Merge remote-tracking branch 'upstream/develop' into 420/blackbox
This commit is contained in:
commit
e6060b6729
|
@ -2,11 +2,13 @@
|
||||||
|
|
||||||
Thanks for your interest in making the Monkey -- and therefore, your network -- a better place!
|
Thanks for your interest in making the Monkey -- and therefore, your network -- a better place!
|
||||||
|
|
||||||
Are you about to report a bug? Sorry to hear it. Here's our [Issue tracker](https://github.com/guardicore/monkey/issues).
|
Are you about to report a bug? Sorry to hear it. Here's our
|
||||||
|
[Issue tracker](https://github.com/guardicore/monkey/issues).
|
||||||
Please try to be as specific as you can about your problem; try to include steps
|
Please try to be as specific as you can about your problem; try to include steps
|
||||||
to reproduce. While we'll try to help anyway, focusing us will help us help you faster.
|
to reproduce. While we'll try to help anyway, focusing us will help us help you faster.
|
||||||
|
|
||||||
If you want to contribute new code or fix bugs..
|
If you want to contribute new code or fix bugs, please read the following sections. You can also contact us (the
|
||||||
|
maintainers of this project) at our [Slack channel](https://join.slack.com/t/infectionmonkey/shared_invite/enQtNDU5MjAxMjg1MjU1LTM2ZTg0ZDlmNWNlZjQ5NDI5NTM1NWJlYTRlMGIwY2VmZGMxZDlhMTE2OTYwYmZhZjM1MGZhZjA2ZjI4MzA1NDk).
|
||||||
|
|
||||||
|
|
||||||
## Submitting code
|
## Submitting code
|
||||||
|
@ -20,7 +22,17 @@ The following is a *short* list of recommendations. PRs that don't match these c
|
||||||
* **Don't** leave your pull request description blank.
|
* **Don't** leave your pull request description blank.
|
||||||
* **Do** license your code as GPLv3.
|
* **Do** license your code as GPLv3.
|
||||||
|
|
||||||
Also, please submit PRs to the develop branch.
|
Also, please submit PRs to the `develop` branch.
|
||||||
|
|
||||||
|
#### Unit tests
|
||||||
|
**Do** add unit tests if you think it fits. We place our unit tests in the same folder as the code, with the same
|
||||||
|
filename, followed by the _test suffix. So for example: `somefile.py` will be tested by `somefile_test.py`.
|
||||||
|
|
||||||
|
Please try to read some of the existing unit testing code, so you can see some examples.
|
||||||
|
|
||||||
|
#### Branch naming scheme
|
||||||
|
**Do** name your branches in accordance with GitFlow. The format is `ISSUE_#/BRANCH_NAME`; For example,
|
||||||
|
`400/zero-trust-mvp` or `232/improvment/hide-linux-on-cred-maps`.
|
||||||
|
|
||||||
## Issues
|
## Issues
|
||||||
* **Do** write a detailed description of your bug and use a descriptive title.
|
* **Do** write a detailed description of your bug and use a descriptive title.
|
||||||
|
|
|
@ -58,7 +58,7 @@ Requirements:
|
||||||
To deploy:
|
To deploy:
|
||||||
1. Configure service account for your project:
|
1. Configure service account for your project:
|
||||||
|
|
||||||
a. Create a service account and name it “your\_name-monkeyZoo-user”
|
a. Create a service account (GCP website -> IAM -> service accounts) and name it “your\_name-monkeyZoo-user”
|
||||||
|
|
||||||
b. Give these permissions to your service account:
|
b. Give these permissions to your service account:
|
||||||
|
|
||||||
|
@ -74,7 +74,7 @@ To deploy:
|
||||||
|
|
||||||
**Project -> Owner**
|
**Project -> Owner**
|
||||||
|
|
||||||
c. Download its **Service account key**. Select JSON format.
|
c. Download its **Service account key** in JSON and place it in **/gcp_keys** as **gcp_key.json**.
|
||||||
2. Get these permissions in monkeyZoo project for your service account (ask monkey developers to add them):
|
2. Get these permissions in monkeyZoo project for your service account (ask monkey developers to add them):
|
||||||
|
|
||||||
a. **Compute Engine -\> Compute image user**
|
a. **Compute Engine -\> Compute image user**
|
||||||
|
@ -82,20 +82,30 @@ To deploy:
|
||||||
../monkey/envs/monkey\_zoo/terraform/config.tf file (don’t forget to
|
../monkey/envs/monkey\_zoo/terraform/config.tf file (don’t forget to
|
||||||
link to your service account key file):
|
link to your service account key file):
|
||||||
|
|
||||||
> provider "google" {
|
provider "google" {
|
||||||
>
|
|
||||||
> project = "project-28054666"
|
project = "test-000000" // Change to your project id
|
||||||
>
|
|
||||||
> region = "europe-west3"
|
region = "europe-west3" // Change to your desired region or leave default
|
||||||
>
|
|
||||||
> zone = "europe-west3-b"
|
zone = "europe-west3-b" // Change to your desired zone or leave default
|
||||||
>
|
|
||||||
> credentials = "${file("project-92050661-9dae6c5a02fc.json")}"
|
credentials = "${file("../gcp_keys/gcp_key.json")}" // Change to the location and name of the service key.
|
||||||
>
|
// If you followed instruction above leave it as is
|
||||||
> }
|
|
||||||
>
|
}
|
||||||
> service\_account\_email="test@project-925243.iam.gserviceaccount.com"
|
|
||||||
|
locals {
|
||||||
|
|
||||||
|
resource_prefix = "" // All of the resources will have this prefix.
|
||||||
|
// Only change if you want to have multiple zoo's in the same project
|
||||||
|
|
||||||
|
service_account_email="tester-monkeyZoo-user@testproject-000000.iam.gserviceaccount.com" // Service account email
|
||||||
|
|
||||||
|
monkeyzoo_project="guardicore-22050661" // Project where monkeyzoo images are kept. Leave as is.
