#!/bin/bash
# Install OpenVas 7 with BackBox 4.0
# Author ZEROF <zerof at backbox dot org>
# Orginal idea (not working any more): http://www.mockel.se/index.php/2014/02/openvas-7-beta-on-ubuntu-14-04-lts-beta/
# This installation guide was update and translated to script by ZEROF for BackBox 4 users.
# -OpenVas packages updated to last version /x2
# -Fixed installation erros
# -Installing gpg key for feeds upgrade
# -Setting user and password
# -Remove script was upgraded and remove menu option included
# -Add service option to BackBox menu start/stop/restart/update (new 100% recoded)
# If you like Linux and security join https://forum.backbox.org
# Script version 0.4b
# This script is distributed under a DO WHAT THE F*** YOU WANT TO PUBLIC LICENSE.
# https://pentester.iz.rs/blog/licence

# Check user for root
if [ $USER != 'root' ]; then
  echo "[!]Are you root? NO. Then try again."
  exit
fi

#Just to keep eye inside terminal
function enter () {
  echo ""
  read -sn 1 -p "Press any key to continue..."
  clear
}

# Run system upgrade and install dependencies
function packages () {
  apt-get update
  apt-get upgrade -y
  apt-get install -y build-essential devscripts dpatch libassuan-dev \
  libglib2.0-dev libgpgme11-dev libpcre3-dev libpth-dev libwrap0-dev libgmp-dev libgmp3-dev \
  libgpgme11-dev libopenvas2 libpcre3-dev libpth-dev quilt cmake pkg-config \
  libssh-dev libglib2.0-dev libpcap-dev libgpgme11-dev uuid-dev bison libksba-dev \
  doxygen sqlfairy xmltoman sqlite3 libsqlite3-dev wamerican \
  libmicrohttpd-dev libxml2-dev libxslt1-dev xsltproc libssh2-1-dev libldap2-dev autoconf nmap libgnutls-dev
}

#Get OpenVAS last sources
function source () {
  cd /usr/local/src/
  mkdir openvas
  cd openvas/
  wget http://wald.intevation.org/frs/download.php/1907/openvas-libraries-7.0.7.tar.gz
  wget http://wald.intevation.org/frs/download.php/1844/openvas-scanner-4.0.5.tar.gz
  wget http://wald.intevation.org/frs/download.php/1911/openvas-manager-5.0.8.tar.gz
  wget http://wald.intevation.org/frs/download.php/1915/greenbone-security-assistant-5.0.5.tar.gz
  wget http://wald.intevation.org/frs/download.php/1803/openvas-cli-1.3.1.tar.gz
  find . -name \*.gz -exec tar zxvfp {} \;
  rm -rf *.tar.gz
 }

# OpenVas libraries installation
function libraries () {
  cd /usr/local/src/openvas
  cd openvas-libraries-7.0.7
  mkdir build
  cd build
  cmake ..
  make
  make doc-full
  make install
  cd /usr/local/src/openvas
}

# OpenVas scanner installation
function scanner () {
  cd /usr/local/src/openvas
  cd openvas-scanner-4.0.5
  mkdir build
  cd build/
  cmake ..
  make
  make doc-full
  make install
  cd /usr/local/src/openvas
}

# Install OpenVas certificate, reload libraries, OpenVas feed gpg key
function certificate () {
  openvas-mkcert -f
  ldconfig
  cd /usr/local/etc/openvas
  wget http://www.openvas.org/OpenVAS_TI.asc
  gpg --homedir=/usr/local/etc/openvas/gnupg/ --import OpenVAS_TI.asc
  cd /usr/local/src
}

# Install OpenVas manager
function manager () {
  cd /usr/local/src/openvas
  cd openvas-manager-5.0.8
  mkdir build
  cd build/
  cmake ..
  make
  make doc-full
  make install
  cd /usr/local/src/openvas
}

# Install OpenVas CLI
function cli () {
  cd /usr/local/src/openvas
  cd openvas-cli-1.3.1
  mkdir build
  cd build/
  cmake ..
  make
  make doc-full
  make install
  cd /usr/local/src/openvas
}

# Install OpenVas GSA
function gsa () {
  cd /usr/local/src/openvas
  cd greenbone-security-assistant-5.0.5
  mkdir build
  cd build/
  cmake ..
  make
  make doc-full
  make install
  cd /usr/local/src/openvas
}

