From nobody Fri Oct 30 16:08:48 2020 Content-Type: multipart/mixed; boundary="===============1184273935139404346==" MIME-Version: 1.0 --===============1184273935139404346== MIME-Version: 1.0 Content-Type: text/cloud-config; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="v1.8-step1.yml" #cloud-config users: - name: noip groups: sudo lock-passwd: false shell: /bin/bash package_upgrade: false write_files: - path: /var/www/html/index.html content: | Updating your droplet...

Building your droplet...
runcmd: - [ cloud-init-per, instance, tempserv, busybox, httpd, -h, /var/www/html/, -p, 80] - sed -i -e '/^X11Forwarding/s/^.*$/X11Forwarding no/' /etc/ssh/sshd_config - sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin no/' /etc/ssh/sshd_config - sed -i -e '/^#PasswordAuthentication/s/^.*$/PasswordAuthentication no/' /etc/ssh/sshd_config - sed -i -e '$aAllowUsers noip' /etc/ssh/sshd_config - sed -i -e '$aMatch User noip' /etc/ssh/sshd_config - sed -i -e '$aPasswordAuthentication yes' /etc/ssh/sshd_config final_message: "Config 1 Done, after $UPTIME seconds" --===============1184273935139404346== MIME-Version: 1.0 Content-Type: text/x-shellscript; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="v1.8-step2.sh" #!/bin/bash GREEN='\033[1;32m' NC='\033[0m' function logMsg { sed -i "/\/pre/ i $1" /var/www/html/index.html echo -e "\n${GREEN}$1${NC}\n\n" } logMsg "Installing packages" logMsg " - upating packages" apt-get update logMsg " - nginx webserver" apt-get --assume-yes --quiet install nginx logMsg " - nginx files" cat << 'EOF' > /var/www/html/index.hold.html Updating droplet please wait...

Building your droplet...



EOF

cp -a /etc/nginx/sites-available/default /etc/nginx/sites-available/default.old
cat << 'EOF' > /etc/nginx/sites-available/default
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;
    server_name _;
    location / {
        try_files $uri $uri/ =404;
    }
    # pass requests to php files to php-fpm socket 
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php-fpm.sock;
    }
    #block access to hidden .name files
    location ~ /\. {
        deny all;
    }
}
EOF

killall busybox
logMsg " - busybox exited"

systemctl start nginx
logMsg " - nginx started"

logMsg " - setup system tools"
apt-get --assume-yes --quiet install ntpdate ntp unzip whois curl wamerican-huge

logMsg " - install php"
apt-get --assume-yes --quiet install php-fpm php-sqlite3 php-curl

#fix ubuntu20/ubuntu18 sock file issue 
#symb link on ub20, no file on ub18
if [ ! -f /run/php/php-fpm.sock ]; 
then
ln -s /run/php/php7.2-fpm.sock /run/php/php-fpm.sock
fi

logMsg ""
logMsg "Setting up install variables"

export NOIPFOLDER=$(shuf -n 1 /usr/share/dict/words | sed 's/[^a-zA-Z0-9]//' | tr '[:upper:]' '[:lower:]')
export HOSTNAME=$(curl -s http://169.254.169.254/metadata/v1/hostname)
export PUBLIC_IPV4=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address)
export PUBLIC_IPV6=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv6/address)
export PUBLIC_IPV6="${PUBLIC_IPV6:-NOT ENABLED}"
export DROPLET_ID=$(curl -s http://169.254.169.254/metadata/v1/id)

logMsg " - Variables set. Folder: $NOIPFOLDER, Hostname: $HOSTNAME, IP: $PUBLIC_IPV4"

logMsg ""
logMsg "Setting SSH password"

#get random password
PASSWD=($( /var/www/html/index.new.php

Droplet Details





Droplet Installer



THIS FILE WILL SELF DESTRUCT IN  MINUTES!!





