+[Getting started](#getting-started)
+[Using islands](#using-islands)
+[Running tests](#running-tests)
+[Machines’ legend](#machines-legend)
+[Machines](#machines)
+[Nr. 2 Hadoop](#_Toc526517182)
+[Nr. 3 Hadoop](#_Toc526517183)
+[Nr. 4 Elastic](#_Toc526517184)
+[Nr. 5 Elastic](#_Toc526517185)
+[Nr. 6 Sambacry](#_Toc536021459)
+[Nr. 7 Sambacry](#_Toc536021460)
+[Nr. 8 Shellshock](#_Toc536021461)
+[Nr. 9 Tunneling M1](#_Toc536021462)
+[Nr. 10 Tunneling M2](#_Toc536021463)
+[Nr. 11 SSH key steal](#_Toc526517190)
+[Nr. 12 SSH key steal](#_Toc526517191)
+[Nr. 13 RDP grinder](#_Toc526517192)
+[Nr. 14 Mimikatz](#_Toc536021467)
+[Nr. 15 Mimikatz](#_Toc536021468)
+[Nr. 16 MsSQL](#_Toc536021469)
+[Nr. 17 Upgrader](#_Toc536021470)
+[Nr. 18 WebLogic](#_Toc526517180)
+[Nr. 19 WebLogic](#_Toc526517181)
+[Nr. 20 SMB](#_Toc536021473)
+[Nr. 21 Scan](#_Toc526517196)
+[Nr. 22 Scan](#_Toc526517197)
+[Nr. 23 Struts2](#_Toc536021476)
+[Nr. 24 Struts2](#_Toc536021477)
+[Nr. 250 MonkeyIsland](#_Toc536021478)
+[Nr. 251 MonkeyIsland](#_Toc536021479)
+[Network topography](#network-topography)
+ +# Warning\! + +This project builds an intentionally +vulnerable network. Make sure not to add +production servers to the same network and leave it closed to the +public. + +# Introduction: + +MonkeyZoo is a Google Cloud Platform network deployed with terraform. +Terraform scripts allows you to quickly setup a network that’s full of +vulnerable machines to regression test monkey’s exploiters, evaluate +scanning times in a real-world scenario and many more. + +# Getting started: + +Requirements: +1. Have terraform installed. +2. Have a Google Cloud Platform account (upgraded if you want to test + whole network at once). + +To deploy: +1. Configure service account for your project: + + a. Create a service account and name it “your\_name-monkeyZoo-user” + + b. Give these permissions to your service account: + + **Compute Engine -> Compute Network Admin** + and + **Compute Engine -> Compute Instance Admin** + + or + + **Project -> Owner** + + c. Download its **Service account key**. Select JSON format. +2. Get these permissions in monkeyZoo project for your service account (ask monkey developers to add them): + + a. **Compute Engine -\> Compute image user** +3. Change configurations located in the + ../monkey/envs/monkey\_zoo/terraform/config.tf file (don’t forget to + link to your service account key file): + + > provider "google" { + > + > project = "project-28054666" + > + > region = "europe-west3" + > + > zone = "europe-west3-b" + > + > credentials = "${file("project-92050661-9dae6c5a02fc.json")}" + > + > } + > + > service\_account\_email="test@project-925243.iam.gserviceaccount.com" + +4. Run terraform init + +To deploy the network run:
+`terraform plan` (review the changes it will make on GCP)
+`terraform apply` (creates 2 networks for machines)
+`terraform apply` (adds machines to these networks) + +# Using islands: + +###How to get into the islands: + +**island-linux-250:** SSH from GCP + +**island-windows-251:** In GCP/VM instances page click on +island-windows-251. Set password for your account and then RDP into +the island. + +###These are most common steps on monkey islands: + +####island-linux-250: + +To run monkey island:
+`sudo /usr/run\_island.sh`
+ +To run monkey:
+`sudo /usr/run\_monkey.sh`
+ +To update repository:
+`git pull /usr/infection_monkey`
+ +Update all requirements using deployment script:
+1\. `cd /usr/infection_monkey/deployment_scripts`
+2\. `./deploy_linux.sh "/usr/infection_monkey" "develop"`
+ +####island-windows-251: + +To run monkey island:
+Execute C:\\run\_monkey\_island.bat as administrator + +To run monkey:
+Execute C:\\run\_monkey.bat as administrator + +To update repository:
+1\. Open cmd as an administrator
+2\. `cd C:\infection_monkey`
+3\. `git pull` (updates develop branch)
+ +Update all requirements using deployment script:
+1. `cd C:\infection_monkey\deployment_scripts`
+2. `./run_script.bat "C:\infection_monkey" "develop"` + +# Running tests: + +Once you start monkey island you can import test configurations from +../monkey/envs/configs. + +fullTest.conf is a good config to start, because it covers all machines. + +# Machines: + +
Nr. 2 Hadoop +(10.2.2.2) |
