Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Max length exceeded for some Azure resources #301

Closed
rcobb-scwx opened this issue Jan 30, 2023 · 2 comments
Closed

Max length exceeded for some Azure resources #301

rcobb-scwx opened this issue Jan 30, 2023 · 2 comments
Assignees
@christophetd
Labels
kind/bug Something isn't working platform/azure status/confirmed

Comments

@rcobb-scwx
Copy link
Contributor

What is not working?

Azure places limits on the max length for many resource names, such as virtual machines and key vaults.
These limits vary between the resources.

It appears that the Terraform locals.resource_prefix in the azure.execution.vm-custom-script-extension technique exceeds the max length when combined with the rest of the resource name.

This will likely affect other resources, however the Terraform apply fails on this resource first.
Unfortunately, these max name limits are not consistent across all resource types.
The only solution is to truncate the resource prefix or some of the other template strings until it does not exceed the max length limits.

What OS are you using?
Alpine build image for SRT.

What is your Stratus Red Team version?

It is the dev-snapshot build for branch uuid-encapsulation. This appears to affect all versions after #242 .

Full output?

2023/01/30 19:02:14 Checking your authentication against azure
2023/01/30 19:02:14 Creating /root/.stratus-red-team as it doesn't exist yet
2023/01/30 19:02:14 Installing Terraform in /root/.stratus-red-team/terraform
2023/01/30 19:02:16 Note: This is a slow attack technique, it might take a long time to warm up or detonate
2023/01/30 19:02:16 Warming up azure.execution.vm-custom-script-extension
2023/01/30 19:02:16 Initializing Terraform to spin up technique prerequisites
2023/01/30 19:02:20 Applying Terraform to spin up technique prerequisites
2023/01/30 19:03:15 unable to run terraform apply on prerequisite: unable to apply Terraform: exit status 1

Error: unable to assume default computer name "computer_name" can be at most 15 characters, got 34. Please adjust the "name", or specify an explicit "computer_name"

  with azurerm_windows_virtual_machine.lab_windows_vm,
  on main.tf line 77, in resource "azurerm_windows_virtual_machine" "lab_windows_vm":
  77: resource "azurerm_windows_virtual_machine" "lab_windows_vm" {

Files in $HOME/.stratus-red-team?

/ # ls -lahR $HOME/.stratus-red-team
/root/.stratus-red-team:
total 59M    
drwxr--r--    3 root     root        4.0K Jan 30 19:02 .
drwx------    1 root     root        4.0K Jan 30 19:02 ..
drwxr--r--    3 root     root        4.0K Jan 30 19:03 azure.execution.vm-custom-script-extension
-rwx------    1 root     root       59.1M Jan 30 19:02 terraform

/root/.stratus-red-team/azure.execution.vm-custom-script-extension:
total 32K    
drwxr--r--    3 root     root        4.0K Jan 30 19:03 .
drwxr--r--    3 root     root        4.0K Jan 30 19:02 ..
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 .terraform
-rw-r--r--    1 root     root           0 Jan 30 19:02 .terraform-initialized
-rw-r--r--    1 root     root        2.2K Jan 30 19:02 .terraform.lock.hcl
-rw-r--r--    1 root     root        3.6K Jan 30 19:02 main.tf
-rw-r--r--    1 root     root        8.0K Jan 30 19:03 terraform.tfstate

/root/.stratus-red-team/azure.execution.vm-custom-script-extension/.terraform:
total 12K    
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 .
drwxr--r--    3 root     root        4.0K Jan 30 19:03 ..
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 providers

/root/.stratus-red-team/azure.execution.vm-custom-script-extension/.terraform/providers:
total 12K    
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 .
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 ..
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 registry.terraform.io

/root/.stratus-red-team/azure.execution.vm-custom-script-extension/.terraform/providers/registry.terraform.io:
total 12K    
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 .
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 ..
drwxr-xr-x    4 root     root        4.0K Jan 30 19:02 hashicorp

/root/.stratus-red-team/azure.execution.vm-custom-script-extension/.terraform/providers/registry.terraform.io/hashicorp:
total 16K    
drwxr-xr-x    4 root     root        4.0K Jan 30 19:02 .
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 ..
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 azurerm
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 random

/root/.stratus-red-team/azure.execution.vm-custom-script-extension/.terraform/providers/registry.terraform.io/hashicorp/azurerm:
total 12K    
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 .
drwxr-xr-x    4 root     root        4.0K Jan 30 19:02 ..
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 3.8.0

/root/.stratus-red-team/azure.execution.vm-custom-script-extension/.terraform/providers/registry.terraform.io/hashicorp/azurerm/3.8.0:
total 12K    
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 .
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 ..
drwxr-xr-x    2 root     root        4.0K Jan 30 19:02 linux_amd64

/root/.stratus-red-team/azure.execution.vm-custom-script-extension/.terraform/providers/registry.terraform.io/hashicorp/azurerm/3.8.0/linux_amd64:
total 161M
drwxr-xr-x    2 root     root        4.0K Jan 30 19:02 .
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 ..
-rwxr-xr-x    1 root     root      161.2M Jan 30 19:02 terraform-provider-azurerm_v3.8.0_x5

/root/.stratus-red-team/azure.execution.vm-custom-script-extension/.terraform/providers/registry.terraform.io/hashicorp/random:
total 12K
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 .
drwxr-xr-x    4 root     root        4.0K Jan 30 19:02 ..
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 3.4.3

/root/.stratus-red-team/azure.execution.vm-custom-script-extension/.terraform/providers/registry.terraform.io/hashicorp/random/3.4.3:
total 12K
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 .
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 ..
drwxr-xr-x    2 root     root        4.0K Jan 30 19:02 linux_amd64

/root/.stratus-red-team/azure.execution.vm-custom-script-extension/.terraform/providers/registry.terraform.io/hashicorp/random/3.4.3/linux_amd64:
total 12M
drwxr-xr-x    2 root     root        4.0K Jan 30 19:02 .
drwxr-xr-x    3 root     root        4.0K Jan 30 19:02 ..
-rwxrwxr-x    1 root     root       12.0M Jan 30 19:02 terraform-provider-random_v3.4.3_x5
@rcobb-scwx
Copy link
Contributor Author

Here is the table of resource name rules for Azure resources.

@christophetd
Copy link
Contributor

Thanks! Probably slipped through the cracks during #242

christophetd added a commit that referenced this issue Jan 30, 2023
@christophetd
Fix resource name lengths in Azure attack techniques (closes #301)
baccf3c
christophetd added a commit that referenced this issue Jan 30, 2023
@christophetd
Fix resource name lengths in Azure attack techniques (closes #301)
c3e37e5
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@christophetd christophetd

Labels
kind/bug Something isn't working platform/azure status/confirmed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@christophetd @rcobb-scwx