-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
attacker and target 3 working properly in vagrant
- Loading branch information
1 parent
9abe1a9
commit 6c41d1d
Showing
5 changed files
with
107 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| #!/bin/bash | ||
|
|
||
|
|
||
| # Bootstrap the new VM | ||
| # | ||
| # | ||
|
|
||
| echo "Bootstrapping attacker1" | ||
|
|
||
| # Update system | ||
| apt update | ||
| cd ~ | ||
| wget https://bootstrap.pypa.io/get-pip.py | ||
| python3 get-pip.py | ||
| apt -y install golang sphinx-common | ||
| #apt -y upgrade | ||
|
|
||
| #apt -y install apt-transport-https | ||
| #apt -y install openssh-server | ||
| #apt -y install whois # for mkpasswd | ||
|
|
||
| ip addr show eth1 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1 > /vagrant/attacker1/ip4.txt | ||
|
|
||
| # reboot |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| #!/bin/bash | ||
|
|
||
|
|
||
| # Bootstrap the new VM | ||
| # | ||
| # | ||
|
|
||
| # Update system | ||
| apt update | ||
| apt -y upgrade | ||
|
|
||
| apt -y install apt-transport-https | ||
| apt -y install openssh-server | ||
| apt -y install whois # for mkpasswd | ||
| apt -y install libprotobuf-dev | ||
| apt -y install libbpf-dev | ||
| apt -y install gdb | ||
|
|
||
|
|
||
| # Add vulnerable user | ||
| # mkpasswd -m sha-512 # To calc the passwd | ||
| # This is in the debian package "whois" | ||
|
|
||
| # user with password "test" | ||
| # useradd -m -p '$6$bc4k4Tq2.1GW$0ysyuxyfyds2JkfVEf9xHy39MhpS.hhnAo4sBLprNfIHqcpaa9GJseRJJsrq0cSOWwYlOPrdHQNHp10E1ekO81' -s /bin/bash test | ||
|
|
||
| # user with password "passw0rd" | ||
| # useradd -m -p '$6$q5PAnDI5K0uv$hMGMJQleeS9F2yLOiHXs2PxZHEmV.ook8jyWILzDGDxSTJmTTZSe.QgLVrnuwiyAl5PFJVARkMsSnPICSndJR1' -s /bin/bash password | ||
|
|
||
| # Install Elastic search debian repo | ||
|
|
||
| wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - | ||
| echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | tee /etc/apt/sources.list.d/elastic-7.x.list | ||
| apt update | ||
|
|
||
| # Install Logstash | ||
| apt -y install default-jre | ||
| apt -y install logstash | ||
|
|
||
| # Install filebeat | ||
| apt -y install filebeat | ||
| # Configure logstash as output | ||
| cp /vagrant/target1/config/filebeat.yml /etc/filebeat/filebeat.yml | ||
| cp /vagrant/target1/config/caldera_agent.service /etc/systemd/system/ | ||
|
|
||
| # Config logstash | ||
| cp /vagrant/target1/logstash_conf/*.conf /etc/logstash/conf.d | ||
| rm /vagrant/target1/logstash/filebeat.json | ||
| touch /vagrant/target1/logstash/filebeat.json | ||
| chmod o+w /vagrant/target1/logstash/filebeat.json | ||
|
|
||
| # Start Logstash and filebeat | ||
| filebeat modules enable system,iptables | ||
| filebeat setup --pipelines --modules iptables,system, | ||
| systemctl start logstash.service | ||
| systemctl enable filebeat | ||
| systemctl enable logstash.service | ||
|
|
||
| # Run logstash manually for debugging: | ||
| # https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html | ||
| # /usr/share/logstash/bin/logstash --node-name debug -f /etc/logstash/conf.d/ --log.level debug --config.debug | ||
|
|
||
| # To test conf files: | ||
| # /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/ -t | ||
|
|
||
| # Start Caldera agent service | ||
| # ln -s /vagrant/target1/config/caldera_agent.service /etc/systemd/system | ||
| # chmod 666 /etc/systemd/system | ||
| # systemctl enable caldera_agent.service | ||
| # systemctl start caldera_agent.service | ||
|
|
||
|
|
||
| ip addr show enp0s8 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1 > /vagrant/target3/ip4.txt | ||
|
|
||
| # reboot |