Some fixes + New Dockerfile

JoelGMSec · Aug 20, 2024 · d7d47ef · d7d47ef
1 parent a3d1149
commit d7d47ef
Show file tree

Hide file tree

Showing 6 changed files with 276 additions and 37 deletions.
diff --git a/Cloudtopolis.sh b/Cloudtopolis.sh
@@ -45,7 +45,7 @@ GoogleCheck="$(echo $GoogleCloud | grep 404)"
     fi
 
 else
-    echo -e "\e[37;1mCustom VPS detected!"
+    echo -e "\e[37;1mCustom install detected!"
     IP="$(curl -s ipconfig.io)"
     CustomVPS="True"
 fi
@@ -78,37 +78,26 @@ fi
 sudo mkdir Cloudtopolis > /dev/null 2>&1 ; sudo mkdir Cloudtopolis/mysql > /dev/null 2>&1 ; sudo mkdir Cloudtopolis/inc > /dev/null 2>&1 ; sudo mkdir Cloudtopolis/import > /dev/null 2>&1 ; sudo mkdir Cloudtopolis/files > /dev/null 2>&1
 
 if  sudo test -f "$(pwd)/Cloudtopolis/.creds" ; then
-    UUID=$(cat Cloudtopolis/.creds)
+    RAND=$(cat Cloudtopolis/.creds)
 else
-    UUID=$(cat /proc/sys/kernel/random/uuid | tr -d "-" | tail -c 24)
-    sudo sh -c "echo -n $UUID > $(pwd)/Cloudtopolis/.creds"
+    RAND=$(< /dev/urandom tr -dc 'A-Za-z0-9!@$' | fold -w 16 | head -n 1)
+    sudo sh -c "echo -n $RAND > $(pwd)/Cloudtopolis/.creds"
 fi
 
 echo -e "\e[0m"
 echo -e "\e[32;1m[+] Installing MySQL Database..\e[37;1m"
-sudo docker run --rm --name mysql -v $(pwd)/Cloudtopolis/mysql:/var/lib/mysql -e MYSQL_ROOT_PASSWORD="$UUID" -d mysql:5.7 > /dev/null 2>&1
+sudo docker run --rm --name mysql -v $(pwd)/Cloudtopolis/mysql:/var/lib/mysql -e MYSQL_ROOT_PASSWORD="$RAND" -d mysql:5.7 > /dev/null 2>&1
 echo -e "\e[37;1mDone!"
 
-echo -e "\e[0m"
-echo -e "\e[32;1m[+] Installing Hashtopolis..\e[37;1m"
-sudo docker run --rm --name hashtopolis --link mysql:mysql -v $(pwd)/Cloudtopolis/inc:/var/www/html/inc -v $(pwd)/Cloudtopolis/import:/var/www/html/import -v $(pwd)/Cloudtopolis/files:/var/www/html/files -e H8_USER="admin" -e H8_PASS="$UUID" -d -p 8000:80 kpeiruza/hashtopolis > /dev/null 2>&1
-echo -e "\e[37;1mDone!"
+docker tag  mysql:5.7 cloudtopolis/database > /dev/null 2>&1
+docker rmi  mysql:5.7 > /dev/null 2>&1
+CloudtopolisDB="$(pwd)/Cloudtopolis/mysql/hashtopolis"
 
-if [[ $CustomVPS ]] ; then
 echo -e "\e[0m"
-echo -e "\e[32;1m[+] Installing SSH Access..\e[37;1m"
-
-SshDocker="$(docker image ls | grep kartoza)"
-
-if [[ ! $SshDocker ]] ; then
-sudo docker build --quiet -t kartoza/ssh git://github.com/timlinux/docker-ssh > /dev/null 2>&1
-fi
-
-sudo docker run --rm --name ssh --network host -d -t kartoza/ssh > /dev/null 2>&1
+echo -e "\e[32;1m[+] Installing Hashtopolis..\e[37;1m"
+sudo docker build -t joelgmsec/cloudtopolis . > /dev/null 2>&1
+sudo docker run --rm --name cloudtopolis --link mysql:mysql -v $(pwd)/Cloudtopolis/inc:/var/www/html/inc -v $(pwd)/Cloudtopolis/import:/var/www/html/import -v $(pwd)/Cloudtopolis/files:/var/www/html/files -e H8_USER="admin" -e H8_PASS="$RAND" -d -p 8000:80 joelgmsec/cloudtopolis > /dev/null 2>&1
 echo -e "\e[37;1mDone!"
-fi
-
-CloudtopolisDB="$(pwd)/Cloudtopolis/mysql/hashtopolis"
 
 if [ ! -d $CloudtopolisDB ] ; then
     echo -e "\e[0m"
@@ -126,19 +115,7 @@ else
 fi
 
