From 56b3aa7e7d07585f6ae7f0f9457154c4afe01ab8 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 14 Jul 2019 14:14:45 +0000 Subject: [PATCH 01/29] minor change --- netset-main.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/netset-main.sh b/netset-main.sh index f45496e..88e3577 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -241,8 +241,10 @@ function status(){ function proxy_ops(){ notification_b "Select Area" # Australia and NZ are included in the 'N. America' option, since they are part of the five eyes countries - # The GeoSorting process is has a little less to do with the actual locations of the countries in general - # But with GeoPolitical zones of influence and/or control + # The GeoSorting process has a little less to do with the actual locations of the countries in general + # But with GeoPolitical zones of influence and/or control. Japan as an ally of the US should perhaps be + # Included in that option as well, but if you're from the West i suggest picking Russian sphere of + # Influence countries. echo -e "\n [1] North America [2] South America From 0641e3656a014e98beaf300ce4f3642596af6cb8 Mon Sep 17 00:00:00 2001 From: NullArray Date: Tue, 23 Jul 2019 09:48:14 +0000 Subject: [PATCH 02/29] minor bugfix Made DNSCrypt compatible resolvers option available through the OPSEC Resources menu, minor oversight on my part when the tool was first released. Everything should now be properly accessible and functional . --- netset-main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netset-main.sh b/netset-main.sh index 88e3577..82a1e94 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -367,7 +367,7 @@ function resources(){ logo notification "View OPSEC related resources in your browser." PS3='Please enter your choice: ' - options=("Valid MAC Addresses" "HiddenWall - Kernel Module FireWall" "OPSEC Resources - GreySec" "OPSEC Resources - TheGrugq" "OPSEC Presentations - TheGrugq" "Personal Security Guide - CryptoSeb" "OPSEC Blog - B3RN3D" "OPSEC & Privacy e-book - @CryptoCypher" "Quit") + options=("Valid MAC Addresses" "DNSCrypt Resolvers" "HiddenWall - Kernel Module FireWall" "OPSEC Resources - GreySec" "OPSEC Resources - TheGrugq" "OPSEC Presentations - TheGrugq" "Personal Security Guide - CryptoSeb" "OPSEC Blog - B3RN3D" "OPSEC & Privacy e-book - @CryptoCypher" "Quit") select opt in "${options[@]}" do case $opt in From 90b046734fdcd56f440f1cbd1e9da281fe9469a0 Mon Sep 17 00:00:00 2001 From: NullArray Date: Mon, 29 Jul 2019 11:11:58 +0000 Subject: [PATCH 03/29] `unhandled option` removed from GeoSort post-run --- netset-main.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/netset-main.sh b/netset-main.sh index 82a1e94..1d00f30 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -263,7 +263,6 @@ function proxy_ops(){ echo -e "Returning to main menu..." sleep 2 && menu else - warning "Unhandled Option" echo -e "Returning to main menu..." sleep 2 && menu From f01eb34d72dfcd6f85af8b310454c0cc0fc88d88 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 04:33:58 +0000 Subject: [PATCH 04/29] Version 1.1.0 Release Added Veracrypt and Pwgen installers and features. --- netset-main.sh | 362 +++++++++++++++++++++++++++++++------------------ 1 file changed, 229 insertions(+), 133 deletions(-) diff --git a/netset-main.sh b/netset-main.sh index 1d00f30..5c2d27d 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -22,18 +22,33 @@ CWD=$(pwd) NOW=$(date) # Active connected interface IFACES=$(ip link | awk -F: '$0 !~ "lo|vir|wl|^[^0-9]"{print $2;getline}') + +# Default value for this var should be 0 +# When started with the --status arg set +# value to 1 in order to print logo and +# exit after one operation +stus=0 + # Declare associative array for tip of the day feature declare -A TotD -TotD[0]="\n Tip: Starting the script with '-t' or '--terminal' starts a terminal\n multiplexer where all sessions are routed through Tor \n" -TotD[1]="\n Tip: Starting the script with '-s' or '--status' shows the operational\n status of NetSet security utilities\n" -TotD[2]="\n Tip: Starting the script with '-i' or '--install' will run installation\n and auto-config procedures for NetSet\n" -TotD[3]="\n Tip: Choosing option 1 in the main menu loop will print\n extended usage information\n" -TotD[4]="\n Tip: For other offensive and defensive security utilities\n visit github.com/NullArray\n" -TotD[5]="\n Tip: Operational Security isn't just a matter of having the\n right utilities.\n It's also about discipline in thought, action,\n and careful information consideration and management.\n" -TotD[6]="\n Tip: If you want to know more about how you can improve your\n OPSEC beyond what NetSet offers\n select the 'OPSEC Resources'\n option from the main menu and start learning! \n" -TotD[7]="\n Tip: You can change the resolvers that DNSCrypt-proxy uses\n by adding them to the 'server_names' array which can be \nfound in /etc/dnscrypt-proxy/dnscrypt-proxy.toml\n" -TotD[8]="\n Tip: Looking for more resolvers? Select 'OPSEC Resources'\n in the main menu Then from the next menu select \n'DNSCrypt Resolvers' to open a list in your browser\n" +TotD[0]="\nTip: Starting the script with '-t' or '--terminal' starts a terminal\nmultiplexer where all sessions are routed through Tor\n" +TotD[1]="\nTip: Starting the script with '-s' or '--status' shows the operational\nstatus of NetSet security utilities\n" +TotD[2]="\nTip: Starting the script with '-i' or '--install' will run installation\nand auto-config procedures for NetSet\n" +TotD[3]="\nTip: Choosing option 1 in the main menu loop will print\nextended usage information\n" +TotD[4]="\nTip: For other offensive and defensive security utilities\nvisit github.com/NullArray\n" +TotD[5]="\nTip: Operational Security isn't just a matter of having the\nright utilities.\n It's also about discipline in thought, action,\nand careful information consideration and management.\n" +TotD[6]="\nTip: If you want to know more about how you can improve your\nOPSEC beyond what NetSet offers\n select the 'OPSEC Resources'\noption from the main menu and start learning!\n" +TotD[7]="\nTip: You can change the resolvers that DNSCrypt-proxy uses\nby adding them to the 'server_names' array which can be\nfound in /etc/dnscrypt-proxy/dnscrypt-proxy.toml\n" +TotD[8]="\nTip: Looking for more resolvers? Select 'OPSEC Resources'\nin the main menu Then from the next menu select\n'DNSCrypt Resolvers' to open a list in your browser\n" +TotD[9]="\nTip: The 'depconf.sh' script has installed 'proxychains' as well\nRun 'man proxychains' for details and usage." + +# Declare associative array for Version Display +declare -A VeR + +VeR[0]="Version 1.1.0" # Official Version is 1.1.0 but for fun we have; +VeR[1]="The Crypto Drome Edition." # Some catchy catchphrases, +VeR[2]="More Secure, Less Hassle" # And pseudo serious slogans # Warning function warning(){ @@ -51,6 +66,7 @@ function notification_b() { } function logo(){ + rng=$[ $RANDOM % 3 ] clear echo -e "\n $CYAN @@ -60,6 +76,7 @@ function logo(){ ██║╚██╗██║██╔══╝ ██║ ╚════██║██╔══╝ ██║ ██║ ╚████║███████╗ ██║ ███████║███████╗ ██║ ╚═╝ ╚═══╝╚══════╝ ╚═╝ ╚══════╝╚══════╝ ╚═╝ + # ${VeR[$rng]} ################################################### $CYAN #$GREEN--|Operational Security Utility $CYAN #$GREEN--|Authored by Vector/NullArray @@ -88,7 +105,7 @@ $CYAN|$RESET $CYAN|$RESET In a lot of ways, OPSEC is a state of mind. $CYAN|$RESET $CYAN|$RESET