From 400676dee24de8ef7d6aa148fa536d653e61cfbb Mon Sep 17 00:00:00 2001 From: Bohdan Honcharuk Date: Wed, 1 Jul 2020 02:03:28 +0300 Subject: [PATCH 1/3] fedora build file added build file for Fedora / CentOS / Red Hat Linux --- fedora_build.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 fedora_build.sh diff --git a/fedora_build.sh b/fedora_build.sh new file mode 100644 index 0000000..1041da7 --- /dev/null +++ b/fedora_build.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +// rpm packages +sudo dnf install tor python3-pip +// python dependities +sudo pip3 install -r requirements.txt + +echo "dependecies installation was called" + +// install +pyinstaller --onefile torghost.py + +echo "python build was called" + +// copy to user bin +sudo cp -r dist/torghost /usr/bin/ + +echo "torghost installation script ended" From 818f3272c751a2c366b206268a763db65f094736 Mon Sep 17 00:00:00 2001 From: Bohdan Honcharuk Date: Wed, 1 Jul 2020 02:36:36 +0300 Subject: [PATCH 2/3] fedora build --- fedora_build.sh => fedora/build.sh | 6 +- fedora/requirements.txt | 3 + fedora/torghost.py | 257 +++++++++++++++++++++++++++++ 3 files changed, 265 insertions(+), 1 deletion(-) rename fedora_build.sh => fedora/build.sh (73%) create mode 100644 fedora/requirements.txt create mode 100755 fedora/torghost.py diff --git a/fedora_build.sh b/fedora/build.sh similarity index 73% rename from fedora_build.sh rename to fedora/build.sh index 1041da7..a8b870b 100644 --- a/fedora_build.sh +++ b/fedora/build.sh @@ -1,7 +1,11 @@ #!/bin/bash // rpm packages -sudo dnf install tor python3-pip +sudo dnf install tor python3-pip NetworkManager + +// add user debian-tor which used in app +sudo useradd debian-tor + // python dependities sudo pip3 install -r requirements.txt diff --git a/fedora/requirements.txt b/fedora/requirements.txt new file mode 100644 index 0000000..6d5237f --- /dev/null +++ b/fedora/requirements.txt @@ -0,0 +1,3 @@ +stem==1.7.1 +PyInstaller>=3.6 +requests==2.22.0 diff --git a/fedora/torghost.py b/fedora/torghost.py new file mode 100755 index 0000000..7f1ca0a --- /dev/null +++ b/fedora/torghost.py @@ -0,0 +1,257 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +import os +import sys +import getopt +from requests import get +import subprocess +import time +import signal +from stem import Signal +from stem.control import Controller + +VERSION = "3.1.0" + +IP_API = "https://api.ipify.org/?format=json" + +LATEST_RELEASE_API = "https://api.github.com/repos/SusmithKrishnan/torghost/releases/latest" + + +class bcolors: + + BLUE = '\033[94m' + GREEN = '\033[92m' + RED = '\033[31m' + YELLOW = '\033[93m' + FAIL = '\033[91m' + ENDC = '\033[0m' + BOLD = '\033[1m' + BGRED = '\033[41m' + WHITE = '\033[37m' + + +def t(): + current_time = time.localtime() + ctime = time.strftime('%H:%M:%S', current_time) + return '[' + ctime + ']' + + +def sigint_handler(signum, frame): + print("User interrupt ! shutting down") + stop_torghost() + + +def logo(): + print(bcolors.RED + bcolors.BOLD) + print(""" + _____ ____ _ _ + |_ _|__ _ __ / ___| |__ ___ ___| |_ + | |/ _ \| '__| | _| '_ \ / _ \/ __| __| + | | (_) | | | |_| | | | | (_) \__ \ |_ + |_|\___/|_| \____|_| |_|\___/|___/\__| + v3.1.0 - github.com/SusmithKrishnan/torghost + + """) + print(bcolors.ENDC) + + +def usage(): + logo() + print(""" + Torghost usage: + -s --start Start Torghost + -r --switch Request new tor exit node + -x --stop Stop Torghost + -h --help print(this help and exit) + -u --update check for update + + """) + sys.exit() + + +def ip(): + while True: + try: + jsonRes = get(IP_API).json() + ipTxt = jsonRes["ip"] + except: + continue + break + return ipTxt + + +def check_root(): + if os.geteuid() != 0: + print("You must be root; Say the magic word 'sudo'") + sys.exit(0) + + +signal.signal(signal.SIGINT, sigint_handler) + +TorrcCfgString = \ + """ +VirtualAddrNetwork 10.0.0.0/10 +AutomapHostsOnResolve 1 +TransPort 9040 +DNSPort 5353 +ControlPort 9051 +RunAsDaemon 1 +""" + +resolvString = 'nameserver 127.0.0.1' + +Torrc = '/etc/tor/torghostrc' +resolv = '/etc/resolv.conf' + + +def start_torghost(): + print(t() + ' Always check for updates using -u option') + os.system('sudo cp /etc/resolv.conf /etc/resolv.conf.bak') + if os.path.exists(Torrc) and TorrcCfgString in open(Torrc).read(): + print(t() + ' Torrc file already configured') + else: + + with open(Torrc, 'w') as myfile: + print(t() + ' Writing torcc file ') + myfile.write(TorrcCfgString) + print(bcolors.GREEN + '[done]' + bcolors.ENDC) + if resolvString in open(resolv).read(): + print(t() + ' DNS resolv.conf file already configured') + else: + with open(resolv, 'w') as myfile: + print(t() + ' Configuring DNS resolv.conf file.. ',) + myfile.write(resolvString) + print(bcolors.GREEN + '[done]' + bcolors.ENDC) + + print(t() + ' Stopping tor service ',) + os.system('sudo systemctl stop tor') + os.system('sudo fuser -k 9051/tcp > /dev/null 2>&1') + print(bcolors.GREEN + '[done]' + bcolors.ENDC) + print(t() + ' Starting new tor daemon ',) + os.system('sudo -u debian-tor tor -f /etc/tor/torghostrc > /dev/null' + ) + print(bcolors.GREEN + '[done]' + bcolors.ENDC) + print(t() + ' setting up iptables rules',) + + iptables_rules = \ + """ + NON_TOR="192.168.1.0/24 192.168.0.0/24" + TOR_UID=%s + TRANS_PORT="9040" + + iptables -F + iptables -t nat -F + + iptables -t nat -A OUTPUT -m owner --uid-owner $TOR_UID -j RETURN + iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 5353 + for NET in $NON_TOR 127.0.0.0/9 127.128.0.0/10; do + iptables -t nat -A OUTPUT -d $NET -j RETURN + done + iptables -t nat -A OUTPUT -p tcp --syn -j REDIRECT --to-ports $TRANS_PORT + + iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT + for NET in $NON_TOR 127.0.0.0/8; do + iptables -A OUTPUT -d $NET -j ACCEPT + done + iptables -A OUTPUT -m owner --uid-owner $TOR_UID -j ACCEPT + iptables -A OUTPUT -j REJECT + """ \ + % subprocess.getoutput('id -ur debian-tor') + + os.system(iptables_rules) + print(bcolors.GREEN + '[done]' + bcolors.ENDC) + print(t() + ' Fetching current IP...') + print(t() + ' CURRENT IP : ' + bcolors.GREEN + ip() + bcolors.ENDC) + + +def stop_torghost(): + print(bcolors.RED + t() + 'STOPPING torghost' + bcolors.ENDC) + print(t() + ' Flushing iptables, resetting to default',) + os.system('mv /etc/resolv.conf.bak /etc/resolv.conf') + IpFlush = \ + """ + iptables -P INPUT ACCEPT + iptables -P FORWARD ACCEPT + iptables -P OUTPUT ACCEPT + iptables -t nat -F + iptables -t mangle -F + iptables -F + iptables -X + """ + os.system(IpFlush) + os.system('sudo fuser -k 9051/tcp > /dev/null 2>&1') + print(bcolors.GREEN + '[done]' + bcolors.ENDC) + print(t() + ' Restarting Network manager',) + os.system('service NetworkManager restart') + print(bcolors.GREEN + '[done]' + bcolors.ENDC) + print(t() + ' Fetching current IP...') + time.sleep(3) + print(t() + ' CURRENT IP : ' + bcolors.GREEN + ip() + bcolors.ENDC) + + +def switch_tor(): + print(t() + ' Please wait...') + time.sleep(7) + print(t() + ' Requesting new circuit...',) + with Controller.from_port(port=9051) as controller: + controller.authenticate() + controller.signal(Signal.NEWNYM) + print(bcolors.GREEN + '[done]' + bcolors.ENDC) + print(t() + ' Fetching current IP...') + print(t() + ' CURRENT IP : ' + bcolors.GREEN + ip() + bcolors.ENDC) + + +def check_update(): + print(t() + ' Checking for update...') + jsonRes = get(LATEST_RELEASE_API).json() + newversion = jsonRes["tag_name"][1:] + if newversion != VERSION: + print(t() + bcolors.GREEN + ' New update available!' + bcolors.ENDC) + print(t() + ' Your current TorGhost version : ' + bcolors.GREEN + VERSION + bcolors.ENDC) + print(t() + ' Latest TorGhost version available : ' + bcolors.GREEN + newversion + bcolors.ENDC) + yes = {'yes', 'y', 'ye', ''} + no = {'no', 'n'} + + choice = raw_input( + bcolors.BOLD + "Would you like to download latest version and build from Git repo? [Y/n]" + bcolors.ENDC).lower() + if choice in yes: + os.system( + 'cd /tmp && git clone https://github.com/SusmithKrishnan/torghost') + os.system('cd /tmp/torghost && sudo ./build.sh') + elif choice in no: + print(t() + " Update aborted by user") + else: + print("Please respond with 'yes' or 'no'") + else: + print(t() + " Torghost is up to date!") + + +def main(): + check_root() + if len(sys.argv) <= 1: + check_update() + usage() + try: + (opts, args) = getopt.getopt(sys.argv[1:], 'srxhu', [ + 'start', 'stop', 'switch', 'help', 'update']) + except (getopt.GetoptError, err): + usage() + sys.exit(2) + for (o, a) in opts: + if o in ('-h', '--help'): + usage() + elif o in ('-s', '--start'): + start_torghost() + elif o in ('-x', '--stop'): + stop_torghost() + elif o in ('-r', '--switch'): + switch_tor() + elif o in ('-u', '--update'): + check_update() + else: + usage() + + +if __name__ == '__main__': + main() From 4cfec646e422ca474b6b4b42f2688a6eb2d81515 Mon Sep 17 00:00:00 2001 From: Bohdan Honcharuk Date: Wed, 1 Jul 2020 02:48:00 +0300 Subject: [PATCH 3/3] stupid man forget that bash uses # for comments --- fedora/build.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/fedora/build.sh b/fedora/build.sh index a8b870b..7c10736 100644 --- a/fedora/build.sh +++ b/fedora/build.sh @@ -1,22 +1,22 @@ #!/bin/bash -// rpm packages +# rpm packages sudo dnf install tor python3-pip NetworkManager -// add user debian-tor which used in app +# add user debian-tor which used in app sudo useradd debian-tor -// python dependities +# python dependities sudo pip3 install -r requirements.txt echo "dependecies installation was called" -// install +# install pyinstaller --onefile torghost.py echo "python build was called" -// copy to user bin +# copy to user bin sudo cp -r dist/torghost /usr/bin/ echo "torghost installation script ended"