43 lines
1.4 KiB
Bash
43 lines
1.4 KiB
Bash
#!/bin/bash
|
|
#check if folder was mounted under /data
|
|
if [[ ! -d /data ]] ; then
|
|
echo "[!] No Folder was mounted to /data"
|
|
echo "[=] Make sure a folder containig the Windows Logs (evtx) is mounted. Example:"
|
|
echo "[=]"
|
|
echo "[>] # docker run -it --rm -v /path/to/logfiles:/data tabledevil/apthunter"
|
|
exit 1
|
|
fi
|
|
|
|
#check which destination is writeable /data or /output
|
|
if [[ ! -f /output/notmounted ]] && [[ -w /output ]] ; then
|
|
echo "[!] Output folder was mounted and is writeable"
|
|
echo "[>] Using /output as destination for report"
|
|
output="/output"
|
|
else
|
|
if [[ -w /data ]] ; then
|
|
echo "[!] Mounted folder /data can be written"
|
|
echo "[>] Using /data as destination for report"
|
|
output="/data"
|
|
else
|
|
echo "[!] No writeable output folder available"
|
|
echo "[=] Make sure either the folder mounted under /data is writable ..."
|
|
echo "[>] # docker run -it --rm -v /path/to/logfiles:/data tabledevil/apthunter"
|
|
echo "[=] ... or mount a writable folder to /output"
|
|
echo "[>] # docker run -it --rm -v /path/to/logfiles:/data:ro -v /path/for/report:/output tabledevil/apthunter"
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
#base command for apthunter
|
|
cmd=(/usr/bin/python3 /APT-Hunter/APT-Hunter.py -p /data)
|
|
|
|
|
|
#set output-destination
|
|
output="${output}/apthunter_$(date +%s)"
|
|
echo "output is goint to : ${output}"
|
|
cmd+=(-o "${output}")
|
|
|
|
|
|
#run the apthunter command
|
|
"${cmd[@]}"
|