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
4. Run terraform init
|
4. Run terraform init
|
||||||
|
|
||||||
To deploy the network run:<br>
|
To deploy the network run:<br>
|
||||||
|
@ -500,6 +510,42 @@ fullTest.conf is a good config to start, because it covers all machines.
|
||||||
</tbody>
|
</tbody>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr class="header">
|
||||||
|
<th><p><span id="_Toc536021463" class="anchor"></span>Nr. <strong>11</strong> Tunneling M3</p>
|
||||||
|
<p>(10.2.0.11)</p></th>
|
||||||
|
<th>(Exploitable)</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
<tr class="odd">
|
||||||
|
<td>OS:</td>
|
||||||
|
<td><strong>Ubuntu 16.04.05 x64</strong></td>
|
||||||
|
</tr>
|
||||||
|
<tr class="even">
|
||||||
|
<td>Software:</td>
|
||||||
|
<td>OpenSSL</td>
|
||||||
|
</tr>
|
||||||
|
<tr class="odd">
|
||||||
|
<td>Default service’s port:</td>
|
||||||
|
<td>22</td>
|
||||||
|
</tr>
|
||||||
|
<tr class="even">
|
||||||
|
<td>Root password:</td>
|
||||||
|
<td>3Q=(Ge(+&w]*</td>
|
||||||
|
</tr>
|
||||||
|
<tr class="odd">
|
||||||
|
<td>Server’s config:</td>
|
||||||
|
<td>Default</td>
|
||||||
|
</tr>
|
||||||
|
<tr class="even">
|
||||||
|
<td>Notes:</td>
|
||||||
|
<td>Accessible only trough Nr.10</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
|
||||||
<table>
|
<table>
|
||||||
<thead>
|
<thead>
|
||||||
<tr class="header">
|
<tr class="header">
|
||||||
|
|
|
@ -2,9 +2,10 @@ provider "google" {
|
||||||
project = "test-000000"
|
project = "test-000000"
|
||||||
region = "europe-west3"
|
region = "europe-west3"
|
||||||
zone = "europe-west3-b"
|
zone = "europe-west3-b"
|
||||||
credentials = "${file("testproject-000000-0c0b000b00c0.json")}"
|
credentials = "${file("../gcp_keys/gcp_key.json")}"
|
||||||
}
|
}
|
||||||
locals {
|
locals {
|
||||||
|
resource_prefix = ""
|
||||||
service_account_email="tester-monkeyZoo-user@testproject-000000.iam.gserviceaccount.com"
|
service_account_email="tester-monkeyZoo-user@testproject-000000.iam.gserviceaccount.com"
|
||||||
monkeyzoo_project="guardicore-22050661"
|
monkeyzoo_project="guardicore-22050661"
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
resource "google_compute_firewall" "islands-in" {
|
resource "google_compute_firewall" "islands-in" {
|
||||||
name = "islands-in"
|
name = "${local.resource_prefix}islands-in"
|
||||||
network = "${google_compute_network.monkeyzoo.name}"
|
network = "${google_compute_network.monkeyzoo.name}"
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
|
@ -13,7 +13,7 @@ resource "google_compute_firewall" "islands-in" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_firewall" "islands-out" {
|
resource "google_compute_firewall" "islands-out" {
|
||||||
name = "islands-out"
|
name = "${local.resource_prefix}islands-out"
|
||||||
network = "${google_compute_network.monkeyzoo.name}"
|
network = "${google_compute_network.monkeyzoo.name}"
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
|
@ -26,7 +26,7 @@ resource "google_compute_firewall" "islands-out" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_firewall" "monkeyzoo-in" {
|
resource "google_compute_firewall" "monkeyzoo-in" {
|
||||||
name = "monkeyzoo-in"
|
name = "${local.resource_prefix}monkeyzoo-in"
|
||||||
network = "${google_compute_network.monkeyzoo.name}"
|
network = "${google_compute_network.monkeyzoo.name}"
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
|
@ -35,11 +35,11 @@ resource "google_compute_firewall" "monkeyzoo-in" {
|
||||||
|
|
||||||
direction = "INGRESS"
|
direction = "INGRESS"
|
||||||
priority = "65534"
|
priority = "65534"
|
||||||
source_ranges = ["10.2.2.0/24"]
|
source_ranges = ["10.2.2.0/24", "10.2.1.0/27"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_firewall" "monkeyzoo-out" {
|
resource "google_compute_firewall" "monkeyzoo-out" {
|
||||||
name = "monkeyzoo-out"
|
name = "${local.resource_prefix}monkeyzoo-out"
|
||||||
network = "${google_compute_network.monkeyzoo.name}"
|
network = "${google_compute_network.monkeyzoo.name}"
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
|
@ -48,11 +48,11 @@ resource "google_compute_firewall" "monkeyzoo-out" {
|
||||||
|
|
||||||
direction = "EGRESS"
|
direction = "EGRESS"
|
||||||
priority = "65534"
|
priority = "65534"
|
||||||
destination_ranges = ["10.2.2.0/24"]
|
destination_ranges = ["10.2.2.0/24", "10.2.1.0/27"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_firewall" "tunneling-in" {
|
resource "google_compute_firewall" "tunneling-in" {
|
||||||
name = "tunneling-in"
|
name = "${local.resource_prefix}tunneling-in"
|
||||||
network = "${google_compute_network.tunneling.name}"
|
network = "${google_compute_network.tunneling.name}"
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
|
@ -60,11 +60,11 @@ resource "google_compute_firewall" "tunneling-in" {
|
||||||
}
|
}
|
||||||
|
|
||||||
direction = "INGRESS"
|
direction = "INGRESS"
|
||||||
source_ranges = ["10.2.1.0/28"]
|
source_ranges = ["10.2.2.0/24", "10.2.0.0/28"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_firewall" "tunneling-out" {
|
resource "google_compute_firewall" "tunneling-out" {
|
||||||
name = "tunneling-out"
|
name = "${local.resource_prefix}tunneling-out"
|
||||||
network = "${google_compute_network.tunneling.name}"
|
network = "${google_compute_network.tunneling.name}"
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
|
@ -72,5 +72,28 @@ resource "google_compute_firewall" "tunneling-out" {
|
||||||
}
|
}
|
||||||
|
|
||||||
direction = "EGRESS"
|
direction = "EGRESS"
|
||||||
destination_ranges = ["10.2.1.0/28"]
|
destination_ranges = ["10.2.2.0/24", "10.2.0.0/28"]
|
||||||
|
}
|
||||||
|
resource "google_compute_firewall" "tunneling2-in" {
|
||||||
|
name = "${local.resource_prefix}tunneling2-in"
|
||||||
|
network = "${google_compute_network.tunneling2.name}"
|
||||||
|
|
||||||
|
allow {
|
||||||
|
protocol = "all"
|
||||||
|
}
|
||||||
|
|
||||||
|
direction = "INGRESS"
|
||||||
|
source_ranges = ["10.2.1.0/27"]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "google_compute_firewall" "tunneling2-out" {
|
||||||
|
name = "${local.resource_prefix}tunneling2-out"
|
||||||
|
network = "${google_compute_network.tunneling2.name}"
|
||||||
|
|
||||||
|
allow {
|
||||||
|
protocol = "all"
|
||||||
|
}
|
||||||
|
|
||||||
|
direction = "EGRESS"
|
||||||
|
destination_ranges = ["10.2.1.0/27"]
