#!/bin/bash # ----------------------------------------------------------- # a simple post-install script to be used on a fedora system # there's a lot to be done yet... # ----------------------------------------------------------- # ----------------------------------------------------------- # verify sufficient privileges before running the rest # ----------------------------------------------------------- if [[ "$(id -u)" -ne 0 ]]; then echo "[x] Run as root. Exiting." exit 1 fi # ----------------------------------------------------------- # stores current folder, expects it to be a non-privileged # user's home (as you sudo-up, say, from your home before # running this) # ----------------------------------------------------------- tadyma=`pwd` utils_fol=$tadyma/utils # msfile location msfC_file=/usr/share/applications/metasploit-framework.desktop (xset r rate 217 87) # ----------------------------------------------------------- # upgrade packages (clear cache also) before proceeding with # any installations; enable testing repos to savor fresh juice # ----------------------------------------------------------- dnf config-manager --set-enabled updates dnf config-manager --set-enabled updates-testing dnf --setopt deltarpm=true upgrade --refresh # ----------------------------------------------------------- # install kernel-devel before anything else dnf install -yy kernel-devel # ----------------------------------------------------------- # enable rpmfusion-free repo # ----------------------------------------------------------- dnf install -yy http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm dnf config-manager --set-enabled rpmfusion-free # ----------------------------------------------------------- # zsh + oh-my-zsh + git + vim + rsync # ----------------------------------------------------------- dnf install -yy zsh git vim rsync cd sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)" cd $tadyma # ----------------------------------------------------------- # install the most important tools # ----------------------------------------------------------- dnf install -yy htop whois screen feh scrot gpicview p7zip unar dnf install -yy gnome-terminal terminator oathtool dnf install -yy gmrun redshift gparted ethtool keepassxc dnf install -yy xarchiver xfce4-settings screenfetch neofetch galculator dnf install -yy lightdm light-locker gnome-disk-utility thunderbird firefox vlc dnf install -yy lightdm-gtk-greeter-settings notify-send libreoffice-core dnf install -yy lxtask lxappearance lxdm lxpolkit volumeicon i3lock tor privoxy # ----------------------------------------------------------- # install class2-importance tools # ----------------------------------------------------------- dnf install -yy oggconvert pinta pdfmod youtube-dl #putty audacity guitarix frama-c # ----------------------------------------------------------- # thermal # ----------------------------------------------------------- dnf install -yy tlp tlp-rdw # ----------------------------------------------------------- # thinkpads only (additional batteries support, not needed here) # ----------------------------------------------------------- #dnf install http://repo.linrunner.de/fedora/tlp/repos/releases/tlp-release.fc$(rpm -E %fedora).noarch.rpm # akmod-tp_smapi (TLP repo) – optional ThinkPad only, tp-smapi is needed for battery charge thresholds, recalibration and specific status output of tlp-stat # akmod-acpi_call (TLP repo) – optional ThinkPad only, acpi-call is needed for battery charge thresholds and recalibration on Sandy Bridge and newer models (X220/T420, X230/T430 et al.) # kernel-devel (Fedora repo) – optional, needed for the akmod packages above #dnf install akmod-tp_smapi akmod-acpi_call kernel-devel # ----------------------------------------------------------- # set up python environment - TO DO # ----------------------------------------------------------- #dnf install python python3 \ #ipython # python env #virtualenv utils/venv #source utils/venv/bin/activate #virtualenv --clear #virtualenv --clear /utils/venv #rmvirtualenv utils/venv # ----------------------------------------------------------- # install openh264 for video support, see: # https://fedoraproject.org/wiki/OpenH264 # https://ask.fedoraproject.org/en/question/95637/h264-videos-not-working-in-firefox/ # https://ask.fedoraproject.org/en/question/120605/video-problems-on-firefox-on-fedora-28/ # https://www.youtube.com/html5 dnf install -yy gstreamer1-plugin-openh264 mozilla-openh264 dnf install -yy ffmpeg-libs compat-ffmpeg28 #dnf groupupdate -yy multimedia # ----------------------------------------------------------- # install additional packages # ----------------------------------------------------------- dnf install -yy flatpak # ----------------------------------------------------------- # much fun # ----------------------------------------------------------- dnf install -yy cmatrix #espeak fortune-mod banner dog # ----------------------------------------------------------- # nw-sec # ----------------------------------------------------------- dnf install -yy nmap aircrack-ng nethogs iptraf-ng wireshark nmap-ncat # ----------------------------------------------------------- # create a directory for utils in user's home # ----------------------------------------------------------- #mkdir $utils_fol #cd $utils_fol # hashcat #git clone https://github.com/hashcat/hashcat.git # John-the-Ripper #git clone https://github.com/magnumripper/JohnTheRipper.git -b bleeding-jumbo john # ----------------------------------------------------------- # metasploit framework - [!] add metasploit-framework.desktop to /usr/share/applications # for metasploit to be accessible to all root users, install it in root's home # ----------------------------------------------------------- ##cd /root ##curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && chmod 755 msfinstall && ./msfinstall -y ### next step expects metasploit .desktop file to be present in relative root dir ##cp metasploit-framework.desktop $msfC_file && chmod 0644 $msfC_file ##unset msfC_file cd $utils_fol # mitmproxy #pip3 install mitmproxy # setoolkit #sudo dnf install git python-pexpect python-pefile python-crypto pyOpenSSL #git clone https://github.com/trustedsec/social-engineer-toolkit/ set/ # sdtool #git clone https://github.com/BertoldVdb/sdtool.git # int0x80 # git clone https://github.com/int0x80/anti-forensics.git # git clone https://github.com/int0x80/windows.git # git clone https://github.com/int0x80/SweetSecurity.git # git clone https://github.com/int0x80/1337-Noms-The-Hacker-Cookbook.git # git clone https://github.com/int0x80/Packt-Publishing-Free-Learning.git # git clone https://github.com/int0x80/killallthehumans.git # git clone https://github.com/int0x80/githump.git # git clone https://github.com/int0x80/reversing.git # git clone https://github.com/int0x80/blog.git # git clone https://github.com/int0x80/iot-stuff.git # git clone https://github.com/int0x80/notes.git # git clone https://github.com/int0x80/dotfiles.git # vermaden's scripts # git clone https://github.com/vermaden/scripts.git $HOME/utils/vermaden-scripts cd $tadyma # ----------------------------------------------------------- # ibus - typing #imsettings-switch #ibus-setup ibus-daemon # ----------------------------------------------------------- # youtube-dl #youtube-dl -v --user-agent -- --prefer-free-formats # convert it later with oggconvert # ----------------------------------------------------------- # nmcli #nmcli device wifi rescan #nmcli device wifi list #nmcli con up free # ----------------------------------------------------------- # [!] warning - possibly(?) GNOME-dependent # ----------------------------------------------------------- #dnf install evince #gnome-sound-recorder dnf install -yy gnome-calculator # tiling terminal - not really necessary # tilix \ # disk image burner, got enough of these # brasero \ - vital # ----------------------------------------------------------- dnf install -yy xed nemo nemo-desktop # ----------------------------------------------------------- # flatpak # add flathub repo; profit #flatpak --user remote-add flathub https://flathub.org/repo/flathub.flatpakrepo # install sweet stuff... #flatpak install --user https://www.flathub.org/repo/appstream/org.signal.Signal.flatpakref #flatpak install --user https://flathub.org/repo/appstream/com.discordapp.Discord.flatpakref # HW video decode