Spaces:
Runtime error
Runtime error
Petzys
commited on
Commit
·
06ee4f3
1
Parent(s):
8188823
added monitoring and red team script
Browse files- deployment_scripts/monitor.sh +18 -14
- deployment_scripts/red_team.sh +83 -0
deployment_scripts/monitor.sh
CHANGED
|
@@ -1,28 +1,32 @@
|
|
| 1 |
-
|
| 2 |
|
| 3 |
-
#
|
| 4 |
-
if [
|
| 5 |
-
echo "
|
| 6 |
exit 1
|
| 7 |
fi
|
| 8 |
|
| 9 |
-
|
| 10 |
-
|
| 11 |
-
echo "No HF_TOKEN provided. Please provide the token as the first argument."
|
| 12 |
exit 1
|
| 13 |
fi
|
| 14 |
-
|
| 15 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 16 |
exit 1
|
| 17 |
fi
|
| 18 |
|
| 19 |
# Monitor if the application is running and append result to log file
|
| 20 |
-
curl -sI http://paffenroth-23.dyn.wpi.edu:8011 | grep "200 OK" >>
|
| 21 |
if [ $? -eq 0 ]; then
|
| 22 |
-
echo "$(date): Application is running." >>
|
| 23 |
else
|
| 24 |
-
echo "$(date): Application is NOT running." >>
|
| 25 |
# Log in via SSH and rerun deploy.sh by pulling it with curl and executing directly
|
| 26 |
-
ssh -i
|
| 27 |
-
"curl -fsSL https://
|
| 28 |
fi
|
|
|
|
| 1 |
+
#!/bin/bash
|
| 2 |
|
| 3 |
+
# Check arguments
|
| 4 |
+
if [ -z "$1" ]; then
|
| 5 |
+
echo "No HF_TOKEN provided. Please provide the token as the first argument."
|
| 6 |
exit 1
|
| 7 |
fi
|
| 8 |
|
| 9 |
+
if [ -z "$2" ]; then
|
| 10 |
+
echo "No SSH private key path provided. Please provide it as the second argument."
|
|
|
|
| 11 |
exit 1
|
| 12 |
fi
|
| 13 |
+
|
| 14 |
+
HF_TOKEN="$1"
|
| 15 |
+
KEY_PATH="$2"
|
| 16 |
+
|
| 17 |
+
# Check if the provided key exists
|
| 18 |
+
if [ ! -f "$KEY_PATH" ]; then
|
| 19 |
+
echo "SSH private key $KEY_PATH not found. Please ensure it exists."
|
| 20 |
exit 1
|
| 21 |
fi
|
| 22 |
|
| 23 |
# Monitor if the application is running and append result to log file
|
| 24 |
+
curl -sI http://paffenroth-23.dyn.wpi.edu:8011 | grep "200 OK" >> ~/xkcd_finder_monitor.log
|
| 25 |
if [ $? -eq 0 ]; then
|
| 26 |
+
echo "$(date): Application is running." >> ~/xkcd_finder_monitor.log
|
| 27 |
else
|
| 28 |
+
echo "$(date): Application is NOT running." >> ~/xkcd_finder_monitor.log
|
| 29 |
# Log in via SSH and rerun deploy.sh by pulling it with curl and executing directly
|
| 30 |
+
ssh -i "$KEY_PATH" -o StrictHostKeyChecking=no -p 22011 student-admin@paffenroth-23.dyn.wpi.edu \
|
| 31 |
+
"curl -fsSL https://github.com/Badrivishal/xkcd_finder/raw/refs/heads/main/deployment_scripts/deploy.sh | sudo bash -s -- $HF_TOKEN"
