Breaking News



ThreatBox is a standard and regulated Linux primarily based assault platform. I have used a method of this for years. It began as plenty of scripts, lived as a rolling digital instrument, existed as code to construct a Linux ISO, and has now been transformed to a number of ansible playbooks. Why Ansible? Why no longer? This appeared to be the following herbal evolution to the configuration of peculiar assault platforms.

This undertaking makes use of ansible playbooks and roles to accomplish publish deployment configuration on a linux objective (Examined on Ubuntu 18.04).

The undertaking is designed for use as a starter procedure in developing, managing, and the usage of a standard assault platform for pink teaming or penetration checking out.

Element on the concept that that that of a Standard Assault Platform can be discovered it the instruction manual Purple Workforce Building and Operations – A smart instruction manual, written by way of Joe Vest and James Tubberville. 

Possible choices

Endeavor Wisdom

The next checklist highlights key parts of this undertaking.

Document/Tick listDescriptionUtilization
hostAnsible hosts documentTrade with IP addresses of objective ansible methods
group_vars/threatbox.ymlnot unusual variablesvariable used for the undertaking. replace as wanted.
threatbox_playbox.ymlNumber one ansible playbookTrade as wish to upload further roles or alternatives
roles/not unusualNo longer odd OS platform configurationSetup not unusual OS settings (i.e set taste in background or compile)
roles/.different particular roles to configure or deploy equipmentupload or regulate roles in roles/

Quickstart

Provision

Provision plenty of targets.

Perceive: This undertaking was once examined on Ubuntu 18.04 deployed in Digitalocean

Configuration

  1. Reproduction hosts.development to hosts
  2. Edit hosts with the IP(s) of your objective methods
  3. Reproduction group_varsthreatbox.yml.development to group_varsthreatbox.yml
  4. Edit group_varsthreatbox.yml with the up to date variables you wish to have to use
    • Do not forget to switch SSH key with a key that has get right of entry to to the a ways off objective

Ansible instructions

# OSX factor https://github.com/ansible/ansible/problems/32499
if [[ "$(uname)" == "Darwin" ]]
then
export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=sure;
fi

# Ansible Logging
rm ./ansible.log
export ANSIBLE_LOG_PATH="ansible.log"

# Ansible Debugging
export ANSIBLE_DEBUG=False

# Execute playbook
ansible-playbook -e ansible_python_interpreter=/usr/bin/python3 -i hosts threatbox_playbook.yml

Perceive: Believe the usage of Mitogen for Ansible to know the most important efficiency spice up. https://mitogen.networkgenomics.com/ansible_detailed.html

Examined with this ansible.cfg

[defaults]
host_key_checking = False
pipelining = True
forks = 100
timeout = 600
stdout_callback = yaml
bin_ansible_callbacks = True
callback_whitelist = profile_roles, profile_tasks, timer

#mitogen
strategy_plugins = ~/Forms/mitogen-0.2.9/ansible_mitogen/plugins/means
means = mitogen_linear

Remotely Get admission to the tool

Console get right of entry to with SSH

Perceive: SSH is also set to a non-standard port in all places setup. This worth is in a position during the group_vars/threatbox.yml knowledge

threatboxip=10.10.10.10
sshport=52222
ssh -p $sshport -i ~/.ssh/threatbox_id_rsa [email protected]$threatboxip

GUI Get admission to with VNC over SSH

Perceive: VNC is setup then again no longer allowed over the community. You’ll be able to use an SSH tunnel to get right of entry to.

threatboxip=10.10.10.10
sshport=52222
ssh -p $sshport -i ~/.ssh/threatbox_id_rsa -L 5901:localhost:5901 [email protected]$threatboxip

Notes at the undertaking

This undertaking makes use of ansbile roles. Those roles may not precisely apply the ansible taste. They’ve been designed for use as a part of this undertaking and use a unmarried ‘variable’ report to regulate the undertaking. The jobs can simply be utilized in different undertaking with minor tweaks.

Possible choices

ThreatBox Customized Instructions

Software Classes

Monitoring of all put in equipment

Automatic terminal logging

Customized terminal choices supply further context

Refined taste of the terminal 

Pipenv stay Python tasks independent

Instance of SilentTrinity running in pipenv environment




Leave a Reply

Your email address will not be published. Required fields are marked *

Donate Us

X