1. Copy & store the information below:

Droplet Hostname: $HOSTNAME

Droplet ID: $DROPLET_ID (open digital ocean admin page)

Public IP4 Address: $PUBLIC_IPV4

Public IP6 Address: $PUBLIC_IPV6

Client Install Folder: /$NOIPFOLDER



SSH Username: noip

SSH Password: $PASSWORD





2. Configure your client

 


 Click the button to configure your noipfraud client. Enter the API key and secret for your account, and choose a secure login for this client install.





3. Point your domain to your droplet

You should never run traffic directly to your droplet IP - always use a (sub) domain. So make sure you point the DNS for your preferred (sub) domain to your droplet public IPs listed above.





4. Secure your droplet

We have taken some steps to secure your droplet. For example - remote login with the root user is disabled.
Your droplet also has a firewall enabled (ufw) and only allows SSH, HTTP and HTTPS traffic.


Your noip user password (shown above) is randomly assigned locally on your server. It is good practice to change it anyway! You can do this by login in using SSH:


ssh noip@$PUBLIC_IPV4

Then once your logged in use the following command to set a new password:


passwd

The other thing you should do is remove the index.php page (this page) we created and put in place a legit and safe homepage.





5. Launch some campaigns 

Only experienced marketers use noipfraud - so I dont need to tell you much about this. But do check out the support section (link in the menu of your client). It explains how to use noipfraud.



EOF

logMsg " - Substituting variables"

sed -i "s/\$HOSTNAME/$HOSTNAME/g" /var/www/html/index.new.php
sed -i "s/\$DROPLET_ID/$DROPLET_ID/g" /var/www/html/index.new.php
sed -i "s/\$PUBLIC_IPV4/$PUBLIC_IPV4/g" /var/www/html/index.new.php
sed -i "s/\$PUBLIC_IPV6/$PUBLIC_IPV6/g" /var/www/html/index.new.php
sed -i "s/\$NOIPFOLDER/$NOIPFOLDER/g" /var/www/html/index.new.php
sed -i "s/\$PASSWORD/${PASSWD[0]}/g" /var/www/html/index.new.php
CREATETIME=$(date +%s)
sed -i "s/\$CREATETIME/$CREATETIME/g" /var/www/html/index.new.php

logMsg " - Updating permissions"
usermod -aG noip www-data
usermod -aG www-data noip

chown -R noip:www-data /var/www/html
chmod 2775 /var/www/html
find /var/www/html -type d -exec chmod 2775 {} +
find /var/www/html -type f -exec chmod 0664 {} +

logMsg ""
logMsg "Copying SSH keys if required"

mkdir -p /home/noip/.ssh
cp -a /root/.ssh/authorized_keys /home/noip/.ssh/
chown -R noip:noip /home/noip/.ssh
chmod 700 /home/noip/.ssh
chmod 600 /home/noip/.ssh/authorized_keys

logMsg ""
logMsg "Update login message"

cat << EOF > /etc/motd.tail
-------------------------------------------------------------------------------------
Thank you for using your Noipfraud client.

This script installed nginx and php-fpm. The script also created the "noip" user.
The droplet uses ufw firewall to allow traffic for SSH, HTTP and HTTPS. Everything else
is blocked.

Your web root is located at /var/www/html and can be seen from http://$PUBLIC_IPV4

Please follow the instructions there to configure your client.
-------------------------------------------------------------------------------------
EOF

logMsg ""
logMsg "Enabling firewall"

ufw allow OpenSSH
ufw allow "Nginx Full"
ufw enable

logMsg ""
logMsg "Cleanup & restart services"

rm -f /usr/share/nginx/html/info.php
systemctl enable nginx
systemctl reload nginx
systemctl reload php7.2-fpm
systemctl reload ssh

logMsg ""
logMsg "DONE!"

mv -f /var/www/html/index.html /var/www/html/index.old.html
mv -f /var/www/html/index.new.php /var/www/html/index.php
--===============1184273935139404346==--