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,23 +26,27 @@ data "google_compute_image" "shellshock-8" {
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
data "google_compute_image" "tunneling-9" {
|
data "google_compute_image" "tunneling-9" {
|
||||||
name = "tunneling-9-v2"
|
name = "tunneling-9"
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
data "google_compute_image" "tunneling-10" {
|
data "google_compute_image" "tunneling-10" {
|
||||||
name = "tunneling-10-v2"
|
name = "tunneling-10"
|
||||||
|
project = "${local.monkeyzoo_project}"
|
||||||
|
}
|
||||||
|
data "google_compute_image" "tunneling-11" {
|
||||||
|
name = "tunneling-11"
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
data "google_compute_image" "sshkeys-11" {
|
data "google_compute_image" "sshkeys-11" {
|
||||||
name = "sshkeys-11-v2"
|
name = "sshkeys-11"
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
data "google_compute_image" "sshkeys-12" {
|
data "google_compute_image" "sshkeys-12" {
|
||||||
name = "sshkeys-12-v2"
|
name = "sshkeys-12"
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
data "google_compute_image" "mimikatz-14" {
|
data "google_compute_image" "mimikatz-14" {
|
||||||
name = "mimikatz-14-v2"
|
name = "mimikatz-14"
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
data "google_compute_image" "mimikatz-15" {
|
data "google_compute_image" "mimikatz-15" {
|
||||||
|
@ -58,7 +62,7 @@ data "google_compute_image" "weblogic-18" {
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
data "google_compute_image" "weblogic-19" {
|
data "google_compute_image" "weblogic-19" {
|
||||||
name = "weblogic-19-v2"
|
name = "weblogic-19"
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
data "google_compute_image" "smb-20" {
|
data "google_compute_image" "smb-20" {
|
||||||
|
@ -78,7 +82,7 @@ data "google_compute_image" "struts2-23" {
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
data "google_compute_image" "struts2-24" {
|
data "google_compute_image" "struts2-24" {
|
||||||
name = "struts-24-v2"
|
name = "struts2-24"
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
data "google_compute_image" "island-linux-250" {
|
data "google_compute_image" "island-linux-250" {
|
||||||
|
@ -88,4 +92,4 @@ data "google_compute_image" "island-linux-250" {
|
||||||
data "google_compute_image" "island-windows-251" {
|
data "google_compute_image" "island-windows-251" {
|
||||||
name = "island-windows-251"
|
name = "island-windows-251"
|
||||||
project = "${local.monkeyzoo_project}"
|
project = "${local.monkeyzoo_project}"
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,29 +6,40 @@ locals {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_network" "monkeyzoo" {
|
resource "google_compute_network" "monkeyzoo" {
|
||||||
name = "monkeyzoo"
|
name = "${local.resource_prefix}monkeyzoo"
|
||||||
auto_create_subnetworks = false
|
auto_create_subnetworks = false
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_network" "tunneling" {
|
resource "google_compute_network" "tunneling" {
|
||||||
name = "tunneling"
|
name = "${local.resource_prefix}tunneling"
|
||||||
|
auto_create_subnetworks = false
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "google_compute_network" "tunneling2" {
|
||||||
|
name = "${local.resource_prefix}tunneling2"
|
||||||
auto_create_subnetworks = false
|
auto_create_subnetworks = false
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_subnetwork" "monkeyzoo-main" {
|
resource "google_compute_subnetwork" "monkeyzoo-main" {
|
||||||
name = "monkeyzoo-main"
|
name = "${local.resource_prefix}monkeyzoo-main"
|
||||||
ip_cidr_range = "10.2.2.0/24"
|
ip_cidr_range = "10.2.2.0/24"
|
||||||
network = "${google_compute_network.monkeyzoo.self_link}"
|
network = "${google_compute_network.monkeyzoo.self_link}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_subnetwork" "tunneling-main" {
|
resource "google_compute_subnetwork" "tunneling-main" {
|
||||||
name = "tunneling-main"
|
name = "${local.resource_prefix}tunneling-main"
|
||||||
ip_cidr_range = "10.2.1.0/28"
|
ip_cidr_range = "10.2.1.0/28"
|
||||||
network = "${google_compute_network.tunneling.self_link}"
|
network = "${google_compute_network.tunneling.self_link}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "google_compute_subnetwork" "tunneling2-main" {
|
||||||
|
name = "${local.resource_prefix}tunneling2-main"
|
||||||
|
ip_cidr_range = "10.2.0.0/27"
|
||||||
|
network = "${google_compute_network.tunneling2.self_link}"
|
||||||
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "hadoop-2" {
|
resource "google_compute_instance_from_template" "hadoop-2" {
|
||||||
name = "hadoop-2"
|
name = "${local.resource_prefix}hadoop-2"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -37,7 +48,7 @@ resource "google_compute_instance_from_template" "hadoop-2" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.2"
|
network_ip="10.2.2.2"
|
||||||
}
|
}
|
||||||
// Add required ssh keys for hadoop service and restart it
|
// Add required ssh keys for hadoop service and restart it
|
||||||
|
@ -45,7 +56,7 @@ resource "google_compute_instance_from_template" "hadoop-2" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "hadoop-3" {
|
resource "google_compute_instance_from_template" "hadoop-3" {
|
||||||
name = "hadoop-3"
|
name = "${local.resource_prefix}hadoop-3"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -54,13 +65,13 @@ resource "google_compute_instance_from_template" "hadoop-3" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.3"
|
network_ip="10.2.2.3"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "elastic-4" {
|
resource "google_compute_instance_from_template" "elastic-4" {
|
||||||
name = "elastic-4"
|
name = "${local.resource_prefix}elastic-4"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -69,13 +80,13 @@ resource "google_compute_instance_from_template" "elastic-4" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.4"
|
network_ip="10.2.2.4"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "elastic-5" {
|
resource "google_compute_instance_from_template" "elastic-5" {
|
||||||
name = "elastic-5"
|
name = "${local.resource_prefix}elastic-5"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -84,14 +95,14 @@ resource "google_compute_instance_from_template" "elastic-5" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.5"
|