To get started select 'Usage' in the main menu. -$CYAN+----------------------------> +$CYAN+---------------------------->$RESET " } @@ -96,19 +113,19 @@ function usage(){ echo -e "$CYAN +------------------------------------------------------> | $RESET Options Overview $RESET $CYAN -+------------------------------------------> + $RESET -$CYAN|$RESET CLI Arguments $CYAN | $RESET -$CYAN|$RESET '-t' or '--terminal' Starts $CYAN | $RESET -$CYAN|$RESET terminal multiplexer with all $CYAN | $RESET -$CYAN|$RESET connections routed through Tor $CYAN | $RESET -$CYAN|$RESE $CYAN | $RESET -$CYAN|$RESET '-s' or '--status' prints a status $CYAN | $RESET -$CYAN|$RESET overview of NetSet related network $CYAN + $RESET -$CYAN|$RESET utilities and their current state. ++------------------------------------------> +$CYAN|$RESET CLI Arguments +$CYAN|$RESET '-t' or '--terminal' Starts +$CYAN|$RESET terminal multiplexer with all +$CYAN|$RESET connections routed through Tor +$CYAN|$RESET +$CYAN|$RESET '-s' or '--status' prints a status +$CYAN|$RESET overview of NetSet related network +$CYAN|$RESET utilities and their current state. $CYAN|$RESET -$CYAN|$RESET '-i' or '--install' runs a script -$CYAN|$RESET designed to install all of NetSet's -$CYAN|$RESET dependencies and configures them +$CYAN|$RESET '-i' or '--install' runs a script +$CYAN|$RESET designed to install all of NetSet's +$CYAN|$RESET dependencies and configures them $CYAN|$RESET $CYAN|$RESET Menu Options $CYAN|$RESET @@ -126,10 +143,10 @@ $CYAN|$RESET force all connections $CYAN|$RESET through Tor. $CYAN|$RESET 'OPSEC Resources'- Display NetSet's included $CYAN|$RESET list of web resources. -$CYAN|$RESET Select an entry to open +$CYAN|$RESET Select an entry to open $CYAN|$RESET it in your default browser $CYAN|$RESET -$CYAN+----------------------------> +$CYAN+----------------------------> $RESET " } @@ -154,23 +171,25 @@ function chmac(){ notification_b "Use a random MAC Address or custom?" read -p '[R]andom/[C]ustom ' choice if [[ $choice == 'r' || $choice == 'R' ]]; then - for x in $IFACES; do sudo macchanger --random $x; done - notification "Done" && sleep 4 + for x in $IFACES; do sudo macchanger --random $x; done + notification "Done" && sleep 4 else - if [[ $choice == 'c' || $choice == 'C' ]]; then - read -p 'Enter Custom MAC: ' value - for x in $IFACES; do sudo macchanger --mac=$value $x; done - notification "Done" && sleep 4 - else - warning "Unhandled Option" - fi + if [[ $choice == 'c' || $choice == 'C' ]]; then + read -p 'Enter Custom MAC: ' value + for x in $IFACES; do sudo macchanger --mac=$value $x; done + notification "Done" && sleep 4 + else + warning "Unhandled Option" + fi fi menu } function status(){ - # This function provides a quick status overview + # This function provides a quick overview of the network status + if [[ stus == 1 ]]; then logo; fi + notification "Loading status information..." && sleep 2 echo -e "Status on $NOW \n\n" @@ -182,56 +201,54 @@ function status(){ sudo protonvpn-cli --status && sleep 3.5 || warning "ProtonVPN not configured" notification "Loading relevant services status..." && sleep 2 - sudo systemctl status tor.service + sudo systemctl status tor.service tr=$(sudo systemctl status tor.service) - case $tr in - # Does the var contain the string below? - *"Active: inactive (dead)"*) - t=1 - ;; + # Does the var contain the string below? + *"Active: inactive (dead)"*) + t=1 + ;; esac - sudo systemctl status openvpn.service + sudo systemctl status openvpn.service ovpn=$(sudo systemctl status openvpn.service) - case $ovpn in - # Does the var contain the string below? - *"Active: inactive (dead)"*) - o=1 - ;; + # Does the var contain the string below? + *"Active: inactive (dead)"*) + o=1 + ;; esac - sudo systemctl status dnscrypt-proxy.service + sudo systemctl status dnscrypt-proxy.service dnsc=$(sudo systemctl status dnscrypt-proxy.service) - case $dnsc in - # Does the var contain the string below? - *"Active: inactive (dead)"*) - d=1 - ;; + # Does the var contain the string below? + *"Active: inactive (dead)"*) + d=1 + ;; esac # Report and activate inactive services if [[ $d == 1 ]]; then - warning "DNS Crypt Service is inactive" - sudo systemctl restart dnscrypt-proxy && notification "Service Restarted" || warning "An error was encountered while trying to start the DNS Crypt Service" + warning "DNS Crypt Service is inactive" + sudo systemctl restart dnscrypt-proxy && notification "Service Restarted" || warning "An error was encountered while trying to start the DNS Crypt Service" fi if [[ $o == 1 ]]; then - warning "OpenVPN Service is inactive" - sudo systemctl restart openvpn && notification "Service Restarted" || warning "An error was encountered while trying to start the OpenVPN Service" + warning "OpenVPN Service is inactive" + sudo systemctl restart openvpn && notification "Service Restarted" || warning "An error was encountered while trying to start the OpenVPN Service" fi if [[ $t == 1 ]]; then - warning "Tor Service is inactive" - sudo systemctl restart tor && notification "Service Restarted" || warning "An error was encountered while trying to start the Tor Service" + warning "Tor Service is inactive" + sudo systemctl restart tor && notification "Service Restarted" || warning "An error was encountered while trying to start the Tor Service" fi + # CLI arg status operation ends here + if [[ $stus == 1 ]]; then notification_b "Status check completed" && exit 0; fi + notification "Done." - if [[ $check == 1 ]]; then check=0 && exit 0; fi - read -p 'Enter any button to continue: ' null clear && menu @@ -240,18 +257,13 @@ function status(){ function proxy_ops(){ notification_b "Select Area" - # Australia and NZ are included in the 'N. America' option, since they are part of the five eyes countries - # The GeoSorting process has a little less to do with the actual locations of the countries in general - # But with GeoPolitical zones of influence and/or control. Japan as an ally of the US should perhaps be - # Included in that option as well, but if you're from the West i suggest picking Russian sphere of - # Influence countries. echo -e "\n - [1] North America - [2] South America - [3] Europe - [4] Eastern Europe - [5] Asia - [Q] Quit\n" +[1] North America +[2] South America +[3] Europe +[4] Eastern Europe +[5] Asia +[Q] Quit to Main Menu\n" read -p 'Enter Choice: ' choice if [[ $choice == '1' ]]; then python proxies/fetch.py --country='canada|united states|greenland|australia|new zealand' --max-latency=3 --anonymity='elite|anonymous' --output=North-American.log; fi if [[ $choice == '2' ]]; then python proxies/fetch.py --country='mexico|argentina|venezuela|colombia|brazil|cuba|ecuador' --max-latency=3 --anonymity='elite|anonymous' --output=South-American.log; fi @@ -260,11 +272,12 @@ function proxy_ops(){ if [[ $choice == '5' ]]; then python proxies/fetch.py --country='china|japan|korea|thailand|india|bangladesh|hong kong' --max-latency=3 --anonymity='elite|anonymous' --output=Asia.log; fi if [[ $choice == 'Q' || $choice == 'q' ]]; then - echo -e "Returning to main menu..." - sleep 2 && menu + echo -e "Returning to main menu..." + sleep 2 && menu else - echo -e "Returning to main menu..." - sleep 2 && menu + warning "Unhandled Option" + echo -e "Returning to main menu..." + sleep 2 && menu fi } @@ -343,30 +356,105 @@ function ip_tabs(){ sudo iptables-save > ip_table_backup/my.active.firewall.rules