Migrated over to dh_python and it builds!
This commit is contained in:
parent
005f9b060d
commit
03f415499c
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,5 +1,6 @@
|
||||||
.vagrant
|
.vagrant
|
||||||
build
|
build
|
||||||
|
build_deb
|
||||||
venv
|
venv
|
||||||
/dist/
|
/dist/
|
||||||
/*.egg-info
|
/*.egg-info
|
||||||
|
|
|
@ -10,22 +10,29 @@ if [[ -z "${DEBEMAIL}" ]]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
BUILD_DIR=build_deb
|
||||||
TORCH_VERSION=$(git describe --tags)
|
TORCH_VERSION=$(git describe --tags)
|
||||||
DEBIAN_PKG=torch-agent-$TORCH_VERSION
|
DEBIAN_PKG=torch-agent-$TORCH_VERSION
|
||||||
PKG_ROOT=build/$DEBIAN_PKG
|
|
||||||
|
|
||||||
rf -rf $PKG_ROOT
|
rm -rf $BUILD_DIR
|
||||||
|
rm -rf dist
|
||||||
|
|
||||||
mkdir -p $PKG_ROOT
|
mkdir $BUILD_DIR
|
||||||
cp -r debian $PKG_ROOT
|
|
||||||
|
python3 setup.py clean
|
||||||
|
python3 setup.py sdist
|
||||||
|
cp dist/$DEBIAN_PKG.tar.gz $BUILD_DIR/
|
||||||
|
cd $BUILD_DIR
|
||||||
|
tar -xzmf $DEBIAN_PKG.tar.gz
|
||||||
|
cd ..
|
||||||
|
|
||||||
|
PKG_ROOT=$BUILD_DIR/$DEBIAN_PKG
|
||||||
|
|
||||||
mkdir -p $PKG_ROOT/src/etc/torch
|
mkdir -p $PKG_ROOT/src/etc/torch
|
||||||
cp torch.conf $PKG_ROOT/src/etc/torch/
|
|
||||||
|
|
||||||
mkdir -p $PKG_ROOT/src/usr/share/torch-agent
|
|
||||||
cp torch-agent.py $PKG_ROOT/src/usr/share/torch-agent/
|
|
||||||
|
|
||||||
|
cp -r debian $PKG_ROOT/
|
||||||
cp torch-agent.service $PKG_ROOT/debian/
|
cp torch-agent.service $PKG_ROOT/debian/
|
||||||
|
cp torch.conf $PKG_ROOT/src/etc/torch/
|
||||||
|
|
||||||
cd $PKG_ROOT
|
cd $PKG_ROOT
|
||||||
|
|
6
debian/README.Debian
vendored
6
debian/README.Debian
vendored
|
@ -1,6 +0,0 @@
|
||||||
torch-agent for Debian
|
|
||||||
---------------------
|
|
||||||
|
|
||||||
<possible notes regarding this package - if none, delete this file>
|
|
||||||
|
|
||||||
-- Benjamin Dweck <bjdweck@gmail.com> Tue, 06 Oct 2020 15:53:02 +0200
|
|
2
debian/compat
vendored
Normal file
2
debian/compat
vendored
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
11
|
||||||
|
|
8
debian/control
vendored
8
debian/control
vendored
|
@ -2,15 +2,17 @@ Source: torch-agent
|
||||||
Section: net
|
Section: net
|
||||||
Priority: optional
|
Priority: optional
|
||||||
Maintainer: Benjamin Dweck <bjdweck@gmail.com>
|
Maintainer: Benjamin Dweck <bjdweck@gmail.com>
|
||||||
Build-Depends: debhelper-compat (= 12)
|
Build-Depends: debhelper (>=11~), dh-python, python3-all
|
||||||
Standards-Version: 4.4.1
|
Standards-Version: 4.4.1
|
||||||
Homepage: https://rudefox.io
|
Homepage: https://git.rudefox.io/bj/torch-agent
|
||||||
|
X-Python3-Version: >= 3.2
|
||||||
#Vcs-Browser: https://salsa.debian.org/debian/torch-agent
|
#Vcs-Browser: https://salsa.debian.org/debian/torch-agent
|
||||||
#Vcs-Git: https://salsa.debian.org/debian/torch-agent.git
|
#Vcs-Git: https://salsa.debian.org/debian/torch-agent.git
|
||||||
|
|
||||||
Package: torch-agent
|
Package: torch-agent
|
||||||
Architecture: all
|
Architecture: all
|
||||||
Depends: ssh, tor, python3-pip, ${misc:Depends}
|
Multi-Arch: foreign
|
||||||
|
Depends: ssh, tor, python3-pip, ${misc:Depends}, ${python3:Depends}
|
||||||
Description: TORch is a solution for creating an SSH-via-Tor
|
Description: TORch is a solution for creating an SSH-via-Tor
|
||||||
backdoor on a remote device as a means of fallback remote
|
backdoor on a remote device as a means of fallback remote
|
||||||
management and initial headless device configuration.
