mirror of https://github.com/avast/PurpleDome
attacker and target 3 working properly in vagrant
parent
9abe1a9a5e
commit
6c41d1ddc2
@ -0,0 +1,24 @@
|
||||
#!/bin/bash
|
||||
|
||||
|
||||
# Bootstrap the new VM
|
||||
#
|
||||
#
|
||||
|
||||
echo "Bootstrapping attacker1"
|
||||
|
||||
# Update system
|
||||
apt update
|
||||
cd ~
|
||||
wget https://bootstrap.pypa.io/get-pip.py
|
||||
python3 get-pip.py
|
||||
apt -y install golang sphinx-common
|
||||
#apt -y upgrade
|
||||
|
||||
#apt -y install apt-transport-https
|
||||
#apt -y install openssh-server
|
||||
#apt -y install whois # for mkpasswd
|
||||
|
||||
ip addr show eth1 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1 > /vagrant/attacker1/ip4.txt
|
||||
|
||||
# reboot
|
@ -0,0 +1,75 @@
|
||||
#!/bin/bash
|
||||
|
||||
|
||||
# Bootstrap the new VM
|
||||
#
|
||||
#
|
||||
|
||||
# Update system
|
||||
apt update
|
||||
apt -y upgrade
|
||||
|
||||
apt -y install apt-transport-https
|
||||
apt -y install openssh-server
|
||||
apt -y install whois # for mkpasswd
|
||||
apt -y install libprotobuf-dev
|
||||
apt -y install libbpf-dev
|
||||
apt -y install gdb
|
||||
|
||||
|
||||
# Add vulnerable user
|
||||
# mkpasswd -m sha-512 # To calc the passwd
|
||||
# This is in the debian package "whois"
|
||||
|
||||
# user with password "test"
|
||||
# useradd -m -p '$6$bc4k4Tq2.1GW$0ysyuxyfyds2JkfVEf9xHy39MhpS.hhnAo4sBLprNfIHqcpaa9GJseRJJsrq0cSOWwYlOPrdHQNHp10E1ekO81' -s /bin/bash test
|
||||
|
||||
# user with password "passw0rd"
|
||||
# useradd -m -p '$6$q5PAnDI5K0uv$hMGMJQleeS9F2yLOiHXs2PxZHEmV.ook8jyWILzDGDxSTJmTTZSe.QgLVrnuwiyAl5PFJVARkMsSnPICSndJR1' -s /bin/bash password
|
||||
|
||||
# Install Elastic search debian repo
|
||||
|
||||
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add -
|
||||
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | tee /etc/apt/sources.list.d/elastic-7.x.list
|
||||
apt update
|
||||
|
||||
# Install Logstash
|
||||
apt -y install default-jre
|
||||
apt -y install logstash
|
||||
|
||||
# Install filebeat
|
||||
apt -y install filebeat
|
||||
# Configure logstash as output
|
||||
cp /vagrant/target1/config/filebeat.yml /etc/filebeat/filebeat.yml
|
||||
cp /vagrant/target1/config/caldera_agent.service /etc/systemd/system/
|
||||
|
||||
# Config logstash
|
||||
cp /vagrant/target1/logstash_conf/*.conf /etc/logstash/conf.d
|
||||
rm /vagrant/target1/logstash/filebeat.json
|
||||
touch /vagrant/target1/logstash/filebeat.json
|
||||
chmod o+w /vagrant/target1/logstash/filebeat.json
|
||||
|
||||
# Start Logstash and filebeat
|
||||
filebeat modules enable system,iptables
|
||||
filebeat setup --pipelines --modules iptables,system,
|
||||
systemctl start logstash.service
|
||||
systemctl enable filebeat
|
||||
systemctl enable logstash.service
|
||||
|
||||
# Run logstash manually for debugging:
|
||||
# https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html
|
||||
# /usr/share/logstash/bin/logstash --node-name debug -f /etc/logstash/conf.d/ --log.level debug --config.debug
|
||||
|
||||
# To test conf files:
|
||||
# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/ -t
|
||||
|
||||
# Start Caldera agent service
|
||||
# ln -s /vagrant/target1/config/caldera_agent.service /etc/systemd/system
|
||||
# chmod 666 /etc/systemd/system
|
||||
# systemctl enable caldera_agent.service
|
||||
# systemctl start caldera_agent.service
|
||||
|
||||
|
||||
ip addr show enp0s8 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1 > /vagrant/target3/ip4.txt
|
||||
|
||||
# reboot
|
Loading…
Reference in New Issue