-
Notifications
You must be signed in to change notification settings - Fork 2
/
ludus_autodeploylab_goad.sh
184 lines (158 loc) · 5.37 KB
/
ludus_autodeploylab_goad.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
#!/bin/bash
# Summoning the Seven Kingdoms with GOAD (Game of Active Directory)
# Creating goadconfig.yml file with noble house assignments
cat <<EOF > goadconfig.yml
ludus:
- vm_name: "{{ range_id }}-GOAD-DC01"
hostname: "{{ range_id }}-DC01"
template: win2019-server-x64-template
vlan: 10
ip_last_octet: 10
ram_gb: 4
cpus: 2
windows:
sysprep: true
- vm_name: "{{ range_id }}-GOAD-DC02"
hostname: "{{ range_id }}-DC02"
template: win2019-server-x64-template
vlan: 10
ip_last_octet: 11
ram_gb: 4
cpus: 2
windows:
sysprep: true
- vm_name: "{{ range_id }}-GOAD-DC03"
hostname: "{{ range_id }}-DC03"
template: win2019-server-x64-template
vlan: 10
ip_last_octet: 12
ram_gb: 8
cpus: 2
windows:
sysprep: true
- vm_name: "{{ range_id }}-GOAD-SRV02"
hostname: "{{ range_id }}-SRV02"
template: win2019-server-x64-template
vlan: 10
ip_last_octet: 22
ram_gb: 4
cpus: 2
windows:
sysprep: true
- vm_name: "{{ range_id }}-GOAD-SRV03"
hostname: "{{ range_id }}-SRV03"
template: win2019-server-x64-template
vlan: 10
ip_last_octet: 23
ram_gb: 4
cpus: 2
windows:
sysprep: true
- vm_name: "{{ range_id }}-kali"
hostname: "{{ range_id }}-kali"
template: kali-x64-desktop-template
vlan: 10
ip_last_octet: 99
ram_gb: 4
cpus: 2
linux: true
testing:
snapshot: false
block_internet: false
EOF
# Setting up the battalions with ludus range command
ludus range config set -f goadconfig.yml
# Deploying the legions
ludus range deploy
# Function to consult the Red Priests for deployment status
check_status() {
status=$(ludus range status | grep "SUCCESS")
if [ -z "$status" ]; then
return 1
else
return 0
fi
}
# Waiting for ravens to return with news of successful deployment
while ! check_status; do
echo "Deployment is not yet successful. Waiting..."
sleep 60 # Adjust sleep time as needed
done
# Rejoice! The deployment has succeeded, let's update the lords of the servers
# Consulting the Maesters for the userID
userID=$(ludus range list --json | jq -r '.userID')
# Sending raven to update the noble server of House GOAD-SRV02
updatesrv02="ludus testing update -n ${userID}-GOAD-SRV02"
$updatesrv02
# Gazing into the flames, awaiting visions of successful updates
echo "Waiting for updates to be installed..."
while true; do
logs=$(ludus range logs)
echo "$logs" | grep -i "PLAY RECAP" && break
sleep 120 # Adjust sleep time as needed
done
# The updates are complete! Continuing with other commands...
# Channeling the wisdom of the Maesters to install required spells (Python packages)
echo "Installing required spells (Python packages)..."
python3 -m pip install ansible-core
python3 -m pip install pywinrm
# Embarking on a journey to the lands of GOAD, accompanied by loyal bannermen
echo "Gathering the banners of GOAD..."
git clone https://github.com/Orange-Cyberdefense/GOAD
# Venturing into the halls of GOAD/ansible
cd GOAD/ansible || exit
# Crafting the sigils and banners of the noble houses in inventory.yml
cat <<EOF > inventory.yml
[default]
; Note: ansible_host *MUST* be an IPv4 address or setting things like DNS
; servers will break.
; ------------------------------------------------
; Winterfell
; ------------------------------------------------
dc01 ansible_host=10.RANGENUMBER.10.10 dns_domain=dc01 dict_key=dc01
; The Eyrie
; ------------------------------------------------
dc02 ansible_host=10.RANGENUMBER.10.11 dns_domain=dc01 dict_key=dc02
srv02 ansible_host=10.RANGENUMBER.10.22 dns_domain=dc02 dict_key=srv02
; Castle Black
; ------------------------------------------------
dc03 ansible_host=10.RANGENUMBER.10.12 dns_domain=dc03 dict_key=dc03
srv03 ansible_host=10.RANGENUMBER.10.23 dns_domain=dc03 dict_key=srv03
[all:vars]
; domain_name : folder inside ad/
domain_name=GOAD
force_dns_server=yes
dns_server=10.RANGENUMBER.10.254
two_adapters=no
; adapter created by vagrant and virtualbox (comment if you use vmware)
nat_adapter=Ethernet
domain_adapter=Ethernet
; adapter created by vagrant and vmware (uncomment if you use vmware)
; nat_adapter=Ethernet0
; domain_adapter=Ethernet1
; winrm connection (windows)
ansible_user=localuser
ansible_password=password
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore
ansible_winrm_operation_timeout_sec=400
ansible_winrm_read_timeout_sec=500
; proxy settings (the lab need internet for some install, if you are behind a proxy you should set the proxy here)
enable_http_proxy=no
ad_http_proxy=http://x.x.x.x:xxxx
ad_https_proxy=http://x.x.x.x:xxxx
EOF
# Unleashing the fury of Ansible, rallying the troops for provisioning
echo "Unleashing the fury of Ansible, rallying the troops for provisioning..."
ansible-galaxy install -r requirements.yml
# Updating the map with ludus range information
export RANGENUMBER=$(ludus range list --json | jq '.rangeNumber')
sed -i "s/RANGENUMBER/$RANGENUMBER/g" inventory.yml
# Preparing the battle plans with environment variables for Ansible
export ANSIBLE_INVENTORY=inventory.yml
export ANSIBLE_COMMAND="ansible-playbook -i ../ad/GOAD/data/inventory -i $ANSIBLE_INVENTORY"
export LAB="GOAD"
# Commencing the great journey with the provisioning script
echo "Commencing the great journey with the provisioning script..."
../scripts/provisionning.sh
# The saga continues... Valar Morghulis!