Upload

Patching/KernelN-1.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+current_kernel=$(uname -r)
+new_kernel=$(apt-cache madison linux-image-generic | awk '{print $3}' | grep -E '5\.15\.0-[0-9]+-generic' | head -n 1)
+if [[ "$new_kernel" != "" && "$new_kernel" != "$current_kernel" ]]
+then
+    next_kernel=$(apt-cache madison linux-image-generic | awk '{print $3}' | grep -E '5\.15\.0-[0-9]+-generic' | head -n 2 | tail -n 1)
+    if [[ "$next_kernel" != "" ]]
+    then
+        sudo apt-get update
+        sudo apt-get install "$next_kernel" -y
+    fi
+fi

UbuntuJoinDomain.sh

@@ -0,0 +1,115 @@
+#!/bin/bash
+
+set -e
+
+# run dpkg-reconfigure unattended-upgrades and answer no unattended
+echo "Running dpkg-reconfigure unattended-upgrades..."
+echo "unattended-upgrades unattended-upgrades/enable_auto_updates boolean false" | sudo debconf-set-selections
+sudo dpkg-reconfigure -f noninteractive unattended-upgrades
+
+# mark linux-image-generic and linux-headers-generic as held back
+echo "Marking linux-image-generic and linux-headers-generic as held back..."
+sudo apt-mark hold linux-image-generic linux-headers-generic
+
+# upgrade the system
+echo "Upgrading the system..."
+sudo DEBIAN_FRONTEND=noninteractive apt upgrade -y
+
+# Update and install required packages for Active Directory
+sudo DEBIAN_FRONTEND=noninteractive apt update
+sudo DEBIAN_FRONTEND=noninteractive apt install -y realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
+
+# Install any additional software
+# Required packages for Ninja
+sudo DEBIAN_FRONTEND=noninteractive apt install -y net-tools network-manager policycoreutils
+
+# Load configuration file
+source config.sh
+
+# Set the username and password
+ADMINUSER=$ADMIN_USER
+#ADMINPASS=$ADMIN_PASSWORD
+
+# Set the hostname
+sudo hostnamectl set-hostname "$NEW_HOSTNAME"
+
+# Set /etc/host
+echo "127.0.0.1 localhost" | sudo tee /etc/hosts
+echo "$(hostname -I | cut -d' ' -f1) $HOST $NEW_HOSTNAME" | sudo tee -a /etc/hosts
+
+# Update and install required packages
+#sudo apt update
+#sudo apt install -y realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
+
+# Join the domain
+#echo "$ADMINPASS" | sudo -S realm join --user="$ADMINUSER" --computer-ou="$OU" "$DOMAIN"
+sudo -S realm join --user="$ADMINUSER" --computer-ou="$OU" "$DOMAIN"
+#work in progress - --computer-desc="$COMPUTER_DESC"
+
+# Configure PAM to create home directories for domain users on first login
+sudo bash -c "cat >> /usr/share/pam-configs/mkhomedir" << EOL
+Name: Activate mkhomedir
+Default: yes
+Priority: 900
+Session-Type: Additional
+Session:
+        required    pam_mkhomedir.so umask=0077 skel=/etc/skel
+EOL
+
+# Enable the mkhomedir PAM module
+sudo pam-auth-update --enable mkhomedir
+
+# Set permissions for the home directories
+sudo chmod 0700 /home/*
+
+# Configure SSSD
+sudo sed -i 's/use_fully_qualified_names = True/use_fully_qualified_names = False/g' /etc/sssd/sssd.conf
+
+# Deny login to all users
+sudo realm deny --all
+
+# Allow login to domain groups
+sudo realm permit -g "Domain Admins"
+sudo realm permit -g "Access - Admin - All Servers"
+sudo realm permit -g "Access - Admin - $HOST"
+
+# Set up sudoers file
+echo "%Domain\ Admins     ALL=(ALL:ALL)   ALL" | sudo tee /etc/sudoers.d/LocalAdmins > /dev/null
+echo "%Access\ -\ Admin\ -\ All\ Servers     ALL=(ALL)   ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
+echo "%Access\ -\ Admin\ -\ $HOST     ALL=(ALL)   ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
+
+# copy file from SCP server to local system
+sudo scp -r anonymous@ptiwa001:ninja-agent.deb ~/
+
+# install package using dpkg
+sudo dpkg -i ninja-agent.deb
+
+# copy file from SCP server to local system
+sudo scp -r anonymous@ptiwa001:falcon-sensor_6.46.0-14306.deb ~/
+
+# install package using dpkg
+sudo dpkg -i falcon-sensor_6.46.0-14306.deb
+ 
+# Run the additional command
+sudo /opt/CrowdStrike/falconctl -s --cid=D0511099B3FF494D8B87F48C4AB90201-56 
+
+# Remove packages that are not required
+sudo apt autoremove -y
+
+# Start Services
+sudo systemctl restart sssd
+sudo systemctl start ninjarmm-agent.service
+sudo systemctl start falcon-sensor
+
+# check the status of the services
+sudo systemctl | grep -E 'falcon-sensor|ninjarmm-agent|sssd.service'
+
+# Query user and print message
+id chagood && echo "Successfully queried Active Directory for user chagood"
+
+# Check if reboot is required
+if [ -f /var/run/reboot-required ]; then
+  echo -e "\033[31mA reboot is required.\033[0m"
+else
+  echo -e "\033[32mReboot not required.\033[0m"
+fi