support for Intel integrated graphics in fedora # rpm-fusion needs to be installed beforehand dnf install -yy libva-intel-driver # --------------------------------- # graphics # lspci -k | grep -A 2 -E "(VGA|3D)" # inxi -b # so that flashtool would work, add user (fedora) to group dialout #adduser fedora dialout gpasswd -a fedora dialout # no-more-secrets #cd $utils_fol #git clone https://github.com/bartobri/no-more-secrets.git #cd ./no-more-secrets #make nms #make sneakers #sudo make install #systemctl list-units --type=target | nms # ---------------------- # at #at = "systemctl suspend" -t 13:37 Thu # ---------------------- # shred #shred -n 2 -zuv $( find . -xdev -type f -exec ls {} \; | tail -100) # ---------------------- # netstat #netstat -anp|more # ----------------------------------------------------------- # misc - mostly not in fedora repos # ----------------------------------------------------------- # https://atom.io #atom rpm --import https://packagecloud.io/AtomEditor/atom/gpgkey sh -c 'echo -e "[Atom]\nname=Atom Editor\nbaseurl=https://packagecloud.io/AtomEditor/atom/el/7/\$basearch\nenabled=1\ngpgcheck=0\nrepo_gpgcheck=1\ngpgkey=https://packagecloud.io/AtomEditor/atom/gpgkey" > /etc/yum.repos.d/atom.repo' dnf install -yy atom #dnf install atom-beta # ----------- D O C K E R ------------------ # to be configured... # adding repo necessary, see https://www.virualbox.org #virtualbox # see https://www.torproject.org #tor-browser # see https://www.mega.nz #mega-sync # adding repo necessary, see https://www.vivaldi.com #vivaldi-stable #https://help.vivaldi.com/article/html5-proprietary-media-on-linux/ # to be configured also^... # pulls a ton of KDE deps #kdeconnect-indicator kdeconnectd # ----------------------------------------------------------- # openbox # ----------------------------------------------------------- # ./config/openbox/helper.sh # # https://github.com/vermaden/scripts.git # we might need these for (maybe not) window pausing # dnf install -yy xprop xdotool zenity xbindkeys # ----------------------------------------------------------- # change plymouth theme # ----------------------------------------------------------- plymouth-set-default-theme -R details # sets it to "details" and rebuilds initrd # ----------------------------------------------------------- # zswap # ----------------------------------------------------------- # add "zswap/enabled=1" at the and of the line "GRUB_CMDLINE_LINUX.." # ----------------------------------------------------------- # configure zram # ----------------------------------------------------------- dnf install -yy zram modprobe zram # getconf _NPROCESSORS_ONLN # number of compressing threads == no. cpu cores # cat /sys/block/zram0/max_comp_streams # grep MemTotal /proc/meminfo | grep -E --only-matching '[[:digit:]]+' # mem KiB # cat /sys/block/zram0/disksize systemctl start zram.service # echo "2010222K" > /sys/block/zram0/disksize # create a 2GiB zswap device # mkswap /dev/zram0 # format as swap # swapon -p 100 /dev/zram0 # turn zram swap on # systemctl enable zram-swap.service # systemctl start zram-swap.service # decrease swappiness - use more ram - temporary solution #sudo sysctl vm.swappiness = 20 # current swappiness level #cat /proc/sys/vm/swappiness # permanent solution echo "vm.swappiness = 20" >> /etc/sysctl.conf systemctl disable ModemManager.service systemctl disable plymouth-quit-wait.service systemctl disable plymouth-start.service #systemctl disable livesys-late.service systemctl disable plymouth-read-write.service # ----------------------------------------------------------- # headless # ----------------------------------------------------------- # to be configured... # kickstart # https://docs.fedoraproject.org/en-US/fedora/f29/install-guide/advanced/Kickstart_Installations/#chap-kickstart-installations # vnc # https://docs.fedoraproject.org/en-US/fedora/f29/install-guide/advanced/VNC_Installations/#chap-vnc-installations # ------------------------------------------------------------- # "file" hashes generation based on a wordlist of supposed pwds # dunno why I'm doing this #while read line \ #do\ # echo -e " `mkpasswd --method=\$\6\$ ` < $line " >> filehashes ; \ #done < file