Zoo: Update terraform scripts. Update gcp test machine list with new zone

This commit is contained in:
Ilija Lazoroski 2021-08-24 11:56:09 +02:00
parent 305b2cf716
commit 9f2a4cb7e4
8 changed files with 95 additions and 39 deletions

View File

@ -10,6 +10,7 @@ class Performance(ConfigTemplate):
"3Q=(Ge(+&w]*",
"`))jU7L(w}",
"t67TC5ZDmz",
"Passw0rd!",
],
"basic.credentials.exploit_user_list": ["m0nk3y"],
"basic.exploiters.exploiter_classes": [
@ -24,6 +25,7 @@ class Performance(ConfigTemplate):
"HadoopExploiter",
"VSFTPDExploiter",
"MSSQLExploiter",
"PowerShellExploiter",
"ZerologonExploiter",
],
"basic_network.network_analysis.inaccessible_subnets": [
@ -58,5 +60,7 @@ class Performance(ConfigTemplate):
"10.2.2.23",
"10.2.2.24",
"10.2.2.25",
"10.2.2.45",
"10.2.3.47",
],
}

View File

@ -1,22 +1,28 @@
GCP_TEST_MACHINE_LIST = [
"sshkeys-11",
"sshkeys-12",
"elastic-4",
"elastic-5",
"hadoop-2",
"hadoop-3",
"mssql-16",
"mimikatz-14",
"mimikatz-15",
"struts2-23",
"struts2-24",
"tunneling-9",
"tunneling-10",
"tunneling-11",
"tunneling-12",
"weblogic-18",
"weblogic-19",
"shellshock-8",
"zerologon-25",
"drupal-28",
]
GCP_TEST_MACHINE_LIST = {
"europe-west3-a": [
"sshkeys-11",
"sshkeys-12",
"elastic-4",
"elastic-5",
"hadoop-2",
"hadoop-3",
"mssql-16",
"powershell-45",
"mimikatz-14",
"mimikatz-15",
"struts2-23",
"struts2-24",
"tunneling-9",
"tunneling-10",
"tunneling-11",
"tunneling-12",
"weblogic-18",
"weblogic-19",
"shellshock-8",
"zerologon-25",
"drupal-28",
],
"europe-west1-b": [
"powershell-3-47",
],
}

View File

@ -4,4 +4,4 @@ from gcp_test_machine_list import GCP_TEST_MACHINE_LIST
from utils.gcp_machine_handlers import GCPHandler
gcp_handler = GCPHandler()
gcp_handler.start_machines(" ".join(GCP_TEST_MACHINE_LIST))
gcp_handler.start_machines(GCP_TEST_MACHINE_LIST)

View File

@ -4,4 +4,4 @@ from gcp_test_machine_list import GCP_TEST_MACHINE_LIST
from utils.gcp_machine_handlers import GCPHandler
gcp_handler = GCPHandler()
gcp_handler.stop_machines(" ".join(GCP_TEST_MACHINE_LIST))
gcp_handler.stop_machines(GCP_TEST_MACHINE_LIST)

View File

@ -55,14 +55,14 @@ def GCPHandler(request, no_gcp):
if not no_gcp:
try:
GCPHandler = gcp_machine_handlers.GCPHandler()
GCPHandler.start_machines(" ".join(GCP_TEST_MACHINE_LIST))
GCPHandler.start_machines(GCP_TEST_MACHINE_LIST)
except Exception as e:
LOGGER.error("GCP Handler failed to initialize: %s." % e)
pytest.exit("Encountered an error while starting GCP machines. Stopping the tests.")
wait_machine_bootup()
def fin():
GCPHandler.stop_machines(" ".join(GCP_TEST_MACHINE_LIST))
GCPHandler.stop_machines(GCP_TEST_MACHINE_LIST)
request.addfinalizer(fin)

