#!/bin/bash

# Install PoshC2
echo ""
echo """
   __________            .__.     _________  ________
   \_______  \____  _____|  |__   \_   ___ \ \_____  \\\\
    |     ___/  _ \/  ___/  |  \  /    \  \/  /  ____/
    |    |   ( <_>)___  \|   Y  \ \     \____/       \\\\
    |____|   \____/____  >___|  /  \______  /\_______ \\\\
                       \/     \/          \/         \/
    ================= www.PoshC2.co.uk ================"""
echo ""
echo ""

if [[ $(id -u) -ne 0 ]]; then
    echo -e "[-] You must run this installer as root.\nQuitting!";
    exit 1;
fi

command -v apt >/dev/null 2>&1

if [ "$?" != "0" ]; then
    echo "[-] This install script must be run on a Debian based system with apt installed."
    echo "[-] Look at PoshC2's Docker support for running PoshC2 on none-Debian based systems."
    exit 1
fi

# A POSIX variable
OPTIND=1         # Reset in case getopts has been used previously in the shell.

# Initialize our own variables:
GIT_BRANCH="master"
MANUAL_BRANCH_SET=false
POSH_DIR="/opt/PoshC2"
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"

if [ -f "$SCRIPT_DIR/poshc2/server/C2Server.py" ]; then
    POSH_DIR="$SCRIPT_DIR"
fi

show_help(){
    echo "*** PoshC2 Install script ***"
    echo "Usage:"
    echo "./Install.sh -b <git branch> -p <Directory to clone PoshC2 to>"
    echo ""
    echo "Defaults are master branch to /opt/PoshC2"
}

while getopts "h?b:p:" opt; do
    case "$opt" in
    h|\?)
        show_help
        exit 0
        ;;
    b)  GIT_BRANCH="$OPTARG"
        MANUAL_BRANCH_SET=true
        ;;
    p)  POSH_DIR="$OPTARG"
        ;;
    esac
done

command -v git >/dev/null 2>&1

if [ "$?" != "0" ]; then
    echo "[*] Git not found - installing via apt"
    apt-get install -y git
fi

if [[ ! -d "$POSH_DIR" ]]; then
    # Git cloning PoshC2
    echo -e "\n[+] Installing PoshC2 in \"$POSH_DIR\" for branch \"$GIT_BRANCH\"\n"
    mkdir -p `dirname $POSH_DIR`
    git clone -b "$GIT_BRANCH" https://github.com/nettitude/PoshC2 "$POSH_DIR"
else
    pushd "$POSH_DIR" >/dev/null
    git fetch >/dev/null 2>&1
    if [ "$MANUAL_BRANCH_SET" == "false" ]; then
        GIT_BRANCH=`git rev-parse --abbrev-ref HEAD`
    fi
    echo -e "[+] Updating existing PoshC2 install at \"$POSH_DIR\" to branch \"$GIT_BRANCH\"\n"
    git stash
    git reset --hard origin/"$GIT_BRANCH"
fi

# Update apt
echo -e "\n[+] Performing apt-get update\n"
apt-get update

# Install requirements for PoshC2
echo -e "\n[+] Installing requirements using apt\n"
apt-get install -y screen python3 python3-dev python3-pip build-essential mingw-w64-tools mingw-w64 mingw-w64-x86-64-dev mingw-w64-i686-dev mingw-w64-common espeak graphviz mono-complete apt-transport-https vim nano python2.7 libpq-dev curl sudo sqlite3
apt-get install -y python3.8-dev python3-distutils python3-lib2to3 python3.7-dev python3.7 2>/dev/null

# Setting the minimum protocol to TLS1.0 to allow the python server to support TLSv1.0+
echo -e "\n[+] Updating TLS protocol minimum version in /etc/ssl/openssl.cnf"
echo "[+] Backup file generated - /etc/ssl/openssl.cnf.bak"
sed -i.bak 's/MinProtocol = TLSv1.2/MinProtocol = TLSv1.0/g' /etc/ssl/openssl.cnf

# Check if PIP is installed, if not install it
command -v pip3 > /dev/null 2>&1
if [ "$?" -ne "0"  ]; then
	echo -e "[+] Installing pip as this was not found\n"
	wget https://bootstrap.pypa.io/get-pip.py -O /tmp/get-pip.py >/dev/null
	python3 /tmp/get-pip.py >/dev/null
fi

echo ""
echo "[+] Installing requirements using pip"
echo "[+] python3 -m pipenv --three install"
echo ""
python3 -m pip install --upgrade pip > /dev/null
python3 -m pip install pandas pipenv > /dev/null
cd "$POSH_DIR"
python3 -m pipenv --three install >/dev/null