|
management and initial headless device configuration.
|
2
debian/copyright
vendored
2
debian/copyright
vendored
|
@ -1,7 +1,7 @@
|
||||||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||||
Upstream-Name: torch-agent
|
Upstream-Name: torch-agent
|
||||||
Upstream-Contact: bjdweck@gmail.com
|
Upstream-Contact: bjdweck@gmail.com
|
||||||
Source: https://rudefox.io
|
Source: https://git.rudefox.io/bj/torch-agent
|
||||||
|
|
||||||
Files: debian/*
|
Files: debian/*
|
||||||
Copyright: 2020 Benjamin Dweck <bjdweck@gmail.com>
|
Copyright: 2020 Benjamin Dweck <bjdweck@gmail.com>
|
||||||
|
|
7
debian/postinst
vendored
7
debian/postinst
vendored
|
@ -53,11 +53,10 @@ case "$1" in
|
||||||
useradd -r -g $GROUP $USER
|
useradd -r -g $GROUP $USER
|
||||||
fi
|
fi
|
||||||
|
|
||||||
chown $USER /etc/torch
|
chown $USER /etc/torch
|
||||||
chown $USER /etc/torch/torch.conf
|
chown $USER /etc/torch/torch.conf
|
||||||
chown $USER /usr/share/torch-agent/torch-agent.py
|
|
||||||
|
|
||||||
configure_tor_controller
|
configure_tor_controller
|
||||||
;;
|
;;
|
||||||
|
|
||||||
abort-upgrade|abort-remove|abort-deconfigure)
|
abort-upgrade|abort-remove|abort-deconfigure)
|
||||||
|
|
2
debian/postrm
vendored
2
debian/postrm
vendored
|
@ -23,7 +23,7 @@ USER="torch"
|
||||||
case "$1" in
|
case "$1" in
|
||||||
purge|abort-install)
|
purge|abort-install)
|
||||||
rm -rf /etc/torch
|
rm -rf /etc/torch
|
||||||
rm -f /usr/share/torch-agent/torch-agent.py
|
|
||||||
if [ -x "$(command -v deluser)" ]; then
|
if [ -x "$(command -v deluser)" ]; then
|
||||||
deluser --quiet --system $USER > /dev/null || true
|
deluser --quiet --system $USER > /dev/null || true
|
||||||
else
|
else
|
||||||
|
|
3
debian/preinst
vendored
3
debian/preinst
vendored
|
@ -16,10 +16,7 @@ set -e
|
||||||
case "$1" in
|
case "$1" in
|
||||||
install|upgrade)
|
install|upgrade)
|
||||||
|
|
||||||
sudo -H pip3 install stem paho-mqtt PySocks
|
|
||||||
|
|
||||||
mkdir -p /etc/torch
|
mkdir -p /etc/torch
|
||||||
mkdir -p /usr/share/torch-agent
|
|
||||||
;;
|
;;
|
||||||
|
|
||||||
abort-upgrade)
|
abort-upgrade)
|
||||||
|
|
5
debian/rules
vendored
5
debian/rules
vendored
|
@ -13,9 +13,12 @@
|
||||||
# package maintainers to append LDFLAGS
|
# package maintainers to append LDFLAGS
|
||||||
#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
|
#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
|
||||||
|
|
||||||
|
export PYBUILD_NAME=torch-agent
|
||||||
|
export PYBUILD_SYSTEM=distutils
|
||||||
|
export PYBUILD_DISABLE=test
|
||||||
|
|
||||||
%:
|
%:
|
||||||
dh $@
|
dh $@ --with python3 --buildsystem=pybuild
|
||||||
|
|
||||||
override_dh_installsystemd:
|
override_dh_installsystemd:
|
||||||
dh_installsystemd --no-start --no-enable
|
dh_installsystemd --no-start --no-enable
|
||||||
|
|
2
debian/source/include-binaries
vendored
2
debian/source/include-binaries
vendored
|
@ -1,2 +0,0 @@
|
||||||