View File

@ -13,15 +13,12 @@ class GCPHandler(object):
# Key path location relative to this file's directory
RELATIVE_KEY_PATH = "../../gcp_keys/gcp_key.json"
DEFAULT_ZONE = "europe-west3-a"
DEFAULT_PROJECT = "guardicore-22050661"
def __init__(
self,
zone=DEFAULT_ZONE,
project_id=DEFAULT_PROJECT,
):
self.zone = zone
abs_key_path = GCPHandler.get_absolute_key_path()
subprocess.call(GCPHandler.get_auth_command(abs_key_path), shell=True) # noqa: DUO116
@ -43,26 +40,31 @@ class GCPHandler(object):
)
return absolute_key_path
def start_machines(self, machine_list):
@staticmethod
def start_machines(machine_list):
"""
Start all the machines in the list.
:param machine_list: A space-separated string with all the machine names. Example:
start_machines(`" ".join(["elastic-3", "mssql-16"])`)
:param machine_list: A dictionary with zone and machines per zone.
"""
LOGGER.info("Setting up all GCP machines...")
try:
subprocess.call( # noqa: DUO116
(GCPHandler.MACHINE_STARTING_COMMAND % (machine_list, self.zone)), shell=True
)
for zone in machine_list:
subprocess.call( # noqa: DUO116
(GCPHandler.MACHINE_STARTING_COMMAND % (" ".join(machine_list[zone]), zone)),
shell=True,
)
LOGGER.info("GCP machines successfully started.")
except Exception as e:
LOGGER.error("GCP Handler failed to start GCP machines: %s" % e)
def stop_machines(self, machine_list):
@staticmethod
def stop_machines(machine_list):
try:
subprocess.call( # noqa: DUO116
(GCPHandler.MACHINE_STOPPING_COMMAND % (machine_list, self.zone)), shell=True
)
for zone in machine_list:
subprocess.call( # noqa: DUO116
(GCPHandler.MACHINE_STOPPING_COMMAND % (" ".join(machine_list[zone]), zone)),
shell=True,
)
LOGGER.info("GCP machines stopped successfully.")
except Exception as e:
LOGGER.error("GCP Handler failed to stop network machines: %s" % e)

View File

@ -57,6 +57,14 @@ data "google_compute_image" "mssql-16" {
name = "mssql-16"
project = local.monkeyzoo_project
}
data "google_compute_image" "powershell-3-47" {
name = "powershell-3-47"
project = local.monkeyzoo_project
}
data "google_compute_image" "powershell-45" {
name = "powershell-45"
project = local.monkeyzoo_project
}
data "google_compute_image" "weblogic-18" {
name = "weblogic-18"
project = local.monkeyzoo_project

View File

@ -26,6 +26,12 @@ resource "google_compute_subnetwork" "monkeyzoo-main" {
network = google_compute_network.monkeyzoo.self_link
}
resource "google_compute_subnetwork" "monkeyzoo-main-1" {
name = "${local.resource_prefix}monkeyzoo-main-1"
ip_cidr_range = "10.2.3.0/24"
network = google_compute_network.monkeyzoo.self_link
}
resource "google_compute_subnetwork" "tunneling-main" {
name = "${local.resource_prefix}tunneling-main"
ip_cidr_range = "10.2.1.0/28"
@ -307,6 +313,36 @@ resource "google_compute_instance_from_template" "mssql-16" {
}
}
resource "google_compute_instance_from_template" "powershell-3-47" {
name = "${local.resource_prefix}powershell-3-47"
source_instance_template = local.default_windows
boot_disk{
initialize_params {
image = data.google_compute_image.powershell-3-47.self_link
}
auto_delete = true
}
network_interface {
subnetwork="${local.resource_prefix}monkeyzoo-main-1"
network_ip="10.2.3.47"
}
}
resource "google_compute_instance_from_template" "powershell-45" {
name = "${local.resource_prefix}powershell-45"
source_instance_template = local.default_windows
boot_disk{
initialize_params {
image = data.google_compute_image.powershell-45.self_link
}
auto_delete = true
}
network_interface {
subnetwork="${local.resource_prefix}monkeyzoo-main"
network_ip="10.2.2.45"
}
}
/* We need to alter monkey's behavior for this to upload 32-bit monkey instead of 64-bit (not yet developed)
resource "google_compute_instance_from_template" "upgrader-17" {
name = "${local.resource_prefix}upgrader-17"