baco/born2beroot
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
0cad5a4ae3c0858ea5a8eb6b34354fa2aab6f920
born2beroot/test.sh
gbaconni 7b898eb0a7 Add more tests and add ssh sudo script
2021-11-08 17:58:25 +01:00

123 lines
2.6 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
ssh_clean ()
{
ssh-keygen -R "[127.0.0.1]:4242" >/dev/null 2>&1
}
ssh_exec ()
{
port=${1-4242}
shift
login=${1-marvin}
shift
pass=${1-Born2beRoot}
shift
export SSHPASS="${pass}"
./ssh.exp -p ${port} ${login}@127.0.0.1 $@ 2>&1 \
| grep -v -i -e '^Warning: Permanently added' -e ' password:' -e '^spawn ssh'
}
ssh_sudo ()
{
port=${1-4242}
shift
login=${1-marvin}
shift
pass=${1-Born2beRoot}
shift
export SSHPASS="${pass}"
./ssh_sudo.exp -p ${port} ${login}@127.0.0.1 sudo $@ 2>&1 \
| grep -v -i -e '^Warning: Permanently added' -e 'password' -e '^spawn ssh' -e 'Connection to'
}
main ()
{
port=${1-4242}
echo -n "Username: "
read -r login
if [ "${login}" == "" ]
then
login=${USER-gbaconni}
fi
echo -n "Password: "
read -s pass
if [ "${pass}" == "" ]
then
pass="Born2beRoot"
fi
echo ""
ssh_clean
if ssh_exec ${port} ${login} ${pass} hostname -s | grep -q "^${login}42"
then
echo "OK: Hostname is ${login}42"
else
echo "KO: Unexpected hostname (should be ${login}42)"
fi
if ssh_exec ${port} ${login} ${pass} cat /etc/os-release | grep -q -i -E "(CentOS|Debian)"
then
echo "OK: Debian or CentOS installed"
else
echo "KO: Unknown Linux distribution"
fi
if ssh_exec ${port} ${login} ${pass} /usr/sbin/aa-status | grep -q -i -E "apparmor module is loaded" \
|| ssh_exec ${port} ${login} ${pass} sestatus | grep -q -i -E "SELinux status:[^e]*enabled"
then
echo "OK: AppArmor or SELinux is active"
else
echo "KO: No AppArmor or SELinux is active"
fi
if ssh_exec ${port} ${login} ${pass} lspci | grep -q -i -E "(VirtualBox|QEMU)"
then
echo "OK: VirtualBox or UTM QEMU"
else
echo "KO: Unexpected Virtual Machine"
fi
if ssh_exec ${port} ${login} ${pass} dpkg -l | grep -q -i -E "(xserver|xorg)" \
|| ssh_exec ${port} ${login} ${pass} rpm -qa | grep -q -i -E "(xserver|xorg)"
then
echo "KO: X server is present"
else
echo "OK: No X server"
fi
if ssh_exec ${port} ${login} ${pass} lsblk | grep -q -i -E "_crypt"
then
echo "OK: Disk crypted"
else
echo "KO: Not disk crypted"
fi
if ssh_exec ${port} ${login} ${pass} ss -tunlpe | grep -q -E "LISTEN.*:4242.*ssh"
then
echo "OK: ssh running on 4242"
else
echo "KO: ssh not running on 4242"
fi
if ssh_sudo ${port} ${login} ${pass} /usr/sbin/ufw status | grep -q -E "Status: active"
then
echo "OK: Firewall ufw is active"
else
echo "KO: No firewall ufw is active"
fi
if ssh_sudo ${port} ${login} ${pass} /usr/sbin/ufw status | grep -q -E "4242.*ALLOW.*Anywhere"
then
echo "OK: Firewall allow port 4242 from anywhere"
else
echo "KO: Firewall does not allow port 4242 from anywhere"
fi
}
main $@
exit $?
#42
Reference in New Issue View Git Blame Copy Permalink