+(Vulnerable) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +JDK, + |
+
| Default server’s port: | +8020 | +
| Server’s config: | +Single node cluster | +
| Scan results: | +Machine exploited using Hadoop exploiter | +
| Notes: | ++ |
Nr. 3 Hadoop +(10.2.2.3) |
+(Vulnerable) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Software: | +JDK, + |
+
| Default server’s port: | +8020 | +
| Server’s config: | +Single node cluster | +
| Scan results: | +Machine exploited using Hadoop exploiter | +
| Notes: | ++ |
Nr. 4 Elastic +(10.2.2.4) |
+(Vulnerable) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +JDK, + |
+
| Default server’s port: | +9200 | +
| Server’s config: | +Default | +
| Scan results: | +Machine exploited using Elastic exploiter | +
| Notes: | +Quick tutorial on how to add entries (was useful when setting up). | +
| + | + |
Nr. 5 Elastic +(10.2.2.5) |
+(Vulnerable) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Software: | +JDK, + |
+
| Default server’s port: | +9200 | +
| Server’s config: | +Default | +
| Scan results: | +Machine exploited using Elastic exploiter | +
| Notes: | +Quick tutorial on how to add entries (was useful when setting up). | +
Nr. 6 Sambacry +(10.2.2.6) |
+(Not implemented) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +Samba > 3.5.0 and < 4.6.4, 4.5.10 and 4.4.14 | +
| Default server’s port: | +- | +
| Root password: | +;^TK`9XN_x^ | +
| Server’s config: | ++ |
| Scan results: | +Machine exploited using Sambacry exploiter | +
| Notes: | ++ |
| + | + |
Nr. 7 Sambacry +(10.2.2.7) |
+(Not implemented) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x32 | +
| Software: | +Samba > 3.5.0 and < 4.6.4, 4.5.10 and 4.4.14 | +
| Default server’s port: | +- | +
| Root password: | +*.&A7/W}Rc$ | +
| Server’s config: | ++ |
| Scan results: | +Machine exploited using Sambacry exploiter | +
| Notes: | ++ |
Nr. 8 Shellshock +(10.2.2.8) |
+(Vulnerable) | +
|---|---|
| OS: | +Ubuntu 12.04 LTS x64 | +
| Software: | +Apache2, bash 4.2. | +
| Default server’s port: | +80 | +
| Scan results: | +Machine exploited using Shellshock exploiter | +
| Notes: | +Vulnerable app is under /cgi-bin/test.cgi | +
| + | + |
Nr. 9 Tunneling M1 +(10.2.2.9, 10.2.1.9) |
+(Vulnerable) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +OpenSSL | +
| Default service’s port: | +22 | +
| Root password: | +`))jU7L(w} | +
| Server’s config: | +Default | +
| Notes: | ++ |
Nr. 10 Tunneling M2 +(10.2.1.10) |
+(Exploitable) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +OpenSSL | +
| Default service’s port: | +22 | +
| Root password: | +3Q=(Ge(+&w]* | +
| Server’s config: | +Default | +
| Notes: | +Accessible only trough Nr.9 | +
Nr. 11 SSH key steal. +(10.2.2.11) |
+(Vulnerable) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +OpenSSL | +
| Default connection port: | +22 | +
| Root password: | +^NgDvY59~8 | +
| Server’s config: | +SSH keys to connect to NR. 11 | +
| Notes: | ++ |
| + | + |
Nr. 12 SSH key steal. +(10.2.2.12) |
+(Exploitable) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +OpenSSL | +
| Default connection port: | +22 | +
| Root password: | +u?Sj5@6(-C | +
| Server’s config: | +SSH configured to allow connection from NR.10 | +
| Notes: | +Don’t add this machine’s credentials to exploit configuration. | +
| + | + |
Nr. 13 RDP grinder +(10.2.2.13) |
+(Not implemented) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Software: | +- | +
| Default connection port: | +3389 | +
| Root password: | +2}p}aR]&=M | +
| Scan results: | +Machine exploited using RDP grinder | +
| Server’s config: | +Remote desktop enabled +Admin user’s credentials: +m0nk3y, 2}p}aR]&=M |
+
| Notes: | ++ |
| + | + |
Nr. 14 Mimikatz +(10.2.2.14) |
+(Vulnerable) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Software: | +- | +
| Admin password: | +Ivrrw5zEzs | +
| Server’s config: | +Has cashed mimikatz-15 RDP credentials +SMB turned on |
+
| Notes: | ++ |
Nr. 15 Mimikatz +(10.2.2.15) |
+(Exploitable) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Software: | +- | +
| Admin password: | +pAJfG56JX>< | +
| Server’s config: | +It’s credentials are cashed at mimikatz-14 +SMB turned on |
+
| Notes: | +If you change this machine’s IP it won’t get exploited. | +
| + | + |
Nr. 16 MsSQL +(10.2.2.16) |
