase-v2:sh0"
;;
"ubuntu")
os="ubuntu"
image="lcbase_ubuntu_14082021_2:sh0"
;;
*)
echo "Choose between archlinux or ubuntu"
exit 1
;;
"archlinux")
os="Arch Linux"
image="lc-archlinux-userbase-v2:sh0"
;;
"ubuntu")
os="Ubuntu (Latest)"
image="lcbase_ubuntu_14082021_2:sh0"
;;
*)
echo "Choose between archlinux or ubuntu"
exit 1
;;
esac
fingerprint_ecdsa="$(ssh-keygen -lf /etc/ssh/ssh_host_ecdsa_key.pub)"
if id "$1" &>/dev/null; then
echo "Aborted. Username is already taken."
echo "Aborted: $user is already taken." | nc -N 127.0.0.2 2424
if id "$user" &>/dev/null; then
echo "Aborted. Username is already taken."
echo "Aborted: $user is already taken." | $OUTPUT
else
echo "Hang on ..."
echo "Creating $user locally." | nc -N 127.0.0.2 2424
sudo useradd -mUs /opt/lcpubsh/bin/pubsh -G docker $user
pass=$(shuf -n2 /usr/share/dict/words | tr -d '\n')
echo "Appending to config." | nc -N 127.0.0.2 2424
echo "" >> /etc/dockersh.ini
echo "[$user]" >> /etc/dockersh.ini
echo "image = $user" >> /etc/dockersh.ini
echo "Forking Docker base image ($image)." | nc -N 127.0.0.2 2424
/opt/lcpubsh/bin/make_lc_user_image.sh $user $image | nc -N 127.0.0.2 2424
echo "Setting password." | nc -N 127.0.0.2 2424
sudo /opt/adduser.sh $user $pass
echo "@$user ssh -p 2222 $user@sh.lib.casa" | nc -N 127.0.0.2 2424
echo "@$user $fingerprint_ecdsa" | nc -N 127.0.0.2 2424
echo "@$user $pass" | nc -N 127.0.0.2 2424
echo "#universe $pass" | nc -N 127.0.0.2 2424
echo "Done." | nc -N 127.0.0.2 2424
echo "OK. Details sent to user and/or admins."
echo "Hang on ..."
echo "Creating $user locally." | $OUTPUT
sudo useradd -mUs /opt/lcpubsh/bin/pubsh -G docker $user
pass=$(shuf -n2 /usr/share/dict/words | tr -d '\n')
echo "Appending to config." | $OUTPUT
echo "" >> /etc/dockersh.ini
echo "[$user]" >> /etc/dockersh.ini
echo "image = $user" >> /etc/dockersh.ini
echo "Forking Docker base image ($image)." | $OUTPUT
/opt/lcpubsh/bin/make_lc_user_image.sh $user $image | $OUTPUT
echo "Setting password." | $OUTPUT
sudo /opt/adduser.sh $user $pass
echo "@$user A shell with the operating system $os has been spawned for you." | $OUTPUT
echo "@$user Option A) Connect directly:" | $OUTPUT
echo "@$user ssh -p 2222 $user@sh.lib.casa" | $OUTPUT
echo "@$user Option B) Connect through Tor:" | $OUTPUT
echo "@$user torsocks ssh -p 2222 $user@yib4545ooc4bndo27tcdd4jdeqsfnjm44yacusemwf5eu7lnlwskt5ad.onion" | $OUTPUT
echo "@$user Confirm the fingerprint (displayed upon connecting for the first time) matches the one shown here:" | $OUTPUT
echo "@$user $fingerprint_ecdsa" | $OUTPUT
echo "@$user And finally, here's your password:" | $OUTPUT
echo "@$user $pass" | $OUTPUT
echo "@$user Have fun!" | $OUTPUT
echo "#universe $pass" | $OUTPUT
echo "Done." | $OUTPUT
echo "OK. Details sent to user and/or admins."
fi
else
echo "No argument supplied."
echo "No argument supplied."
fi

42
lcpubsh/bin/nuke.sh Normal file
View File

@ -0,0 +1,42 @@
#!/bin/sh
# georg@lysergic.dev
set -e
OUTPUT="nc -N 127.0.0.2 2424"
echo "Shell removal invoked." | $OUTPUT
if [ ! "$#" -eq 0 ]; then
user="$(echo "$1" |tr '[:upper:]' '[:lower:]')"
if id "$user" &>/dev/null; then
CONTAINER="$(docker ps -qf "name=$user")"
echo "User: $user - Container ID: $CONTAINER" | $OUTPUT
if [ ! -z "$CONTAINER" ]; then
docker stop $CONTAINER
if [ $? -eq "0" ]; then
echo "Running shell found and stopped."
else
echo "Shell could not be stopped. Maybe it's lready down?"
fi
docker rm $CONTAINER
if [ $? -eq "0" ]; then
echo "Shell container found and removed."
else
echo "Shell could not be removed. Maybe it doesn't exist?"
fi
else
echo "ID could not be determined."
fi
sudo /usr/sbin/userdel -f $user | $OUTPUT
sudo /usr/sbin/groupdel -f $user | $OUTPUT
sudo /usr/bin/rm -rf /home/$user
sudo /usr/bin/rm -rf /var/spool/mail/$user
INITEMP=$(mktemp --tmpdir initemp.XXXXX)
trap "rm -f $INITEMP" 0 1 2 3 15
sed "/$user/d" "/etc/dockersh.ini" > "$INITEMP"
cat "$INITEMP" > /etc/dockersh.ini
echo "Done." | $OUTPUT
echo "OK."
else
echo "Aborted: User not found."
fi
else
echo "No argument supplied."
fi

13
lcpubsh/image_template/user-mapping.sh → lcpubsh/bin/user_mapping.sh
View File

@ -1,21 +1,18 @@
#!/bin/bash
# Original by https://github.com/sleeepyjack/dockersh
# Modified by georg@lysergic.dev
if [ -z "${HOST_USER_NAME}" -o -z "${HOST_USER_ID}" -o -z "${HOST_USER_GID}" ]; then
echo "HOST_USER_NAME, HOST_USER_ID & HOST_USER_GID needs to be set!"; exit 100
fi
useradd \
--uid ${HOST_USER_ID} \
--gid ${HOST_USER_GID} \
--create-home \
--shell /bin/bash \
-U \
-m \
-s /bin/bash \
${HOST_USER_NAME}
groupadd --gid "${HOST_USER_GID}" "${HOST_USER_NAME}"
usermod -aG sudo ${HOST_USER_NAME}
sleep 5s
sleep 3s
echo ${HOST_USER_NAME}:${HOST_USER_NAME} | chpasswd
exec su - "${HOST_USER_NAME}"

1
lcpubsh/image_template/user_mapping.sh Symbolic link
View File

@ -0,0 +1 @@
../bin/user_mapping.sh