cloud: add AWS cracking automation (#9)

cloud: add AWS cracking automation

The commit contains files for Terraform and Ansible. The purpose of these
files is to assist users who need to run password cracking sessions in the cloud.

.gitignore

@@ -0,0 +1,5 @@
+*.diff
+.terraform
+.terraform.*
+terraform.*
+inventory

cloud-tool/Dockerfile

@@ -0,0 +1,34 @@
+######################################################################
+# Copyright (c) 2021 Claudio André <claudioandre.br at gmail.com>
+#
+# This program comes with ABSOLUTELY NO WARRANTY; express or implied.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, as expressed in version 2, seen at
+# http://www.gnu.org/licenses/gpl-2.0.html
+######################################################################
+
+FROM ubuntu:latest
+LABEL maintainer Claudio André (c) 2021 1.0.Cloud Tools
+LABEL software automation for John the Ripper
+
+RUN apt-get update -qq && \
+    export DEBIAN_FRONTEND="noninteractive" && \
+    apt-get install -y curl gnupg software-properties-common && \
+    curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - && \
+    apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \
+    apt-add-repository --yes --update ppa:ansible/ansible && \
+    apt-get install -y \
+        terraform ansible \
+        wget git nano \
+        && \
+    useradd -U -m cracker && \
+    # Clean the image
+    apt-get -y clean && \
+    rm -rf /var/lib/apt/lists
+
+USER cracker
+WORKDIR /host/cloud-tools
+ENV PROVIDER AWS
+CMD /bin/bash

cloud-tool/build-john.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+######################################################################
+# Copyright (c) 2021 Claudio André <claudioandre.br at gmail.com>
+#
+# This program comes with ABSOLUTELY NO WARRANTY; express or implied.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, as expressed in version 2, seen at
+# http://www.gnu.org/licenses/gpl-2.0.html
+######################################################################
+
+# Prepare the environment
+sudo apt-get -y install git build-essential libssl-dev zlib1g-dev libgmp-dev libpcap-dev libbz2-dev
+git clone --depth 10 https://github.com/openwall/john.git
+cd john/src
+
+# Build John the Ripper
+# TODO remove the next line
+rm -f *fmt_plug.c
+./configure && make -sj2
+../run/john

cloud-tool/ec2.tf

@@ -0,0 +1,91 @@
+######################################################################
+# Copyright (c) 2021 Claudio André <claudioandre.br at gmail.com>
+#
+# This program comes with ABSOLUTELY NO WARRANTY; express or implied.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, as expressed in version 2, seen at
+# http://www.gnu.org/licenses/gpl-2.0.html
+######################################################################
+
+data "aws_ami" "ubuntu" {
+  most_recent = true
+
+  filter {
+    name   = "name"
+    values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  owners = ["099720109477"] # Images owned by Canonical (099720109477)
+}
+
+resource "aws_instance" "worker" {
+  ami           = data.aws_ami.ubuntu.id
+  vpc_security_group_ids = [aws_security_group.jtrcrackers-sg.id]
+  key_name = aws_key_pair.deployer.key_name
+  instance_type = var.instance["instance_type"]
+  count = var.instance["count"]
+
+  credit_specification {
+    cpu_credits = "standard"
+  }
+
+  # The connection uses the local SSH agent for authentication.
+  connection {
+    user        = "ubuntu"
+    type        = "ssh"
+    host        = self.public_ip
+    private_key = local.private_key_content
+  }
+
+  provisioner "file" {
+    source      = "./build-john.sh"
+    destination = "/home/ubuntu/"
+  }
+
+  provisioner "file" {
+    source      = "./hashes.txt"
+    destination = "/home/ubuntu/hashes.txt"
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "cd ~",
+      "ls -laR"
+    ]
+  }
+
+  depends_on = [
+    # Security group rule must be created before this IP address could
+    # actually be used, otherwise the services will be unreachable.
+    aws_security_group.jtrcrackers-sg,
+  ]
+
+  tags = {
+    Name = "JtRCracker${count.index + 1}-instance"
+    Environment = var.domain
+    "Application Role" = var.role
+    Owner = var.owner
+    Customer = var.customer
+    Confidentiality = var.confidentiality
+  }
+}
+
+resource "aws_key_pair" "deployer" {
+  key_name   = "deployer-key"
+  public_key = local.public_key_content
+}
+
+# You can also add your key here.
+/*
+resource "aws_key_pair" "deployer" {
+  key_name   = "deployer-key"
+  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com"
+}
+*/

