valentin/ocanary-setup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
valentin 2021-11-10 11:29:01 +01:00
commit a8e2372d76
17 changed files with 657 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.aws/.credentials.un~ Normal file
View File

Binary file not shown.

4
.aws/config Normal file
View File

@ -0,0 +1,4 @@
[default]
region = us-east-2
output = text

3
.aws/credentials Normal file
View File

@ -0,0 +1,3 @@
[default]
aws_access_key_id = AKIATG5KEXO5DJVHHNHI
aws_secret_access_key = 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

3
.aws/credentials~ Normal file
View File

@ -0,0 +1,3 @@
[default]
aws_access_key_id = AKIATG5KEXO5K33FUFOS
aws_secret_access_key = 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

BIN
.ocanary-setup.sh.un~ Executable file
View File

Binary file not shown.

0
README.md Normal file
View File

177
ocanary-setup.sh Executable file
View File

@ -0,0 +1,177 @@
#!/bin/bash
# - TODO IMPORTANT - This file contains a line with 'setenforce 0'
# - TODO change cron job minute from '*' to '0' (set this for tests)
# - TODO change 'centos' with $USER env variable everywhere
# - Check sudo
if [[ "$EUID" != 0 ]]; then
echo "This script must be run with sudo"
exit
fi
# - Set current working dir
cd /home/centos/
# - Update
#sudo apt-get update && sudo apt-get dist-upgrade
echo "Checking for updates..."
yum check-update
sudo yum update -y
# - Install required packages
#sudo apt-get install python3-dev python3-pip python3-virtualenv python3-venv python3-scapy libssl-dev libpcap-dev
echo "Installing required packages (git, vim, virtualenv)..."
sudo yum install git -y
sudo yum install vim -y
sudo yum install virtualenv -y
# - Install EPEL repo (Extra Packages for Enterprise Linux)
# - AWSClient present in it
echo "Adding EPEL repo..."
sudo yum install epel-release.noarch -y
echo "Checking for updates..."
yum check-update
sudo yum update -y
# - Install AWS Client (from EPEL)
echo "Installing Amazon AWS Client (awscli.noarch)..."
sudo yum install awscli.noarch -y
# - Configure AWS Client
echo "Copy of awscli config (credentials and config file)..."
sudo cp -R /home/centos/ocanary-setup/.aws /root/
sudo chmod -R 755 /root/.aws
sudo chmod 600 /root/.aws/*
sudo chown -R root:root /root/.aws
# - Create folder to sync with S3 Bucket (where we will store a copy of ocanary logs)
echo "Creating folder that will contain a copy of ocanary logs (under /home/$USER/opencanary_logs/) ..."
sudo mkdir /home/centos/opencanary_logs
sudo mkdir /home/centos/opencanary_logs/to_sync
sudo chmod -R 600 /home/centos/opencanary_logs
# - ( umask not working properly)
#sudo umask 077 /home/centos/opencanary_logs/
# - Add cron jobs in crontab
echo "Adding cron jobs (copy of logs in /home/$USER/opencanary_logs/to_sync and aws S3 sync) ..."
sudo crontab -l > /root/cron_content
sudo echo "0 * * * * cp /home/centos/opencanary_logs/opencanary.log /home/centos/opencanary_logs/to_sync; sudo chmod 600 /home/centos/opencanary_logs/to_sync/opencanary.log; aws s3 sync /home/centos/opencanary_logs/to_sync s3://s3-protonlab-02" >> /root/cron_content
sudo crontab /root/cron_content
# - Create LogRotate rule
echo "Creating a LogRotate rule..."
sudo cp /home/centos/ocanary-setup/opencanary.logrotate /etc/logrotate.d/opencanary
# - Create Virtual Environment
echo "Creating virtual env..."
sudo virtualenv -p python3 /var/lib/canary-env
sudo source /var/lib/canary-env/bin/activate
# - Python (pip update)
#pip install --upgrade pip setuptools
# - Clone Opencanary Git repo
echo "Cloning opencanary git repo..."
