From 37540b5f26918197aa8e1c33e4c014dcf05ddd44 Mon Sep 17 00:00:00 2001 From: Anton Hvornum Date: Mon, 10 Jun 2019 01:01:01 +0200 Subject: Adding a pentest template to try stuff --- deployments/pentest.json | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 deployments/pentest.json (limited to 'deployments/pentest.json') diff --git a/deployments/pentest.json b/deployments/pentest.json new file mode 100644 index 00000000..3e577cf4 --- /dev/null +++ b/deployments/pentest.json @@ -0,0 +1,46 @@ +{ + "args" : { + "password" : "", + "_filebrowser" : "nemo gpicview-gtk3", + "_webbrowser" : "chromium", + "_window_manager" : "awesome", + "_keyboard_layout" : "sv-latin1", + "_virtulization" : "qemu ovmf", + "_pentest" : "samba bloodhound responder smbclient openvpn nmap tcpdump python-psutil python-systemd", + "post" : "don't reboot" + }, + "post" : { + "Install workstation packages": { + "pacman -Syy --noconfirm openssh sshfs git {_webbrowser} {_window_manager} {_virtulization} {_filebrowser} dhclient ttf-freefont ttf-liberation xorg-server xorg-xrandr xorg-xinit xterm nano wget pulseaudio pulseaudio-alsa pavucontrol smbclient cifs-utils xscreensaver" : {"pass-args" : true} + }, + "Setup virtulization" : { + "sh -c \"Description=\\\"Bridge for virtual machines\\\"\nInterface=br0\nConnection=bridge\nBindsToInterfaces=(eno1)\nIP=no\nExecUpPost=\\\"ip link set dev br0 address $(cat /sys/class/net/eno1/address); IP=dhcp; ip_set\\\"\nExecDownPre=\\\"IP=dhcp\\\"\n\n## Ignore (R)STP and immediately activate the bridge\nSkipForwardingDelay=yes\"" : null + }, + "Setup loclization" : { + "sh -c \"echo 'setxkbmap se' >> /etc/X11/xinit/xinitrc\"" : null, + "sh -c \"echo 'KEYMAP={_keyboard_layout}\nFONT=lat9w-16' >> /etc/vconsole.conf\"" : {"pass-args" : true} + }, + "Configure desktop environment" : "awesome", + "Configure pentest environment" : { + "curl -O https://blackarch.org/strap.sh" : null, + "chmod +x strap.sh" : null, + "sudo ./strap.sh" : null, + "touch /mnt/openvpn/client/customer.conf" : {"no-chroot" : true}, + "sed -i 's/After=network.target/After=openvpn-client@customer.service\n&/' /mnt/usr/lib/systemd/system/sshd.service" : {"no-chroot" : true}, + "sed -i 's/ExecStart=/ExecStartPre=\\/usr\\/bin\\/sleep 30\n&/' /mnt/usr/lib/systemd/system/sshd.service" : {"no-chroot" : true}, + "echo 'Interface=eno1\nConnection=ethernet\nIP=dhcp' > /mnt/etc/netctl/LAN" : {"no-chroot" : true}, + "git clone https://github.com/Torxed/dumper.git" : null, + "mkdir /mnt/etc/dumper" : {"no-chroot" : true}, + "cp dumper/config.json /etc/dumper/" : null, + "cp dumper/dumper.py /usr/bin/" : null, + "chmod 440 /etc/dumper/config.json" : null, + "chmod 540 /usr/bin/dumper.py" : null, + "cp dumper/systemd/* /etc/systemd/system/" : null, + "sed -i 's/#ListenAddress 0.0.0.0/ListenAddress 192.168.0.10/' /mnt/etc/ssh/sshd_config" : {"no-chroot" : true}, + "rm -rf dumper" : null, + "netctl enable LAN" : null, + "systemctl enable dumper@eno1.service" : null, + "systemctl enable sshd" + } + } +} -- cgit v1.2.3-70-g09d2