torwall else - if [[ $choice == 'Stop' || $choice == 'stop' ]]; then - # Reverse changes - sudo iptables -F - sudo iptables -X - sudo iptables -Z - sudo iptables -t nat -F - sudo iptables -t nat -X - sudo iptables -t nat -Z - sudo iptables-restore ip_table_backup/my.active.firewall.rules - notification "Done" && sleep 2 - - menu - else - warning "Unhandled Option" - fi + if [[ $choice == 'Stop' || $choice == 'stop' ]]; then + # Reverse changes + sudo iptables -F + sudo iptables -X + sudo iptables -Z + sudo iptables -t nat -F + sudo iptables -t nat -X + sudo iptables -t nat -Z + sudo iptables-restore ip_table_backup/my.active.firewall.rules + notification "Done" && sleep 2 + + menu + else + warning "Unhandled Option" + fi fi } +# Password generation menu +function pw_ops(){ + logo + PS3='Please enter your choice: ' + options=("Generate 16char password" "Generate 32char password" "Generate 16char batch" "Generate 32char batch" "Quit") + select opt in "${options[@]}" + do + case $opt in + "Generate 16char password") + clear && pwgen --secure 16 1 + read -p "Enter any button to continue..." null && logo + echo -e " +1) Generate 16char password 3) Generate 16char batch 5) Quit +2) Generate 32char password 4) Generate 32char batch\n" + printf "%b \n" + ;; + "Generate 32char password") + clear && pwgen --secure 32 1 + read -p "Enter any button to continue..." null && logo + echo -e " +1) Generate 16char password 3) Generate 16char batch 5) Quit +2) Generate 32char password 4) Generate 32char batch\n" + printf "%b \n" + ;; + "Generate 16char batch") + clear && pwgen --secure 16 28 + read -p "Enter any button to continue..." null && logo + echo -e " +1) Generate 16char password 3) Generate 16char batch 5) Quit +2) Generate 32char password 4) Generate 32char batch\n" + + printf "%b \n" + ;; + "Generate 32char batch") + clear && pwgen --secure 32 14 + read -p "Enter any button to continue..." null && logo + echo -e " +1) Generate 16char password 3) Generate 16char batch 5) Quit +2) Generate 32char password 4) Generate 32char batch\n" + printf "%b \n" + ;; + "Quit") + break + ;; + *) echo invalid option;; + esac + done + + menu + + } + +# Launch and manage all disk encryption and password ops +function cryptodrome(){ + logo + echo -e "Please select an action\n +[1] Password Generation +[2] Invoke online VeraCrypt documentation +[3] Invoke VeraCrypt Graphical User Interface +[Q] Quit to Main Menu\n" + read -p "Enter Choice " choice + if [[ $choice == '1' ]]; then pw_ops; fi + if [[ $choice == '2' ]]; then python -m webbrowser https://www.veracrypt.fr/en/Documentation.html; fi + if [[ $choice == '3' ]]; then veracrypt; fi + if [[ $choice == 'Q' || $choice == 'q' ]]; then + echo -e "Returning to main menu..." + sleep 2 && menu + + fi + + echo -e "Returning to main menu..." + sleep 2 && menu + + } + function resources(){ # Online resources logo - notification "View OPSEC related resources in your browser." + notification "View OPSEC related resources in your browser." PS3='Please enter your choice: ' - options=("Valid MAC Addresses" "DNSCrypt Resolvers" "HiddenWall - Kernel Module FireWall" "OPSEC Resources - GreySec" "OPSEC Resources - TheGrugq" "OPSEC Presentations - TheGrugq" "Personal Security Guide - CryptoSeb" "OPSEC Blog - B3RN3D" "OPSEC & Privacy e-book - @CryptoCypher" "Quit") + options=("Valid MAC Addresses" "HiddenWall - Kernel Module FireWall" "OPSEC Resources - GreySec" "OPSEC Resources - TheGrugq" "OPSEC Presentations - TheGrugq" "Personal Security Guide - CryptoSeb" "OPSEC Blog - B3RN3D" "OPSEC & Privacy e-book - @CryptoCypher" "Quit") select opt in "${options[@]}" do case $opt in @@ -407,15 +495,15 @@ function resources(){ printf "%b \n" ;; "Quit") - break + break ;; *) echo invalid option;; esac done - + menu - - } + + } # Main menu function menu(){ @@ -425,79 +513,90 @@ function menu(){ rand=$[ $RANDOM % 10 ] && echo -e ${TotD[$rand]} PS3='Please enter your choice: ' - options=("Help" "Status" "Spoof MAC" "Random Proxies" "GeoSort Proxies" "ProtonVPN" "Tor Terminal" "Tor Wall" "OPSEC Resources" "Quit") + options=("Help" "Status" "Spoof MAC" "Random Proxies" "GeoSort Proxies" "ProtonVPN" "Tor Terminal" "Tor Wall" "Veracrypt" "OPSEC Resources" "Quit") select opt in "${options[@]}" do case $opt in "Help") usage printf "%b \n" - ;; + ;; "Status") status printf "%b \n" - ;; + ;; "Spoof MAC") chmac printf "%b \n" - ;; + ;; "Random Proxies") r_proxies printf "%b \n" - ;; + ;; "GeoSort Proxies") proxy_ops printf "%b \n" - ;; + ;; "ProtonVPN") vpn_ops printf "%b \n" - ;; + ;; "Tor Terminal") torsocks python -m pymux #|| . torsocks on printf "%b \n" - ;; + ;; "Tor Wall") ip_tabs printf "%b \n" - ;; + ;; + "Veracrypt") + cryptodrome + printf "%b \n" + ;; "OPSEC Resources") resources printf "%b \n" - ;; + ;; "Quit") exit 0 - ;; + ;; *) echo invalid option;; esac done } +# Do not make a backup dir each run +stat backup-* > /dev/null || dir=1 +if [[ $dir == 1 ]]; then + mkdir "backup-$(date)" 2&> /dev/null + mkdir ip_table_backup 2&> /dev/null + mkdir proxies 2&> /dev/null +fi + # Check for command line arguments if [[ "$1" != "" ]]; then case $1 in - '-i' | '--install' ) - bash depconf.sh && menu - esac + '-i' | '--install' ) + bash depconf.sh && menu + esac fi if [[ "$1" != "" ]]; then - case $1 in - '-s' | '--status' ) - logo && check=1 - sleep 2 - status - esac + case $1 in + '-s' | '--status' ) + stus=1 && status + esac fi if [[ "$1" != "" ]]; then - case $1 in - '-t' | '--terminal' ) - torsocks python -m pymux #|| . torsocks on - esac + case $1 in + '-t' | '--terminal' ) + torsocks python -m pymux #|| . torsocks on + esac fi -function go(){ + +function init_x(){ # Print banner logo # print intro @@ -506,23 +605,20 @@ function go(){ menu } -# Creating dirs, we don't want them to have messed up perms -# if dir exists STDERR to /dev/null -mkdir "backup-$(date)" 2&> /dev/null -mkdir ip_table_backup 2&> /dev/null -mkdir proxies 2&> /dev/null +# Check to see if VeraCrypt is installed +if [[ -z $(which veracrypt) ]]; then stat installed.log > /dev/null && bash depconf.sh --crypto && menu; fi # Check for root if [[ "$EUID" -ne 0 ]]; then - warning "Some operations require Root to run." - read -p "Continue as normal user? [Y]es/[N]o " choice - if [[ $choice == 'Y' || $choice == 'y' ]]; then - stat installed.log > /dev/null && go || warning "Dependencies missing, restart the script with --install" && exit 1 + warning "Some operations require Root to run." + read -p "Continue as normal user? [Y]es/[N]o " choice + if [[ $choice == 'Y' || $choice == 'y' ]]; then + stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 else - warning "User Aborted" + warning "User Aborted" exit 1 - fi + fi else # Check to see if depconf.sh has been succesfully executed - stat installed.log > /dev/null && go || warning "Dependencies missing, restart the script with --install" && exit 1 + stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 fi From 688d83d179572518434c8d5cbcbb577a6122d608 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 04:38:02 +0000 Subject: [PATCH 05/29] Version 1.1.0 Update From 636fbcb68c42804acc377be70441edd8610910dc Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 04:42:36 +0000 Subject: [PATCH 06/29] Update netset-main.sh --- netset-main.