git clone https://github.com/thinkst/opencanary
# - Opencanary initial setup
echo "Opencanary general install..."
cd opencanary
##pip install opencanary
#python setup.py install
sudo /var/lib/canary-env/bin/python setup.py install
sudo /var/lib/canary-env/bin/pip install -r requirements.txt
# - Opencanary config
echo "Creating Opencanary config..."
sudo mkdir /etc/opencanaryd -p
sudo cp /home/centos/ocanary-setup/opencanary.conf /etc/opencanaryd/opencanary.conf
# - Import HTTP Honeypot Proton Skin
echo "Import HTTP Honeypot Proton Skin..."
sudo cp -R /home/centos/ocanary-setup/protonLogin_2/ /home/centos/opencanary/opencanary/modules/data/http/skin/
# - Copy Service config
echo "Making Opencanary run as a service..."
sudo cp /home/centos/ocanary-setup/opencanary.service /etc/systemd/system/opencanary.service
# - Reload services daemon to add opencanary.service
sudo systemctl daemon-reload
# - Enable opencanary.service at boot
echo "Enable Opencanary service at boot..."
sudo systemctl enable opencanary.service
# - Update SSH port to 2222 on the system (OpenCanary runs HoneyPot on port 22)
# Backup default config
echo "Updating SSHD config (make sshd run on port 2222, let port 22 for HoneyPot)..."
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config_bkp
# Change port to 2222
sudo sed -i 's/#Port\ 22/Port 2222/g' /etc/ssh/sshd_config
echo "Adding rule for SELinux to let SSHD listen on port 2222..."
# Add SELinux policy to let ssh bind on port 2222
sudo semanage port -a -t ssh_port_t -p tcp 2222
# Change opencanaryd file type to a 'bin_t' type. Will ensure that the file type does not trisition to a confined domain
# Without this instruction, SELinux will block many actions
echo "Adding rules for SELinux to let opencanaryd service run..."
sudo chcon -t bin_t /var/lib/canary-env/bin/opencanaryd
echo "Setting SELinux to permisive - IMPORTANT - This action must be removed for production"
# ----- TODO Change this setting -----
# - Set SELinux to permisive
#sudo setenforce 0
# ------------------------------------
# Restart ssh-server
read -p "Restart ssh server now ?" -r
echo ""
if [[ $REPLY =~ ^[Yy]$ ]]
then
echo "SSH Server restarting..."
sudo systemctl restart sshd.service
echo "SSH Server restarted"
# - Enable and start service
echo "Start opencanary service"
sudo systemctl start opencanary.service
else
echo "For OpenCanary to run you must:"
echo "- restart sshd"
echo "- start opencanary"
echo ""
echo "sudo systemctl restart sshd.service"
echo "sudo systemctl start opencanary.service"
fi
# - Wait for Opencanary to start completely, and create the log file
echo "Waiting for Opencanary to finish starting process..."
# - To do so, we first try to see if the logfile is now present on the system
# - If the log file is not present, we wait a few more seconds
check_oc_running_tries=0
while [ ! -f /home/centos/opencanary_logs/opencanary.log ] && [ $check_oc_running_tries -le 6 ]
do
sleep 1
check_oc_running_tries=$((check_oc_running_tries+1))
echo "Opencanary not running... [ waiting ]"
done
# - If Opencanary is running
if $(systemctl is-active --quiet opencanary.service)
then
# - Set rw permission to root only for the log file
# - This is important for the first run, then logrotate will force the permission at the first rotation
echo "Changing permissions on pencanary log file..."
sudo chmod 600 /home/centos/opencanary_logs/opencanary.log
echo -e "\nThe system says that Opencanary is now running"
else
echo "Opencanary could not run :("
fi