+(Vulnerable) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Software: | +MSSQL Server | +
| Default service port: | +1433 | +
| Server’s config: | +xp_cmdshell feature enabled in MSSQL server +Server’s creds (sa): admin, }8Ys#" |
+
| Notes: | +Enabled SQL server browser service + + |
+
| + | + |
Nr. 17 Upgrader +(10.2.2.17) |
+(Not implemented) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Default service port: | +445 | +
| Root password: | +U??7ppG_ | +
| Server’s config: | +Turn on SMB | +
| Notes: | ++ |
| + | + |
Nr. 18 WebLogic +(10.2.2.18) |
+(Vulnerable) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +JDK, + |
+
| Default server’s port: | +7001 | +
| Admin domain credentials: | +weblogic : B74Ot0c4 | +
| Server’s config: | +Default | +
| Notes: | ++ |
Nr. 19 WebLogic +(10.2.2.19) |
+(Vulnerable) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Software: | +JDK, + |
+
| Default server’s port: | +7001 | +
| Admin servers credentials: | +weblogic : =ThS2d=m(`B | +
| Server’s config: | +Default | +
| Notes: | ++ |
Nr. 20 SMB +(10.2.2.20) |
+(Vulnerable) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Software: | +- | +
| Default service’s port: | +445 | +
| Root password: | +YbS,<tpS.2av | +
| Server’s config: | +SMB turned on | +
| Notes: | ++ |
Nr. 21 Scan +(10.2.2.21) |
+(Secure) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +Apache tomcat 7.0.92 | +
| Default server’s port: | +8080 | +
| Server’s config: | +Default | +
| Notes: | +Used to scan a machine that has no vulnerabilities (to evaluate scanning speed for e.g.) | +
| + | + |
Nr. 22 Scan +(10.2.2.22) |
+(Secure) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Software: | +Apache tomcat 7.0.92 | +
| Default server’s port: | +8080 | +
| Server’s config: | +Default | +
| Notes: | +Used to scan a machine that has no vulnerabilities (to evaluate scanning speed for e.g.) | +
| + | + |
Nr. 23 Struts2 +(10.2.2.23) |
+(Vulnerable) | +
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +JDK, +struts2 2.3.15.1, +tomcat 9.0.0.M9 |
+
| Default server’s port: | +8080 | +
| Server’s config: | +Default | +
| Notes: | ++ |
Nr. 24 Struts2 +(10.2.2.24) |
+(Vulnerable) | +
|---|---|
| OS: | +Windows 10 x64 | +
| Software: | +JDK, +struts2 2.3.15.1, +tomcat 9.0.0.M9 |
+
| Default server’s port: | +8080 | +
| Server’s config: | +Default | +
| Notes: | ++ |
| + | + |
Nr. 250 MonkeyIsland +(10.2.2.250) |
++ |
|---|---|
| OS: | +Ubuntu 16.04.05 x64 | +
| Software: | +MonkeyIsland server, git, mongodb etc. | +
| Default server’s port: | +22, 443 | +
| Private key passphrase: | +- | +
| Notes: | +Only accessible trough GCP | +
| + | + |
Nr. 251 MonkeyIsland +(10.2.2.251) |
++ |
|---|---|
| OS: | +Windows Server 2016 x64 | +
| Software: | +MonkeyIsland server, git, mongodb etc. | +
| Default server’s port: | +3389, 443 | +
| Private key passphrase: | +- | +
| Notes: | +Only accessible trough GCP | +
| + | + |
diff --git a/envs/monkey_zoo/docs/images/networkTopography.jpg b/envs/monkey_zoo/docs/images/networkTopography.jpg
new file mode 100644
index 000000000..09130a251
Binary files /dev/null and b/envs/monkey_zoo/docs/images/networkTopography.jpg differ
diff --git a/envs/monkey_zoo/terraform/config.tf b/envs/monkey_zoo/terraform/config.tf
new file mode 100644
index 000000000..c6108865a
--- /dev/null
+++ b/envs/monkey_zoo/terraform/config.tf
@@ -0,0 +1,10 @@
+provider "google" {
+ project = "test-000000"
+ region = "europe-west3"
+ zone = "europe-west3-b"
+ credentials = "${file("testproject-000000-0c0b000b00c0.json")}"
+}
+locals {
+ service_account_email="tester-monkeyZoo-user@testproject-000000.iam.gserviceaccount.com"
+ monkeyzoo_project="guardicore-22050661"
+}
\ No newline at end of file
diff --git a/envs/monkey_zoo/terraform/firewalls.tf b/envs/monkey_zoo/terraform/firewalls.tf
new file mode 100644
index 000000000..df33ed4d4
--- /dev/null
+++ b/envs/monkey_zoo/terraform/firewalls.tf
@@ -0,0 +1,76 @@
+resource "google_compute_firewall" "islands-in" {
+ name = "islands-in"
+ network = "${google_compute_network.monkeyzoo.name}"
+
+ allow {
+ protocol = "tcp"
+ ports = ["22", "443", "3389", "5000"]
+ }
+
+ direction = "INGRESS"
+ priority = "65534"
+ target_tags = ["island"]
+}
+