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/netset-main.sh b/netset-main.sh index 5c2d27d..9179293 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -177,7 +177,7 @@ function chmac(){ if [[ $choice == 'c' || $choice == 'C' ]]; then read -p 'Enter Custom MAC: ' value for x in $IFACES; do sudo macchanger --mac=$value $x; done - notification "Done" && sleep 4 + notification "Done" && sleep 4 else warning "Unhandled Option" fi @@ -495,13 +495,13 @@ function resources(){ printf "%b \n" ;; "Quit") - break + break ;; *) echo invalid option;; esac done - menu + menu } @@ -613,12 +613,12 @@ if [[ "$EUID" -ne 0 ]]; then warning "Some operations require Root to run." read -p "Continue as normal user? [Y]es/[N]o " choice if [[ $choice == 'Y' || $choice == 'y' ]]; then - stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 + stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 else - warning "User Aborted" + warning "User Aborted" exit 1 - fi + fi else # Check to see if depconf.sh has been succesfully executed - stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 + stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 fi From 73b68cae6e1a1e92ecf7539c6cf25b09ca878223 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 04:46:13 +0000 Subject: [PATCH 07/29] Update netset-main.sh --- netset-main.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/netset-main.sh b/netset-main.sh index 9179293..169c802 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -177,7 +177,7 @@ function chmac(){ if [[ $choice == 'c' || $choice == 'C' ]]; then read -p 'Enter Custom MAC: ' value for x in $IFACES; do sudo macchanger --mac=$value $x; done - notification "Done" && sleep 4 + notification "Done" && sleep 4 else warning "Unhandled Option" fi @@ -383,7 +383,7 @@ function pw_ops(){ do case $opt in "Generate 16char password") - clear && pwgen --secure 16 1 + clear && pwgen --secure 16 1 read -p "Enter any button to continue..." null && logo echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit @@ -495,13 +495,13 @@ function resources(){ printf "%b \n" ;; "Quit") - break + break ;; *) echo invalid option;; esac done - menu + menu } @@ -613,12 +613,12 @@ if [[ "$EUID" -ne 0 ]]; then warning "Some operations require Root to run." read -p "Continue as normal user? [Y]es/[N]o " choice if [[ $choice == 'Y' || $choice == 'y' ]]; then - stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 + stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 else - warning "User Aborted" + warning "User Aborted" exit 1 - fi + fi else # Check to see if depconf.sh has been succesfully executed - stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 + stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 fi From d2056cda261e58fe7a7fde571381bdc46627fad3 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 04:55:05 +0000 Subject: [PATCH 08/29] Update netset-main.sh --- netset-main.sh | 49 ++++++++++++++++++++++++------------------------- 1 file changed, 24 insertions(+), 25 deletions(-) diff --git a/netset-main.sh b/netset-main.sh index 169c802..11f36fd 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -177,7 +177,7 @@ function chmac(){ if [[ $choice == 'c' || $choice == 'C' ]]; then read -p 'Enter Custom MAC: ' value for x in $IFACES; do sudo macchanger --mac=$value $x; done - notification "Done" && sleep 4 + notification "Done" && sleep 4 else warning "Unhandled Option" fi @@ -201,7 +201,7 @@ function status(){ sudo protonvpn-cli --status && sleep 3.5 || warning "ProtonVPN not configured" notification "Loading relevant services status..." && sleep 2 - sudo systemctl status tor.service + sudo systemctl status tor.service tr=$(sudo systemctl status tor.service) case $tr in # Does the var contain the string below? @@ -210,7 +210,7 @@ function status(){ ;; esac - sudo systemctl status openvpn.service + sudo systemctl status openvpn.service ovpn=$(sudo systemctl status openvpn.service) case $ovpn in # Does the var contain the string below? @@ -219,7 +219,7 @@ function status(){ ;; esac - sudo systemctl status dnscrypt-proxy.service + sudo systemctl status dnscrypt-proxy.service dnsc=$(sudo systemctl status dnscrypt-proxy.service) case $dnsc in # Does the var contain the string below? @@ -383,37 +383,36 @@ function pw_ops(){ do case $opt in "Generate 16char password") - clear && pwgen --secure 16 1 - read -p "Enter any button to continue..." null && logo - echo -e " + clear && pwgen --secure 16 1 + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" - printf "%b \n" + printf "%b \n" ;; "Generate 32char password") clear && pwgen --secure 32 1 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" printf "%b \n" ;; "Generate 16char batch") clear && pwgen --secure 16 28 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" - printf "%b \n" ;; "Generate 32char batch") clear && pwgen --secure 32 14 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" - printf "%b \n" + printf "%b \n" ;; "Quit") break @@ -452,7 +451,7 @@ function cryptodrome(){ function resources(){ # Online resources logo - notification "View OPSEC related resources in your browser." + notification "View OPSEC related resources in your browser." PS3='Please enter your choice: ' options=("Valid MAC Addresses" "HiddenWall - Kernel Module FireWall" "OPSEC Resources - GreySec" "OPSEC Resources - TheGrugq" "OPSEC Presentations - TheGrugq" "Personal Security Guide - CryptoSeb" "OPSEC Blog - B3RN3D" "OPSEC & Privacy e-book - @CryptoCypher" "Quit") select opt in "${options[@]}" @@ -495,7 +494,7 @@ function resources(){ printf "%b \n" ;; "Quit") - break + break ;; *) echo invalid option;; esac @@ -576,22 +575,22 @@ fi # Check for command line arguments if [[ "$1" != "" ]]; then case $1 in - '-i' | '--install' ) - bash depconf.sh && menu + '-i' | '--install' ) + bash depconf.sh && menu esac fi if [[ "$1" != "" ]]; then case $1 in - '-s' | '--status' ) - stus=1 && status + '-s' | '--status' ) + stus=1 && status esac fi if [[ "$1" != "" ]]; then case $1 in - '-t' | '--terminal' ) - torsocks python -m pymux #|| . torsocks on + '-t' | '--terminal' ) + torsocks python -m pymux #|| . torsocks on esac fi @@ -620,5 +619,5 @@ if [[ "$EUID" -ne 0 ]]; then fi else # Check to see if depconf.sh has been succesfully executed - stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 + stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 fi From e8c313db309ccb6ff6c0363b688ca14368ee2d73 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 04:56:56 +0000 Subject: [PATCH 09/29] Update netset-main.sh --- netset-main.sh | 89 +++++++++++++++++++++++++------------------------- 1 file changed, 45 insertions(+), 44 deletions(-) diff --git a/netset-main.sh b/netset-main.sh index 11f36fd..22d45a8 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -66,7 +66,7 @@ function notification_b() { } function logo(){ - rng=$[ $RANDOM % 3 ] + rng=$[ $RANDOM % 3 ] clear echo -e "\n $CYAN @@ -76,7 +76,7 @@ function logo(){ ██║╚██╗██║██╔══╝ ██║ ╚════██║██╔══╝ ██║ ██║ ╚████║███████╗ ██║ ███████║███████╗ ██║ ╚═╝ ╚═══╝╚══════╝ ╚═╝ ╚══════╝╚══════╝ ╚═╝ - # ${VeR[$rng]} + # ${VeR[$rng]} ################################################### $CYAN #$GREEN--|Operational Security Utility $CYAN #$GREEN--|Authored by Vector/NullArray @@ -113,12 +113,12 @@ function usage(){ echo -e "$CYAN +------------------------------------------------------> | $RESET Options Overview $RESET $CYAN -+------------------------------------------> -$CYAN|$RESET CLI Arguments -$CYAN|$RESET '-t' or '--terminal' Starts -$CYAN|$RESET terminal multiplexer with