Skip to content

Commit

Permalink
fixed branch issue (#69)
Browse files Browse the repository at this point in the history 
* fixed branch issue

* Update CHANGELOG.md
  • Loading branch information
@sonofagl1tch
sonofagl1tch authored and Marta Gómez Macías committed Mar 5, 2019
1 parent dd74e9c commit faf1639
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 16 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Expand Up @@ -3,6 +3,7 @@
## v2.1
### Added
* Automate setting `wazuh-alerts-3.x-*` as Kibana's default index pattern ([#64](https://github.com/sonofagl1tch/AWSDetonationLab/pull/64/)).
* Automate import of custom dashboards and visualizations into Kibana ([#68](https://github.com/sonofagl1tch/AWSDetonationLab/pull/68/)).

### Fixed
* Retrieve AMI IDs dynamically instead of having hardcoded values ([#66](https://github.com/sonofagl1tch/AWSDetonationLab/pull/66)).
Expand Down
4 changes: 2 additions & 2 deletions additionalInstallationScripts/installWazuh.sh
View file
Expand Up @@ -286,8 +286,8 @@ curl -X POST -H "Content-Type: application/json" -H "kbn-xsrf: true" -d '{"value
K_URL='localhost:5601/api/kibana/dashboards/import'
K_USER='elastic'
K_PASSWORD='changeme'
curl -o Kibana-Visualizations.json https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/KibanaAdditionalConfigs/Kibana-Visualizations.json
curl -o Kibana-Dashboard.json https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/KibanaAdditionalConfigs/Kibana-Dashboard.json
curl -o Kibana-Visualizations.json https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/KibanaAdditionalConfigs/Kibana-Visualizations.json
curl -o Kibana-Dashboard.json https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/KibanaAdditionalConfigs/Kibana-Dashboard.json
curl -X POST -H "Content-Type: application/json" -H "kbn-xsrf: true" "http://${K_USER}:${K_PASSWORD}@${K_URL}" -d @Kibana-Dashboard.json
curl -X POST -H "Content-Type: application/json" -H "kbn-xsrf: true" "http://${K_USER}:${K_PASSWORD}@${K_URL}" -d @Kibana-Visualizations.json
#######################################
Expand Down
28 changes: 14 additions & 14 deletions awsDetonationLab.template
View file
Expand Up @@ -136,10 +136,10 @@
"wget -O /home/ec2-user/install https://d1wk0tztpsntt1.cloudfront.net/linux/latest/install\n",
"chmod +x /home/ec2-user/install\n",
"bash /home/ec2-user/install -u false\n",
"wget -O /home/ec2-user/installWazuh https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/additionalInstallationScripts/installWazuhAgent.sh\n",
"wget -O /home/ec2-user/installWazuh https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/additionalInstallationScripts/installWazuhAgent.sh\n",
"chmod +x /home/ec2-user/installWazuh\n",
"bash /home/ec2-user/installWazuh -u false\n",
"wget -O /home/ec2-user/setupVunlerableWebServer https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/additionalInstallationScripts/setupVunlerableWebServer.sh\n",
"wget -O /home/ec2-user/setupVunlerableWebServer https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/additionalInstallationScripts/setupVunlerableWebServer.sh\n",
"chmod +x /home/ec2-user/setupVunlerableWebServer\n",
"bash /home/ec2-user/setupVunlerableWebServer -u false\n"
]
Expand Down Expand Up @@ -273,7 +273,7 @@
[
"<powershell>\n",
"Rename-Computer -NewName windowsVictim\n",
"Invoke-WebRequest -Uri \"https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/additionalInstallationScripts/installWazuhAgent.ps1\" -OutFile \"C:\\Users\\Administrator\\Desktop\\installWazuhAgent.ps1\"\n",
"Invoke-WebRequest -Uri \"https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/additionalInstallationScripts/installWazuhAgent.ps1\" -OutFile \"C:\\Users\\Administrator\\Desktop\\installWazuhAgent.ps1\"\n",
"Set-ExecutionPolicy -ExecutionPolicy Bypass # see comments\n",
"C:\\Users\\Administrator\\Desktop\\installWazuhAgent.ps1\n",
"</powershell>"
Expand Down Expand Up @@ -461,7 +461,7 @@
[
"/tmp/bastion_bootstrap.sh",
" --banner ",
"https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/artifacts/banner_message.txt",
"https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/artifacts/banner_message.txt",
" --enable true",
" --tcp-forwarding true",
" --x11-forwarding false"
Expand Down Expand Up @@ -500,7 +500,7 @@
"yum update -y\n",
"yum install nmap -y\n",
"easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
"curl -L -o /tmp/bastion_bootstrap.sh https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/additionalInstallationScripts/bastion_bootstrap.sh\n",