# NVT, CERT and SCAP installation
function repos () {
  openvas-scapdata-sync
  openvas-certdata-sync
  openvas-nvt-sync --wget
}

# Start OpenVas 7
function start () {
  echo "You can ignore 'no process found' messages (for now)"
  echo ""
  sleep 3
  killall openvassd
  killall openvasmd
  killall gsad
  touch /usr/local/var/lib/openvas/mgr/tasks.db
  /usr/local/sbin/openvassd --port 9391
  openvas-mkcert-client -n -i
  echo ""
  echo "___________________"
  echo ""
  echo -e "You need to wait for about 5-10min before OpenVas synchronization with NVT feeds, patient ...\n
  On 2nd terminal run command ps -ef | grep openvassd, and if you get message like openvassd: ... NTVs (10% / ETA: 00.31) and not \n
  openvassd: Waiting for incoming connetion, your will be in position to use OpenVas."
  echo ""
  sleep 300
#  /usr/local/sbin/openvasmd --backup
  /usr/local/sbin/openvasmd --rebuild --progress
  /usr/local/sbin/openvasmd --listen=127.0.0.1 --port=9390
  /usr/local/sbin/gsad --http-only --listen=127.0.0.1 --port=9392 --mlisten=127.0.0.1 --mport=9390
  echo ""
# Spelling error(s) reported by weVeg. Thank you bro, you are the winner :)
  echo "TO LOGIN WITH OPENVAS GSA TYPE THIS IN NEW TERMINAL WINDOW OR OPEN IP WITH Firefox"
  echo "firefox 127.0.0.1:9392 &"
  echo ""
  sleep 10
}

# Add user admin/backbox
function user () {
  openvasmd --create-user=admin --role=Admin
  echo -e "New user name is admin\n"
  sleep 5
  openvasmd --user=admin --new-password=backbox
  echo "New user password is backbox"
  sleep 5
  cd /usr/local/src/openvas
  openvas-mkcert-client -n -i
}

# Check OpenVas 7 installation
function checkit () {
  wget http://linux.gungoos.com/openvas-check-setup
  chmod 755 openvas-check-setup
  ./openvas-check-setup --v7 --server
  rm -rf openvas-check-setup
}

# Remove OpenVas 7 installation
function blank () {
  killall openvassd
  killall openvasmd
  killall gsad
  FILES="/usr/local/src/openvas
  /usr/local/var/lib/openvas
  /usr/local/var/log/openvas
  /usr/local/var/cache/openvas
  /usr/local/include/openvas
  /usr/local/etc/openvas
  /usr/local/share/openvas
  /etc/init.d/openvas-services
  /usr/share/applications/services-openvas-services-start.desktop
  /usr/share/applications/services-openvas-services-stop.desktop
  /usr/local/sbin/openvassd
  /usr/local/sbin/openvasmd
  /usr/local/sbin/gsad
  /usr/local/sbin/openvas-scapdata-sync
  /usr/local/sbin/openvas-scapdata-sync"
  for f in $FILES
  do
    echo "Removing OpenVas 7 from your system ..."
  rm -rf $f
done
}

# Remove OpenVas 7 from BackBox menu
function blank_menu () {
  FILES="/usr/share/applications/services-openvas-services-start.desktop
  /usr/share/applications/services-openvas-services-stop.desktop
  /usr/share/applications/services-openvas-services-restart.desktop
  /usr/share/applications/services-openvas-services-update.desktop"
  for f in $FILES
  do
    echo "Removing OpenVas 7 from BackBox 4 menu ..."
  rm -rf $f
done
}

# OpenVas BackBox start option
function service_start () {
  cat > /usr/share/applications/services-openvas-services-start.desktop <<EOF
  [Desktop Entry]
  Type=Application
  Name=OpenVas start
  GenericName=OpenVAS Services
  Comment=OpenVas start
  TryExec=openvassd openvasmd gsad
  Exec=sh -c "sudo openvassd --port 9391;sleep 60;sudo openvasmd --rebuild --progress;sudo openvasmd --listen=127.0.0.1 --port=9390;sudo gsad --http-only --listen=127.0.0.1 --port=9392 --mlisten=127.0.0.1 --mport=9390;echo '';echo 'OpenVas is running now';echo '';  ${SHELL:-bash}"
  Icon=utilities-terminal
  Terminal=true
  Categories=BackBox-Services-OpenVAS;
EOF
}