config.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# Enter Admin username and set the domain name and new hostname
+ADMIN_USER="adm-"
+#***NO LONGER NEEDED***ADMIN_PASSWORD="admin_password"
+
+# Hostname with FDQN
+NEW_HOSTNAME="newhostname.peo.local"
+
+# Short name
+HOST="hostname"
+DOMAIN="peo.local"
+#***Notworking at the moment***DOMAIN_DESC="My domain description"
+
+# Enter the OU where the machine will reside in the domain
+OU="Paste destination OU"

old/CreatePW_json.py

@@ -0,0 +1,10 @@
+import json
+
+password_data = {
+    "username": "administrator",
+    "password": "password"
+}
+
+with open("/path/to/password.json", "w") as f:
+    json.dump(password_data, f)
+os.chmod("/path/to/password.json", 0o600)

old/Initial setup

@@ -0,0 +1,77 @@
+import subprocess
+
+# Set the domain name and administrator credentials
+domain_name = "example.com"
+admin_username = "administrator"
+admin_password = "password"
+
+# Set Hostname
+def set_hostname():
+    hostname = subprocess.run(["hostname"], stdout=subprocess.PIPE, check=True).stdout.decode().strip()
+    hostname = hostname.split(".")[0]
+    subprocess.run(["sudo", "hostnamectl", "set-hostname", hostname], check=True)
+
+# Install the necessary packages
+def install_packages():
+    packages = ["realmd", "libnss-sss", "libpam-sss", "sssd", "sssd-tools", "adcli", "samba-common-bin", "oddjob", "oddjob-mkhomedir", "packagekit", "python-ldap", "net-tools", "network-manager", "policycoreutils"]
+    subprocess.run(["sudo", "apt-get", "install", "-y", *packages], check=True)
+
+# Copy the files from the remote server
+def copy_files(file_name):
+    subprocess.run(["scp", "anonymous@ptiwa001:"+file_name, "~/"], check=True)
+
+# Join the domain using realm
+def join_domain():
+    subprocess.run(["sudo", "realm", "join", "--user", f"{admin_username}%'{admin_password}'", domain_name], check=True)
+    # Verify that the join was successful
+    result = subprocess.run(["sudo", "net", "ads", "testjoin"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if result.returncode == 0:
+        print("Successfully joined the domain")
+    else:
+        print("Failed to join the domain. Error: ",result.stderr.decode())
+
+# Activate creation of homedir
+def activate_mkhomedir():
+    subprocess.run(["sudo", "bash", "-c", "cat > /usr/share/pam-configs/mkhomedir <<EOF\nName: activate mkhomedir\nDefault: yes\nPriority: 900\nSession-Type: Additional\nSession:\n\tRequired\tpam_mkhomedir.so umask=0022 skel=/etc/skel\nEOF"], check=True)
+    subprocess.run(["sudo", "pam-auth-update", "--package", "--enable", "mkhomedir"], check=True)
