well...I changed my mind again. I'm back at it, with this one. The latest version adds some cool realism. When you ssh into the nsa server, the hostname changes to nsa.gov. I've added a fake ICBM launch program that is fun to run after you are in the nsa server. I'm still figuring out some timing stuff. For example, the suggestion that jbsnake made about a counter hack sounds like fun. The command he gave does indeed work, but it would be nice to time it. Like if you haven't finished your hack within 2 or 3 minutes, you get counter hacked. Anyways, here's the latest code. Feel free to play with it. Have fun!
Code:
#!/bin/bash
#lethal.sh
#a script by DeX to make anyone look like a real haxor! OMG!!1
############
#set starting variable for hostname
hozt=local
#emulate the prompt
clear;
read -p "root@"$hozt":~$ " command
while [[ $choice != 0 ]]
do
case $command in
'nslookup nsa.gov') sleep 1;
echo "Server: 204.14.141.218";
echo "Address 204.14.141.218#53"
echo
echo "Non-authoritative answer:"
echo "Name: nsa.gov"
echo "Address: 67.15.6.98"
;;
'ping 67.15.6.98') sleep 1;
echo "PING 67.15.6.98 (67.15.6.98) 56(84) bytes of data."
sleep 1;
echo "64 bytes from 67.15.6.98: icmp_seq=1 ttl=52 time=68 ms"
sleep 1;
echo "64 bytes from 67.15.6.98: icmp_seq=2 ttl=52 time=87 ms"
sleep 1;
echo "64 bytes from 67.15.6.98: icmp_seq=3 ttl=52 time=87 ms"
sleep 1;
echo "64 bytes from 67.15.6.98: icmp_seq=4 ttl=52 time=92 ms"
sleep 1;
echo "--- 67.15.6.98 ping statistics ---"
echo "4 packets transmitted, 4 received, 0% packet loss, time 334ms"
;;
'nmap -sS 67.15.6.98') echo
echo "Starting Nmap 4.53 ( http://insecure.org ) at" $(date)
sleep 4;
echo "Interesting ports on 67.15.6.98:"
echo "Not shown: 1712 closed ports"
echo "PORT STATE SERVICE"
echo "80/tcp open http"
echo "443/tcp open https"
echo "MAC Address: 00:11:25:99:17:22 (Fortress Networks)"
echo
echo "Nmap done: 1 IP address (1 host up) scanned in 4.399 seconds"
;;
'dscan -fS 67.15.6.98:443') echo
echo "dScan probing 1 host"
sleep 4
echo "https on port 443 is vulnerable!"
echo "please run updates to correct this security problem!"
;;
'metasploit -script https443.sh -i 67.15.6.98') echo
sleep 1
echo " -module -export-dynamic -o rlm_perl.la "
echo " -rpath /usr/local/lib rlm_perl.lo rlm_perl.c bradius.la"
echo " `perl -MExtUtils::Embed -e ldopts` -lnsl -lresolv -lpthread"
echo "metasploit framework searching for vulnerable port"
sleep 3
echo "metasploit script successfull!"
echo "run dump to view results"
;;
'dump -script https443.sh -c pw -U root') echo
sleep 1
echo "root - 0xC23413A8A1E7665fAAD3B435B51404EE"
;;
'hydra -b 0xC23413A8A1E7665fAAD3B435B51404EE') echo
sleep 5
echo "password match found!"
echo "aRrf349J$"
;;
'ssh -l root 67.15.6.98') echo ""
sleep 5
echo " WARNING!"
echo "This is a Government computer system. Any"
echo "attempts to access this system by unauthorized"
echo "persons is against the law and will be prosecuted."
echo
sleep 1;
#change the hostname to nsa.gov
hozt=nsa.gov
;;
'./defcon_launch.sh') echo
sleep 1
echo "#################################"
echo "# #"
echo "# DEFCON LAUNCHER STARTED #"
echo "# #"
echo "#################################"
read -p "How many ICBMs? " missles
read -p "Please Enter GPS Coords: " coords
echo "Defcon Launch Sequence Started"
echo "Estimated Time To Destruction: 5 Seconds"
sleep 3
echo "Target Destroyed"
sleep 1
echo "Exiting program"
;;
'help')
echo "Commands"
echo "nslookup nsa.gov"
echo "ping 67.15.6.98"
echo "nmap -sS 67.15.6.98"
echo "dscan -fS 67.15.6.98:443"
echo "metasploit -script https443.sh -i 67.15.6.98"
echo "dump -script https443.sh -c pw -U root"
echo "hydra -b 0xC23413A8A1E7665fAAD3B435B51404EE"
echo "ssh -l root 67.15.6.98"
echo "clear"
echo "exit"
echo "**FROM NSA.GOV SHELL FOR REALISM**"
echo "./defcon_launch.sh"
;;
'clear')
clear;
;;
'exit')
exit;
;;
*)
echo "bash: command not found"
;;
esac
#term again
read -p "root@"$hozt":~$ " command
done