network_ip="10.2.2.5"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Couldn't find ubuntu packages for required samba version (too old).
|
/* Couldn't find ubuntu packages for required samba version (too old).
|
||||||
resource "google_compute_instance_from_template" "sambacry-6" {
|
resource "google_compute_instance_from_template" "sambacry-6" {
|
||||||
name = "sambacry-6"
|
name = "${local.resource_prefix}sambacry-6"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -99,7 +110,7 @@ resource "google_compute_instance_from_template" "sambacry-6" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.6"
|
network_ip="10.2.2.6"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -107,7 +118,7 @@ resource "google_compute_instance_from_template" "sambacry-6" {
|
||||||
|
|
||||||
/* We need custom 32 bit Ubuntu machine for this (there are no 32 bit ubuntu machines in GCP).
|
/* We need custom 32 bit Ubuntu machine for this (there are no 32 bit ubuntu machines in GCP).
|
||||||
resource "google_compute_instance_from_template" "sambacry-7" {
|
resource "google_compute_instance_from_template" "sambacry-7" {
|
||||||
name = "sambacry-7"
|
name = "${local.resource_prefix}sambacry-7"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk {
|
boot_disk {
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -116,14 +127,14 @@ resource "google_compute_instance_from_template" "sambacry-7" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.7"
|
network_ip="10.2.2.7"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "shellshock-8" {
|
resource "google_compute_instance_from_template" "shellshock-8" {
|
||||||
name = "shellshock-8"
|
name = "${local.resource_prefix}shellshock-8"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -132,13 +143,13 @@ resource "google_compute_instance_from_template" "shellshock-8" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.8"
|
network_ip="10.2.2.8"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "tunneling-9" {
|
resource "google_compute_instance_from_template" "tunneling-9" {
|
||||||
name = "tunneling-9"
|
name = "${local.resource_prefix}tunneling-9"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -147,18 +158,17 @@ resource "google_compute_instance_from_template" "tunneling-9" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface{
|
network_interface{
|
||||||
subnetwork="tunneling-main"
|
subnetwork="${local.resource_prefix}tunneling-main"
|
||||||
network_ip="10.2.1.9"
|
network_ip="10.2.1.9"
|
||||||
|
|
||||||
}
|
}
|
||||||
network_interface{
|
network_interface{
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.9"
|
network_ip="10.2.2.9"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "tunneling-10" {
|
resource "google_compute_instance_from_template" "tunneling-10" {
|
||||||
name = "tunneling-10"
|
name = "${local.resource_prefix}tunneling-10"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -167,13 +177,32 @@ resource "google_compute_instance_from_template" "tunneling-10" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface{
|
network_interface{
|
||||||
subnetwork="tunneling-main"
|
subnetwork="${local.resource_prefix}tunneling-main"
|
||||||
network_ip="10.2.1.10"
|
network_ip="10.2.1.10"
|
||||||
}
|
}
|
||||||
|
network_interface{
|
||||||
|
subnetwork="${local.resource_prefix}tunneling2-main"
|
||||||
|
network_ip="10.2.0.10"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "google_compute_instance_from_template" "tunneling-11" {
|
||||||
|
name = "${local.resource_prefix}tunneling-11"
|
||||||
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
|
boot_disk{
|
||||||
|
initialize_params {
|
||||||
|
image = "${data.google_compute_image.tunneling-11.self_link}"
|
||||||
|
}
|
||||||
|
auto_delete = true
|
||||||
|
}
|
||||||
|
network_interface{
|
||||||
|
subnetwork="${local.resource_prefix}tunneling2-main"
|
||||||
|
network_ip="10.2.0.11"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "sshkeys-11" {
|
resource "google_compute_instance_from_template" "sshkeys-11" {
|
||||||
name = "sshkeys-11"
|
name = "${local.resource_prefix}sshkeys-11"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -182,13 +211,13 @@ resource "google_compute_instance_from_template" "sshkeys-11" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.11"
|
network_ip="10.2.2.11"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "sshkeys-12" {
|
resource "google_compute_instance_from_template" "sshkeys-12" {
|
||||||
name = "sshkeys-12"
|
name = "${local.resource_prefix}sshkeys-12"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -197,14 +226,14 @@ resource "google_compute_instance_from_template" "sshkeys-12" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.12"
|
network_ip="10.2.2.12"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
resource "google_compute_instance_from_template" "rdpgrinder-13" {
|
resource "google_compute_instance_from_template" "rdpgrinder-13" {
|
||||||
name = "rdpgrinder-13"
|
name = "${local.resource_prefix}rdpgrinder-13"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -212,14 +241,14 @@ resource "google_compute_instance_from_template" "rdpgrinder-13" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.13"
|
network_ip="10.2.2.13"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "mimikatz-14" {
|
resource "google_compute_instance_from_template" "mimikatz-14" {
|
||||||
name = "mimikatz-14"
|
name = "${local.resource_prefix}mimikatz-14"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -228,13 +257,13 @@ resource "google_compute_instance_from_template" "mimikatz-14" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.14"
|
network_ip="10.2.2.14"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "mimikatz-15" {
|
resource "google_compute_instance_from_template" "mimikatz-15" {
|
||||||
name = "mimikatz-15"
|
name = "${local.resource_prefix}mimikatz-15"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -243,13 +272,13 @@ resource "google_compute_instance_from_template" "mimikatz-15" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.15"
|
network_ip="10.2.2.15"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "mssql-16" {
|
resource "google_compute_instance_from_template" "mssql-16" {
|
||||||
name = "mssql-16"
|
name = "${local.resource_prefix}mssql-16"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -258,14 +287,14 @@ resource "google_compute_instance_from_template" "mssql-16" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.16"