"curl -L -o /tmp/bastion_bootstrap.sh https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/additionalInstallationScripts/bastion_bootstrap.sh\n",
"chown root: /tmp/bastion_bootstrap.sh\n",
"chmod +x /tmp/bastion_bootstrap.sh\n",
"EIP_LIST=\"",
Expand All @@ -516,7 +516,7 @@
"\n",
"/tmp/bastion_bootstrap.sh",
" --banner ",
"https://raw.githubusercontent.com/awslabs/amazon-guardduty-tester/importCustomVizAndDashboard/artifacts/banner_message.txt",
"https://raw.githubusercontent.com/awslabs/amazon-guardduty-tester/master/artifacts/banner_message.txt",
" --enable true",
" --tcp-forwarding true",
" --x11-forwarding false",
Expand All @@ -530,7 +530,7 @@
"Ref": "AWS::Region"
},
"\n",
"wget -O /home/ec2-user/installWazuh https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/additionalInstallationScripts/installWazuhAgent.sh\n",
"wget -O /home/ec2-user/installWazuh https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/additionalInstallationScripts/installWazuhAgent.sh\n",
"chmod +x /home/ec2-user/installWazuh\n",
"bash /home/ec2-user/installWazuh -u false\n",
"\n"
Expand Down Expand Up @@ -1335,13 +1335,13 @@
"yum install cmake openssl-devel libX11-devel libXi-devel libXtst-devel libXinerama-devel -y\n",
"pip install paramiko\n",
"export privateIP=`curl http://169.254.169.254/latest/meta-data/local-ipv4`\n",
"curl -L https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/attacks/guardduty_tester.sh > /home/ec2-user/guardduty_tester.sh\n",
"curl -L https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/attacks/guardduty_tester.sh > /home/ec2-user/guardduty_tester.sh\n",
"mkdir /home/ec2-user/compromised_keys\n",
"mkdir /home/ec2-user/domains\n",
"mkdir /home/ec2-user/passwords\n",
"curl -L https://github.com/sonofagl1tch/AWSDetonationLab/blob/importCustomVizAndDashboard/artifacts/queries.txt > /home/ec2-user/domains/queries.txt\n",
"curl -L https://github.com/sonofagl1tch/AWSDetonationLab/blob/importCustomVizAndDashboard/artifacts/password_list.txt > /home/ec2-user/passwords/password_list.txt\n",
"curl -L https://github.com/sonofagl1tch/AWSDetonationLab/blob/importCustomVizAndDashboard/artifacts/never_used_sample_key.foo > /home/ec2-user/compromised_keys/compromised.pem\n",
"curl -L https://github.com/sonofagl1tch/AWSDetonationLab/blob/master/artifacts/queries.txt > /home/ec2-user/domains/queries.txt\n",
"curl -L https://github.com/sonofagl1tch/AWSDetonationLab/blob/master/artifacts/password_list.txt > /home/ec2-user/passwords/password_list.txt\n",
"curl -L https://github.com/sonofagl1tch/AWSDetonationLab/blob/master/artifacts/never_used_sample_key.foo > /home/ec2-user/compromised_keys/compromised.pem\n",
"FILE=\"/home/ec2-user/compromised_keys/compromised.pem\"\n",
"for FILE in {1..20}; do cp /home/ec2-user/compromised_keys/compromised.pem /home/ec2-user/compromised_keys/compromised$FILE.pem; done\n",
"echo 'BASIC_LINUX_TARGET=\"",
Expand Down Expand Up @@ -1394,11 +1394,11 @@
"chown -R ec2-user: /home/ec2-user\n",
"chmod +x /home/ec2-user/guardduty_tester.sh\n",
"chmod +x /home/ec2-user/crowbar/crowbar.py\n",
"wget -O /home/ec2-user/installCloudWatch https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/additionalInstallationScripts/cloudwatchAgentLogs.sh\n",
"wget -O /home/ec2-user/installCloudWatch https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/additionalInstallationScripts/cloudwatchAgentLogs.sh\n",
"chmod +x /home/ec2-user/installCloudWatch\n",
"bash /home/ec2-user/installCloudWatch -u false\n",
"\n",
"wget -O /home/ec2-user/installWazuh https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/additionalInstallationScripts/installWazuhAgent.sh\n",
"wget -O /home/ec2-user/installWazuh https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/additionalInstallationScripts/installWazuhAgent.sh\n",
"chmod +x /home/ec2-user/installWazuh\n",
"bash /home/ec2-user/installWazuh -u false\n",
"\n"
Expand Down Expand Up @@ -2246,7 +2246,7 @@
"sudo hostname wazuhServer\n",
"echo wazuhServer > /etc/hostname\n",
"yum update -y\n",
"wget -O /home/ec2-user/install https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/importCustomVizAndDashboard/additionalInstallationScripts/installWazuh.sh\n",
"wget -O /home/ec2-user/install https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/additionalInstallationScripts/installWazuh.sh\n",
"chmod +x /home/ec2-user/install\n",
"bash /home/ec2-user/install -u false\n",
"pip install boto3 requests\n",
Expand Down

0 comments on commit faf1639

Please sign in to comment.