+resource "google_compute_firewall" "islands-out" {
+ name = "islands-out"
+ network = "${google_compute_network.monkeyzoo.name}"
+
+ allow {
+ protocol = "tcp"
+ }
+
+ direction = "EGRESS"
+ priority = "65534"
+ target_tags = ["island"]
+}
+
+resource "google_compute_firewall" "monkeyzoo-in" {
+ name = "monkeyzoo-in"
+ network = "${google_compute_network.monkeyzoo.name}"
+
+ allow {
+ protocol = "all"
+ }
+
+ direction = "INGRESS"
+ priority = "65534"
+ source_ranges = ["10.2.2.0/24"]
+}
+
+resource "google_compute_firewall" "monkeyzoo-out" {
+ name = "monkeyzoo-out"
+ network = "${google_compute_network.monkeyzoo.name}"
+
+ allow {
+ protocol = "all"
+ }
+
+ direction = "EGRESS"
+ priority = "65534"
+ destination_ranges = ["10.2.2.0/24"]
+}
+
+resource "google_compute_firewall" "tunneling-in" {
+ name = "tunneling-in"
+ network = "${google_compute_network.tunneling.name}"
+
+ allow {
+ protocol = "all"
+ }
+
+ direction = "INGRESS"
+ source_ranges = ["10.2.1.0/28"]
+}
+
+resource "google_compute_firewall" "tunneling-out" {
+ name = "tunneling-out"
+ network = "${google_compute_network.tunneling.name}"
+
+ allow {
+ protocol = "all"
+ }
+
+ direction = "EGRESS"
+ destination_ranges = ["10.2.1.0/28"]
+}
diff --git a/envs/monkey_zoo/terraform/images.tf b/envs/monkey_zoo/terraform/images.tf
new file mode 100644
index 000000000..4677d0c1b
--- /dev/null
+++ b/envs/monkey_zoo/terraform/images.tf
@@ -0,0 +1,91 @@
+//Custom cloud images
+data "google_compute_image" "hadoop-2" {
+ name = "hadoop-2"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "hadoop-3" {
+ name = "hadoop-3"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "elastic-4" {
+ name = "elastic-4"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "elastic-5" {
+ name = "elastic-5"
+ project = "${local.monkeyzoo_project}"
+}
+
+/*
+data "google_compute_image" "sambacry-6" {
+ name = "sambacry-6"
+}
+*/
+data "google_compute_image" "shellshock-8" {
+ name = "shellshock-8"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "tunneling-9" {
+ name = "tunneling-9-v2"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "tunneling-10" {
+ name = "tunneling-10-v2"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "sshkeys-11" {
+ name = "sshkeys-11-v2"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "sshkeys-12" {
+ name = "sshkeys-12-v2"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "mimikatz-14" {
+ name = "mimikatz-14-v2"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "mimikatz-15" {
+ name = "mimikatz-15"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "mssql-16" {
+ name = "mssql-16"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "weblogic-18" {
+ name = "weblogic-18"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "weblogic-19" {
+ name = "weblogic-19-v2"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "smb-20" {
+ name = "smb-20"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "scan-21" {
+ name = "scan-21"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "scan-22" {
+ name = "scan-22"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "struts2-23" {
+ name = "struts2-23"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "struts2-24" {
+ name = "struts-24-v2"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "island-linux-250" {
+ name = "island-linux-250"
+ project = "${local.monkeyzoo_project}"
+}
+data "google_compute_image" "island-windows-251" {
+ name = "island-windows-251"
+ project = "${local.monkeyzoo_project}"
+}
\ No newline at end of file
diff --git a/envs/monkey_zoo/terraform/monkey_zoo.tf b/envs/monkey_zoo/terraform/monkey_zoo.tf
new file mode 100644
index 000000000..e0b97822f
--- /dev/null
+++ b/envs/monkey_zoo/terraform/monkey_zoo.tf
@@ -0,0 +1,431 @@
+
+// Local variables
+locals {
+ default_ubuntu="${google_compute_instance_template.ubuntu16.self_link}"
+ default_windows="${google_compute_instance_template.windows2016.self_link}"
+}
+
+resource "google_compute_network" "monkeyzoo" {
+ name = "monkeyzoo"
+ auto_create_subnetworks = false
+}
+
+resource "google_compute_network" "tunneling" {
+ name = "tunneling"
+ auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "monkeyzoo-main" {
+ name = "monkeyzoo-main"
+ ip_cidr_range = "10.2.2.0/24"
+ network = "${google_compute_network.monkeyzoo.self_link}"