|
network_ip="10.2.2.16"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* We need to alter monkey's behavior for this to upload 32-bit monkey instead of 64-bit (not yet developed)
|
/* We need to alter monkey's behavior for this to upload 32-bit monkey instead of 64-bit (not yet developed)
|
||||||
resource "google_compute_instance_from_template" "upgrader-17" {
|
resource "google_compute_instance_from_template" "upgrader-17" {
|
||||||
name = "upgrader-17"
|
name = "${local.resource_prefix}upgrader-17"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -273,7 +302,7 @@ resource "google_compute_instance_from_template" "upgrader-17" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.17"
|
network_ip="10.2.2.17"
|
||||||
access_config {
|
access_config {
|
||||||
// Cheaper, non-premium routing
|
// Cheaper, non-premium routing
|
||||||
|
@ -284,7 +313,7 @@ resource "google_compute_instance_from_template" "upgrader-17" {
|
||||||
*/
|
*/
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "weblogic-18" {
|
resource "google_compute_instance_from_template" "weblogic-18" {
|
||||||
name = "weblogic-18"
|
name = "${local.resource_prefix}weblogic-18"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -293,13 +322,13 @@ resource "google_compute_instance_from_template" "weblogic-18" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.18"
|
network_ip="10.2.2.18"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "weblogic-19" {
|
resource "google_compute_instance_from_template" "weblogic-19" {
|
||||||
name = "weblogic-19"
|
name = "${local.resource_prefix}weblogic-19"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -308,13 +337,13 @@ resource "google_compute_instance_from_template" "weblogic-19" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.19"
|
network_ip="10.2.2.19"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "smb-20" {
|
resource "google_compute_instance_from_template" "smb-20" {
|
||||||
name = "smb-20"
|
name = "${local.resource_prefix}smb-20"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -323,13 +352,13 @@ resource "google_compute_instance_from_template" "smb-20" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.20"
|
network_ip="10.2.2.20"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "scan-21" {
|
resource "google_compute_instance_from_template" "scan-21" {
|
||||||
name = "scan-21"
|
name = "${local.resource_prefix}scan-21"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -338,13 +367,13 @@ resource "google_compute_instance_from_template" "scan-21" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.21"
|
network_ip="10.2.2.21"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "scan-22" {
|
resource "google_compute_instance_from_template" "scan-22" {
|
||||||
name = "scan-22"
|
name = "${local.resource_prefix}scan-22"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -353,13 +382,13 @@ resource "google_compute_instance_from_template" "scan-22" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.22"
|
network_ip="10.2.2.22"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "struts2-23" {
|
resource "google_compute_instance_from_template" "struts2-23" {
|
||||||
name = "struts2-23"
|
name = "${local.resource_prefix}struts2-23"
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -368,13 +397,13 @@ resource "google_compute_instance_from_template" "struts2-23" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.23"
|
network_ip="10.2.2.23"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "struts2-24" {
|
resource "google_compute_instance_from_template" "struts2-24" {
|
||||||
name = "struts2-24"
|
name = "${local.resource_prefix}struts2-24"
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
boot_disk{
|
boot_disk{
|
||||||
initialize_params {
|
initialize_params {
|
||||||
|
@ -383,13 +412,13 @@ resource "google_compute_instance_from_template" "struts2-24" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.24"
|
network_ip="10.2.2.24"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "island-linux-250" {
|
resource "google_compute_instance_from_template" "island-linux-250" {
|
||||||
name = "island-linux-250"
|
name = "${local.resource_prefix}island-linux-250"
|
||||||
machine_type = "n1-standard-2"
|
machine_type = "n1-standard-2"
|
||||||
tags = ["island", "linux", "ubuntu16"]
|
tags = ["island", "linux", "ubuntu16"]
|
||||||
source_instance_template = "${local.default_ubuntu}"
|
source_instance_template = "${local.default_ubuntu}"
|
||||||
|
@ -400,7 +429,7 @@ resource "google_compute_instance_from_template" "island-linux-250" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.250"
|
network_ip="10.2.2.250"
|
||||||
access_config {
|
access_config {
|
||||||
// Cheaper, non-premium routing (not available in some regions)
|
// Cheaper, non-premium routing (not available in some regions)
|
||||||
|
@ -410,7 +439,7 @@ resource "google_compute_instance_from_template" "island-linux-250" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_from_template" "island-windows-251" {
|
resource "google_compute_instance_from_template" "island-windows-251" {
|
||||||
name = "island-windows-251"
|
name = "${local.resource_prefix}island-windows-251"
|
||||||
machine_type = "n1-standard-2"
|
machine_type = "n1-standard-2"
|
||||||
tags = ["island", "windows", "windowsserver2016"]
|
tags = ["island", "windows", "windowsserver2016"]
|
||||||
source_instance_template = "${local.default_windows}"
|
source_instance_template = "${local.default_windows}"
|
||||||
|
@ -421,11 +450,11 @@ resource "google_compute_instance_from_template" "island-windows-251" {
|
||||||
auto_delete = true
|
auto_delete = true
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork="monkeyzoo-main"
|
subnetwork="${local.resource_prefix}monkeyzoo-main"
|
||||||
network_ip="10.2.2.251"
|
network_ip="10.2.2.251"
|
||||||
access_config {
|
access_config {
|
||||||
// Cheaper, non-premium routing (not available in some regions)
|
// Cheaper, non-premium routing (not available in some regions)
|
||||||
// network_tier = "STANDARD"
|
// network_tier = "STANDARD"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
resource "google_compute_instance_template" "ubuntu16" {
|
resource "google_compute_instance_template" "ubuntu16" {
|
||||||
name = "ubuntu16"
|
name = "${local.resource_prefix}ubuntu16"
|
||||||
description = "Creates ubuntu 16.04 LTS servers at europe-west3-a."
