blob: a9c77ece277f3ce5ed7122d47872806945fa415a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
|
---
- hosts: localhost
become: yes
vars:
docker_repo_key: "https://download.docker.com/linux/debian/gpg"
docker_repo: "deb [arch=amd64] https://download.docker.com/linux/debian buster stable"
tasks:
- name: Add docker repo key
apt_key:
url: "{{ docker_repo_key }}"
state: present
- name: Add docker repo
apt_repository:
repo: "{{ docker_repo }}"
state: present
- name: Ensuring all packages are up to date
apt:
update_cache: yes
upgrade: dist
- name: Installing one-off packages from package manager
package:
name:
- terminator
- jxplorer
- seclists
- gobuster
- python3-pip
- crackmapexec
- neo4j
- openjdk-14-jdk
- rlwrap
- eog
- xclip
- steghide
- git
- ltrace
- strace
- gdb
- gdbserver
- docker
- docker-compose
- forensics-extra
- ncat
- jq
- powershell
- samba
- tmux
state: latest
- name: Clone Invoke-Obfuscation (•_•) ( •_•)>⌐■-■ (⌐■_■)
git:
repo: 'https://github.com/danielbohannon/Invoke-Obfuscation'
dest: /opt/Invoke-Obfuscation
- name: Clone JumboJohn
git:
repo: 'https://github.com/magnumripper/JohnTheRipper'
dest: /opt/JohnTheRipper
- name: Clone Nishang
git:
repo: 'https://github.com/samratashok/nishang'
dest: /opt/nishang
- name: Clone Chisel
git:
repo: 'https://github.com/jpillora/chisel'
dest: /opt/chisel
- name: Clone LinEnum
git:
repo: 'https://github.com/rebootuser/LinEnum'
dest: /opt/LinEnum
- name: Clone PEASS
git:
repo: 'https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite'
dest: /opt/privilege-escalation-awesome-scripts-suite
- name: Clone PowerSploit
git:
repo: 'https://github.com/PowerShellMafia/PowerSploit'
dest: /opt/PowerSploit
- name: Clone Impacket
git:
repo: 'https://github.com/SecureAuthCorp/impacket'
dest: /opt/impacket
- name: Clone Bloodhound
git:
repo: 'https://github.com/BloodHoundAD/BloodHound'
dest: /opt/BloodHound
- name: Clone Gef
git:
repo: 'https://github.com/hugsy/gef.git'
dest: /opt/gef
- name: Initialize Gef
script: /opt/gef/scripts/gef.sh
- name: Get Evil-WinRM via gem installer
gem:
name: evil-winrm
state: latest
user_install: no
- name: Disable mouse interactivity in vim (╯°□°)╯︵ ┻━┻
blockinfile:
path: /etc/vim/vimrc
insertafter: EOF
state: present
block: |
set mouse=
set ttymouse=
- name: Copying over bashrc file
copy:
src: /tmp/master-bashrc
dest: /root/.bashrc
owner: root
group: root
- name: Copying over bash functions file
copy:
src: /tmp/master-bash_functions
dest: /root/.bash_functions
owner: root
group: root
- name: Copying over tmux config
copy:
src: /tmp/master-tmux_conf
dest: /root/.tmux.conf
owner: root
group: root
- name: Create /srv/smb/ directory for payload population
file:
path: /srv/smb
state: directory
mode: '0755'
- name: Creating IWR share in samba config
blockinfile:
path: /etc/samba/smb.conf
insertafter: EOF
state: present
block: |
[iwr]
comment = Invoke-WebReq'd em? Damn near killed em!
path = /srv/smb
guest ok = yes
browseable = yes
create mask = 0600
directory mask = 0755
- name: Ensure that samba doesn't start on boot
systemd:
name: smbd
enabled: no
state: stopped
|