+
+    # Set fully qualified domain names to false
+    subprocess.run(["sudo", "sed", "-i", "s/use_fully_qualified_names = True/use_fully_qualified_names = False/g", "/etc/sssd/sssd.conf"], check=True)
+    subprocess.run(["sudo", "systemctl", "restart", "sssd.service"], check=True)
+
+    # Install Falcon_sensor.deb file
+    subprocess.run(["sudo", "dpkg", "-i", "~/falcon-sensor_6.46.0-14306.deb"], check=True)
+
+    # Run additional Crowdstrike commands
+    subprocess.run(["sudo", "/opt/CrowdStrike/falconctl", "-s", "--cid=D0511099B3FF494D8B87F48C4AB90201-56"], check=True)
+    subprocess.run(["sudo", "systemctl", "start", "falcon-sensor"], check=True)
+    result = subprocess.run(["sudo", "systemctl", "status", "falcon-sensor"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if result.returncode == 0:
+        print("falcon-sensor service is running.")
+    else:
+        print("falcon-sensor service is not running. Error: ", result.stderr.decode())
+
+    # Install Ninja.deb file
+    subprocess.run(["sudo", "dpkg", "-i", "~/ninja-agent.deb"], check=True)
+
+    # Run additional Ninja commands
+    subprocess.run(["sudo", "systemctl", "start", "ninjarmm-agent.service"], check=True)
+    result = subprocess.run(["sudo", "systemctl", "status", "ninjarmm-agent.service"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if result.returncode == 0:
+        print("ninjarmm-agent service is running.")
+    else:
+        print("ninjarmm-agent service is not running. Error: ", result.stderr.decode())
+    
+    # Permit domain groups
+    hostname = subprocess.run(["hostname"], stdout=subprocess.PIPE, check=True).stdout.decode().strip()
+    group_name = f"Access - Admin - {hostname}"
+    subprocess.run(["sudo", "realm", "deny", "--all"], check=True)
+    subprocess.run(["sudo", "realm", "permit", "-g", "Domain Admins"], check=True)
+    subprocess.run(["sudo", "realm", "permit", "-g", "Access - Admin - All Servers"], check=True)
+    subprocess.run(["sudo", "realm", "permit", "-g", group_name], check=True)
+
+    # Edit the sudoers file
+    subprocess.run(["sudo", "visudo", "-f", "/etc/sudoers.d/LocalAdmins"], check=True)
+    subprocess.run(["sudo", "bash", "-c", f"echo '%Domain\ Admins     ALL=(ALL:ALL)   ALL' >> /etc/sudoers.d/LocalAdmins"], check=True)
+    subprocess.run(["sudo", "bash", "-c", f"echo '%Access\ -\ Admin\ -\ All\ Servers     ALL=(ALL)   ALL' >> /etc/sudoers.d/LocalAdmins"], check=True)
+    subprocess.run(["sudo", "bash", "-c", f"echo '%{group_name}     ALL=(ALL)   ALL' >> /etc/sudoers.d/LocalAdmins"], check=True)