|
description = "Creates ubuntu 16.04 LTS servers at europe-west3-a."
|
||||||
|
|
||||||
tags = ["test-machine", "ubuntu16", "linux"]
|
tags = ["test-machine", "ubuntu16", "linux"]
|
||||||
|
@ -24,7 +24,7 @@ resource "google_compute_instance_template" "ubuntu16" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance_template" "windows2016" {
|
resource "google_compute_instance_template" "windows2016" {
|
||||||
name = "windows2016"
|
name = "${local.resource_prefix}windows2016"
|
||||||
description = "Creates windows 2016 core servers at europe-west3-a."
|
description = "Creates windows 2016 core servers at europe-west3-a."
|
||||||
|
|
||||||
tags = ["test-machine", "windowsserver2016", "windows"]
|
tags = ["test-machine", "windowsserver2016", "windows"]
|
||||||
|
@ -42,4 +42,4 @@ resource "google_compute_instance_template" "windows2016" {
|
||||||
email="${local.service_account_email}"
|
email="${local.service_account_email}"
|
||||||
scopes=["cloud-platform"]
|
scopes=["cloud-platform"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,7 +7,7 @@ import json
|
||||||
__author__ = 'shay.nehmad'
|
__author__ = 'shay.nehmad'
|
||||||
|
|
||||||
|
|
||||||
class TestFilter_instance_data_from_aws_response(TestCase):
|
class TestFilterInstanceDataFromAwsResponse(TestCase):
|
||||||
def test_filter_instance_data_from_aws_response(self):
|
def test_filter_instance_data_from_aws_response(self):
|
||||||
json_response_full = """
|
json_response_full = """
|
||||||
{
|
{
|
|
@ -75,7 +75,7 @@ class HostExploiter(object):
|
||||||
"""
|
"""
|
||||||
powershell = True if "powershell" in cmd.lower() else False
|
powershell = True if "powershell" in cmd.lower() else False
|
||||||
self.exploit_info['executed_cmds'].append({'cmd': cmd, 'powershell': powershell})
|
self.exploit_info['executed_cmds'].append({'cmd': cmd, 'powershell': powershell})
|
||||||
|
|
||||||
|
|
||||||
from infection_monkey.exploit.win_ms08_067 import Ms08_067_Exploiter
|
from infection_monkey.exploit.win_ms08_067 import Ms08_067_Exploiter
|
||||||
from infection_monkey.exploit.wmiexec import WmiExploiter
|
from infection_monkey.exploit.wmiexec import WmiExploiter
|
||||||
|
|
|
@ -20,6 +20,7 @@ LOG = logging.getLogger(__name__)
|
||||||
TIMEOUT = 2
|
TIMEOUT = 2
|
||||||
TEST_COMMAND = '/bin/uname -a'
|
TEST_COMMAND = '/bin/uname -a'
|
||||||
DOWNLOAD_TIMEOUT = 300 # copied from rdpgrinder
|
DOWNLOAD_TIMEOUT = 300 # copied from rdpgrinder
|
||||||
|
LOCK_HELPER_FILE = '/tmp/monkey_shellshock'
|
||||||
|
|
||||||
|
|
||||||
class ShellShockExploiter(HostExploiter):
|
class ShellShockExploiter(HostExploiter):
|
||||||
|
@ -108,6 +109,10 @@ class ShellShockExploiter(HostExploiter):
|
||||||
LOG.info("Can't find suitable monkey executable for host %r", self.host)
|
LOG.info("Can't find suitable monkey executable for host %r", self.host)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
if not self._create_lock_file(exploit, url, header):
|
||||||
|
LOG.info("Another monkey is running shellshock exploit")
|
||||||
|
return True
|
||||||
|
|
||||||
http_path, http_thread = HTTPTools.create_transfer(self.host, src_path)
|
http_path, http_thread = HTTPTools.create_transfer(self.host, src_path)
|
||||||
|
|
||||||
if not http_path:
|
if not http_path:
|
||||||
|
@ -124,6 +129,8 @@ class ShellShockExploiter(HostExploiter):
|
||||||
http_thread.join(DOWNLOAD_TIMEOUT)
|
http_thread.join(DOWNLOAD_TIMEOUT)
|
||||||
http_thread.stop()
|
http_thread.stop()
|
||||||
|
|
||||||
|
self._remove_lock_file(exploit, url, header)
|
||||||
|
|
||||||
if (http_thread.downloads != 1) or (
|
if (http_thread.downloads != 1) or (
|
||||||
'ELF' not in self.check_remote_file_exists(url, header, exploit, dropper_target_path_linux)):
|
'ELF' not in self.check_remote_file_exists(url, header, exploit, dropper_target_path_linux)):
|
||||||
LOG.debug("Exploiter %s failed, http download failed." % self.__class__.__name__)
|
LOG.debug("Exploiter %s failed, http download failed." % self.__class__.__name__)
|
||||||
|
@ -182,6 +189,17 @@ class ShellShockExploiter(HostExploiter):
|
||||||
LOG.debug("URL %s does not seem to be vulnerable with %s header" % (url, header))
|