# OpenVas BackBox stop option
function service_stop () {
  cat > /usr/share/applications/services-openvas-services-stop.desktop <<EOF
  [Desktop Entry]
  Type=Application
  Name=OpenVas stop
  GenericName=OpenVAS Services
  Comment=OpenVas stop
  TryExec=killall
  Exec=sh -c "sudo killall openvassd;sudo killall openvasdm;sudo killall gsad;echo '';echo 'OpenVas is stopped';  ${SHELL:-bash}"
  Icon=utilities-terminal
  Terminal=true
  Categories=BackBox-Services-OpenVAS;
EOF
}

# OpenVas BackBox restart option
function service_restart () {
    cat > /usr/share/applications/services-openvas-services-restart.desktop <<EOF
    [Desktop Entry]
    Type=Application
    Name=OpenVas restart
    GenericName=OpenVAS Services
    Comment=service openvas-services restart
    TryExec=killall openvassd openvasmd gsad
    Exec=sh -c "sudo killall openvassd;sudo killall openvasdm;sudo killall gsad;sudo openvassd --port 9391;sleep 60;sudo openvasmd --rebuild --progress; sudo openvasmd --listen=127.0.0.1 --port=9390;sudo gsad --http-only --listen=127.0.0.1 --port=9392 --mlisten=127.0.0.1 --mport=9390; echo'';echo 'Done';echo'';${SHELL:-bash}"
    Icon=utilities-terminal
    Terminal=true
    Categories=BackBox-Services-OpenVAS;
EOF
}
# OpenVas BackBox update option
function service_update () {
  cat > /usr/share/applications/services-openvas-services-update.desktop <<EOF
  [Desktop Entry]
  Type=Application
  Name=OpenVas update
  GenericName=OpenVAS Services
  Comment=OpenVas update
  TryExec=openvas-scapdata-sync openvas-certdata-sync
  Exec=sh -c "sudo openvas-scapdata-sync;sudo openvas-certdata-sync;echo'';echo -e 'OpenVas update:\nDone.';echo'';${SHELL:-bash}"
  Icon=utilities-terminal
  Terminal=true
  Categories=BackBox-Services-OpenVAS;
EOF
}
# Script menu
function print_menu()
{
  echo""
  echo -e "\n$up \e[40;38;5;82m SETTING OPENVAS 7 WITH BACKBOX 4 \e[0m\n"
  echo ""
  echo "[1] - system update, upgrade and dependencies installation."
  echo "[2]-  download source packages."
  echo "[3] - install OpenVas libraries."
  echo "[4] - install OpenVas scanner."
  echo "[5] - install OpenVas certificate."
  echo "[6] - install OpenVas manager."
  echo "[7] - install OpenVas CLI."
  echo "[8] - install OpenVSA GSA."
  echo "[9] - NVT, CERT and SCAP feeds installation."
  echo "[10] - start OpenVas 7 only once with this option."
  echo "[11] - add new GSA user and pass before first login(admin/backbox)."
  echo "[12] - check OpenVas 7 installation."
  echo "[13] - add OpenVas start/stop/restart/update services to BackBox Services menu."
  echo "[14] - remove OpenVas 7 installation."
  echo "[15] - remove OpenVas 7 from BackBox menu."
  echo ""
  echo "[0] - exit program"
  echo ""
  echo -e -n "$up Enter selection: "
}

# Menu source
selection=
until [ "$selection" = "0" ]; do
  print_menu
  read selection
  echo ""
  case $selection in

  1 ) packages;enter;clear ;;
  2 ) source;enter;clear ;;
  3 ) libraries;enter;clear ;;
  4 ) scanner;enter;clear ;;
  5 ) certificate;enter;clear ;;
  6 ) manager;enter;clear ;;
  7 ) cli;enter;clear ;;
  8 ) gsa;enter; clear ;;
  9 ) repos;enter;clear ;;
 10 ) start;enter; clear ;;
 11 ) user;enter;echo "Now you can login with user admin and password backbox.";enter; clear ;;
 12 ) checkit;enter; clear ;;
 13 ) service_stop;service_start;service_restart;service_update;enter ;;
 14 ) blank;enter;clear ;;
 15 ) blank_menu;enter;clear ;;
  0 ) exit ;;
  * ) echo -e "$up Please enter 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 or 0"
  esac
done