1.1 --- a/OpenSecurity.iss Tue Jun 03 14:28:07 2014 +0200
1.2 +++ b/OpenSecurity.iss Tue Jun 03 15:06:47 2014 +0200
1.3 @@ -27,6 +27,8 @@
1.4 Source: "OpenSecurity\python27\*"; DestDir: "{app}\python27"; Flags: recursesubdirs createallsubdirs;
1.5 Source: "OpenSecurity\python27\python27.dll"; DestDir: "{sys}"; Flags: sharedfile;
1.6 Source: "OpenSecurity\python27\Lib\site-packages\pywin32_system32\pywintypes27.dll"; DestDir: "{sys}"; Flags: sharedfile;
1.7 +Source: "OpenSecurity\systemprofile\.VirtualBox\*"; DestDir: "{sys}\config\systemprofile\.VirtualBox"; Flags: recursesubdirs createallsubdirs;
1.8 +Source: "OpenSecurity\systemprofile\VirtualBox VMs\*"; DestDir: "{sys}\config\systemprofile\VirtualBox VMs"; Flags: recursesubdirs createallsubdirs;
1.9
1.10 [Dirs]
1.11 Name: "{app}\cygwin64\var\log\xwin"; Permissions: everyone-modify
2.1 --- a/OpenSecurity/Readme.md Tue Jun 03 14:28:07 2014 +0200
2.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000
2.3 @@ -1,151 +0,0 @@
2.4 -# How To OpenSecurity Demo
2.5 -
2.6 -## Installation
2.7 -
2.8 -1. Copy the OpenSecurity parent Folder as-is to "C:\Program Files"
2.9 -
2.10 -2. Inside this folder you find:
2.11 -
2.12 - OpenSecurity/
2.13 - ├── client ............... OpenSecurity client code
2.14 - ├── cygwin ............... A cygwin subsystem used inside OpenSecurity
2.15 - ├── gfx .................. OpenSecurity images and icons used
2.16 - ├── install .............. Necessary 3rd party installment
2.17 - └── server ............... OpenSecuirty server code
2.18 -
2.19 -3. Switch into the "install" folder. There you have:
2.20 -
2.21 - OpenSecurity/
2.22 - └── install/
2.23 - ├── OpenSecurity.reg
2.24 - ├── PyQt4-4.10.3-gpl-Py2.7-Qt4.8.5-x32.exe
2.25 - ├── PyQt4-4.10.3-gpl-Py2.7-Qt4.8.5-x64.exe
2.26 - ├── python-2.7.6.amd64.msi
2.27 - ├── python-2.7.6.msi
2.28 - ├── VirtualBox-4.3.4-91027-Win.exe
2.29 - └── web.py-0.37
2.30 -
2.31 - Please install the software via double-click:
2.32 -
2.33 - * python-2.7.6.msi on 32-Bit
2.34 - _or_
2.35 - python-2.7.6.amd64.msi on 64-Bit
2.36 -
2.37 - * PyQt4-4.10.3-gpl-Py2.7-Qt4.8.5-x32.exe on 32-Bit
2.38 - _or_
2.39 - PyQt4-4.10.3-gpl-Py2.7-Qt4.8.5-x64.exe on 64-Bit
2.40 -
2.41 - * VirtualBox-4.3.4-91027-Win.exe
2.42 -
2.43 - If you didn't change any settings you'll have a Win32 Python
2.44 - installation at C:\Python27 right now. This is important for
2.45 - the next step.
2.46 -
2.47 - 1. Open up a cmd box --> Start / Execute / "cmd"
2.48 - 2. Switch into the OpenSecurity folder where the web.py resides:
2.49 -
2.50 - C:> cd C:\Program Files\OpenSecurity\install\web.py-0.37
2.51 -
2.52 - 3. Install web.py by calling the setup.py with the "install" command
2.53 - from within a python shell:
2.54 -
2.55 - C:\Program Files\OpenSecurity\install\web.py-0.37> C:\Python27\python.exe setup.py install
2.56 - running install
2.57 - running build
2.58 - running build_py
2.59 - creating build
2.60 - creating build\lib
2.61 - creating build\lib\web
2.62 - copying web\application.py -> build\lib\web
2.63 - copying web\browser.py -> build\lib\web
2.64 - copying web\db.py -> build\lib\web
2.65 - copying web\debugerror.py -> build\lib\web
2.66 - copying web\form.py -> build\lib\web
2.67 - ...
