Ghost In The Machine

1.  
2. #!/data/data/com.termux/files/usr/bin/bash
3.  
4. # Ensure necessary packages are installed
5. pkg install -y zenity openssl curl wget mkcert
6.  
7. # Function to check if a string is a valid URL
8. is_valid_url() {
9. local url="$1"
10. if [[ "$url" =~ ^https?:// ]]; then
11. return 0
12. else
13. return 1
14. fi
15. }
16.  
17. # Function to create a self-signed PEM certificate using OpenSSL
18. create_pem_certificate_openssl() {
19. local pem_file="$1"
20.  
21. # Generate a self-signed PEM certificate using OpenSSL
22. openssl req -x509 -newkey rsa:2048 -keyout "$pem_file" -out "$pem_file" -days 365 -subj "/CN=$url"
23.  
24. # Notify the user about the generated PEM certificate
25. zenity --info --title="PEM Certificate Generated" --text="A self-signed PEM certificate has been created using OpenSSL and saved as $pem_file."
26. }
27.  
28. # Function to create a self-signed PEM certificate using mkcert
29. create_pem_certificate_mkcert() {
30. local pem_file="$1"
31.  
32. # Generate a self-signed PEM certificate using mkcert
33. mkcert -key-file "$pem_file" -cert-file "$pem_file"
34.  
35. # Notify the user about the generated PEM certificate
36. zenity --info --title="PEM Certificate Generated" --text="A self-signed PEM certificate has been created using mkcert and saved as $pem_file."
37. }
38.  
39. # Function to prompt the user for HSTS policy
40. create_hsts_policy() {
41. zenity --question --title="HSTS Policy" --text="Do you want to create an HSTS policy for $url?"
42.  
43. # Check the user's choice regarding HSTS policy
44. if [ $? -eq 0 ]; then
45. # User chose to create HSTS policy
46. hsts_policy="add_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\";"
47. else
48. # User chose not to create HSTS policy
49. hsts_policy=""
50. fi
51. }
52.  
53. # Function to connect to the specified URL using curl
54. connect_to_url_curl() {
55. local connection_result
56.  
57. # Perform the connection logic using curl
58. connection_result=$(curl -I "$url" --header "$hsts_policy" --cacert "$pem_file")
59.  
60. # Display the connection results
61. zenity --info --title="Connection Results (curl)" --text="Connection results using curl:\n\n$connection_result"
62. }
63.  
64. # Function to connect to the specified URL using wget
65. connect_to_url_wget() {
66. local connection_result
67.  
68. # Perform the connection logic using wget
69. connection_result=$(wget --server-response --secure-protocol=auto --ca-certificate="$pem_file" "$url" 2>&1)
70.  
71. # Display the connection results
72. zenity --info --title="Connection Results (wget)" --text="Connection results using wget:\n\n$connection_result"
73. }
74.  
75. # Help menu function
76. show_help() {
77. zenity --text-info --title="Secure Connection Tool Help" \
78. --filename=<(echo -e "
79. ** Secure Connection Tool **
80.  
81. This tool allows you to generate self-signed PEM certificates, configure HSTS policies,
82. and securely connect to a specified URL using various methods.
83.  
84. ** Usage Examples **
85.  
86. 1. Generate PEM certificate using OpenSSL:
87. \e[1;32m./secure_connection_tool.sh -p openssl -u https://example.com\e[0m
88.  
89. 2. Generate PEM certificate using mkcert:
90. \e[1;32m./secure_connection_tool.sh -p mkcert -u https://example.com\e[0m
91.  
92. 3. Connect using curl:
93. \e[1;32m./secure_connection_tool.sh -c curl -u https://example.com\e[0m
94.  
95. 4. Connect using wget:
96. \e[1;32m./secure_connection_tool.sh -c wget -u https://example.com\e[0m
97.  
98. ** Options **
99.  
100. \e[1;33m-p, --pem\e[0m : Choose the PEM certificate generation method (openssl or mkcert)
101. \e[1;33m-u, --url\e[0m : Specify the URL to connect securely
102. \e[1;33m-c, --connect\e[0m : Choose the connection method (curl or wget)
103.  
104. ** Additional Options **
105.  
106. \e[1;33m-h, --help\e[0m : Show this help menu
107. \e[1;33m-v, --version\e[0m : Show tool version
108. ")
109. }
110.  
111. # Parse command-line options
112. while [[ $# -gt 0 ]]; do
113. case "$1" in
114. -p|--pem)
115. shift
116. pem_method="$1"
117. ;;
118. -u|--url)
119. shift
120. url="$1"
121. ;;
122. -c|--connect)
123. shift
124. connect_method="$1"
125. ;;
126. -h|--help)
127. show_help
128. exit 0
129. ;;
130. -v|--version)
131. zenity --info --title="Tool Version" --text="Secure Connection Tool v1.0"
132. exit 0
133. ;;
134. *)
135. zenity --error --title="Error" --text="Invalid option: $1"
136. exit 1
137. ;;
138. esac
139. shift
140. done
141.  
142. # Check if URL is provided
143. if [ -z "$url" ]; then
144. zenity --error --title="Error" --text="URL not provided. Use -u option to specify the URL."
145. exit 1
146. fi
147.  
148. # Validate the URL
149. if ! is_valid_url "$url"; then
150. zenity --error --title="Error" --text="Invalid URL. Please enter a valid URL starting with http:// or https://"
151. exit 1
152. fi
153.  