135
ocanary-setup.sh~ Executable file
View File

@ -0,0 +1,135 @@
#!/bin/bash
# - TODO IMPORTANT - This file contains a line with 'setenforce 0'
# - TODO change cron job minute from '*' to '0' (set this for tests)
# - TODO change 'centos' with $USER env variable everywhere
# - Check sudo
if [[ "$EUID" != 0 ]]; then
echo "This script must be run with sudo"
exit
fi
# - Set current working dir
cd /home/centos/
# - Update
#sudo apt-get update && sudo apt-get dist-upgrade
echo "Checking for updates..."
yum check-update
sudo yum update -y
# - Install required packages
#sudo apt-get install python3-dev python3-pip python3-virtualenv python3-venv python3-scapy libssl-dev libpcap-dev
echo "Installing required packages (git, vim, virtualenv)..."
sudo yum install git -y
sudo yum install vim -y
sudo yum install virtualenv -y
# - Install EPEL repo (Extra Packages for Enterprise Linux)
# - AWSClient present in it
echo "Adding EPEL repo..."
sudo yum install epel-release.noarch -yi
echo "Checking for updates..."
yum check-update
sudo yum update -y
# - Install AWS Client (from EPEL)
echo "Installing Amazon AWS Client (awscli.noarch)..."
sudo yum install awscli.noarch -y
# - Configure AWS Client
echo "Copy of awscli config (credentials and config file)..."
sudo cp -R /home/centos/ocanary-setup/.aws /root/
sudo chmod -R 755 /root/.aws
sudo chmod 600 /root/.aws/*
sudo chown -R root:root /root/.aws
# - Create folder to sync with S3 Bucket (where we will store a copy of ocanary logs)
echo "Creating folder that will contain a copy of ocanary logs (under /home/$USER/opencanary_logs/) ..."
sudo mkdir /home/centos/opencanary_logs
# - Add cron jobs in crontab
echo "Adding cron jobs (copy of logs in /home/$USER/opencanary_logs/ and aws S3 sync) ..."
sudo crontab -l > /root/cron_content
sudo echo "* * * * * cp /var/tmp/opencanary.log /home/centos/opencanary_logs/" >> /root/cron_content
sudo echo "* * * * * aws s3 sync /home/centos/opencanary_logs/ s3://s3-protonlab-02" >> /root/cron_content
sudo crontab /root/cron_content
# - Create Virtual Environment
echo "Creating virtual env..."
sudo virtualenv -p python3 /var/lib/canary-env
sudo source /var/lib/canary-env/bin/activate
# - Python (pip update)
#pip install --upgrade pip setuptools
# - Clone Opencanary Git repo
echo "Cloning opencanary git repo..."
git clone https://github.com/thinkst/opencanary
# - Opencanary initial setup
echo "Opencanary general install..."
cd opencanary
##pip install opencanary
#python setup.py install
sudo /var/lib/canary-env/bin/python setup.py install
sudo /var/lib/canary-env/bin/pip install -r requirements.txt
# - Opencanary config
echo "Creating Opencanary config..."
sudo mkdir /etc/opencanaryd -p
sudo cp /home/centos/ocanary-setup/opencanary.conf /etc/opencanaryd/opencanary.conf
# - Copy Service config
echo "Making Opencanary run as a service..."
sudo cp /home/centos/ocanary-setup/opencanary.service /etc/systemd/system/opencanary.service
# - Reload services daemon to add opencanary.service
sudo systemctl daemon-reload
# - Enable opencanary.service at boot
echo "Enable Opencanary service at boot..."
sudo systemctl enable opencanary.service
# - Update SSH port to 2222 on the system (OpenCanary runs HoneyPot on port 22)
# Backup default config
echo "Updating SSHD config (make sshd run on port 2222, let port 22 for HoneyPot)..."
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config_bkp
# Change port to 2222
sudo sed -i 's/#Port\ 22/Port 2222/g' /etc/ssh/sshd_config
echo "Adding rule for SELinux to let SSHD listen on port 2222..."
# Add SELinux policy to let ssh bind on port 2222
sudo semanage port -a -t ssh_port_t -p tcp 2222
echo "Setting SELinux to permisive - IMPORTANT - This action must be removed for production"
# ----- TODO Change this setting -----
# - Set SELinux to permisive
sudo setenforce 0
# ------------------------------------
# Restart ssh-server
read -p "Restart ssh server now ?" -r
echo ""
if [[ $REPLY =~ ^[Yy]$ ]]
then
echo "SSH Server restarting..."
sudo systemctl restart sshd.service
echo "SSH Server restarted"
# - Enable and start service
echo "Start opencanary service"
sudo systemctl start opencanary.service
else
echo "For OpenCanary to run you must:"
echo "- restart sshd"
echo "- start opencanary"
echo ""
echo "sudo systemctl restart sshd.service"
echo "sudo systemctl start opencanary.service"
fi