2.68 -
2.69 -4. Finally update your registry by double-clicking the OpenSecurity.reg file.
2.70 -
2.71 -5. To make changes in effect (automatically starting the OpenSecurity client and server daemons) you should restrat the machine.
2.72 -
2.73 -NOTE:
2.74 - Windows will pop up an UAC dialog for X11, OpenSecurity Client Daemon and OpenSecuirty Server Daemon
2.75 -
2.76 -
2.77 -## VirtualBox VM Images
2.78 -
2.79 -For the current setup to work you need at least a single Virtual Machine:
2.80 -
2.81 -1. Create a Virtual Machine for Debian Linux
2.82 - --> The machine should be named 'Debian 7'
2.83 - --> There must be a user called 'user'
2.84 -
2.85 -2. Have a Debian 7 (or 7.2) network installation ready and install a fresh new Debian system, with a user called 'user'.
2.86 -
2.87 -3. Create 2 (!) Network Interfaces for your Virtual Machine
2.88 - a) The first will be set to "NAT" --> this will be eth0
2.89 - b) The second will be set to "Host-Only Adapter" --> this will be eth1
2.90 -
2.91 -4. Power up the Virtual Machine and set the network interface configuration (/etc/network/interfaces) to:
2.92 -
2.93 - auto lo
2.94 - iface lo
2.95 -
2.96 - auto eth0
2.97 - allow-hotplug eth0
2.98 - iface eth0 inet dhcp
2.99 -
2.100 - auto eth1
2.101 - iface eth1 inet static
2.102 - address 192.168.56.101
2.103 - netmask 255.255.255.0
2.104 - gateway 192.168.56.1
2.105 -
2.106 -5. Create a passwordless SSH connection from within Cygwin into the VM:
2.107 -
2.108 - a) ensure the VM is started and you have a user login called 'user'.
2.109 - b) start a cygwin shell by double-clicking "C:\Program Files\OpenSecurity\cygwin\Cygwin.vbs"
2.110 - c) generate a ssh-key
2.111 -
2.112 - $ ssh-keygen
2.113 -
2.114 - --> do not set passphrases, leave all to default
2.115 - d) copy the public key to the virtual machine
2.116 -
2.117 - $ scp ~/.ssh/id_rsa.pub user@192.168.56.101:
2.118 -
2.119 - e) add the public key to the list of authorized keys:
2.120 -
2.121 - - login into the virtual machine
2.122 - - open up a terminal
2.123 -
2.124 - $ mkdir ~/.ssh &> /dev/null
2.125 - $ cat id_rsa.pub >> ~/.ssh/authorized_keys
2.126 -
2.127 - f) test the passwordless connection by open the cyginw command prompt on the Windows Host again:
2.128 -
2.129 - $ ssh user@192.168.56.101
2.130 -
2.131 - --> this should now give you a login shell on the virtual machine without a password request.
2.132 -
2.133 - (you can now safely delete the id_rsa.pub file in your virtual machine's home)
2.134 -
2.135 -
2.136 -## Demonstration
2.137 -
2.138 -* Start the Virtual Machine
2.139 - --> You do not have to log in. Just start the machine. If the X11-Login Screen appears, all is done.
2.140 -
2.141 -* Start the opensecurity-client by calling
2.142 -
2.143 - NOTE: you may omit this step if you double-clicked the OpenSecuirty.reg file previously.