LOG.debug("URL %s does not seem to be vulnerable with %s header" % (url, header))
|
||||||
return False,
|
return False,
|
||||||
|
|
||||||
|
def _create_lock_file(self, exploit, url, header):
|
||||||
|
if self.check_remote_file_exists(url, header, exploit, LOCK_HELPER_FILE):
|
||||||
|
return False
|
||||||
|
cmd = exploit + 'echo AAAA > %s' % LOCK_HELPER_FILE
|
||||||
|
self.attack_page(url, header, cmd)
|
||||||
|
return True
|
||||||
|
|
||||||
|
def _remove_lock_file(self, exploit, url, header):
|
||||||
|
cmd = exploit + 'rm %s' % LOCK_HELPER_FILE
|
||||||
|
self.attack_page(url, header, cmd)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def attack_page(url, header, attack):
|
def attack_page(url, header, attack):
|
||||||
result = ""
|
result = ""
|
||||||
|
|
|
@ -225,7 +225,7 @@ class InfectionMonkey(object):
|
||||||
InfectionMonkey.close_tunnel()
|
InfectionMonkey.close_tunnel()
|
||||||
firewall.close()
|
firewall.close()
|
||||||
else:
|
else:
|
||||||
StateTelem(False).send() # Signal the server (before closing the tunnel)
|
StateTelem(True).send() # Signal the server (before closing the tunnel)
|
||||||
InfectionMonkey.close_tunnel()
|
InfectionMonkey.close_tunnel()
|
||||||
firewall.close()
|
firewall.close()
|
||||||
if WormConfiguration.send_log_to_server:
|
if WormConfiguration.send_log_to_server:
|
||||||
|
|
|
@ -27,7 +27,7 @@ class UsersPBA(PBA):
|
||||||
Defines user's configured post breach action.
|
Defines user's configured post breach action.
|
||||||
"""
|
"""
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
super(UsersPBA, self).__init__("File execution")
|
super(UsersPBA, self).__init__("Custom post breach action")
|
||||||
self.filename = ''
|
self.filename = ''
|
||||||
if not is_windows_os():
|
if not is_windows_os():
|
||||||
# Add linux commands to PBA's
|
# Add linux commands to PBA's
|
||||||
|
|
|
@ -12,6 +12,7 @@ LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
__author__ = 'VakarisZ'
|
__author__ = 'VakarisZ'
|
||||||
|
|
||||||
|
EXECUTION_WITHOUT_OUTPUT = "(PBA execution produced no output)"
|
||||||
|
|
||||||
class PBA(object):
|
class PBA(object):
|
||||||
"""
|
"""
|
||||||
|
@ -73,7 +74,10 @@ class PBA(object):
|
||||||
:return: Tuple of command's output string and boolean, indicating if it succeeded
|
:return: Tuple of command's output string and boolean, indicating if it succeeded
|
||||||
"""
|
"""
|
||||||
try:
|
try:
|
||||||
return subprocess.check_output(self.command, stderr=subprocess.STDOUT, shell=True), True
|
output = subprocess.check_output(self.command, stderr=subprocess.STDOUT, shell=True)
|
||||||
|
if not output:
|
||||||
|
output = EXECUTION_WITHOUT_OUTPUT
|
||||||
|
return output, True
|
||||||
except subprocess.CalledProcessError as e:
|
except subprocess.CalledProcessError as e:
|
||||||
# Return error output of the command
|
# Return error output of the command
|
||||||
return e.output, False
|
return e.output, False
|
||||||
|
|
|
@ -21,7 +21,7 @@ json_setup_logging(default_path=os.path.join(MONKEY_ISLAND_ABS_PATH, 'cc', 'isla
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
from monkey_island.cc.app import init_app
|
from monkey_island.cc.app import init_app
|
||||||
from monkey_island.cc.exporter_init import populate_exporter_list
|
from monkey_island.cc.services.reporting.exporter_init import populate_exporter_list
|
||||||
from monkey_island.cc.utils import local_ip_addresses
|
from monkey_island.cc.utils import local_ip_addresses
|
||||||
from monkey_island.cc.environment.environment import env
|
from monkey_island.cc.environment.environment import env
|
||||||
from monkey_island.cc.database import is_db_server_up, get_db_version
|
from monkey_island.cc.database import is_db_server_up, get_db_version
|
||||||
|
|
|
@ -38,6 +38,8 @@ class Monkey(Document):
|
||||||
ttl_ref = ReferenceField(MonkeyTtl)
|
ttl_ref = ReferenceField(MonkeyTtl)
|
||||||
tunnel = ReferenceField("self")
|
tunnel = ReferenceField("self")
|
||||||
command_control_channel = EmbeddedDocumentField(CommandControlChannel)
|
command_control_channel = EmbeddedDocumentField(CommandControlChannel)
|
||||||
|
aws_instance_id = StringField(required=False) # This field only exists when the monkey is running on an AWS