+}
+
+resource "google_compute_subnetwork" "tunneling-main" {
+ name = "tunneling-main"
+ ip_cidr_range = "10.2.1.0/28"
+ network = "${google_compute_network.tunneling.self_link}"
+}
+
+resource "google_compute_instance_from_template" "hadoop-2" {
+ name = "hadoop-2"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.hadoop-2.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.2"
+ }
+ // Add required ssh keys for hadoop service and restart it
+ metadata_startup_script = "[ ! -f /home/vakaris_zilius/.ssh/authorized_keys ] && sudo cat /home/vakaris_zilius/.ssh/id_rsa.pub >> /home/vakaris_zilius/.ssh/authorized_keys && sudo reboot"
+}
+
+resource "google_compute_instance_from_template" "hadoop-3" {
+ name = "hadoop-3"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.hadoop-3.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.3"
+ }
+}
+
+resource "google_compute_instance_from_template" "elastic-4" {
+ name = "elastic-4"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.elastic-4.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.4"
+ }
+}
+
+resource "google_compute_instance_from_template" "elastic-5" {
+ name = "elastic-5"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.elastic-5.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.5"
+ }
+}
+
+/* Couldn't find ubuntu packages for required samba version (too old).
+resource "google_compute_instance_from_template" "sambacry-6" {
+ name = "sambacry-6"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.sambacry-6.self_link}"
+ }
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.6"
+ }
+}
+*/
+
+/* We need custom 32 bit Ubuntu machine for this (there are no 32 bit ubuntu machines in GCP).
+resource "google_compute_instance_from_template" "sambacry-7" {
+ name = "sambacry-7"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk {
+ initialize_params {
+ // Add custom image to cloud
+ image = "ubuntu32"
+ }
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.7"
+ }
+}
+*/
+
+resource "google_compute_instance_from_template" "shellshock-8" {
+ name = "shellshock-8"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.shellshock-8.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.8"
+ }
+}
+
+resource "google_compute_instance_from_template" "tunneling-9" {
+ name = "tunneling-9"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.tunneling-9.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface{
+ subnetwork="tunneling-main"
+ network_ip="10.2.1.9"
+
+ }
+ network_interface{
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.9"
+ }
+}
+
+resource "google_compute_instance_from_template" "tunneling-10" {
+ name = "tunneling-10"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.tunneling-10.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface{
+ subnetwork="tunneling-main"
+ network_ip="10.2.1.10"
+ }
+}
+
+resource "google_compute_instance_from_template" "sshkeys-11" {
+ name = "sshkeys-11"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.sshkeys-11.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.11"
+ }
+}
+
+resource "google_compute_instance_from_template" "sshkeys-12" {
+ name = "sshkeys-12"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.sshkeys-12.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.12"
+ }
+}
+
+/*
+resource "google_compute_instance_from_template" "rdpgrinder-13" {
+ name = "rdpgrinder-13"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.rdpgrinder-13.self_link}"
+ }
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.13"
+ }
+}
+*/
+
+resource "google_compute_instance_from_template" "mimikatz-14" {
+ name = "mimikatz-14"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.mimikatz-14.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.14"
+ }
+}
+
+resource "google_compute_instance_from_template" "mimikatz-15" {
+ name = "mimikatz-15"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.mimikatz-15.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.15"
+ }
+}
+
+resource "google_compute_instance_from_template" "mssql-16" {
+ name = "mssql-16"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.mssql-16.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.16"
+ }
+}
+
+/* We need to alter monkey's behavior for this to upload 32-bit monkey instead of 64-bit (not yet developed)