cloud-tool/inventory.tmpl

@@ -0,0 +1,4 @@
+[Crackers]
+%{ for index, dns in public-dns ~}
+${dns} ansible_host=${public-ip[index]} # ${public-id[index]}
+%{ endfor ~}

cloud-tool/main.tf

@@ -0,0 +1,36 @@
+######################################################################
+# Copyright (c) 2021 Claudio André <claudioandre.br at gmail.com>
+#
+# This program comes with ABSOLUTELY NO WARRANTY; express or implied.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, as expressed in version 2, seen at
+# http://www.gnu.org/licenses/gpl-2.0.html
+######################################################################
+
+provider "aws" {
+  region = local.region
+  profile = local.profile
+}
+
+# Create workspaces to run the same set of instruction on different environments
+locals {
+  profile = lookup(var.profile_list, terraform.workspace)
+}
+locals {
+  region = lookup(var.regions_list, terraform.workspace)
+}
+locals {
+  run_env = lookup(var.environment_list, terraform.workspace)
+}
+
+# Save terraform state remotely (if needed).
+/* terraform {
+  backend "s3" {
+    bucket = "jtrcrackers-tfstate"
+    key    = "sg/terraform.state"
+    region = var.region
+    profile = var.profile
+  }
+} */

cloud-tool/output.tf

@@ -0,0 +1,31 @@
+######################################################################
+# Copyright (c) 2021 Claudio André <claudioandre.br at gmail.com>
+#
+# This program comes with ABSOLUTELY NO WARRANTY; express or implied.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, as expressed in version 2, seen at
+# http://www.gnu.org/licenses/gpl-2.0.html
+######################################################################
+
+output current_environment {
+  value = local.run_env
+}
+
+output "ip_address" {
+  value = "${aws_instance.worker.*.public_ip}"
+  description = "The IP address(es) of the instance(s)."
+}
+
+### The Ansible inventory file
+resource "local_file" "AnsibleInventory" {
+  content = templatefile("inventory.tmpl",
+    {
+      public-dns = aws_instance.worker.*.public_dns,
+      public-ip = aws_instance.worker.*.public_ip,
+      public-id = aws_instance.worker.*.id
+    }
+  )
+  filename = "inventory"
+}

cloud-tool/playbook/copy-back.yml

@@ -0,0 +1,30 @@
+######################################################################
+# Copyright (c) 2021 Claudio André <claudioandre.br at gmail.com>
+#
+# This program comes with ABSOLUTELY NO WARRANTY; express or implied.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, as expressed in version 2, seen at
+# http://www.gnu.org/licenses/gpl-2.0.html
+######################################################################
+
+---
+- hosts: all
+  gather_facts: no
+  remote_user: ubuntu
+  tasks:
+     - name: Copy file(s) from all requested remote servers to local.
+       fetch:
+         src: /home/ubuntu/john/run/john.pot
+         dest: ..
+
+     - name: Copy file(s) from all requested remote servers to local.
+       fetch:
+         src: /home/ubuntu/john/run/john.rec
+         dest: ..
+
+     - name: Copy file(s) from all requested remote servers to local.
+       fetch:
+         src: /home/ubuntu/john/run/john.log
+         dest: ..

cloud-tool/playbook/copy-hashes.yml

@@ -0,0 +1,22 @@
+######################################################################
+# Copyright (c) 2021 Claudio André <claudioandre.br at gmail.com>
+#
+# This program comes with ABSOLUTELY NO WARRANTY; express or implied.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, as expressed in version 2, seen at
+# http://www.gnu.org/licenses/gpl-2.0.html
+######################################################################
+
+---
+- hosts: all
+  remote_user: ubuntu
+  tasks:
+     - name: Copy a file called 'hashes.txt' to all requested remote servers.
+       copy:
+         src: ../hashes.txt
+         dest: /home/ubuntu/hashes.txt
+         owner: ubuntu
+         group: ubuntu
+         mode: '0644'

cloud-tool/playbook/install-john.yml

@@ -0,0 +1,20 @@
+######################################################################
+# Copyright (c) 2021 Claudio André <claudioandre.br at gmail.com>
+#
+# This program comes with ABSOLUTELY NO WARRANTY; express or implied.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, as expressed in version 2, seen at
+# http://www.gnu.org/licenses/gpl-2.0.html
+######################################################################
+
+---
+- hosts: all
+  remote_user: ubuntu
+  tasks:
+    - name: Transfer the script
+      copy: src=../build-john.sh dest=/home/ubuntu/build-john.sh mode=0777
+
+    - name: Execute the script
+      shell: /home/ubuntu/build-john.sh | tee buildlog.txt