96
opencanary.conf Normal file
View File

@ -0,0 +1,96 @@
{
"device.node_id": "opencanary-1",
"ip.ignorelist": [ ],
"git.enabled": false,
"git.port" : 9418,
"ftp.enabled": false,
"ftp.port": 21,
"ftp.banner": "FTP server ready",
"http.banner": "Apache/2.2.22 (Ubuntu)",
"http.enabled": true,
"http.port": 80,
"http.skin": "protonLogin_2",
"httpproxy.enabled" : true,
"httpproxy.port": 8080,
"httpproxy.skin": "squid",
"logger": {
"class": "PyLogger",
"kwargs": {
"formatters": {
"plain": {
"format": "%(message)s"
},
"syslog_rfc": {
"format": "opencanaryd[%(process)-5s:%(thread)d]: %(name)s %(levelname)-5s %(message)s"
}
},
"handlers": {
"console": {
"class": "logging.StreamHandler",
"stream": "ext://sys.stdout"
},
"file": {
"class": "logging.FileHandler",
"filename": "//home/centos/opencanary_logs/opencanary.log"
}
}
}
},
"portscan.enabled": false,
"portscan.logfile":"/var/log/kern.log",
"portscan.synrate": 5,
"portscan.nmaposrate": 5,
"portscan.lorate": 3,
"smb.auditfile": "/var/log/samba-audit.log",
"smb.enabled": false,
"mysql.enabled": true,
"mysql.port": 3306,
"mysql.banner": "5.5.43-0ubuntu0.14.04.1",
"ssh.enabled": true,
"ssh.port": 22,
"ssh.version": "SSH-2.0-OpenSSH_5.1p1 Debian-4",
"redis.enabled": true,
"redis.port": 6379,
"rdp.enabled": false,
"rdp.port": 3389,
"sip.enabled": false,
"sip.port": 5060,
"snmp.enabled": false,
"snmp.port": 161,
"ntp.enabled": false,
"ntp.port": 123,
"tftp.enabled": false,
"tftp.port": 69,
"tcpbanner.maxnum":10,
"tcpbanner.enabled": false,
"tcpbanner_1.enabled": false,
"tcpbanner_1.port": 8001,
"tcpbanner_1.datareceivedbanner": "",
"tcpbanner_1.initbanner": "",
"tcpbanner_1.alertstring.enabled": false,
"tcpbanner_1.alertstring": "",
"tcpbanner_1.keep_alive.enabled": false,
"tcpbanner_1.keep_alive_secret": "",
"tcpbanner_1.keep_alive_probes": 11,
"tcpbanner_1.keep_alive_interval":300,
"tcpbanner_1.keep_alive_idle": 300,
"telnet.enabled": false,
"telnet.port": 23,
"telnet.banner": "",
"telnet.honeycreds": [
{
"username": "admin",
"password": "$pbkdf2-sha512$19000$bG1NaY3xvjdGyBlj7N37Xw$dGrmBqqWa1okTCpN3QEmeo9j5DuV2u1EuVFD8Di0GxNiM64To5O/Y66f7UASvnQr8.LCzqTm6awC8Kj/aGKvwA"
},
{
"username": "admin",
"password": "admin1"
}
],
"mssql.enabled": false,
"mssql.version": "2012",
"mssql.port":1433,
"vnc.enabled": false,
"vnc.port":5000
}

18
opencanary.logrotate Normal file
View File

@ -0,0 +1,18 @@
/home/centos/opencanary_logs/opencanary.log {
prerotate
cp /home/centos/opencanary_logs/opencanary.log /home/centos/opencanary_logs/to_sync
chmod 600 /home/centos/opencanary_logs/to_sync/opencanary.log
aws s3 sync /home/centos/opencanary_logs/to_sync s3://s3-protonlab-02
endscript
rotate 4
daily
compress
delaycompress
missingok
notifempty
create 0600 root root
postrotate
systemctl restart opencanary.service
endscript
}

15
opencanary.service Normal file
View File

@ -0,0 +1,15 @@
[Unit]
Description=OpenCanary
After=syslog.target
After=network-online.target
[Service]
User=root
#Type=oneshot
RemainAfterExit=yes
Restart=always
ExecStart=/var/lib/canary-env/bin/opencanaryd --start
ExecStop=/var/lib/canary-env/bin/opencanaryd --stop
[Install]
WantedBy=multi-user.target

BIN
protonLogin_2/.index.html.un~ Normal file
View File

Binary file not shown.