 if [[ $CustomVPS ]] ; then
-Link="http://localhost:8000"
-SshHost="$(echo $IP)"
-SshPort="22"
-SshUser="root"
-SshPass="$(docker logs ssh | grep 'root login password' | awk '{print $4}' | tr -d "\n\r")"
-
-echo -e "\e[0m"
-echo -e "\e[34;1m[i] VPS Mode Data for Colab:\e[37;1m"
-echo -e "\e[31;1mVPS = \e[37;1mTrue"
-echo -e "\e[31;1mSshHost = \e[37;1m'$SshHost'"
-echo -e "\e[31;1mSshPort = \e[37;1m'$SshPort'"
-echo -e "\e[31;1mSshUser = \e[37;1m'$SshUser'"
-echo -e "\e[31;1mSshPass = \e[37;1m'$SshPass'"
+   Link="http://localhost:8000"
 fi
 
 if [[ ! $CustomVPS ]] ; then
@@ -161,7 +138,7 @@ fi
 echo -e "\e[0m"
 echo -e "\e[34;1m[i] Hashtopolis Credentials:"
 echo -e "\e[31;1mUser: \e[37;1madmin"
-echo -e "\e[31;1mPassword: \e[37;1m$UUID"
+echo -e "\e[31;1mPassword: \e[37;1m$RAND"
 echo -e "\e[31;1mLink: \e[37;4m$Link\e[30m"
 echo -e "\e[0m"
 echo -e "\e[34;1m[i] Cloudtopolis is running!"
@@ -170,5 +147,5 @@ echo -e "\e[31;1m"
 
 sudo chown -R 33:33 Cloudtopolis/inc Cloudtopolis/import Cloudtopolis/files
 trap 'docker rm -f $(docker container ls -q -a) > /dev/null 2>&1 ; echo
-echo -e "\e[31;1m[!] Control+C Pressed, exiting!\n\e[0m" ; sleep 2 ; exit' SIGINT SIGTERM EXIT
+echo -e "\e[31;1m[!] Control+C Pressed, exiting!\n\e[0m" ; exit' SIGINT SIGTERM
 while true ; do sleep 3600 ; done
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,29 @@
+FROM ubuntu:18.04
+LABEL maintainer="JoelGMSec - https://darkbyte.net"
+
+RUN export DEBIAN_FRONTEND=noninteractive && \
+    apt update && \
+    apt -y upgrade && \
+    apt -y install apache2 libapache2-mod-php php-mysql php php-gd php-pear php-curl git pwgen mariadb-client && \
+    apt -y install sed gcc make autoconf libc-dev pkg-config libmcrypt-dev php7.2-dev && \
+    pecl install mcrypt-1.0.1 && \
+    echo 'extension=mcrypt.so' >> /etc/php/7.2/apache2/php.ini && \
+    cd /var/www/ && \
+    rm -f html/index.html && \
+    git clone https://github.com/s3inlc/hashtopolis.git && \
+    mv hashtopolis/src/* html/ && \
+    mv /var/www/html/inc /var/www && \
+    mkdir /var/www/html/inc && \
+    mkdir -p /var/www/html/inc/utils/locks && \
+    chown -R www-data:www-data /var/www/html && \
+    ln -sf /dev/stdout /var/log/apache2/access.log && \
+    ln -sf /dev/sterr /var/log/apache2/error.log && \
+    echo "ServerName Hashtopolis" > /etc/apache2/conf-enabled/serverName.conf && \
+    rm -rf /var/lib/apt /var/lib/dpkg /var/cache/apt /usr/share/doc /usr/share/man /usr/share/info
+
+COPY entrypoint.sh /
+COPY conf.php /var/www/
+COPY adduser.php /var/www/html/install/
+
+EXPOSE 80
+ENTRYPOINT [ "/entrypoint.sh" ]
diff --git a/README.md b/README.md
@@ -84,6 +84,8 @@ This tool has been created and designed from scratch by Joel Gámez Molina // @J
 
 Original idea from **@mxrch**, inspired in *Penglab* --> https://github.com/mxrch/penglab
 
+**docker-hashtopolis-server** by *kpeiruza* --> https://github.com/kpeiruza/docker-hashtopolis-server
+
 **Hashtopolis** by *Sein Coray* --> https://github.com/s3inlc/hashtopolis
 
