From 9d47cd69809bd54e2cfc939936532114e74766c5 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 26 Mar 2014 01:40:51 +0100 Subject: filehooker: add vsftp daemon --- filehooker/root-image/krebs/etc/vsftpd.conf | 12 ++++++++++++ filehooker/root-image/root/customize_root_image.sh | 10 ++++++++-- 2 files changed, 20 insertions(+), 2 deletions(-) create mode 100644 filehooker/root-image/krebs/etc/vsftpd.conf (limited to 'filehooker') diff --git a/filehooker/root-image/krebs/etc/vsftpd.conf b/filehooker/root-image/krebs/etc/vsftpd.conf new file mode 100644 index 00000000..d7fbcd3c --- /dev/null +++ b/filehooker/root-image/krebs/etc/vsftpd.conf @@ -0,0 +1,12 @@ +anonymous_enable=YES +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +ftpd_banner=Welcome to Filehooker share, use dc++ if you can +listen=YES +no_anon_password=YES +anon_root=/media +max_per_ip=2 +max_clients=20 +local_max_rate=1000000 +seccomp_sandbox=NO diff --git a/filehooker/root-image/root/customize_root_image.sh b/filehooker/root-image/root/customize_root_image.sh index 11912644..ae1442a5 100755 --- a/filehooker/root-image/root/customize_root_image.sh +++ b/filehooker/root-image/root/customize_root_image.sh @@ -16,12 +16,13 @@ useradd -m -p "" -g users -G "adm,audio,floppy,log,network,rfkill,scanner,storag mkdir -p /home/pimp/.ssh/ /root/.ssh/ cp /krebs/etc/authorized_keys /home/pimp/.ssh/ +cp /krebs/etc/vsftpd.conf /etc/ chown pimp -R /home/pimp/.ssh/ chmod 700 -R /home/pimp/.ssh/ cp /krebs/etc/authorized_keys /root/.ssh/ -useradd -m hooker ||: +useradd -m $ncdc_user ||: chown -R root:root /etc /root /krebs chmod 750 /etc/sudoers.d @@ -44,7 +45,7 @@ test ! -e /krebs/painload/Reaktor && \ tar xz -C "/krebs" && \ mv /krebs/painload-master /krebs/painload -useradd $reaktor_user || : +useradd -m $reaktor_user -s /krebs/bin/add-reaktor-secret.sh || : ## needed to see the hidden service hostname echo "$reaktor_user ALL=(tor) NOPASSWD: /krebs/bin/tor-get-hidden-service.sh" >> /etc/sudoers.d/reaktor echo "$reaktor_user ALL=(root) NOPASSWD: /krebs/bin/refresh-shares.ship" >> /etc/sudoers.d/reaktor @@ -55,6 +56,10 @@ cp /krebs/painload/Reaktor/etc/systemd/system/Reaktor@.service \ # add bonus features for filehooker cp -a /krebs/etc/Reaktor /krebs/painload (printf "%s\n%s\n" "$rootpw" "$rootpw" ) | passwd +cd /krebs/painload/Reaktor/ +touch auth.lst admin.lst +chown reaktor:reaktor auth.lst admin.lst + for i in multi-user.target \ pacman-init.service \ choose-mirror.service \ @@ -63,6 +68,7 @@ for i in multi-user.target \ filehooker-hostname.service \ start-ncdc@${ncdc_user}.service \ sshd.service \ + vsftpd.service \ tor.service ;do systemctl enable "$i" done -- cgit v1.2.3