Merge pull request #4 from qsecure-labs/dev-new-tf

bug fixes

modules/ansible.py

@@ -71,7 +71,7 @@ def __init__(self):
         # Create list with modules id
         modules_ids=[]
         for c in campaign_list:
-            if c["module"] != "dns_record" and c["module"] != "letsencrypt" and c["module"] != "godaddy" and c["module"] != "ansible":
+            if c["module"] != "dns_record" and c["module"] != "letsencrypt" and c["module"] != "godaddy" and c["module"] != "ansible" and c["module"] != "redirector" and c["module"] != "mail":
                 modules_ids.insert(len(modules_ids),(c["id"]+"/"+c["module"]))
                 if c["module"] != "redirector":
                     for i in range(c["redirectors"]):

modules/providers/aws.py

@@ -183,6 +183,9 @@ def gophish(c):
   value = "${{module.gophish_rdir_{c["id"]}.ips}}"
 }}
 
+output "Admin_Password_{c["id"]}" {{
+  value = "You can find the auto-generated Gophish admin password at: /opt/goapps/src/github.com/gophish/password.txt"
+}}
 """
         else:
             output = f"""
@@ -197,6 +200,9 @@ def gophish(c):
   value = "${{module.gophish_{c["id"]}.ips}}"
 }}
 
+output "Admin_Password_{c["id"]}" {{
+  value = "You can find the auto-generated Gophish admin password at: /opt/goapps/src/github.com/gophish/password.txt"
+}}
 """
         return output
 

modules/providers/digitalocean.py

@@ -82,6 +82,7 @@ def c2(c):
 module "c2_{c["id"]}" {{
     source = "../../redbaron/modules/{c["provider"]}/{c["type"]}-c2"
     install = [{scripts}]
+    distro = "{linux_distro}"
     size = "{c["size"]}"
     regions = ["{c["region"]}"]
 }}
@@ -156,6 +157,9 @@ def gophish(c):
   value = "${{module.gophish_rdir_{c["id"]}.ips}}"
 }}
 
+output "Admin_Password_{c["id"]}" {{
+  value = "You can find the auto-generated Gophish admin password at: /opt/goapps/src/github.com/gophish/password.txt"
+}}
 """
         else:
             output = f"""
@@ -169,6 +173,9 @@ def gophish(c):
   value = "${{module.gophish_{c["id"]}.ips}}"
 }}
 
+output "Admin_Password_{c["id"]}" {{
+  value = "You can find the auto-generated Gophish admin password at: /opt/goapps/src/github.com/gophish/password.txt"
+}}
 """
         return output
 

redbaron/data/playbooks/playbook1.yml → redbaron/data/playbooks/playbook.yml

@@ -1,4 +1,4 @@
-- name: Network Getting Started First Playbook
+- name: Download Impacket
   gather_facts: false
   hosts: all
   tasks:

redbaron/data/scripts/gophish.sh

@@ -29,5 +29,9 @@ echo "export PATH=$GOPATH/bin:$GOROOT/bin:$PATH" >> /root/.profile
 source /root/.profile
 
 #create readme file
-echo "systemctl start gophish.service (start the service)" >> /root/README.txt
-echo "systemctl stop gophish.service (stop the service)" >> /root/README.txt
+echo "systemctl start gophish.service (start the service)" >> /opt/goapps/src/github.com/gophish/README.txt
+echo "systemctl stop gophish.service (stop the service)" >> /opt/goapps/src/github.com/gophish/README.txt
+
+sleep 30s
+
+cat /var/log/gophish.err | grep 'Please login with the username admin and the password' > /opt/goapps/src/github.com/gophish/password.txt

redbaron/data/scripts/iredmail.sh

@@ -1,10 +1,10 @@
 #bin/bash
 
-wget https://github.com/iredmail/iRedMail/archive/1.2.1.tar.gz
+wget https://github.com/iredmail/iRedMail/archive/1.3.tar.gz
 
-tar -xf 1.2.1.tar.gz
+tar -xf 1.3.tar.gz
 
-cd iRedMail-1.2.1
+cd iRedMail-1.3
 
 echo -e "AUTO_USE_EXISTING_CONFIG_FILE=y \
 \nAUTO_INSTALL_WITHOUT_CONFIRM=y \

redbaron/data/scripts/tools/covenant.sh

@@ -0,0 +1,9 @@
+sudo wget https://packages.microsoft.com/config/debian/10/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
+#replace https://packages.microsoft.com/config/debian/10/packages-microsoft-prod.deb with the correct distreo package (debian package tested on DO ubuntu and it works)
+sudo apt install -y apt-transport-https
+sudo dpkg -i packages-microsoft-prod.deb
+sudo apt-get update
+sudo apt-get install -y dotnet-sdk-3.1
+git clone --recurse-submodules https://github.com/cobbr/Covenant
+cd Covenant/Covenant
+dotnet build

redbaron/modules/aws/dns-c2/security_group.tf

@@ -15,6 +15,12 @@ resource "aws_security_group" "dns-c2" {
     protocol    = "tcp"
     cidr_blocks = ["${data.external.get_public_ip.result["ip"]}/32"]
   }
+  ingress { # rule for covenant admin panel
+    from_port   = 7443
+    to_port     = 7443
+    protocol    = "tcp"
+    cidr_blocks = ["${data.external.get_public_ip.result["ip"]}/32"]
+  }
   ingress {
     from_port   = 53
     to_port     = 53

redbaron/modules/aws/http-c2/security_group.tf

@@ -15,6 +15,12 @@ resource "aws_security_group" "http-c2" {
     protocol    = "tcp"
     cidr_blocks = ["${data.external.get_public_ip.result["ip"]}/32"]
   }
+  ingress { # rule for covenant admin panel
+    from_port   = 7443
+    to_port     = 7443
+    protocol    = "tcp"
+    cidr_blocks = ["${data.external.get_public_ip.result["ip"]}/32"]
+  }
   ingress {
     from_port = 80
     to_port   = 80

redbaron/modules/digitalocean/dns-c2/firewall.tf

@@ -26,6 +26,11 @@ resource "digitalocean_firewall" "web" {
     port_range       = "22"
     source_addresses = ["${data.external.get_public_ip.result["ip"]}/32"]
   }
+  inbound_rule { # Rule for covenant admin panel
+    protocol         = "tcp"
+    port_range       = "7443"
+    source_addresses = ["${data.external.get_public_ip.result["ip"]}/32"]
+  }
   inbound_rule {
     protocol         = "udp"
     port_range       = "60000-61000"

redbaron/modules/digitalocean/http-c2/firewall.tf

@@ -26,6 +26,11 @@ resource "digitalocean_firewall" "web" {
     port_range       = "22"
     source_addresses = ["${data.external.get_public_ip.result["ip"]}/32"]
   }
+  inbound_rule { # Rule for covenant admin panel
+    protocol         = "tcp"
+    port_range       = "7443"
+    source_addresses = ["${data.external.get_public_ip.result["ip"]}/32"]
+  }
   inbound_rule {
     protocol         = "udp"
     port_range       = "60000-61000"