Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cloud: add AWS cracking automation #9

Merged
merged 3 commits into from
May 2, 2021
Merged

cloud: add AWS cracking automation #9

merged 3 commits into from
May 2, 2021

Conversation

claudioandre-br
Copy link
Member

@claudioandre-br claudioandre-br commented May 1, 2021
edited
Loading

The repository contains files for Terraform and Ansible in order to
assist users who need to run password cracking sessions in the Cloud.

  • How a real user will use the cluster?

@claudioandre-br
cloud: add AWS cracking automation
4786bfa 
The repository contains files for Terraform and Ansible in order to
assist users who need to run password cracking sessions in the Cloud.
@claudioandre-br
SQUASH
053fc06
@claudioandre-br claudioandre-br merged commit 90d3b55 into master May 2, 2021
@claudioandre-br
Copy link
Member Author

Merging so that I can advertise and see if anyone is interested in the new functionality.

@claudioandre-br claudioandre-br deleted the cloud branch May 2, 2021 01:22
@claudioandre-br claudioandre-br mentioned this pull request May 2, 2021
Closed
1 task
solardiz
solardiz reviewed May 2, 2021
View reviewed changes
Copy link
Member

@solardiz solardiz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Like you, I don't know if this will be in demand, but I was curious to take a look at the diff here and noticed a few minor things.

Also, I suggest we standardize on "john" instead of "jtr" (or "JtR") in various component names, identifiers, etc.

cloud-tool/playbook/install-john.yml
remote_user: ubuntu
tasks:
- name: Transfer the script
copy: src=../build-john.sh dest=/home/ubuntu/build-john.sh mode=0777
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps change 0777 to 0700 here.

cloud-tool/variables.tf
description = "The secutiry groups inbound rules."
type = map(object({description = string, cidr_blocks = list(string)}))
default = {
22 = { description = "Inbound SSH rule", cidr_blocks = [ "45.170.58.160/32" ] }
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hard-coded IP address here. (Also, typo in "secutiry" in at least two places.)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can switch to "YOUR_IP_HERE/32". I can't think of another good numerical value.

@claudioandre-br
Copy link
Member Author

claudioandre-br commented May 2, 2021
edited
Loading

It is useful for provisioning and destroying instances: it is fast, repeatable and error free. There is no possibility to forget to delete an instance or the EBS disk. It makes sense if someone wants to start a few instances and try a wordlist here, or a mask there, maybe incremental over there.

  • you provision all instances at once;
  • use SSH to perform your intended test on each instance;
  • obtain the status of all instances at once;
  • when you're done, destroy everything you've created locally using just one command.

With the tool someone can safely run a cracking session that lasts for weeks on the tier free.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@solardiz solardiz solardiz left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@claudioandre-br @solardiz