src/usr/share/torch-agent/torch-agent.py
|
|
||||||
src/etc/torch/torch.conf
|
|
19
debian/src/etc/torch/torch.conf
vendored
19
debian/src/etc/torch/torch.conf
vendored
|
@ -1,19 +0,0 @@
|
||||||
[tor]
|
|
||||||
ProxyPort = 9050
|
|
||||||
ControllerPort = 9051
|
|
||||||
|
|
||||||
[ssh]
|
|
||||||
Port = 22
|
|
||||||
|
|
||||||
[mqtt]
|
|
||||||
BrokerHost = mqtt.example.com # OR example1i3uyrbfoi3fi.onion
|
|
||||||
BrokerPort = 1883
|
|
||||||
ClientID = my-client
|
|
||||||
Topic = example/topic
|
|
||||||
|
|
||||||
### Options for Using TLS
|
|
||||||
|
|
||||||
#RequireCertificate = true
|
|
||||||
#CaFile = ca.crt
|
|
||||||
#CertFile = client.crt
|
|
||||||
#KeyFile = client.key
|
|
98
debian/src/usr/share/torch-agent/torch-agent.py
vendored
98
debian/src/usr/share/torch-agent/torch-agent.py
vendored
|
@ -1,98 +0,0 @@
|
||||||
from stem.control import Controller
|
|
||||||
import stem.connection
|
|
||||||
import paho.mqtt.client as mqtt
|
|
||||||
import ssl
|
|
||||||
import socks
|
|
||||||
import socket
|
|
||||||
import json
|
|
||||||
import configparser
|
|
||||||
import argparse
|
|
||||||
from datetime import datetime
|
|
||||||
from os import environ
|
|
||||||
|
|
||||||
parser = argparse.ArgumentParser(description='Broadcast SSH hidden service hostname via MQTT')
|
|
||||||
|
|
||||||
parser.add_argument('--config-dir', nargs='?', dest='configPath', default='/etc/torch',
|
|
||||||
help='configuration directory (default: /etc/torch)')
|
|
||||||
|
|
||||||
args = parser.parse_args()
|
|
||||||
|
|
||||||
configPath = args.configPath
|
|
||||||
|
|
||||||
if "TORCH_CONFIG_DIR" in environ:
|
|
||||||
configPath = environ.get("TORCH_CONFIG_DIR")
|
|
||||||
|
|
||||||
if not configPath.endswith("/"):
|
|
||||||
configPath = configPath + "/"
|
|
||||||
|
|
||||||
print("Using torch configuration path: " + configPath)
|
|
||||||
|
|
||||||
config = configparser.ConfigParser()
|
|
||||||
config.read(configPath + "torch.conf")
|
|
||||||
|
|
||||||
torProxyPort = config['tor'].getint('ProxyPort', fallback = 9050)
|
|
||||||
torControllerPort = config['tor'].getint('ControllerPort', fallback = 9051)
|
|
||||||
|
|
||||||
sshPort = config['ssh'].getint('Port', fallback = 22)
|
|
||||||
|
|
||||||
mqttConfig = config['mqtt']
|
|
||||||
mqttBrokerHost = mqttConfig.get('BrokerHost', fallback = "localhost")
|
|
||||||
mqttBrokerPort = mqttConfig.getint('BrokerPort', fallback = 1883)
|
|
||||||
clientID = mqttConfig.get('ClientID', fallback = socket.gethostname())
|
|
||||||
mqttTopic = mqttConfig.get('Topic', fallback = "torch/%s/onion_url" % (clientID))
|
|
||||||
|
|
||||||
mqttRequireCertificate = mqttConfig.getboolean(
|
|
||||||
'RequireCertificate',
|
|
||||||
fallback = False)
|
|
||||||
|
|
||||||
mqttCaFile = configPath + mqttConfig.get('CaFile')
|
|
||||||
mqttCertFile = configPath + mqttConfig.get('CertFile')
|
|
||||||
mqttKeyFile = configPath + mqttConfig.get('KeyFile')
