#!/bin/bash
#
# Start Cobalt Strike Team Server
#

source ./source-common.sh

# check that we're r00t
if [ $UID -ne 0 ]; then
	print_error "Superuser privileges are required to run the team server"
	exit
fi

# check if java is available...
if [ $(command -v java) ]; then
	true
else
	print_error "java is not in \$PATH"
	echo "    is Java installed?"
	exit
fi

# check if keytool is available...
if [ $(command -v keytool) ]; then
	true
else
	print_error "keytool is not in \$PATH"
	echo "    install the Java Developer Kit"
	exit
fi

# generate a certificate
	# naturally you're welcome to replace this step with your own permanent certificate.
	# just make sure you pass -Djavax.net.ssl.keyStore="/path/to/whatever" and
	# -Djavax.net.ssl.keyStorePassword="password" to java. This is used for setting up
	# an SSL server socket. Also, the SHA-1 digest of the first certificate in the store
	# is printed so users may have a chance to verify they're not being owned.
echo
if [ -e ./cobaltstrike.store ]; then
	print_info "Will use existing X509 certificate and keystore (for SSL)"
else
	print_info "Generating X509 certificate and keystore (for SSL)"
	keytool -keystore ./cobaltstrike.store -storepass 0123456 -keypass 0123456 -genkey -keyalg RSA -alias Pwn3rs -dname "CN=Pwn3rs Striked, OU=AdvancedReversing, O=Pwn3rs, L=Around, S=Over, C=There"
fi

print_section_header "Starting teamserver"
./TeamServerImage -Dcobaltstrike.server_port=50050 -Dcobaltstrike.server_bindto=0.0.0.0 -Djavax.net.ssl.keyStore=./cobaltstrike.store -Djavax.net.ssl.keyStorePassword=0123456 teamserver $*