 **Hashcat** --> https://github.com/hashcat/hashcat

diff --git a/adduser.php b/adduser.php
@@ -0,0 +1,46 @@
+<?php
+
+use DBA\AccessGroupUser;
+use DBA\QueryFilter;
+use DBA\RightGroup;
+use DBA\User;
+use DBA\Factory;
+use DBA\StoredValue;
+
+
+//require_once(dirname(__FILE__) . "/../inc/db.php");
+
+require_once(dirname(__FILE__) . "/../inc/load.php");
+
+    $username = "H8_USER";
+    $password = "H8_PASS";
+    $email = "H8_EMAIL";
+
+    $pepper = array(Util::randomString(50), Util::randomString(50), Util::randomString(50));
+    $key = Util::randomString(40);
+    $conf = file_get_contents(dirname(__FILE__) . "/../inc/conf.php");
+    $conf = str_replace("__PEPPER1__", $pepper[0], str_replace("__PEPPER2__", $pepper[1], str_replace("__PEPPER3__", $pepper[2], $conf)));
+    $conf = str_replace("__CSRF__", $key, $conf);
+    file_put_contents(dirname(__FILE__) . "/../inc/conf.php", $conf);
+
+        Factory::getAgentFactory()->getDB()->beginTransaction();
+
+        $qF = new QueryFilter(RightGroup::GROUP_NAME, "Administrator", "=");
+        $group = Factory::getRightGroupFactory()->filter([Factory::FILTER => $qF]);
+        $group = $group[0];
+        $newSalt = Util::randomString(20);
+        $CIPHER = $pepper[1] . $password . $newSalt;
+	$options = array('cost' => 12);
+	$newHash = password_hash($CIPHER, PASSWORD_BCRYPT, $options);
+
+        $user = new User(null, $username, $email, $newHash, $newSalt, 1, 1, 0, time(), 3600, $group->getId(), 0, "", "", "", "");
+        Factory::getUserFactory()->save($user);
+
+        // create default group
+        $group = AccessUtils::getOrCreateDefaultAccessGroup();
+        $groupUser = new AccessGroupUser(null, $group->getId(), $user->getId());
+        Factory::getAccessGroupUserFactory()->save($groupUser);
+
+        Factory::getAgentFactory()->getDB()->commit();
+
+
diff --git a/conf.php b/conf.php
@@ -0,0 +1,18 @@
+<?php
+
+//START CONFIG
+$CONN['user'] = 'MYSQL_USER';
+$CONN['pass'] = 'MYSQL_PASSWORD';
+$CONN['server'] = 'MYSQL_HOST';
+$CONN['db'] = 'MYSQL_DB';
+$CONN['port'] = 'MYSQL_PORT';
+
+$PEPPER = [
+  "__PEPPER1__",
+  "__PEPPER2__",
+  "__PEPPER3__",
+  "__CSRF__"
+];
+
+$INSTALL = true; //set this to true if you config the mysql and setup manually
+
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -0,0 +1,167 @@
+#!/bin/bash
+
+#	Try to connect to mysql 3 times
+ATTEMPTS=12
+#	Wait 5 secconds before trying to reconnect
+INTERVAL=5
+
+function getRandom() {
+	dd if=/dev/urandom bs=32768 count=1 2>/dev/null | openssl sha512  | grep stdin | cut -d " " -f2 | cut -c1-64
+}
+
+if [ -n "$MYSQL_ENV_MYSQL_ROOT_PASSWORD" ]
+then
+	MYSQL_ROOT_PASSWORD="$MYSQL_ENV_MYSQL_ROOT_PASSWORD"
+fi
+
+if [ -n "$MYSQL_ENV_MYSQL_USER" ]
+then
+	MYSQL_USER="$MYSQL_ENV_MYSQL_USER"
+fi
+
+if [ -n "$MYSQL_ENV_MYSQL_PASSWORD" ]
+then
+	MYSQL_PASSWORD="$MYSQL_ENV_MYSQL_PASSWORD"
+fi
+
+if [ -n "$MYSQL_ENV_MYSQL_DATABASE" ]
+then
+	MYSQL_DB="$MYSQL_ENV_MYSQL_DATABASE"
+fi
+
+if [ -n "$MYSQL_PORT_3306_TCP_ADDR" ]
+then
+	MYSQL_HOST="$MYSQL_PORT_3306_TCP_ADDR"
+fi
+
+if [ -z "$MYSQL_HOST" ]
+then
+	MYSQL_HOST="mysql"
+fi
+
+if [ -z "$MYSQL_DB" ]
+then
+	MYSQL_DB="hashtopolis"
+fi
+
+if [ -z "$MYSQL_PORT" ]
+then
+	MYSQL_PORT="3306"
+fi
+
+if [ ! -z "$MYSQL_ROOT_PASSWORD" ]
+then
+	MYSQL_USER="root"
+	MYSQL_PASSWORD=$MYSQL_ROOT_PASSWORD
+fi