|
|
||||||
|
|
||||||
with Controller.from_port(port = torControllerPort) as controller:
|
|
||||||
|
|
||||||
protocolInfo = stem.connection.get_protocolinfo(controller)
|
|
||||||
|
|
||||||
stem.connection.authenticate_safecookie(
|
|
||||||
controller,
|
|
||||||
protocolInfo.cookie_path)
|
|
||||||
|
|
||||||
print("Connected to Tor on port %s" % (torControllerPort))
|
|
||||||
|
|
||||||
service = controller.create_ephemeral_hidden_service(
|
|
||||||
sshPort,
|
|
||||||
detached = True)
|
|
||||||
|
|
||||||
onionAddress = "%s.onion" % (service.service_id)
|
|
||||||
|
|
||||||
print("Created Tor Hidden Service for local port %s at %s" % (sshPort, onionAddress))
|
|
||||||
|
|
||||||
payload = {
|
|
||||||
'clientId': clientID,
|
|
||||||
'timestamp': datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)"),
|
|
||||||
'onionAddress': onionAddress,
|
|
||||||
'sshPort': sshPort
|
|
||||||
}
|
|
||||||
|
|
||||||
client = mqtt.Client()
|
|
||||||
protocol = "mqtt"
|
|
||||||
|
|
||||||
if mqttRequireCertificate:
|
|
||||||
client.tls_set(
|
|
||||||
ca_certs = mqttCaFile,
|
|
||||||
certfile = mqttCertFile,
|
|
||||||
keyfile = mqttKeyFile,
|
|
||||||
cert_reqs=ssl.CERT_REQUIRED)
|
|
||||||
protocol = "mqtts"
|
|
||||||
|
|
||||||
if mqttBrokerHost.endswith(".onion"):
|
|
||||||
client.proxy_set(proxy_type=socks.SOCKS5, proxy_addr="localhost", proxy_port=torProxyPort)
|
|
||||||
client.tls_insecure_set(True)
|
|
||||||
|
|
||||||
client.connect(mqttBrokerHost, mqttBrokerPort, 60)
|
|
||||||
client.publish(mqttTopic, json.dumps(payload))
|
|
||||||
print("Connected to MQTT Broker at %s://%s:%s/%s" % (protocol, mqttBrokerHost, mqttBrokerPort, mqttTopic))
|
|
||||||
print("Published payload: " + json.dumps(payload))
|
|
||||||
|
|
||||||
client.disconnect()
|
|
||||||
print("Disconnected from MQTT Broker")
|
|
1
debian/torch-agent.install
vendored
1
debian/torch-agent.install
vendored
|
@ -1,2 +1 @@
|
||||||
src/usr/share/torch-agent /usr/share/
|
|
||||||
src/etc/torch /etc/
|
src/etc/torch /etc/
|
Binary file not shown.
1
setup.py
1
setup.py
|
@ -1,3 +1,4 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
import setuptools
|
import setuptools
|
||||||
|
|
||||||
with open("README.md", "r") as fh:
|
with open("README.md", "r") as fh:
|
||||||
|
|
|
@ -5,7 +5,7 @@ Requires=tor.service ssh.service
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Environment=PYTHONUNBUFFERED=1
|
Environment=PYTHONUNBUFFERED=1
|
||||||
ExecStart=/usr/bin/python3 /usr/share/torch-agent/torch-agent.py
|
ExecStart=/usr/bin/torch-agent
|
||||||
User=torch
|
User=torch
|
||||||
Group=debian-tor
|
Group=debian-tor
|
||||||
|
|
||||||
|
|
|
@ -17,3 +17,4 @@ Topic = example/topic
|
||||||
#CaFile = ca.crt
|
#CaFile = ca.crt
|
||||||
#CertFile = client.crt
|
#CertFile = client.crt
|
||||||
#KeyFile = client.key
|
#KeyFile = client.key
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user