|
||||||
|
# instance. See https://github.com/guardicore/monkey/issues/426.
|
||||||
|
|
||||||
# LOGIC
|
# LOGIC
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
|
|
@ -406,7 +406,7 @@ SCHEMA = {
|
||||||
"title": "Harvest Azure Credentials",
|
"title": "Harvest Azure Credentials",
|
||||||
"type": "boolean",
|
"type": "boolean",
|
||||||
"default": True,
|
"default": True,
|
||||||
"attack_techniques": ["T1003", "T1078"],
|
"attack_techniques": ["T1003"],
|
||||||
"description":
|
"description":
|
||||||
"Determine if the Monkey should try to harvest password credentials from Azure VMs"
|
"Determine if the Monkey should try to harvest password credentials from Azure VMs"
|
||||||
},
|
},
|
||||||
|
@ -421,7 +421,7 @@ SCHEMA = {
|
||||||
"title": "Should use Mimikatz",
|
"title": "Should use Mimikatz",
|
||||||
"type": "boolean",
|
"type": "boolean",
|
||||||
"default": True,
|
"default": True,
|
||||||
"attack_techniques": ["T1003", "T1078"],
|
"attack_techniques": ["T1003"],
|
||||||
"description": "Determines whether to use Mimikatz"
|
"description": "Determines whether to use Mimikatz"
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,12 +11,12 @@ from six import text_type
|
||||||
|
|
||||||
from monkey_island.cc.database import mongo
|
from monkey_island.cc.database import mongo
|
||||||
from monkey_island.cc.models import Monkey
|
from monkey_island.cc.models import Monkey
|
||||||
from monkey_island.cc.report_exporter_manager import ReportExporterManager
|
from monkey_island.cc.services.reporting.report_exporter_manager import ReportExporterManager
|
||||||
from monkey_island.cc.services.config import ConfigService
|
from monkey_island.cc.services.config import ConfigService
|
||||||
from monkey_island.cc.services.edge import EdgeService
|
from monkey_island.cc.services.edge import EdgeService
|
||||||
from monkey_island.cc.services.node import NodeService
|
from monkey_island.cc.services.node import NodeService
|
||||||
from monkey_island.cc.utils import local_ip_addresses, get_subnets
|
from monkey_island.cc.utils import local_ip_addresses, get_subnets
|
||||||
from pth_report import PTHReportService
|
from monkey_island.cc.services.pth_report import PTHReportService
|
||||||
from common.network.network_range import NetworkRange
|
from common.network.network_range import NetworkRange
|
||||||
|
|
||||||
__author__ = "itay.mizeretz"
|
__author__ = "itay.mizeretz"
|
||||||
|
|
|
@ -7,7 +7,7 @@ from botocore.exceptions import UnknownServiceError
|
||||||
|
|
||||||
from common.cloud.aws_instance import AwsInstance
|
from common.cloud.aws_instance import AwsInstance
|
||||||
from monkey_island.cc.environment.environment import load_server_configuration_from_file
|
from monkey_island.cc.environment.environment import load_server_configuration_from_file
|
||||||
from monkey_island.cc.resources.exporter import Exporter
|
from monkey_island.cc.services.reporting.exporter import Exporter
|
||||||
|
|
||||||
__authors__ = ['maor.rayzin', 'shay.nehmad']
|
__authors__ = ['maor.rayzin', 'shay.nehmad']
|
||||||
|
|
|
@ -1,16 +1,16 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from monkey_island.cc.report_exporter_manager import ReportExporterManager
|
from monkey_island.cc.services.reporting.report_exporter_manager import ReportExporterManager
|
||||||
from monkey_island.cc.resources.aws_exporter import AWSExporter
|
from monkey_island.cc.services.reporting.aws_exporter import AWSExporter
|
||||||
from monkey_island.cc.services.remote_run_aws import RemoteRunAwsService
|
from monkey_island.cc.services.remote_run_aws import RemoteRunAwsService
|
||||||
|
from monkey_island.cc.environment.environment import env
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
def populate_exporter_list():
|
def populate_exporter_list():
|
||||||
manager = ReportExporterManager()
|
manager = ReportExporterManager()
|
||||||
RemoteRunAwsService.init()
|
RemoteRunAwsService.init()
|
||||||
if RemoteRunAwsService.is_running_on_aws():
|
if RemoteRunAwsService.is_running_on_aws() and ('aws' == env.get_deployment()):
|
||||||
manager.add_exporter_to_list(AWSExporter)
|
manager.add_exporter_to_list(AWSExporter)
|
||||||
|
|
||||||
if len(manager.get_exporters_list()) != 0:
|
if len(manager.get_exporters_list()) != 0:
|
|
@ -27,9 +27,9 @@ class ReportExporterManager(object):
|
||||||
self._exporters_set.add(exporter)
|
self._exporters_set.add(exporter)
|
||||||
|
|
||||||
def export(self, report):
|
def export(self, report):
|
||||||
try:
|
for exporter in self._exporters_set:
|
||||||
for exporter in self._exporters_set:
|
logger.debug("Trying to export using " + repr(exporter))
|
||||||
logger.debug("Trying to export using " + repr(exporter))
|
try:
|
||||||
exporter().handle_report(report)
|
exporter().handle_report(report)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
logger.exception('Failed to export report, error: ' + e.message)
|
logger.exception('Failed to export report, error: ' + e.message)
|
|
@ -24,7 +24,7 @@ let renderPbaResults = function (results) {
|
||||||
};
|
};
|
||||||
|
|
||||||
const subColumns = [
|
const subColumns = [
|
||||||
{id: 'pba_name', Header: "Name", accessor: x => x.name, style: { 'whiteSpace': 'unset' }},
|
{id: 'pba_name', Header: "Name", accessor: x => x.name, style: { 'whiteSpace': 'unset' }, width: 160},
|
||||||
{id: 'pba_output', Header: "Output", accessor: x => renderPbaResults(x.result), style: { 'whiteSpace': 'unset' }}
|
{id: 'pba_output', Header: "Output", accessor: x => renderPbaResults(x.result), style: { 'whiteSpace': 'unset' }}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue