ezra-buckingham / terry-the-terraformer Goto Github PK

The Terraform return codes are messed up, need to dig into those

Stop making it so dumb, just validate the containers outside of the Server object

the add command should look through the build manifest to check the nebula IPs that have been assigned and remove those from assignable IPs in the handler

Allow the user to provide a path to their public SSH key instead of making them paste the key into this file.

Server_name, Public_ip, nebula_ip, provider, domain, (server_type?)

If a user chooses to not deploy containers, they get two large errors when building.
Since containers are not required, suggest handling this another way and/or reducing the size of the error message.

Suggest setting the default teamserver name to teamserver.

Apache install failed on redirectors.

https://github.com/ezra-buckingham/terry-the-terraformer/blob/main/playbooks/install/install-apache.yml

Today, when prompted for a value, there are no "options" set available in the LogHandler object

If Nebula is not being used, suggest the following:

1. Configure /var/www/html/.htaccess on each redirector and set the first proxy rule with the IP address of the C2 server.
2. Configure the C2 server firewall to allow port 443 from each redirector.

Hi,

Thank you for creating this project, I am enjoying it so far.
I am having some difficulty configuring terry to login to my private AWS ECR. I had things working with public docker beforehand.

My repository URI is

repositoryUri": "123456.dkr.ecr.us-west-2.amazonaws.com/

aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 123456.dkr.ecr.us-west-2.amazonaws.com
results in a successful login in local testing, and i've pushed containers with this method.

my config.yml looks as such: (harcoding in the file while i troubleshooot)

container_registry_username: AWS 
container_registry_password: <AKIAR...>~<j...1>
container_registry_strategy: aws # If using AWS ECR, specify "aws"

output from terry on run:

TASK [Authenticate to the container registry] **********************************
skipping: [54.148.58.116]
included: /opt/terry-the-terraformer/playbooks/core/login-to-container-registry.yml for 35.92.206.208

TASK [Prepare the container registry URL for parsing] **************************
skipping: [35.92.206.208]

TASK [Extract the AWS Account ID and Region from ExtractCR URL] **********************
skipping: [35.92.206.208]

TASK [Authenticate to the container registry (aws strategy)] *******************
skipping: [35.92.206.208]

TASK [Authenticate to the container registry (default strategy)] ***************
fatal: [35.92.206.208]: FAILED! => {"changed": false, "msg": "Logging into https://123456.dkr.ecr.us-west-2.amazonaws.com for user AWS failed - 500 Server Error for http+docker://localhost/v1.41/auth: Internal Server Error (\"login attempt to https://123456.dkr.ecr.us-west-2.amazonaws.com/v2/ failed with status: 400 Bad Request\")"}

I see that it's a 400 bad request, and probably an issue with my config.yml - but I can't figure out what syntax it's looking for, if I've done something wrong.

I"ll make a PR to improve the config-example.yml once I know what I'm doing wrong.

Hi, ive populated config.yml and im using an API token associated with the root user, however I am still seeing the error below. Any ideas on how I can continue to troubleshoot?

Thank you

  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

proxmox_lxc.id-fa1ada82-8d8a-4dd0-9dcb-ce9e091b584b: Creating...

Error: error creating LXC container: 500 Only root can pass arbitrary filesystem paths. at /usr/share/perl5/PVE/Storage.pm line 541., error status: {"data":null} (params: {"arch":"amd64","cmode":"tty","console":true,"cores":2,"cpulimit":0,"cpuunits":1024,"features":"","hostname":"ratio-tisiphone","memory":4096,"net0":"bridge=vmbr0,ip=dhcp,name=eth0","onboot":false,"ostemplate":"ubuntu2204-4gb-template","protection":false,"rootfs":"zfs-pool1:24","ssh-public-keys":"ssh-rsa AAAA[redacted]","start":true,"storage":"local","swap":4096,"tags":"","tty":2,"unprivileged":false,"vmid":111})

  with proxmox_lxc.id-fa1ada82-8d8a-4dd0-9dcb-ce9e091b584b,
  on test2_plan.tf line 17, in resource "proxmox_lxc" "id-fa1ada82-8d8a-4dd0-9dcb-ce9e091b584b":
  17: resource "proxmox_lxc" "id-fa1ada82-8d8a-4dd0-9dcb-ce9e091b584b" {

[X] Fatal Error: Terraform returned an error: No stderr was returned, this is likely a logic issue or partial error within the plan. (Example: if AWS, a bad AMI given the region)```

The first examples (both short-hand and fully-qualified forms) on https://github.com/ezra-buckingham/terry-the-terraformer/wiki/Usage-Examples for using the create command are missing the create command.

