Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/deployments/pentest.json
blob: f65f556a2c55e6e7fb8c6763a6599e98facf1039 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

{
    "args" : {
        "password" : "<STDIN>",
        "_filebrowser" : "nemo gpicview-gtk3",
        "_webbrowser" : "chromium",
        "_window_manager" : "awesome",
        "_keyboard_layout" : "sv-latin1",
        "_virtulization" : "qemu ovmf",
        "_pentest" : "nfs-utils smbmap crackmapexec samba bloodhound responder smbclient openvpn nmap tcpdump python-psutil python-systemd python-pycryptodomex screen",
        "post" : "don't reboot"
    },
    "post" : {
        "Install workstation packages": {
            "pacman -Syy --noconfirm openssh sshfs git {_webbrowser} {_window_manager} {_virtulization} {_filebrowser} dhclient gnu-free-fonts ttf-liberation xorg-server xorg-xrandr xorg-xinit xterm nano wget pulseaudio pulseaudio-alsa pavucontrol smbclient cifs-utils xscreensaver" : {"pass-args" : true}
        },
        "Setup virtulization" : {
            "sh -c \"Description=\\\"Bridge for virtual machines\\\"\nInterface=br0\nConnection=bridge\nBindsToInterfaces=(eno1)\nIP=no\nExecUpPost=\\\"ip link set dev br0 address $(cat /sys/class/net/eno1/address); IP=dhcp; ip_set\\\"\nExecDownPre=\\\"IP=dhcp\\\"\n\n## Ignore (R)STP and immediately activate the bridge\nSkipForwardingDelay=yes\"" : null
        },
        "Setup loclization" : {
            "sh -c \"echo 'setxkbmap se' >> /etc/X11/xinit/xinitrc\"" : null,
            "sh -c \"echo 'KEYMAP={_keyboard_layout}\nFONT=lat9w-16' >> /etc/vconsole.conf\"" : {"pass-args" : true}
        },
        "Configure desktop environment" : "awesome",
        "Configure pentest environment" : {
            "curl -O https://blackarch.org/strap.sh" : null,
            "chmod +x strap.sh" : null,
            "sudo ./strap.sh" : {"debug" : true},
            "touch /mnt/etc/openvpn/client/customer.conf" : {"no-chroot" : true},
            "sed -i 's/After=network.target/After=openvpn-client@customer.service\n&/' /mnt/usr/lib/systemd/system/sshd.service" : {"no-chroot" : true},
            "sed -i 's/ExecStart=/ExecStartPre=\\/usr\\/bin\\/sleep 30\n&/' /mnt/usr/lib/systemd/system/sshd.service" : {"no-chroot" : true},
            "echo 'Interface=eno1\nConnection=ethernet\nIP=dhcp' > /mnt/etc/netctl/LAN" : {"no-chroot" : true},
            "git clone https://github.com/Torxed/dumper.git" : null,
            "mkdir /mnt/etc/dumper" : {"no-chroot" : true},
            "cp dumper/config.json /etc/dumper/" : null,
            "cp dumper/dumper.py /usr/bin/" : null,
            "chmod 440 /etc/dumper/config.json" : null,
            "chmod 540 /usr/bin/dumper.py" : null,
            "cp dumper/systemd/dumper\@.service /etc/systemd/system/" : null,
            "sed -i 's/#ListenAddress 0.0.0.0/ListenAddress 192.168.0.10/' /mnt/etc/ssh/sshd_config" : {"no-chroot" : true},
            "rm -rf dumper" : null,
            "netctl enable LAN" : null,
            "systemctl enable dumper@eno1.service" : null,
            "systemctl enable sshd" : null
        }
    }
}

Copyright © 2002-2022 Judd Vinet and Aaron Griffin. Copyright © 2022 Erich Eckner.
The Arch Linux name and logo are recognized trademarks. Some rights reserved. The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.