echo ""
echo "[+] Symlinking useful scripts to /usr/bin"
rm -f /usr/local/bin/_posh-common
rm -f /usr/local/bin/fpc
rm -f /usr/local/bin/posh
rm -f /usr/local/bin/posh-server
rm -f /usr/local/bin/posh-config
rm -f /usr/local/bin/posh-log
rm -f /usr/local/bin/posh-service
rm -f /usr/local/bin/posh-stop-service
rm -f /usr/local/bin/posh-update
rm -f /usr/local/bin/posh-cookie-decryptor
rm -f /usr/local/bin/posh-project
rm -f /usr/local/bin/sharpsocks
ln -s "$POSH_DIR/resources/scripts/_posh-common" /usr/local/bin/_posh-common
ln -s "$POSH_DIR/resources/scripts/fpc" /usr/local/bin/fpc
ln -s "$POSH_DIR/resources/scripts/posh" /usr/local/bin/posh
ln -s "$POSH_DIR/resources/scripts/posh-server" /usr/local/bin/posh-server
ln -s "$POSH_DIR/resources/scripts/posh-config" /usr/local/bin/posh-config
ln -s "$POSH_DIR/resources/scripts/posh-log" /usr/local/bin/posh-log
ln -s "$POSH_DIR/resources/scripts/posh-service" /usr/local/bin/posh-service
ln -s "$POSH_DIR/resources/scripts/posh-stop-service" /usr/local/bin/posh-stop-service
ln -s "$POSH_DIR/resources/scripts/posh-update" /usr/local/bin/posh-update
ln -s "$POSH_DIR/resources/scripts/posh-cookie-decrypter" /usr/local/bin/posh-cookie-decryptor
ln -s "$POSH_DIR/resources/scripts/posh-project" /usr/local/bin/posh-project
ln -s "$POSH_DIR/resources/scripts/sharpsocks" /usr/local/bin/sharpsocks
chmod +x "$POSH_DIR/resources/scripts/fpc"
chmod +x "$POSH_DIR/resources/scripts/posh"
chmod +x "$POSH_DIR/resources/scripts/posh-server"
chmod +x "$POSH_DIR/resources/scripts/posh-config"
chmod +x "$POSH_DIR/resources/scripts/posh-log"
chmod +x "$POSH_DIR/resources/scripts/posh-service"
chmod +x "$POSH_DIR/resources/scripts/posh-stop-service"
chmod +x "$POSH_DIR/resources/scripts/posh-update"
chmod +x "$POSH_DIR/resources/scripts/posh-cookie-decrypter"
chmod +x "$POSH_DIR/resources/scripts/posh-project"
chmod +x "$POSH_DIR/resources/scripts/sharpsocks"

mkdir -p "/var/poshc2/"
cp "$POSH_DIR/resources/config-template.yml" "/var/poshc2/config-template.yml"

echo "[+] Adding service files"
cp "$POSH_DIR/resources/scripts/poshc2.service" /lib/systemd/system/poshc2.service

# Install requirements of dotnet core for SharpSocks
echo ""
echo "[+] Adding microsoft debian repository & subsequent"
curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add - >/dev/null
echo "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-debian-stretch-prod stretch main" > /etc/apt/sources.list.d/dotnetdev.list
apt-get update
apt-get install -y dotnet-runtime-2.2 dotnet-hostfxr-2.2 dotnet-host libssl1.1
apt-get install -y libicu63

if [[ $(uname -a) == *"Ubuntu"* ]]; then
    apt-get install -y mono-reference-assemblies-4.0
    apt-get install -y mono-reference-assemblies-2.0
fi

echo ""
echo "[+] Setup complete"
echo """
   __________            .__.     _________  ________
   \_______  \____  _____|  |__   \_   ___ \ \_____  \\\\
    |     ___/  _ \/  ___/  |  \  /    \  \/  /  ____/
    |    |   ( <_>)___  \|   Y  \ \     \____/       \\\\
    |____|   \____/____  >___|  /  \______  /\_______ \\\\
                       \/     \/          \/         \/
    ================= www.PoshC2.co.uk ================"""
echo ""
echo "Create a new project with: "
echo "# posh-project -n <project-name>"
echo ""
echo "Then edit the config file - run: "
echo "# posh-config"
echo ""
echo "Then run:"
echo "# posh-server <-- This will run the C2 server, which communicates with Implants and receives task output"
echo "# posh <-- This will run the ImplantHandler, used to issue commands to the server and implants"
echo ""
echo "Other options:"
echo "posh-service <-- This will run the C2 server as a service instead of in the foreground"
echo "posh-stop-service <-- This will stop the service"
echo "posh-log <-- This will view the C2 log if the server is already running"
echo ""
echo "Add the following to your .bashrc or .zshrc to be able to quickly switch to the PoshC2 project directory using posh-dir"
echo "
function posh-dir(){
    cd \`posh-project -g\`
}
"