A slight suggestion that you can feel free to close and ignore, but after getting familiar with the Terry code, it looks like it could be cleaner if the redirector server type were split into separate server types (e.g. dns_redirector). There are several places with conditional logic based on redirector_type and there's not much shared logic between these server types.

Thanks again for this great project. If you're not opposed to this idea, I may be able to quickly do it and submit a PR, though I'm not sure how it would handle upgrading existing operations' servers.

Redirector names not consistent.
AWS: operation name-redirector-random-random

DigitalOcean: domain name

Attempting to add a mailserver to an existing operation using a namecheap domain is failing with an error.

command:

python3 terry.py --operation [redacted] --verbose --no_elastic add   server --provider aws --type mailserver --fqdn [redacted].com:namecheap

generates the following plan for dns resources:

  # namecheap_domain_records._dmarc-mx-TXT-id-6f170dfd-ba29-4af1-90f8-2308125247fa will be created
  + resource "namecheap_domain_records" "_dmarc-mx-TXT-id-6f170dfd-ba29-4af1-90f8-2308125247fa" {
      + domain     = "[redacted].com"
      + email_type = "NONE"
      + id         = (known after apply)
      + mode       = "MERGE"

      + record {
          + address  = "v=DMARC1; p=none"
          + hostname = "_dmarc.mx"
          + mx_pref  = 10
          + ttl      = 1799
          + type     = "TXT"
        }
    }

  # namecheap_domain_records.mx-A-id-6f170dfd-ba29-4af1-90f8-2308125247fa will be created
  + resource "namecheap_domain_records" "mx-A-id-6f170dfd-ba29-4af1-90f8-2308125247fa" {
      + domain     = "[redacted].com"
      + email_type = "NONE"
      + id         = (known after apply)
      + mode       = "MERGE"

      + record {
          + address  = (known after apply)
          + hostname = "mx"
          + mx_pref  = 10
          + ttl      = 1799
          + type     = "A"
        }
    }

  # namecheap_domain_records.mx-MX-id-6f170dfd-ba29-4af1-90f8-2308125247fa will be created
  + resource "namecheap_domain_records" "mx-MX-id-6f170dfd-ba29-4af1-90f8-2308125247fa" {
      + domain     = "[redacted].com"
      + email_type = "MX"
      + id         = (known after apply)
      + mode       = "MERGE"

      + record {
          + address  = "mx.[redacted].com."
          + hostname = "mx"
          + mx_pref  = 10
          + ttl      = 1799
          + type     = "MX"
        }
    }

After accepting the actions, it appears that the MX record is properly created, but the other two records fail, with errors such as:

Error: Records[1].RecordType MX is not allowed for EmailType=NONE

  with namecheap_domain_records.mx-A-id-6f170dfd-ba29-4af1-90f8-2308125247fa,
  on [redacted]_plan.tf line 176, in resource "namecheap_domain_records" "mx-A-id-6f170dfd-ba29-4af1-90f8-2308125247fa":
 176: resource "namecheap_domain_records" "mx-A-id-6f170dfd-ba29-4af1-90f8-2308125247fa" { 

[X] Fatal Error: Terraform returned an error: No stderr was returned, this is likely a logic issue or partial error within the plan. (Example: if AWS, a bad AMI given the region)

This is with the current github version of Terry, commit dcf6861

The DigitalOcean API key is not being read in from config.yml.