|
| 32 |
fi
|
deployment_scripts/red_team.sh
ADDED
|
@@ -0,0 +1,83 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
#!/usr/bin/env bash
|
| 2 |
+
set -euo pipefail
|
| 3 |
+
|
| 4 |
+
# ssh_port_scan.sh
|
| 5 |
+
# Usage: ./ssh_port_scan.sh /path/to/private_key [host]
|
| 6 |
+
# Tries SSH on ports 22001..22035 and runs "whoami; hostname; uptime" for successful connections.
|
| 7 |
+
# Appends all findings to ~/ssh_port_scan.log
|
| 8 |
+
|
| 9 |
+
KEY_PATH="${1:-}"
|
| 10 |
+
HOST="${2:-paffenroth-23.dyn.wpi.edu}"
|
| 11 |
+
USER="student-admin"
|
| 12 |
+
PORT_START=22001
|
| 13 |
+
PORT_END=22035
|
| 14 |
+
CONNECT_TIMEOUT=5
|
| 15 |
+
LOGFILE="${HOME}/ssh_port_scan.log"
|
| 16 |
+
|
| 17 |
+
# Validate key argument
|
| 18 |
+
if [[ -z "$KEY_PATH" ]]; then
|
| 19 |
+
echo "Usage: $0 /path/to/private_key [host]" >&2
|
| 20 |
+
exit 2
|
| 21 |
+
fi
|
| 22 |
+
|
| 23 |
+
if [[ ! -f "$KEY_PATH" ]]; then
|
| 24 |
+
echo "Error: Key file not found: $KEY_PATH" >&2
|
| 25 |
+
exit 3
|
| 26 |
+
fi
|
| 27 |
+
|
| 28 |
+
if ! command -v ssh >/dev/null 2>&1; then
|
| 29 |
+
echo "Error: ssh is required but not found in PATH." >&2
|
| 30 |
+
exit 4
|
| 31 |
+
fi
|
| 32 |
+
|
| 33 |
+
# Header for this run in the log
|
| 34 |
+
run_ts=$(date --iso-8601=seconds 2>/dev/null || date +"%Y-%m-%dT%H:%M:%S%z")
|
| 35 |
+
{
|
| 36 |
+
echo "===================="
|
| 37 |
+
echo "SSH port scan run: ${run_ts}"
|
| 38 |
+
echo "Host: ${HOST}"
|
| 39 |
+
echo "Key: ${KEY_PATH}"
|
| 40 |
+
echo "Ports: ${PORT_START}-${PORT_END}"
|
| 41 |
+
echo ""
|
| 42 |
+
} >>"$LOGFILE"
|
| 43 |
+
|
| 44 |
+
echo "Starting scan ${PORT_START}-${PORT_END} against ${USER}@${HOST} (log: ${LOGFILE})"
|
| 45 |
+
|
| 46 |
+
found_any=0
|
| 47 |
+
|
| 48 |
+
for port in $(seq "$PORT_START" "$PORT_END"); do
|
| 49 |
+
printf "Testing port %5d ... " "$port"
|
| 50 |
+
tmp=$(mktemp)
|
| 51 |
+
# run the verification commands on the remote host; BatchMode prevents password prompts
|
| 52 |
+
if ssh -i "$KEY_PATH" -p "$port" \
|
| 53 |
+
-o StrictHostKeyChecking=no -o ConnectTimeout="$CONNECT_TIMEOUT" \
|
| 54 |
+
-o BatchMode=yes -o IdentitiesOnly=yes \
|
| 55 |
+
"${USER}@${HOST}" "whoami; hostname; uptime" >"$tmp" 2>&1; then
|
| 56 |
+
printf "SUCCESS\n"
|
| 57 |
+
found_any=1
|
| 58 |
+
ts=$(date +"%Y-%m-%d %H:%M:%S")
|
| 59 |
+
{
|
| 60 |
+
echo "----"
|
| 61 |
+
echo "Port: $port"
|
| 62 |
+
echo "Time: $ts"
|
| 63 |
+
echo "Result:"
|
| 64 |
+
cat "$tmp"
|
| 65 |
+
echo "----"
|
| 66 |
+
echo ""
|
| 67 |
+
} >>"$LOGFILE"
|
| 68 |
+
echo " -> Logged successful result for port $port to $LOGFILE"
|
| 69 |
+
else
|
| 70 |
+
ssh_ret=$?
|
| 71 |
+
printf "no connection (exit=%d)\n" "$ssh_ret"
|
| 72 |
+
echo "$(date +"%Y-%m-%d %H:%M:%S") - port $port - exit $ssh_ret" >>"$LOGFILE"
|
| 73 |
+
fi
|
| 74 |
+
rm -f "$tmp"
|
| 75 |
+
done
|
| 76 |
+
|
| 77 |
+
if [[ $found_any -eq 1 ]]; then
|
| 78 |
+
echo "One or more successful SSH connections were logged to: $LOGFILE"
|
| 79 |
+
exit 0
|
| 80 |
+
else
|
| 81 |
+
echo "No reachable SSH server found in ports ${PORT_START}-${PORT_END}."
|
| 82 |
+
exit 1
|
| 83 |
+
fi
|