all -$CYAN|$RESET connections routed through Tor -$CYAN|$RESET ++------------------------------------------> +$CYAN|$RESET CLI Arguments +$CYAN|$RESET '-t' or '--terminal' Starts +$CYAN|$RESET terminal multiplexer with all +$CYAN|$RESET connections routed through Tor +$CYAN|$RESET $CYAN|$RESET '-s' or '--status' prints a status $CYAN|$RESET overview of NetSet related network $CYAN|$RESET utilities and their current state. @@ -177,7 +177,7 @@ function chmac(){ if [[ $choice == 'c' || $choice == 'C' ]]; then read -p 'Enter Custom MAC: ' value for x in $IFACES; do sudo macchanger --mac=$value $x; done - notification "Done" && sleep 4 + notification "Done" && sleep 4 else warning "Unhandled Option" fi @@ -201,7 +201,7 @@ function status(){ sudo protonvpn-cli --status && sleep 3.5 || warning "ProtonVPN not configured" notification "Loading relevant services status..." && sleep 2 - sudo systemctl status tor.service + sudo systemctl status tor.service tr=$(sudo systemctl status tor.service) case $tr in # Does the var contain the string below? @@ -210,7 +210,7 @@ function status(){ ;; esac - sudo systemctl status openvpn.service + sudo systemctl status openvpn.service ovpn=$(sudo systemctl status openvpn.service) case $ovpn in # Does the var contain the string below? @@ -219,7 +219,7 @@ function status(){ ;; esac - sudo systemctl status dnscrypt-proxy.service + sudo systemctl status dnscrypt-proxy.service dnsc=$(sudo systemctl status dnscrypt-proxy.service) case $dnsc in # Does the var contain the string below? @@ -384,54 +384,55 @@ function pw_ops(){ case $opt in "Generate 16char password") clear && pwgen --secure 16 1 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit -2) Generate 32char password 4) Generate 32char batch\n" - printf "%b \n" +2) Generate 32char password 4) Generate 32char batch\n" + printf "%b \n" ;; "Generate 32char password") clear && pwgen --secure 32 1 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit -2) Generate 32char password 4) Generate 32char batch\n" +2) Generate 32char password 4) Generate 32char batch\n" printf "%b \n" ;; "Generate 16char batch") clear && pwgen --secure 16 28 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" + printf "%b \n" - ;; + ;; "Generate 32char batch") clear && pwgen --secure 32 14 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit -2) Generate 32char password 4) Generate 32char batch\n" - printf "%b \n" - ;; +2) Generate 32char password 4) Generate 32char batch\n" + printf "%b \n" + ;; "Quit") break ;; *) echo invalid option;; esac done - + menu - + } # Launch and manage all disk encryption and password ops function cryptodrome(){ - logo + logo echo -e "Please select an action\n -[1] Password Generation +[1] Password Generation [2] Invoke online VeraCrypt documentation -[3] Invoke VeraCrypt Graphical User Interface +[3] Invoke VeraCrypt Graphical User Interface [Q] Quit to Main Menu\n" read -p "Enter Choice " choice if [[ $choice == '1' ]]; then pw_ops; fi @@ -442,16 +443,16 @@ function cryptodrome(){ sleep 2 && menu fi - + echo -e "Returning to main menu..." sleep 2 && menu - + } - + function resources(){ # Online resources logo - notification "View OPSEC related resources in your browser." + notification "View OPSEC related resources in your browser." PS3='Please enter your choice: ' options=("Valid MAC Addresses" "HiddenWall - Kernel Module FireWall" "OPSEC Resources - GreySec" "OPSEC Resources - TheGrugq" "OPSEC Presentations - TheGrugq" "Personal Security Guide - CryptoSeb" "OPSEC Blog - B3RN3D" "OPSEC & Privacy e-book - @CryptoCypher" "Quit") select opt in "${options[@]}" @@ -494,7 +495,7 @@ function resources(){ printf "%b \n" ;; "Quit") - break + break ;; *) echo invalid option;; esac @@ -575,22 +576,22 @@ fi # Check for command line arguments if [[ "$1" != "" ]]; then case $1 in - '-i' | '--install' ) - bash depconf.sh && menu + '-i' | '--install' ) + bash depconf.sh && menu esac fi if [[ "$1" != "" ]]; then case $1 in - '-s' | '--status' ) - stus=1 && status + '-s' | '--status' ) + stus=1 && status esac fi if [[ "$1" != "" ]]; then case $1 in - '-t' | '--terminal' ) - torsocks python -m pymux #|| . torsocks on + '-t' | '--terminal' ) + torsocks python -m pymux #|| . torsocks on esac fi @@ -619,5 +620,5 @@ if [[ "$EUID" -ne 0 ]]; then fi else # Check to see if depconf.sh has been succesfully executed - stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 + stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 fi From b278b58cc23ac8e34c1de02c760c4cdbb4f526c8 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 05:00:23 +0000 Subject: [PATCH 10/29] version 1.1.0 --- netset-main.sh | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/netset-main.sh b/netset-main.sh index 22d45a8..5b12e17 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -177,7 +177,7 @@ function chmac(){ if [[ $choice == 'c' || $choice == 'C' ]]; then read -p 'Enter Custom MAC: ' value for x in $IFACES; do sudo macchanger --mac=$value $x; done - notification "Done" && sleep 4 + notification "Done" && sleep 4 else warning "Unhandled Option" fi @@ -201,7 +201,7 @@ function status(){ sudo protonvpn-cli --status && sleep 3.5 || warning "ProtonVPN not configured" notification "Loading relevant services status..." && sleep 2 - sudo systemctl status tor.service + sudo systemctl status tor.service tr=$(sudo systemctl status tor.service) case $tr in # Does the var contain the string below? @@ -210,7 +210,7 @@ function status(){ ;; esac - sudo systemctl status openvpn.service + sudo systemctl status openvpn.service ovpn=$(sudo systemctl status openvpn.service) case $ovpn in # Does the var contain the string below? @@ -219,7 +219,7 @@ function status(){ ;; esac - sudo systemctl status dnscrypt-proxy.service + sudo systemctl status dnscrypt-proxy.service dnsc=$(sudo systemctl status dnscrypt-proxy.service) case $dnsc in # Does the var contain the string below? @@ -384,24 +384,24 @@ function pw_ops(){ case $opt in "Generate 16char password") clear && pwgen --secure 16 1 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" - printf "%b \n" + printf "%b \n" ;; "Generate 32char password") clear && pwgen --secure 32 1 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" printf "%b \n" ;; "Generate 16char batch") clear && pwgen --secure 16 28 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" @@ -409,11 +409,11 @@ function pw_ops(){ ;; "Generate 32char batch") clear && pwgen --secure 32 14 - read -p "Enter any button to continue..." null && logo - echo -e " + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" - printf "%b \n" + printf "%b \n" ;; "Quit") break @@ -452,7 +452,7 @@ function cryptodrome(){ function resources(){ # Online resources logo - notification "View OPSEC related resources in your browser." + notification "View OPSEC related resources in your browser." PS3='Please enter your choice: ' options=("Valid MAC Addresses" "HiddenWall - Kernel Module FireWall" "OPSEC Resources - GreySec" "OPSEC Resources - TheGrugq" "OPSEC Presentations - TheGrugq" "Personal Security Guide - CryptoSeb" "OPSEC Blog - B3RN3D" "OPSEC & Privacy e-book - @CryptoCypher" "Quit") select opt in "${options[@]}" @@ -495,7 +495,7 @@ function resources(){ printf "%b \n" ;; "Quit") - break + break ;; *) echo invalid option;; esac @@ -614,11 +614,11 @@ if [[ "$EUID" -ne 0 ]]; then read -p "Continue as normal user? [Y]es/[N]o " choice if [[ $choice == 'Y' || $choice == 'y' ]]; then stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 - else + else warning "User Aborted" exit 1 - fi + fi else - # Check to see if depconf.sh has been succesfully executed + # Check to see if depconf.sh has been succesfully executed stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 fi From 4b209fb81a89f0e0e2d27b84ea375f06a5434235 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 05:03:35 +0000 Subject: [PATCH 11/29] Update netset-main.sh --- netset-main.sh | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/netset-main.sh b/netset-main.sh index 5b12e17..ed63974 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -501,7 +501,7 @@ function resources(){ esac done - menu + menu } @@ -597,27 +597,28 @@ fi function init_x(){ - # Print banner - logo - # print intro - intro - # menu - menu - } + # Print banner + logo + # print intro + intro + # menu + menu + + } # Check to see if VeraCrypt is installed if [[ -z $(which veracrypt) ]]; then stat installed.log > /dev/null && bash depconf.sh --crypto && menu; fi # Check for root if [[ "$EUID" -ne 0 ]]; then - warning "Some operations require Root to run." - read -p "Continue as normal user? [Y]es/[N]o " choice - if [[ $choice == 'Y' || $choice == 'y' ]]; then - stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 - else + warning "Some operations require Root to run." + read -p "Continue as normal user? [Y]es/[N]o " choice + if [[ $choice == 'Y' || $choice == 'y' ]]; then + stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 + else warning "User Aborted" - exit 1 - fi + exit 1 + fi else # Check to see if depconf.sh has been succesfully executed stat installed.log > /dev/null && init_x || warning "Dependencies missing, restart the script with --install" && exit 1 From 9ffdf8478dd34bb0fbcb3ce36e3e93b16af474b5 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 05:06:05 +0000 Subject: [PATCH 12/29] Version 1.1.0 --- depconf.sh | 63 +++++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 55 insertions(+), 8 deletions(-) diff --git a/depconf.sh b/depconf.sh index 5897254..a228b67 100644 --- a/depconf.sh +++ b/depconf.sh @@ -196,7 +196,7 @@ Pin-Priority: 100 " > pinning.pref read -p 'Enter any button to to continue: ' null && clear notification "Preparations complete. Installing." sudo apt update && sudo apt install -y testing dnscrypt-proxy - sudo apt install -y unstable dnscrypt-proxy + sudo apt install -y unstable dnscrypt-proxy notification "Operations Completed" else os=$(uname -a) @@ -230,8 +230,45 @@ Pin-Priority: 100 " > pinning.pref fi notification "Task Completed" + } +# Install VeraCrypt and pwgen +function vera(){ + logo + echo -e "\n +Welcome to the config and dependency manager for NetSet. + +The latest release adds VeraCrypt. This provides the user +with the means to create encrypted volumes and keep data +safe. This version also installs 'pwgen' in order to +generate secure passwords conveniently.\n" + read -p 'Start installation? [Y]es/[N]o: ' choice + if [[ $choice == 'y' || $choice == 'Y' ]]; then + notification "Installing VeraCrypt" && sleep 2 + # Create dir to extract tar to + mkdir veracrypt && cd veracrypt + wget -O veracrypt.tar.bz2 https://launchpad.net/veracrypt/trunk/1.23/+download/veracrypt-1.23-setup.tar.bz2 + tar -xvjf veracrypt.tar.bz2 || warning "Something went wrong" && exit 1 + + MACHINE_TYPE=`uname -m` + if [[ ${MACHINE_TYPE} == 'x86_64' ]]; then + chmod +x veracrypt-1.23-setup-gui-x64 + ./veracrypt-1.23-setup-gui-x64 && notification "Installed VeraCrypt" + else + chmod +x veracrypt-1.23-setup-gui-x86 + ./veracrypt-1.23-setup-gui-x86 && notification "Installed VeraCrypt" + fi + # Back to depconf dir + cd .. + + # Install pwgen for secure password generation + if [[ -z $(which pwgen) ]]; then + notification "Installing 'pwgen' for secure password generation." && sleep 2 + sudo apt-get -y pwgen || warning "Something went wrong" && exit 1 + fi + fi + } function start(){ # Print banner @@ -245,14 +282,12 @@ Before making changes all relevant config files will be backed up in a directory labeled: 'backup- $(date) '\n" read -p 'Start installation? [Y]es/[N]o: ' choice if [[ $choice == 'y' || $choice == 'Y' ]]; then - - - # Install utilities + # Install utilities notification "Checking system utilities." && sleep 2 if [[ -z $(which pymux) ]]; then pip install pymux; fi if [[ -z $(which tor) ]]; then sudo apt-get -y install tor; fi if [[ -z $(which nmcli) ]]; then sudo apt-get -y install nmcli; fi - if [[ -z $(which torsocks) ]]; then sudo apt-get -y install torsocks; fi + if [[ -z $(which torsocks) ]]; then sudo apt-get -y install torsocks; fi if [[ -z $(which openvpn) ]]; then sudo apt-get -y install openvpn; fi if [[ -z $(which iptables) ]]; then sudo apt-get -y install iptables; fi if [[ -z $(which macchanger) ]]; then sudo apt-get -y install macchanger; fi @@ -260,7 +295,7 @@ be backed up in a directory labeled: 'backup- $(date) '\n" sudo apt-get -y install proxychains notification_b "Proxychains has been installed, run 'man proxychains' for details." - fi + fi notification "Packages checked." @@ -295,6 +330,18 @@ be backed up in a directory labeled: 'backup- $(date) '\n" warning "Installation Aborted" fi + # Install VeraCrypt + vera + } -# Start -start + +# Check to see if we only need to install VeraCrypt +if [[ "$1" != "" ]]; then + case $1 in + '--crypto' ) + vera + esac +else + # Install all + start +fi From f014c59031795d2f40b8afc46c08107f75a8802a Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 05:08:42 +0000 Subject: [PATCH 13/29] version 1.1.0 update --- depconf.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/depconf.sh b/depconf.sh index a228b67..0a4794c 100644 --- a/depconf.sh +++ b/depconf.sh @@ -196,7 +196,7 @@ Pin-Priority: 100 " > pinning.pref read -p 'Enter any button to to continue: ' null && clear notification "Preparations complete. Installing." sudo apt update && sudo apt install -y testing dnscrypt-proxy - sudo apt install -y unstable dnscrypt-proxy + sudo apt install -y unstable dnscrypt-proxy notification "Operations Completed" else os=$(uname -a) @@ -287,7 +287,7 @@ be backed up in a directory labeled: 'backup- $(date) '\n" if [[ -z $(which pymux) ]]; then pip install pymux; fi if [[ -z $(which tor) ]]; then sudo apt-get -y install tor; fi if [[ -z $(which nmcli) ]]; then sudo apt-get -y install nmcli; fi - if [[ -z $(which torsocks) ]]; then sudo apt-get -y install torsocks; fi + if [[ -z $(which torsocks) ]]; then sudo apt-get -y install torsocks; fi if [[ -z $(which openvpn) ]]; then sudo apt-get -y install openvpn; fi if [[ -z $(which iptables) ]]; then sudo apt-get -y install iptables; fi if [[ -z $(which macchanger) ]]; then sudo apt-get -y install macchanger; fi @@ -295,7 +295,7 @@ be backed up in a directory labeled: 'backup- $(date) '\n" sudo apt-get -y install proxychains notification_b "Proxychains has been installed, run 'man proxychains' for details." - fi + fi notification "Packages checked." @@ -337,7 +337,7 @@ be backed up in a directory labeled: 'backup- $(date) '\n" # Check to see if we only need to install VeraCrypt if [[ "$1" != "" ]]; then - case $1 in + case $1 in '--crypto' ) vera esac From a2f23b7d8b438f69eda4e7beb7833011588b4e4e Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 05:14:39 +0000 Subject: [PATCH 14/29] Update README.md --- README.