Suggest integrating with:
https://github.com/mgeeky/RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation.

https://github.com/wikiZ/RedGuard
A C2 front flow control tool,Can avoid Blue Teams, AVs, and EDRs checks.

Suggest adding the following packages to a teamserver to support Cobalt Strike:
git
openjdk-11-jdk

I passed the API key and secret from the config.yml file. I also tried supplying the --gdK & --gdS flags.

The logic around the error message "No domains provided for redirector, this may cause issues with your redirector (depending on the protocol)" (in terry.py) results in no server being created for a redirector if there are no specified domains.

This behavior should be changed, or the error message should be more clear that the requested resource isn't going to be created, or it should be a more fatal error that stops the create/add request.

Suggest the following simple output to the user once a successful build has completed.

for each server

Example:
1.1.1.1 https aws evil-corp.com
1.1.1.2 https aws nothing-here.com
1.1.1.3 team do

As it stands, there is no good structure for how the different resources are being passed into Jinja (making it really hard for a user to know what data is sent to a template, making custom templating damn near impossible)

Suggest adding the following tags: ansible, digitalocean, and namecheap.

I've diffed the playbooks and they seem very similar, I'm a bit confused as to the differences between a categorization server and an https redirector. I don't see anything in the wiki or other documentation that details this.

A redirector with redirector_type=http doesn't appear to install Apache or anything else to perform http redirection. The redirector playbook appears to have sections for redirector_type=https and redirector_type=dns but no playbook contents for redirector_type=http

"Shoot I guess I'm not logging the ansible output in the logs 🫠"

In the wiki, there's a comment that remote configurations are used by the developers to store user info in a git repo:

if you have remote configurations (which in our use case, we have a private git repository with JSON files for each user that contains each user's desired username, public IP address/CIDR, and public ssh key)

https://github.com/ezra-buckingham/terry-the-terraformer/wiki/Usage

Can you please document somewhere what the layout of the json files in that repo look like and how you merge their contents into the team config?

Thanks!

Destroy command not working.

AWS: instances, security groups, and key pair still there.
DigitalOcean: droplets still there.

root@kali:/opt/terry-the-terraformer# ./terry.py -o test4 -v destroy -r
[+] Start of script run with command: "./terry.py -o test4 -v destroy -r"
[+] Destroying the "test4" plan
[] Parsing the build manifest
[+] Validating that we have all required credentials
[+] All required credentials found
[] Successfully found "terraform" binary
[+] Destroying Terraform plan

Error: Missing required argument

on test4_plan.tf line 15, in provider "aws":
15: provider "aws" { }

The argument "region" is required, but no definition was found.

Error: Missing required argument

on test4_plan.tf line 16, in provider "namecheap":
16: provider "namecheap" { }

The argument "api_user" is required, but no definition was found.

Error: Missing required argument

on test4_plan.tf line 16, in provider "namecheap":
16: provider "namecheap" { }

The argument "user_name" is required, but no definition was found.

Error: Missing required argument

on test4_plan.tf line 16, in provider "namecheap":
16: provider "namecheap" { }

The argument "api_key" is required, but no definition was found.
[x] Fatal Error: Error when destroying "test4". Please try again.

Should check the elastic URL, should validate we have enough nebula IP addys, and more

Broken Wiki links:
Adding to Terry > Terraform mappings file template folder
Adding to Terry > container mappings file
Adding to Terry > container mappings file
Resource Types > Terraform mappings file

When you run any command as sudo, you get a similar error:
sudo: unable to resolve host string-string: Name or service not known

string-string are the random names that terry assigns.

Suggest having Kali Linux as a teamserver option.

Could add a new line to config.yml so that the user can enter the AWS OS ID for their region.

Would be nice to have the ability to add these with the reconfigure command

Output from Terraform is not in color

Allow for multiple IPs and/or CIDRs for public_ip in config.yml

Using the -r switch with 'destroy' should delete all AWS security groups that were created.

Each AWS instance that is deployed has an attached security group.
These security groups all have the same rule: allow traffic on all ports and protocols. This seems redundant.

Suggest adding a password cracking option.
Example: https://github.com/stormfleet/cloudcat