+resource "google_compute_instance_from_template" "upgrader-17" {
+ name = "upgrader-17"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.upgrader-17.self_link}"
+ }
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.17"
+ access_config {
+ // Cheaper, non-premium routing
+ network_tier = "STANDARD"
+ }
+ }
+}
+*/
+
+resource "google_compute_instance_from_template" "weblogic-18" {
+ name = "weblogic-18"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.weblogic-18.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.18"
+ }
+}
+
+resource "google_compute_instance_from_template" "weblogic-19" {
+ name = "weblogic-19"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.weblogic-19.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.19"
+ }
+}
+
+resource "google_compute_instance_from_template" "smb-20" {
+ name = "smb-20"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.smb-20.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.20"
+ }
+}
+
+resource "google_compute_instance_from_template" "scan-21" {
+ name = "scan-21"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.scan-21.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.21"
+ }
+}
+
+resource "google_compute_instance_from_template" "scan-22" {
+ name = "scan-22"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.scan-22.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.22"
+ }
+}
+
+resource "google_compute_instance_from_template" "struts2-23" {
+ name = "struts2-23"
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.struts2-23.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.23"
+ }
+}
+
+resource "google_compute_instance_from_template" "struts2-24" {
+ name = "struts2-24"
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.struts2-24.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.24"
+ }
+}
+
+resource "google_compute_instance_from_template" "island-linux-250" {
+ name = "island-linux-250"
+ machine_type = "n1-standard-2"
+ tags = ["island", "linux", "ubuntu16"]
+ source_instance_template = "${local.default_ubuntu}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.island-linux-250.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.250"
+ access_config {
+ // Cheaper, non-premium routing (not available in some regions)
+ // network_tier = "STANDARD"
+ }
+ }
+}
+
+resource "google_compute_instance_from_template" "island-windows-251" {
+ name = "island-windows-251"
+ machine_type = "n1-standard-2"
+ tags = ["island", "windows", "windowsserver2016"]
+ source_instance_template = "${local.default_windows}"
+ boot_disk{
+ initialize_params {
+ image = "${data.google_compute_image.island-windows-251.self_link}"
+ }
+ auto_delete = true
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ network_ip="10.2.2.251"
+ access_config {
+ // Cheaper, non-premium routing (not available in some regions)
+ // network_tier = "STANDARD"
+ }
+ }
+}
\ No newline at end of file
diff --git a/envs/monkey_zoo/terraform/templates.tf b/envs/monkey_zoo/terraform/templates.tf
new file mode 100644
index 000000000..ed48864d9
--- /dev/null
+++ b/envs/monkey_zoo/terraform/templates.tf
@@ -0,0 +1,45 @@
+resource "google_compute_instance_template" "ubuntu16" {
+ name = "ubuntu16"
+ description = "Creates ubuntu 16.04 LTS servers at europe-west3-a."
+
+ tags = ["test-machine", "ubuntu16", "linux"]
+
+ machine_type = "n1-standard-1"
+ can_ip_forward = false
+
+ disk {
+ source_image = "ubuntu-os-cloud/ubuntu-1604-lts"
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ access_config {
+ // Cheaper, non-premium routing
+ network_tier = "STANDARD"
+ }
+ }
+ service_account {
+ email ="${local.service_account_email}"
+ scopes=["cloud-platform"]
+ }
+}
+
+resource "google_compute_instance_template" "windows2016" {
+ name = "windows2016"
+ description = "Creates windows 2016 core servers at europe-west3-a."
+
+ tags = ["test-machine", "windowsserver2016", "windows"]
+
+ machine_type = "n1-standard-1"
+ can_ip_forward = false
+
+ disk {
+ source_image = "windows-cloud/windows-2016"
+ }
+ network_interface {
+ subnetwork="monkeyzoo-main"
+ }
+ service_account {
+ email="${local.service_account_email}"
+ scopes=["cloud-platform"]
+ }
+}
\ No newline at end of file