10
protonLogin_2/403.html Normal file
View File

@ -0,0 +1,10 @@
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access [[URL]]
on this server.</p>
<hr>
<address>[[BANNER]] Server</address>
</body></html>

9
protonLogin_2/404.html Normal file
View File

@ -0,0 +1,9 @@
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL [[URL]] was not found on this server.</p>
<hr>
<address>[[BANNER]] Server</address>
</body></html>

93
protonLogin_2/index.html Normal file
View File

@ -0,0 +1,93 @@
<html>
<head>
<title>Login</title>
<style>
body {
height: 100%;
margin:0; /* sinon on a le d̮̩calage de 8px*/
padding: 0;/* sinon on a le d̮̩calage de 8px*/
font-family: Helvetica, Arial, "lucida grande", tahoma, arial, sans-serif;
}
.outer {
margin-left: auto;
margin-right: auto;
width: 100%;
height: 100%;
margin:0; /* sinon on a le d̮̩calage de 8px*/
padding: 0;/* sinon on a le d̮̩calage de 8px*/
position:absolute;
background-color:#1c223d;
}
.inner{
display: table-cell;
vertical-align: middle;
height: 400px;
width:400px;
margin:150px auto 0px auto;
display:block;
background-color:rgb(48,54,81);
text-align:center;
padding:20px 0px 0px 0px;
color:#FFFFFF;
}
.inner input{
margin-top:5px;
height:40px;
width:70%;
border:1px solid grey;
border-radius:5px;
padding: 0px 15px 0px 15px;
}
.btn_login{
background-color:#657ee4;
color: #FFFFFF;
border:none !important;
cursor: pointer;
-webkit-touch-callout: none;
-webkit-user-select: none;
-khtml-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
user-select: none;
}
h1{
font-size:23px;
}
h2{
font-size:18px;
}
</style>
</head>
<body>
<div class='outer'>
<div class='inner'>
<!--<img src="img/pm-logo-white.svg"/>-->
<h1>Management Rules</h1>
<!--STARTERR-->
<h2>Login failed</h2>
<!--ENDERR-->
<form method="POST">
<br/>
<!--Username:-->
<br/>
<input type="text" name="username" placeholder="Username"/>
<br/>
<!--Password:-->
<br/>
<input type="password" name="password" placeholder="Password"/>
<br/>
<input type="submit" value="Login" name="btnLogin" class="btn_login"/>
</form>
</div>
</div>
</body>
</html>

93
protonLogin_2/index.html~ Normal file
View File

@ -0,0 +1,93 @@
<html>
<head>
<title>Login</title>
<style>
body {
height: 100%;
margin:0; /* sinon on a le d̮̩calage de 8px*/
padding: 0;/* sinon on a le d̮̩calage de 8px*/
font-family: Helvetica, Arial, "lucida grande", tahoma, arial, sans-serif;
}
.outer {
margin-left: auto;
margin-right: auto;
width: 100%;
height: 100%;
margin:0; /* sinon on a le d̮̩calage de 8px*/
padding: 0;/* sinon on a le d̮̩calage de 8px*/
position:absolute;
background-color:#1c223d;
}
.inner{
display: table-cell;
vertical-align: middle;
height: 400px;
width:400px;
margin:150px auto 0px auto;
display:block;
background-color:rgb(48,54,81);
text-align:center;
padding:20px 0px 0px 0px;
color:#FFFFFF;
}
.inner input{
margin-top:5px;
height:40px;
width:70%;
border:1px solid grey;
border-radius:5px;
padding: 0px 15px 0px 15px;
}
.btn_login{
background-color:#657ee4;
color: #FFFFFF;
border:none !important;
cursor: pointer;
-webkit-touch-callout: none;
-webkit-user-select: none;
-khtml-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
user-select: none;
}
h1{
font-size:23px;
}
h2{
font-size:18px;
}
</style>
</head>
<body>
<div class='outer'>
<div class='inner'>
<img src="img/pm-logo-white.svg"/>
<h1>Logs backup</h1>
<!--STARTERR-->
<h2>Login failed</h2>
<!--ENDERR-->
<form method="POST">
<br/>
<!--Username:-->
<br/>
<input type="text" name="username" placeholder="Username"/>
<br/>
<!--Password:-->
<br/>
<input type="password" name="password" placeholder="Password"/>
<br/>
<input type="submit" value="Access Logs" name="btnLogin" class="btn_login"/>
</form>
</div>
</div>
</body>
</html>

1
protonLogin_2/static/img/pm-logo-white.svg Normal file
View File

@ -0,0 +1 @@
<svg viewbox="0 0 148 23" xmlns="http://www.w3.org/2000/svg" width="148" height="23"><g stroke-miterlimit="10" fill="#fff" stroke="#fff" stroke-width="20"><path d="M823.495 470.975h-65.25v189.75h-71.25v-516.75h135c125.25 0 201.75 51 201.75 159.75 0 120.75-83.25 167.25-200.25 167.25zm6-271.5h-71.25v215.25h71.25c68.25 0 118.5-21.75 118.5-110.25 0-77.25-49.5-105-118.5-105zM1107.743 660.725v-395.25h60l8.25 75.75c22.5-55.5 57-84.75 103.5-84.75 12.75 0 27 1.5 39 4.5l-12.75 67.5c-12-3-20.25-4.5-34.5-4.5-49.5 0-81 50.25-94.5 105v231.75zM1520.988 247.475c112.5 0 175.499 81 175.499 206.25 0 122.25-64.499 207-176.249 207-112.5 0-176.25-81-176.25-206.25 0-122.25 64.5-207 177-207zm0 55.5c-66 0-102.75 48-102.75 151.5 0 102.75 36 150.75 102 150.75s102-48 102-151.5c0-102.75-36-150.75-101.25-150.75zM1999.487 633.725c-24 18-55.5 27-88.5 27-73.5 0-106.5-46.5-106.5-114.75v-237h-63v-52.5h63v-89.25l69-8.25v97.5h99.75l-8.25 52.5h-91.5v236.25c0 39.75 12.75 58.5 47.25 58.5 17.25 0 33-5.25 52.5-17.25zM2206.485 247.475c112.5 0 175.5 81 175.5 206.25 0 122.25-64.5 207-176.25 207-112.5 0-176.25-81-176.25-206.25 0-122.25 64.5-207 177-207zm0 55.5c-66 0-102.75 48-102.75 151.5 0 102.75 36 150.75 102 150.75s102-48 102-151.5c0-102.75-36-150.75-101.25-150.75zM2553.735 660.725h-69v-395.25h59.25l5.25 54c32.25-40.5 79.5-63 126-63 76.5 0 107.25 43.5 107.25 117v287.25h-69v-282.75c0-47.25-16.5-67.5-61.5-67.5-42.75 0-77.25 33-98.25 63.75zM3320.978 660.725l-22.5-264.75c-6-72.75-8.25-155.25-8.25-171.75h-3l-115.5 381.75h-68.25l-120-381.75h-3c0 17.25-1.5 105-6.75 171.75l-20.25 264.75h-67.5l42.75-516.75h96l113.25 377.25h3l109.5-377.25h96.75l42.75 516.75zM3762.72 562.475c0 31.5 9 42.75 29.25 50.25l-16.5 48c-35.25-4.5-60.75-20.25-72.75-55.5-27.75 37.5-69.75 55.5-117.75 55.5-79.5 0-128.25-48.75-128.25-122.25 0-81.75 66-127.5 186-127.5h51v-30.75c0-55.5-27.75-76.5-85.5-76.5-26.25 0-63 6-103.5 20.25l-18-51c48.75-18 93-25.5 132-25.5 100.5 0 144 48.75 144 129zm-69-8.25v-97.5h-47.25c-84.75 0-114 30.75-114 78.75 0 48.75 21.75 73.5 71.25 73.5 37.5 0 67.5-20.25 90-54.75zM3923.212 175.475c-28.5 0-48-20.25-48-47.25 0-26.25 19.5-46.5 48-46.5s48.75 20.25 48.75 46.5c0 27-20.25 47.25-48.75 47.25zm-34.5 485.25v-395.25h69v395.25zM4217.956 647.225c-17.25 8.25-36 13.5-56.25 13.5-47.25 0-81-27-81-94.5V97.475l69-8.25v483c0 22.5 7.5 31.5 24.75 31.5 9.75 0 18-1.5 25.5-4.5z" transform="matrix(.03462 0 0 .03402 0 .149)"/></g><g fill="#fff"><path d="M8.263.15S1.413-.072 0 7.396v5.086s.058.545 1.616 1.65c1.558 1.106 5.59 4.219 6.647 4.219 1.056 0 5.089-3.113 6.646-4.219 1.558-1.105 1.617-1.65 1.617-1.65V7.396C15.113-.072 8.263.15 8.263.15zm4.69 10.019h-9.38V7.396c.951-3.708 4.69-3.76 4.69-3.76s3.738.052 4.69 3.76z"/><path d="M8.263 19.496s-1.062-.102-1.893-.669C5.54 18.26 0 14.37 0 14.37v7.7s.047.896 1.05.896h14.425c1.004 0 1.05-.895 1.05-.895v-7.7s-5.539 3.89-6.37 4.456c-.83.567-1.892.67-1.892.67z"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 2.8 KiB