old/Initial setup_old

@@ -0,0 +1,84 @@
+import subprocess
+
+# Set the domain name and administrator credentials
+domain_name = "example.com"
+admin_username = "administrator"
+admin_password = "password"
+
+# Set Hostname
+subprocess.run(["sudo", "hostnamectl", "set-hostname", "newhostname.peo.local"], check=True)
+
+# Install the necessary packages
+subprocess.run(["sudo", "apt-get", "install", "-y", "realmd", "libnss-sss", "libpam-sss", "sssd", "sssd-tools", "adcli", "samba-common-bin", "oddjob", "oddjob-mkhomedir", "packagekit", "python-ldap", "net-tools", "network-manager", "policycoreutils"], check=True)
+
+# Join the domain using realm
+subprocess.run(["sudo", "realm", "join", "--user", f"{admin_username}%'{admin_password}'", domain_name], check=True)
+
+# Copy the Falcon_senson.deb file from the remote server to the home directory
+subprocess.run(["scp", "anonymous@ptiwa001:falcon-sensor_6.46.0-14306.deb", "~/"], check=True)
+
+# Copy the ninja.deb file from the remote server to the home directory
+subprocess.run(["scp", "anonymous@ptiwa001:ninja-agent.deb", "~/"], check=True)
+
+# Verify that the join was successful
+result = subprocess.run(["sudo", "net", "ads", "testjoin"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+if result.returncode == 0:
+    print("Successfully joined the domain")
+else:
+    print("Failed to join the domain.")
+    # Activate creation of homedir
+    subprocess.run(["sudo", "bash", "-c", "cat > /usr/share/pam-configs/mkhomedir <<EOF\nName: activate mkhomedir\nDefault: yes\nPriority: 900\nSession-Type: Additional\nSession:\n\tRequired\tpam_mkhomedir.so umask=0022 skel=/etc/skel\nEOF"], check=True)
+    subprocess.run(["sudo", "pam-auth-update", "--package", "--enable", "mkhomedir"], check=True)
+
+    # Set fully qualified domain names to false
+    subprocess.run(["sudo", "sed", "-i", "s/use_fully_qualified_names = True/use_fully_qualified_names = False/g", "/etc/sssd/sssd.conf"], check=True)
+    subprocess.run(["sudo", "systemctl", "restart", "sssd.service"], check=True)
+
+    # Install Falcon_sensor.deb file
+    subprocess.run(["sudo", "dpkg", "-i", "~/file.deb"], check=True)
+
+    # Run additional Crowdstrike commands
+    subprocess.run(["sudo", "/opt/CrowdStrike/falconctl", "-s", "--cid=D0511099B3FF494D8B87F48C4AB90201-56"], check=True)
+    subprocess.run(["sudo", "systemctl", "start", "falcon-sensor"], check=True)
+    result = subprocess.run(["sudo", "systemctl", "status", "falcon-sensor"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+if result.returncode == 0:
+    print("falcon-sensor service is running.")
+else:
+    print("Failed to join the domain.")
+
+    # Install Ninja.deb file
+    subprocess.run(["sudo", "dpkg", "-i", "~/file.deb"], check=True)
+
+    # Run additional Ninja commands
+    subprocess.run(["sudo", "systemctl", "start", "ninjarmm-agent.service"], check=True)
+    result = subprocess.run(["sudo", "systemctl", "status", "ninjarmm-agent.service"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+if result.returncode == 0:
+    print("ninjarmm-agent service is running.")
+else:
+    print("ninjarmm-agent service is not running.")   
+
+#Deny all permissions
+subprocess.run(["sudo", "realm", "deny", "--all"], check=True)
+
+#Permit access for Domain Admins group
+subprocess.run(["sudo", "realm", "permit", "-g", "Domain Admins"], check=True)
+
+#Permit access for Access - Admin - All Servers group
+subprocess.run(["sudo", "realm", "permit", "-g", "Access - Admin - All Servers"], check=True)
+
+#get hostname
+hostname = subprocess.run(["hostname"], stdout=subprocess.PIPE, check=True).stdout.decode().strip()
+
+#Permit access for Access - Admin - hostname group
+subprocess.run(["sudo", "realm", "permit", "-g", f"Access - Admin - {hostname}"], check=True)
+
+#get hostname
+hostname = subprocess.run(["hostname"], stdout=subprocess.PIPE, check=True).stdout.decode().strip()
+
+#Edit the file using visudo
+subprocess.run(["sudo", "sh", "-c", "echo '%Domain\\ Admins     ALL=(ALL:ALL)   ALL' >> /etc/sudoers.d/LocalAdmins"], check=True)
+subprocess.run(["sudo", "sh", "-c", "echo '%Access\\ -\\ Admin\\ -\\ All\\ Servers     ALL=(ALL)   ALL' >> /etc/sudoers.d/LocalAdmins"], check=True)
+subprocess.run(["sudo", "sh", "-c", f"echo '%Access\\ -\\ Admin\\ -\\ {hostname}     ALL=(ALL)   ALL' >> /etc/sudoers.d/LocalAdmins"], check=True)
+
+print("Join to Domain, installation of Falson Sensor and Ninja Agent are complete")
+print(result.stderr.decode())

