ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why not? This seemed to be the next natural evolution to the configuration of standard attack platforms.
This project uses ansible playbooks and roles to perform post deployment configuration on a linux target (Tested on Ubuntu 18.04).
The project is designed to be used as a starter process in creating, managing, and using a standard attack platform for red teaming or penetration testing.
Detail on the concept of a Standard Attack Platform can be found it the book Red Team Development and Operations - A practical guide, written by Joe Vest and James Tubberville.
ansible_port
variable in threatbox.yml
pipenv shell
in the project directory to access. See https://realpython.com/pipenv-guide/ for pipenv usage guidanceThe following list highlights key components of this project.
File/Directory | Description | Usage |
---|---|---|
host | Ansible hosts file | Update with IP addresses of target ansible systems |
group_vars/threatbox.yml | common variables | variable used for the project. update as needed. |
threatbox_playbox.yml | Primary ansible playbook | Update as need to add additional roles or features |
roles/common | Common OS platform configuration | Setup common OS settings (i.e set version in background or build) |
roles/. | other specific roles to configure or deploy tools | add or modify roles in roles/ |
Provision one or more targets.
Note: This project was tested on Ubuntu 18.04 deployed in Digitalocean
hosts.sample
to hosts
hosts
with the IP(s) of your target systemsgroup_varsthreatbox.yml.sample
to group_varsthreatbox.yml
group_varsthreatbox.yml
with the updated variables you would like to use # OSX issue https://github.com/ansible/ansible/issues/32499
if [[ "$(uname)" == "Darwin" ]]
then
export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=yes;
fi
# Ansible Logging
rm ./ansible.log
export ANSIBLE_LOG_PATH="ansible.log"
# Ansible Debugging
export ANSIBLE_DEBUG=False
# Execute playbook
ansible-playbook -e ansible_python_interpreter=/usr/bin/python3 -i hosts threatbox_playbook.yml
Note: Consider using Mitogen for Ansible to gain a significant performance boost. https://mitogen.networkgenomics.com/ansible_detailed.html
[defaults]
host_key_checking = False
pipelining = True
forks = 100
timeout = 600
stdout_callback = yaml
bin_ansible_callbacks = True
callback_whitelist = profile_roles, profile_tasks, timer
#mitogen
strategy_plugins = ~/Documents/mitogen-0.2.9/ansible_mitogen/plugins/strategy
strategy = mitogen_linear
Note: SSH may be set to a non-standard port during setup. This value is set in the group_vars/threatbox.yml
files
threatboxip=10.10.10.10
sshport=52222
ssh -p $sshport -i ~/.ssh/threatbox_id_rsa root@$threatboxip
Note: VNC is setup but not allowed over the network. You must use an SSH tunnel to access.
threatboxip=10.10.10.10
sshport=52222
ssh -p $sshport -i ~/.ssh/threatbox_id_rsa -L 5901:localhost:5901 root@$threatboxip
This project uses ansbile roles. These roles may not exactly follow the ansible style. They were designed to be used as part of this project and use a single 'variable' file to control the project. The roles can easily be used in other project with minor tweaks.
ThreatBox Custom Commands
Tool Categories
Tracking of all installed tools
Automatic terminal logging
Custom terminal options provide more context
Light version of the terminal
Pipenv keep Python projects independent
Example of SilentTrinity running in pipenv environment
ThreatBox is a standard and controlled Linux based attack platform. I’ve used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why not? This seemed to be the next natural evolution to the configuration of standard attack platforms.
This project uses ansible playbooks and roles to perform post deployment configuration on a linux target (Tested on Ubuntu 18.04).
The project is designed to be used as a starter process in creating, managing, and using a standard attack platform for red teaming or penetration testing.
Detail on the concept of a Standard Attack Platform can be found it the book Red Team Development and Operations – A practical guide, written by Joe Vest and James Tubberville.
Features
ansible_port
variable in threatbox.yml
pipenv shell
in the project directory to access. See https://realpython.com/pipenv-guide/ for pipenv usage guidanceProject Files
The following list highlights key components of this project.
File/Directory | Description | Usage |
---|---|---|
host | Ansible hosts file | Update with IP addresses of target ansible systems |
group_vars/threatbox.yml | common variables | variable used for the project. update as needed. |
threatbox_playbox.yml | Primary ansible playbook | Update as need to add additional roles or features |
roles/common | Common OS platform configuration | Setup common OS settings (i.e set version in background or build) |
roles/. | other specific roles to configure or deploy tools | add or modify roles in roles/ |
Quickstart
Provision
Provision one or more targets.
Note: This project was tested on Ubuntu 18.04 deployed in Digitalocean
Configuration
hosts.sample
to hosts
hosts
with the IP(s) of your target systemsgroup_varsthreatbox.yml.sample
to group_varsthreatbox.yml
group_varsthreatbox.yml
with the updated variables you would like to use
Ansible commands
# OSX issue https://github.com/ansible/ansible/issues/32499
if [[ "$(uname)" == "Darwin" ]]
then
export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=yes;
fi
# Ansible Logging
rm ./ansible.log
export ANSIBLE_LOG_PATH="ansible.log"
# Ansible Debugging
export ANSIBLE_DEBUG=False
# Execute playbook
ansible-playbook -e ansible_python_interpreter=/usr/bin/python3 -i hosts threatbox_playbook.yml
Note: Consider using Mitogen for Ansible to gain a significant performance boost. https://mitogen.networkgenomics.com/ansible_detailed.html
Tested with this ansible.cfg
[defaults]
host_key_checking = False
pipelining = True
forks = 100
timeout = 600
stdout_callback = yaml
bin_ansible_callbacks = True
callback_whitelist = profile_roles, profile_tasks, timer
#mitogen
strategy_plugins = ~/Documents/mitogen-0.2.9/ansible_mitogen/plugins/strategy
strategy = mitogen_linear
Remotely Access the system
Console access with SSH
Note: SSH may be set to a non-standard port during setup. This value is set in the group_vars/threatbox.yml
files
threatboxip=10.10.10.10
sshport=52222
ssh -p $sshport -i ~/.ssh/threatbox_id_rsa root@$threatboxip
GUI Access with VNC over SSH
Note: VNC is setup but not allowed over the network. You must use an SSH tunnel to access.
threatboxip=10.10.10.10
sshport=52222
ssh -p $sshport -i ~/.ssh/threatbox_id_rsa -L 5901:localhost:5901 root@$threatboxip
Notes on the project
This project uses ansbile roles. These roles may not exactly follow the ansible style. They were designed to be used as part of this project and use a single ‘variable’ file to control the project. The roles can easily be used in other project with minor tweaks.
Features
ThreatBox Custom Commands
Tool Categories
Tracking of all installed tools
Automatic terminal logging
Custom terminal options provide more context
Light version of the terminal
Pipenv keep Python projects independent
Example of SilentTrinity running in pipenv environment
Write a AI detection pass, persuasive, cickable, catchy, well structured and seo optimized article with… Read More
AI Will Make Human Art More Valuable AI models are increasing in popularity and value… Read More
UK Set to Announce Ban on TikTok on Government Smartphones: Report Following in the footsteps… Read More
How ChatGPT and Generative AI Could Change the Way We Travel The travel industry is… Read More
The curious case of Pluto! Is it a dwarf planet, comet or an asteroid? This… Read More
A Spy Wants to Connect with You on LinkedIn: How to Spot and Avoid Fake… Read More
Leave a Comment