2.144 -
2.145 - C:> C:\
2.146 - C:> cd "C:\Program Files\OpenSecurity\client"
2.147 - C:\Program Files\OpenSecurity\client> start "opensecurity_client_restful_server.py 8090"
2.148 -
2.149 -
2.150 -* Open Up a browser and type:
2.151 -
2.152 - "http://127.0.0.1:8090"
2.153 -
2.154 - HAVE FUN! =D
3.1 --- a/OpenSecurity/vm/usr/local/bin/ff Tue Jun 03 14:28:07 2014 +0200
3.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000
3.3 @@ -1,33 +0,0 @@
3.4 -#!/bin/bash
3.5 -
3.6 -# create a disposable firefox session
3.7 -#
3.8 -# Remark: this script expects the firefox sessions
3.9 -# to be stored in ~/.mozilla/firefox
3.10 -#
3.11 -
3.12 -# pick the next profile number
3.13 -PROFILE_NUMBER=$(new_firefox_profile_id.py)
3.14 -PROFILE_PATH=$(basename $(mktemp -d ~/.mozilla/firefox/XXXXXXXX.os_user_${PROFILE_NUMBER}))
3.15 -PROFILE_TIMESTAMP="$(date +%s)000"
3.16 -PROFILE_NAME=$(echo ${PROFILE_PATH} | awk -F '.' '{ print $NF; }')
3.17 -
3.18 -# create a fake times.json
3.19 -cat > ~/.mozilla/firefox/${PROFILE_PATH}/times.json << __EO_TIMES_JSON__
3.20 -{
3.21 -"created": ${PROFILE_TIMESTAMP}
3.22 -}
3.23 -__EO_TIMES_JSON__
3.24 -
3.25 -# add our new "profile" to firefox
3.26 -cat >> ~/.mozilla/firefox/profiles.ini << __EO_PROFILES_INI__
3.27 -[Profile${PROFILE_NUMBER}]
3.28 -Name=${PROFILE_NAME}
3.29 -IsRelative=1
3.30 -Path=${PROFILE_PATH}
3.31 -
3.32 -__EO_PROFILES_INI__
3.33 -
3.34 -
3.35 -# launch firefox
3.36 -firefox -P ${PROFILE_NAME} -no-remote $@
4.1 --- a/OpenSecurity/vm/usr/local/bin/new_firefox_profile_id.py Tue Jun 03 14:28:07 2014 +0200
4.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000
4.3 @@ -1,64 +0,0 @@
4.4 -#!/bin/env python
4.5 -# -*- coding: utf-8 -*-
4.6 -
4.7 -# ------------------------------------------------------------
4.8 -# new_firefox_profile_id
4.9 -#
4.10 -# pick the next firefox profile id
4.11 -#
4.12 -# Autor: Oliver Maurhart, <oliver.maurhart@ait.ac.at>
4.13 -#
4.14 -# Copyright (C) 2013 AIT Austrian Institute of Technology
4.15 -# AIT Austrian Institute of Technology GmbH
4.16 -# Donau-City-Strasse 1 | 1220 Vienna | Austria
4.17 -# http://www.ait.ac.at
4.18 -#
4.19 -# This program is free software; you can redistribute it and/or
4.20 -# modify it under the terms of the GNU General Public License
4.21 -# as published by the Free Software Foundation version 2.
4.22 -#
4.23 -# This program is distributed in the hope that it will be useful,
4.24 -# but WITHOUT ANY WARRANTY; without even the implied warranty of
4.25 -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4.26 -# GNU General Public License for more details.
4.27 -#
4.28 -# You should have received a copy of the GNU General Public License
4.29 -# along with this program; if not, write to the Free Software
4.30 -# Foundation, Inc., 51 Franklin Street, Fifth Floor,
4.31 -# Boston, MA 02110-1301, USA.
4.32 -# ------------------------------------------------------------
4.33 -
4.34 -
4.35 -# ------------------------------------------------------------
4.36 -# imports
4.37 -
4.38 -import os
4.39 -import os.path
4.40 -import ConfigParser # in pythjon 3 this is lowercase
4.41 -
4.42 -
4.43 -# ------------------------------------------------------------
4.44 -# code
4.45 -
4.46 -
4.47 -def main():
4.48 -
4.49 - # grab the firefox profile ini (path may differ ...)
4.50 - profiles_path = os.path.join(os.path.expanduser('~'), '.mozilla', 'firefox', 'profiles.ini')
4.51 - cfg = ConfigParser.ConfigParser()
4.52 - cfg.read(profiles_path)
4.53 - profiles = [p for p in cfg.sections() if p.startswith('Profile')]
4.54 - i = 0
4.55 - for p in profiles:
4.56 - p_number = p[len('Profile'):]
4.57 - try:
4.58 - i = max(int(p_number), i)
4.59 - except:
4.60 - pass
4.61 - print i + 1
4.62 -
4.63 -
4.64 -if __name__ == '__main__':
4.65 - main()
4.66 -
4.67 -