old/InstallCrowdStrike.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# copy file from SCP server to local system
+sudo scp -r anonymous@ptiwa001:falcon-sensor_6.46.0-14306.deb ~/
+
+# install package using dpkg
+sudo dpkg -i falcon-sensor_6.46.0-14306.deb
+
+# Run the additional command
+sudo /opt/CrowdStrike/falconctl -s --cid=D0511099B3FF494D8B87F48C4AB90201-56 
+
+# start the service
+sudo systemctl start falcon-sensor
+
+# check the status of the service
+sudo systemctl status falcon-sensor

old/InstallNinja.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+# copy file from SCP server to local system
+sudo scp -r anonymous@ptiwa001:ninja-agent.deb ~/
+
+# install package using dpkg
+sudo dpkg -i ninja-agent.deb
+
+# start the service
+sudo systemctl start ninjarmm-agent.service
+
+# check the status of the service
+sudo systemctl status ninjarmm-agent.service

old/LoginSudoGroups.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+# Load configuration file
+source config.sh
+
+# Deny login to all users
+sudo realm deny --all
+
+# Allow login to domain groups
+sudo realm permit -g "Domain Admins"
+sudo realm permit -g "Access - Admin - All Servers"
+sudo realm permit -g "Access - Admin - $NEW_HOSTNAME"
+
+# Set up sudoers file
+echo "%Domain\ Admins     ALL=(ALL:ALL)   ALL" | sudo tee /etc/sudoers.d/LocalAdmins > /dev/null
+echo "%Access\ -\ Admin\ -\ All\ Servers     ALL=(ALL)   ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
+echo "%Access\ -\ Admin\ -\ $NEW_HOSTNAME     ALL=(ALL)   ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null

old/Updates.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+set -e
+
+# run dpkg-reconfigure unattended-upgrades and answer no unattended
+echo "Running dpkg-reconfigure unattended-upgrades..."
+echo "unattended-upgrades unattended-upgrades/enable_auto_updates boolean false" | sudo debconf-set-selections
+sudo dpkg-reconfigure -f noninteractive unattended-upgrades
+
+# mark linux-image-generic and linux-headers-generic as held back
+echo "Marking linux-image-generic and linux-headers-generic as held back..."
+sudo apt-mark hold linux-image-generic linux-headers-generic
+
+# upgrade the system
+echo "Upgrading the system..."
+sudo DEBIAN_FRONTEND=noninteractive apt upgrade -y
+
+# Update and install required packages for Active Directory
+sudo DEBIAN_FRONTEND=noninteractive apt update
+sudo DEBIAN_FRONTEND=noninteractive apt install -y realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
+
+# Install any additional software
+# Required packages for Ninja
+sudo DEBIAN_FRONTEND=noninteractive apt install -y net-tools network-manager policycoreutils
+
+# Check if reboot is required
+if [ -f /var/run/reboot-required ]; then
+  echo -e "\033[31mA reboot is required.\033[0m"
+else
+  echo -e "\033[32mReboot not required.\033[0m"
+fi

old/adm.txt

@@ -0,0 +1,2 @@
+adm-chagood
+Wh@tAreMyD0gsNam3s