CVE-2018-15473/installation-script.sh

#!/bin/bash

HOME="/tmp"

# Remove existing OpenSSL
sudo apt-get remove --auto-remove openssl -y
sudo rm -rf /usr/include/openssl/

# Cleaning
sudo apt-get autoremove -y && sudo apt-get autoclean -y

sudo apt-get install -y apt-utils wget tar gzip nano build-essential zlib1g-dev libssl-dev

# Python dependencies
sudo apt-get install -y python3 python3-pip
pip3 install paramiko==2.0.8

# SELinux && Pam
sudo apt-get install libpam0g-dev libselinux1-dev -y

# SSH directories
sudo mkdir -p /var/lib/sshd
sudo chmod -R 700 /var/lib/sshd/
sudo chown -R root:sys /var/lib/sshd/
sudo useradd -r -U -d /var/lib/sshd/ -c "sshd privsep" -s /bin/false sshd

# Install OpenSSL
cd $HOME || exit
wget --no-check-certificate https://www.openssl.org/source/old/1.0.2/openssl-1.0.2s.tar.gz
gzip -d openssl-1.0.2s.tar.gz && tar xvf openssl-1.0.2s.tar && cd openssl-1.0.2s || exit
./config && make -j "$(nproc)" && sudo make install

# Install OpenSSH
cd $HOME || exit
wget --no-check-certificate https://ftp.rnl.tecnico.ulisboa.pt/pub/OpenBSD/OpenSSH/portable/openssh-7.6p1.tar.gz
gzip -d openssh-7.6p1.tar.gz && tar xvf openssh-7.6p1.tar && cd openssh-7.6p1 || exit
./configure --with-md5-passwords --with-pam --with-selinux --with-privsep-path=/var/lib/sshd/ --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/ssl
make -j "$(nproc)" && sudo make install

# Set root password
echo -e "qwerty\nqwerty" | sudo passwd

# Allow root login and start ssh
sudo sed -i "s/#PermitRootLogin.*/PermitRootLogin yes/1" /etc/ssh/sshd_config