+
+
+if [ '!' -f /var/www/html/inc/conf.php ]
+then
+	cp -rd /var/www/conf.php /var/www/inc/* /var/www/inc/.gitignore /var/www/html/inc
+	rm -rf /var/www/inc /var/www/conf.php
+#	CHECK MYSQL AVAILABILITY
+	MYSQL="mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -h$MYSQL_HOST"
+	$MYSQL -e "SELECT 'PING';" &>/dev/null
+	ERROR=$?
+
+	while [ $ERROR -ne 0 -a $ATTEMPTS -gt 1 ]
+	do
+		ATTEMPTS=$(($ATTEMPTS-1))
+		echo "Failed connecting to the database.... Sleeping 5s and retrying $ATTEMPTS more."
+		sleep $INTERVAL
+		$MYSQL -e "SELECT 'PING';" &>/dev/null
+		ERROR=$?
+	done
+
+	if [ $ERROR -ne 0 ]
+	then
+		echo "Could not connect to mysql. Please double check your settings and mysql's availability."
+		echo "Used: $MYSQL"
+		exit 20
+	fi
+
+#	CREATE DB
+	$MYSQL -e "CREATE database $MYSQL_DB;"
+#	APPEND DB
+	MYSQL="$MYSQL $MYSQL_DB"
+	if [ $? -ne 0 ]
+	then
+		echo "Failed to create the database... insufficient access??? already exists??? this shouldn't happen, I'm doing setup..."
+		exit 21
+	fi
+#	IMPORT DB
+	$MYSQL < /var/www/html/install/hashtopolis.sql
+	if [ $? -ne 0 ]
+	then
+		echo "DB Import Failed!!!"
+		exit 12
+	fi
+#	CONFIGURE DB
+#	RUN SETUP & ADD USER
+sed -i -e "s/MYSQL_USER/$MYSQL_USER/" -e "s/MYSQL_PASSWORD/$MYSQL_PASSWORD/" -e "s/MYSQL_DB/$MYSQL_DB/" -e "s/MYSQL_HOST/$MYSQL_HOST/" /var/www/html/inc/conf.php || exit 8
+#	-e "s/MYSQL_PORT/$MYSQL_PORT/"  <--- fails and I don't get why...
+#	CREATE USER & PASSWORD
+if [ -z "$H8_USER" ]
+then
+
+	H8_USER=$(getRandom)
+	echo -e "No login provided, generating random username:\n\t$H8_USER\n\nIf you don't like it, check the docs first, this is for your own security. admin/admin on a cracking tool sounds a bit funny.\n"
+fi
+
+if [ -z "$H8_PASS" ]
+then
+	H8_PASS=$(getRandom)
+	echo -e "Your random password is: $H8_PASS\n\n\n"
+fi
+
+sed -i -e "s/H8_USER/$H8_USER/" -e  "s/H8_PASS/$H8_PASS/" -e "s/H8_EMAIL/$H8_EMAIL/" /var/www/html/install/adduser.php
+
+/usr/bin/php /var/www/html/install/adduser.php
+
+#	PHP MAIL SETTINGS
+if [ -n "$PHP_MAIL_HOST" ]
+then
+	sed -i "s/^SMTP.*/SMTP = $PHP_MAIL_HOST/" /etc/php/7.2/apache2/php.ini
+fi
+
+
+if [ -n "$PHP_MAIL_PORT" ]
+then
+	sed -i "s/^smtp_port.*/smtp_port = $PHP_MAIL_PORT/" /etc/php/7.2/apache2/php.ini
+fi
+
+
+if [ -n "$PHP_MAIL_FROM" ]
+then
+	sed -i "s/^;sendmail_from.*/sendmail_from = $PHP_MAIL_FROM/" /etc/php/7.2/apache2/php.ini
+fi
+
+
+echo "Setup finished, pruning /install folder!"
+	rm -rf /var/www/html/install
+fi
+
+#       HASHTOPOLIS FILE SETTINGS
+if [ -n "$HTP_MEMORY_LIMIT" ]
+then
+        sed -i "s/^memory_limit.*/memory_limit = $HTP_MEMORY_LIMIT/" /etc/php/7.2/apache2/php.ini
+fi
+
+
+if [ -n "$HTP_UPLOAD_MAX_SIZE" ]
+then
+        sed -i "s/^upload_max_filesize.*/upload_max_filesize = $HTP_UPLOAD_MAX_SIZE/" /etc/php/7.2/apache2/php.ini
+        sed -i "s/^post_max_size.*/post_max_size = $HTP_UPLOAD_MAX_SIZE/" /etc/php/7.2/apache2/php.ini
+fi
+
+#       ALLOW OVERRIDE ALL IN APACHE (AKA Enable .htaccess)
+sed -i '/DocumentRoot/a \\t<Directory /var/www/html>\n\t\tAllowOverride All\n\t</Directory>' /etc/apache2/sites-available/000-default.conf
+
+if [ -n "$HTP_SERVER_NAME" ]
+then
+        sed -i "s/#ServerName.*/ServerName $HTP_SERVER_NAME/" /etc/apache2/sites-available/000-default.conf
+fi
+
+chmod -R 777 /var/www/html/
+/usr/sbin/apachectl -DFOREGROUND