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 84869a2..8a28ec0 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@ # NetSet -Operational Security utility and automator. +Operational Security utility and automator. NetSet has been updated to Version 1.1.0 + NetSet is designed to automate a number of operations that will help the user with securing their network traffic. It also provides an easy way to gather proxies and run utilities through Tor. @@ -30,6 +31,8 @@ This will install and configure everything you'll need for NetSet to function pr ### Update +From now on NetSet will install `veracrypt` and `pwgen` and provide automated features related to those utilities. + Using `sudo` to start the script will execute every operation within the script as root, this means you won't be prompted for your `sudo` password when an operation requires elevated privileges. However all items written by NetSet will consequently be owned by root as well, including backup directories. Last but not least; when considering security implications, it is not recommended to run everything with super user privileges. Starting the main script with `sudo` will be optional from now on to reflect the above considerations. @@ -65,6 +68,8 @@ Menu Options 'Tor Wall' - Configures iptables to force all connections through Tor. + 'Veracrypt' - Start encryption and + password gen menu 'OPSEC Resources'- Display NetSet's included list of web resources. Select an entry to open From 2044e62c71ff4690ad87ea2bf47689aecbada503 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 05:15:00 +0000 Subject: [PATCH 15/29] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8a28ec0..10be4a1 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # NetSet -Operational Security utility and automator. NetSet has been updated to Version 1.1.0 +Operational Security utility and automator. ( Version 1.1.0 ) NetSet is designed to automate a number of operations that will help the user with securing their From d1d724cf577448394ae9861a7d48e0b8f0165705 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 05:16:06 +0000 Subject: [PATCH 16/29] Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 10be4a1..bfea25a 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,8 @@ This will install and configure everything you'll need for NetSet to function pr ### Update -From now on NetSet will install `veracrypt` and `pwgen` and provide automated features related to those utilities. +From now on NetSet will install `veracrypt` and `pwgen` and provide automated operations related to those utilities on top of all the +features Version 1.0.0 provides. Using `sudo` to start the script will execute every operation within the script as root, this means you won't be prompted for your `sudo` password when an operation requires elevated privileges. However all items written by NetSet will consequently be owned by root as well, including backup directories. Last but not least; when considering security implications, it is not recommended to run everything with super user privileges. From d934a981b8330c82482f1b32e329a67774481d41 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 05:17:36 +0000 Subject: [PATCH 17/29] Update netset-main.sh --- netset-main.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/netset-main.sh b/netset-main.sh index ed63974..3406429 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -141,6 +141,8 @@ $CYAN|$RESET routed through Tor $CYAN|$RESET 'Tor Wall' - Configures iptables to $CYAN|$RESET force all connections $CYAN|$RESET through Tor. +$CYAN|$RESET 'Veracrypt' - Start encryption and +$CYAN|$RESET password gen menu $CYAN|$RESET 'OPSEC Resources'- Display NetSet's included $CYAN|$RESET list of web resources. $CYAN|$RESET Select an entry to open From 78da0e8ea8f100a91d929ab2c8f1c2168ada0bd1 Mon Sep 17 00:00:00 2001 From: NullArray Date: Sun, 4 Aug 2019 05:18:22 +0000 Subject: [PATCH 18/29] Update netset-main.sh --- netset-main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netset-main.sh b/netset-main.sh index 3406429..821340a 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -145,7 +145,7 @@ $CYAN|$RESET 'Veracrypt' - Start encryption and $CYAN|$RESET password gen menu $CYAN|$RESET 'OPSEC Resources'- Display NetSet's included $CYAN|$RESET list of web resources. -$CYAN|$RESET Select an entry to open +$CYAN|$RESET Select an entry to open $CYAN|$RESET it in your default browser $CYAN|$RESET $CYAN+----------------------------> $RESET From 9146b9285d0ccf50c97abe415606487e9a6bdf82 Mon Sep 17 00:00:00 2001 From: NullArray Date: Thu, 2 Jan 2020 06:24:46 +0000 Subject: [PATCH 19/29] Update depconf.sh --- depconf.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/depconf.sh b/depconf.sh index 0a4794c..f6d3ffe 100644 --- a/depconf.sh +++ b/depconf.sh @@ -319,9 +319,9 @@ be backed up in a directory labeled: 'backup- $(date) '\n" warning "Skipping Account Creation" if [[ -z $(which dialog) ]]; then sudo apt-get install -y dialog; fi - wget -O protonvpn-cli.sh https://gist.githubusercontent.com/NullArray/eec1d89a3171fc188f25cd633e26fba0/raw/1e359e2dca579aca2ad68b59111ef9bc58f593d2/protonvpn-cli.sh - chmod +x protonvpn-cli.sh - sudo ./protonvpn-cli.sh --install + pip3 install protonvpn-cli || sudo pip3 install protonvpn-cli + protonvpn init + fi fi fi From 99ad08fba6c1db8c3aed4652baf2b7b88146b97a Mon Sep 17 00:00:00 2001 From: NullArray Date: Thu, 2 Jan 2020 06:28:28 +0000 Subject: [PATCH 20/29] Update netset-main.sh --- netset-main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netset-main.sh b/netset-main.sh index 821340a..4ae4ca0 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -155,7 +155,7 @@ $CYAN+----------------------------> $RESET function vpn_ops(){ # Run VPN notification_b "Starting ProtonVPN menu" - sudo protonvpn-cli -m || warning "Something went wrong" + sudo protonvpn connect || warning "Something went wrong" notification "Done" && sleep 2 menu } From 4419e5b43c3b2187b931e5adc699e57853d24c26 Mon Sep 17 00:00:00 2001 From: NullArray Date: Mon, 6 Jan 2020 09:54:11 +0000 Subject: [PATCH 21/29] Update README.md --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index bfea25a..1877596 100644 --- a/README.md +++ b/README.md @@ -80,6 +80,10 @@ Menu Options ### Note Tested on Ubuntu 19.04 +The Python invocations to launch the web resources provided with NetSet are in 2.7 Syntax. If your OS doesn't +have Python2.7 changing the invocation from `python -m webbrowser URL` to `python3 -m webbrowser URL` should remdy any +compatibility issues, should you come across them in this regard. + I plan on expanding this tool in the future with even more OPSEC related resources and/or operations. Should you happen to come across a bug or have any questions regarding this tool. From a206e8c4eb7713d734241d1f5928fbed09a2afce Mon Sep 17 00:00:00 2001 From: NullArray Date: Mon, 6 Jan 2020 09:55:00 +0000 Subject: [PATCH 22/29] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 1877596..cc00dbd 100644 --- a/README.md +++ b/README.md @@ -81,8 +81,8 @@ Menu Options Tested on Ubuntu 19.04 The Python invocations to launch the web resources provided with NetSet are in 2.7 Syntax. If your OS doesn't -have Python2.7 changing the invocation from `python -m webbrowser URL` to `python3 -m webbrowser URL` should remdy any -compatibility issues, should you come across them in this regard. +have Python2.7 changing the invocation from `python -m webbrowser URL` to `python3 -m webbrowser URL` should +remedy any compatibility issues, should you come across them in this particular regard. I plan on expanding this tool in the future with even more OPSEC related resources and/or operations. From d83ed6c8453d4a73834a49f659809d43bd7f1a92 Mon Sep 17 00:00:00 2001 From: NullArray Date: Mon, 6 Jan 2020 10:23:08 +0000 Subject: [PATCH 23/29] Update netset-main.sh --- netset-main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netset-main.sh b/netset-main.sh index 4ae4ca0..ef05449 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -200,7 +200,7 @@ function status(){ echo -e "\n$CYAN Current External IP $RESET\n" curl https://api.myip.com && sleep 3.5 echo -e "\n\n$CYAN Current VPN Status$RESET\n" - sudo protonvpn-cli --status && sleep 3.5 || warning "ProtonVPN not configured" + protonvpn status && sleep 3.5 || warning "ProtonVPN not configured" notification "Loading relevant services status..." && sleep 2 sudo systemctl status tor.service From bb2d7994f3ef90373b136c38ac7834ac66f35d2f Mon Sep 17 00:00:00 2001 From: NullArray Date: Mon, 6 Jan 2020 10:31:38 +0000 Subject: [PATCH 24/29] Update netset-main.sh --- netset-main.sh | 71 +++++++++++++++++++++++++------------------------- 1 file changed, 35 insertions(+), 36 deletions(-) diff --git a/netset-main.sh b/netset-main.sh index ef05449..5f8a1d9 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -380,51 +380,50 @@ function ip_tabs(){ function pw_ops(){ logo PS3='Please enter your choice: ' - options=("Generate 16char password" "Generate 32char password" "Generate 16char batch" "Generate 32char batch" "Quit") - select opt in "${options[@]}" - do - case $opt in - "Generate 16char password") - clear && pwgen --secure 16 1 - read -p "Enter any button to continue..." null && logo - echo -e " + options=("Generate 16char password" "Generate 32char password" "Generate 16char batch" "Generate 32char batch" "Quit") + select opt in "${options[@]}" + do + case $opt in + "Generate 16char password") + clear && pwgen --secure 16 1 + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" - printf "%b \n" - ;; - "Generate 32char password") - clear && pwgen --secure 32 1 - read -p "Enter any button to continue..." null && logo - echo -e " + printf "%b \n" + ;; + "Generate 32char password") + clear && pwgen --secure 32 1 + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" - printf "%b \n" - ;; - "Generate 16char batch") - clear && pwgen --secure 16 28 - read -p "Enter any button to continue..." null && logo - echo -e " + printf "%b \n" + ;; + "Generate 16char batch") + clear && pwgen --secure 16 28 + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" - - printf "%b \n" - ;; - "Generate 32char batch") - clear && pwgen --secure 32 14 - read -p "Enter any button to continue..." null && logo - echo -e " + printf "%b \n" + ;; + "Generate 32char batch") + clear && pwgen --secure 32 14 + read -p "Enter any button to continue..." null && logo + echo -e " 1) Generate 16char password 3) Generate 16char batch 5) Quit 2) Generate 32char password 4) Generate 32char batch\n" - printf "%b \n" - ;; - "Quit") - break - ;; - *) echo invalid option;; - esac - done + printf "%b \n" + ;; + "Quit") + break + ;; + *) echo invalid option;; + esac + done - menu + menu } From f42fbcd71ad800f293071cde155bedd1c35da7c6 Mon Sep 17 00:00:00 2001 From: NullArray Date: Tue, 14 Apr 2020 18:55:21 +0000 Subject: [PATCH 25/29] Update netset-main.sh --- netset-main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netset-main.sh b/netset-main.sh index 5f8a1d9..9ba03a3 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -19,7 +19,7 @@ GREEN=$ESC"32;01m" # Working dir CWD=$(pwd) # Date -NOW=$(date) +NOW=$(date +"%d_%m_%Y") # Active connected interface IFACES=$(ip link | awk -F: '$0 !~ "lo|vir|wl|^[^0-9]"{print $2;getline}') From cb057505c9c5aab9b1e13350125c3a44b757fc43 Mon Sep 17 00:00:00 2001 From: NullArray Date: Tue, 21 Apr 2020 00:14:53 +0000 Subject: [PATCH 26/29] Update README.md --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index cc00dbd..0f89049 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,16 @@ Easy access to online OPSEC resources, the web resources in question can be open And more. +### DNSCrypt-Proxy Config + +Recently i've noticed that certain distros, even though they're Debian or Ubuntu derivatives don't seem to be able to +process the configuration file that gets downloaded through `apt` or is written out by means of NetSet's `debconf.sh` +script. + +Therefore i did some testing and managed to put together a `DNSCrypt-proxy.toml` file, based on original examples by +the DNSCrypt dev that appears to work on most systems. If you're interested find it [here](https://gist.github.com/NullArray/28958795b16f8eda7a5b0a69f8ce57fe). If you're still facing some trouble, please don't hesitate to open up a ticket. And i'll get back to you as soon as i am able to to help you troubleshoot. Thanks! + + ## Usage After cloning the repo navigate to the `NetSet` directory and run the following: From 94b33541b971ecb36c98e3b3f3dbee9eb05b089c Mon Sep 17 00:00:00 2001 From: NullArray Date: Tue, 21 Apr 2020 00:15:57 +0000 Subject: [PATCH 27/29] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 0f89049..f1fce62 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ process the configuration file that gets downloaded through `apt` or is written script. Therefore i did some testing and managed to put together a `DNSCrypt-proxy.toml` file, based on original examples by -the DNSCrypt dev that appears to work on most systems. If you're interested find it [here](https://gist.github.com/NullArray/28958795b16f8eda7a5b0a69f8ce57fe). If you're still facing some trouble, please don't hesitate to open up a ticket. And i'll get back to you as soon as i am able to to help you troubleshoot. Thanks! +the DNSCrypt dev that appears to work on most systems. If you're interested find it [here](https://gist.github.com/NullArray/28958795b16f8eda7a5b0a69f8ce57fe). If you're still facing some trouble, please don't hesitate to open up a ticket. And i'll get back to you as soon as i am able to, to help you troubleshoot. Thanks! ## Usage From 7ef2435859235c50c2f8dc11f64361255d6e885e Mon Sep 17 00:00:00 2001 From: NullArray Date: Fri, 17 Jul 2020 14:40:00 +0000 Subject: [PATCH 28/29] Update depconf.sh --- depconf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/depconf.sh b/depconf.sh index f6d3ffe..c55046b 100644 --- a/depconf.sh +++ b/depconf.sh @@ -306,7 +306,7 @@ be backed up in a directory labeled: 'backup- $(date) '\n" # Install proxy fetcher wget -O proxies/fetch.py https://raw.githubusercontent.com/stamparm/fetch-some-proxies/master/fetch.py && echo "Proxy Fetcher installed" >> installed.log - if [[ -z $(which protonvpn-cli) ]]; then + if [[ -z $(which protonvpn) ]]; then echo -e "Would you like to install ProtonVPN?" read -p '[Y]es/[N]o ' choice if [[ $choice == 'y' || $choice == 'Y' ]]; then From 3ed25d98494906c84bb7e157e0591895ca84733e Mon Sep 17 00:00:00 2001 From: NullArray Date: Tue, 21 Jul 2020 08:51:43 +0000 Subject: [PATCH 29/29] Update netset-main.sh --- netset-main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netset-main.sh b/netset-main.sh index 9ba03a3..1ff0bc0 100644 --- a/netset-main.sh +++ b/netset-main.sh @@ -576,7 +576,7 @@ fi # Check for command line arguments if [[ "$1" != "" ]]; then - case $1 in + case $1 in '-i' | '--install' ) bash depconf.sh && menu esac