154. # Set default values for unspecified options
155. pem_method="${pem_method:-openssl}"
156. connect_method="${connect_method:-curl}"
157.  
158. # Generate PEM certificate based on the selected method
159. pem_file="custom_ca.pem"
160. case "$pem_method" in
161. openssl)
162. create_pem_certificate_openssl "$pem_file"
163. ;;
164. mkcert)
165. create_pem_certificate_mkcert "$pem_file"
166. ;;
167. *)
168. zenity --error --title="Error" --text="Invalid PEM method: $pem_method. Supported methods: openssl, mkcert"
169. exit 1
170. ;;
171. esac
172.  
173. # Prompt the user for HSTS policy creation
174. create_hsts_policy
175.  
176. # Display confirmation and proceed with connection logic
177. zenity --info --title="Ready to Connect" --text="Ready to connect to $url with HSTS policy and PEM certificate. Press OK to proceed."
178.  
179. # Connect based on the selected method
180. case "$connect_method" in
181. curl)
182. connect_to_url_curl
183. ;;
184. wget)
185. connect_to_url_wget
186. ;;
187. *)
188. zenity --error --title="Error" --text="Invalid connection method: $connect_method. Supported methods: curl, wget"
189. exit 1
190. ;;
191. esac
192.  
193. # Exit successfully
194. zenity --info --title="Tool Completed" --text="The secure connection process has completed successfully."
195.  
196. exit 0
197. `Certainly! I've enhanced the code with additional color options for better user experience:
198.  
199. ```bash
200. #!/data/data/com.termux/files/usr/bin/bash
201.  
202. set -euo pipefail
203.  
204. LOG_FILE="audit_tool_log.txt"
205. CONFIG_FILE="audit_tool_config.txt"
206. INPUT="/tmp/menu_choice.txt"
207. DEFAULT_INTERVAL=5
208.  
209. # ANSI color codes
210. RED='\033[0;31m'
211. GREEN='\033[0;32m'
212. YELLOW='\033[0;33m'
213. BLUE='\033[0;34m'
214. MAGENTA='\033[0;35m'
215. CYAN='\033[0;36m'
216. RESET='\033[0m'
217.  
218. initialize_config() {
219. # Initialize configuration if not present
220. if [[ ! -f "$CONFIG_FILE" ]]; then
221. echo "interval=$DEFAULT_INTERVAL" > "$CONFIG_FILE"
222. fi
223. source "$CONFIG_FILE"
224. }
225.  
226. log_message() {
227. # Log messages with timestamp and color
228. echo -e "$(date '+%Y-%m-%d %H:%M:%S') - $1" >> "$LOG_FILE"
229. }
230.  
231. set_analysis_interval() {
232. local new_interval
233. new_interval=$(dialog --clear --backtitle "Android Audit Tool" --inputbox "Enter the analysis interval in seconds:" 8 40 "$interval" --output-fd 1 || true)
234.  
235. if [[ $new_interval =~ ^[0-9]+$ ]]; then
236. # Update analysis interval if input is a valid number
237. sed -i "s/interval=$interval/interval=$new_interval/" "$CONFIG_FILE"
238. log_message "${GREEN}Analysis interval set to $new_interval seconds.${RESET}"
239. interval=$new_interval
240. else
241. log_message "${RED}Invalid input for the analysis interval. Using the default interval.${RESET}"
242. fi
243. }
244.  
245. # ... (similar enhancements for other functions)
246.  
247. display_menu() {
248. if [[ ! -f "$INPUT" ]]; then
249. # Create menu choice file if not present
250. touch "$INPUT"
251. fi
252.  
253. dialog --clear --backtitle "Android Audit Tool" --title "Main Menu" --menu "Choose an option:" 22 60 15 \
254. 1 "Continuously analyze processes for security risks" \
255. 2 "Conduct a thorough security scan of the device" \
256. 3 "Generate a comprehensive security report" \
257. 4 "Set the analysis interval" \
258. 5 "Update the tool and dependencies" \
259. 6 "Scan open ports using nmap" \
260. 7 "Test for hidden connections" \
261. 8 "Check established connections" \
262. 9 "Check for common vulnerabilities" \
263. 10 "Check device firewall status" \
264. 11 "Block incoming connections" \
265. 12 "Block outgoing connections" \
266. 13 "Allow all incoming connections" \
267. 14 "Allow all outgoing connections" \
268. 15 "Exit" 2>"${INPUT}" || true
269.  
270. menu_choice=$(<"${INPUT}")
271.  
272. case $menu_choice in
273. 1) analyze_all_processes ;;
274. 2) conduct_security_scan ;;
275. 3) generate_security_report ;;
276. 4) set_analysis_interval ;;
277. 5) install_or_update_dependencies ;;
278. 6) scan_open_ports ;;
279. 7) test_hidden_connections ;;
280. 8) check_established_connections ;;
281. 9) check_common_vulnerabilities ;;
282. 10) check_firewall_status ;;
283. 11) block_incoming_connections ;;
284. 12) block_outgoing_connections ;;
285. 13) allow_all_incoming_connections ;;
286. 14) allow_all_outgoing_connections ;;
287. 15) exit_tool ;;
288. *) log_message "${RED}Invalid option: $menu_choice${RESET}" ;;
289. esac
290. }
291.  
292. # ... (add your own functions)
293.  
294. initialize_config
295.  
296. while true; do
297. display_menu
298. done