diff --git a/envs/monkey_maker/README.md b/envs/monkey_maker/README.md index c273b6b04..d80a211e1 100644 --- a/envs/monkey_maker/README.md +++ b/envs/monkey_maker/README.md @@ -13,7 +13,7 @@ To setup you need to put `accessKeys` file into `./aws_keys` directory. Contents of `accessKeys` file should be as follows: -``` +```ini [default] aws_access_key_id = <...> aws_secret_access_key = <...> @@ -21,12 +21,12 @@ aws_secret_access_key = <...> Also review `./terraform/config.tf` file. Launch the environment by going into `terraform` folder and running -```angular2html +``` terraform init terraform apply ``` -### Usage +## Usage To login to windows use Administrator: %HwuzI!Uzsyfa=cB*XaQ6xxHqopfj)h) credentials diff --git a/envs/os_compatibility/README.md b/envs/os_compatibility/README.md index d8e1d30f9..11653e4a3 100644 --- a/envs/os_compatibility/README.md +++ b/envs/os_compatibility/README.md @@ -29,8 +29,9 @@ terraform apply ## Usage +0. Add your machine's IP to the `os_compat_island` security group ingress rules. 1. Launch os_compat_ISLAND machine and upload your binaries/update island. Reset island environment. -2. Launch/Reboot all other os_compat test machines (Can be filtered with tag "Puropose: os_compat_instance") +2. Launch/Reboot all other os_compat test machines (Can be filtered with tag "Purpose: os_compat_instance") 3. Wait until machines boot and run monkey 4. Launch `test_compatibility.py` pytest script with island ip parameter (e.g. `test_compatibility.py --island 111.111.111.111:5000`) @@ -58,3 +59,20 @@ A quick reference for usernames on different machines (if in doubt check officia - CentOS: centos - Everything else: ec2-user +To manually verify the machine is compatible use commands to download and execute the monkey. + +Example commands: + - Powershell: +```cmd +[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy +Set-MpPreference -DisableRealtimeMonitoring $true -ErrorAction SilentlyContinue +Invoke-WebRequest -Uri 'https://10.0.0.251:5000/api/monkey/download/monkey-windows-64.exe' -OutFile 'C:\windows\temp\monkey-windows-64.exe' -UseBasicParsing +C:\windows\temp\monkey-windows-64.exe m0nk3y -s 10.0.0.251:5000 +``` + + - Bash: +```shell script +wget --no-check-certificate -q https://10.0.0.251:5000/api/monkey/download/monkey-linux-64 -O ./monkey-linux-64 || curl https://10.0.0.251:5000/api/monkey/download/monkey-linux-64 -k -o monkey-linux-64 +chmod +x ./monkey-linux-64 +./monkey-linux-64 m0nk3y -s 10.0.0.251:5000 +``` diff --git a/envs/os_compatibility/terraform/infra.tf b/envs/os_compatibility/terraform/infra.tf index c561acb02..c9296d888 100644 --- a/envs/os_compatibility/terraform/infra.tf +++ b/envs/os_compatibility/terraform/infra.tf @@ -43,7 +43,7 @@ resource "aws_subnet" "main" { } } -resource "aws_security_group" "os_compat_islad" { +resource "aws_security_group" "os_compat_island" { name = "os_compat_island" description = "Allow remote access to the island" vpc_id = "${aws_vpc.os_compat_vpc.id}" @@ -52,7 +52,7 @@ resource "aws_security_group" "os_compat_islad" { from_port = 0 to_port = 0 protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] + cidr_blocks = ["10.0.0.0/24"] } egress { @@ -69,7 +69,7 @@ resource "aws_security_group" "os_compat_islad" { resource "aws_security_group" "os_compat_instance" { name = "os_compat_instance" - description = "Disables remote access to vulnerable instances" + description = "Allow remote access to the machines" vpc_id = "${aws_vpc.os_compat_vpc.id}" ingress { diff --git a/envs/os_compatibility/terraform/instances.tf b/envs/os_compatibility/terraform/instances.tf index 07bb81933..44b2f8a3d 100644 --- a/envs/os_compatibility/terraform/instances.tf +++ b/envs/os_compatibility/terraform/instances.tf @@ -11,7 +11,7 @@ resource "aws_instance" "island" { tags = { Name = "os_compat_ISLAND" } - vpc_security_group_ids = ["${aws_security_group.os_compat_islad.id}"] + vpc_security_group_ids = ["${aws_security_group.os_compat_island.id}"] associate_public_ip_address = true root_block_device { volume_size = "30"