SLIDE 1
Vulnerable Machines with Ansible
Nathaniel Beckstead
whoami
Nathaniel Beckstead Automation Infrastructure Tooling
2
scriptingis.life
Vulnerable Machines with Ansible Nathaniel Beckstead whoami - - PowerPoint PPT Presentation
Vulnerable Machines with Ansible Nathaniel Beckstead whoami - - PowerPoint PPT Presentation
Vulnerable Machines with Ansible Nathaniel Beckstead whoami Nathaniel Beckstead Automation Infrastructure Tooling scriptingis.life 2 Why Vulnerable Machines? King of the Hill Practice Red team - scan and exploit Blue team
SLIDE 2
SLIDE 3
Why Vulnerable Machines?
▰ King of the Hill ▰ Practice ▰ Red team - scan and exploit ▰ Blue team - audit configs ▰ Testing tools
▰ Vulnerability scanner
3
SLIDE 4
SLIDE 5
1. Molecule
Manager
SLIDE 6
Molecule
▰ Manage execution and testing of roles ▰ Write best roles possible
6
SLIDE 7
7
Rapidly Build & Test Ansible Roles with Molecule + Docker
SLIDE 8
2. Vagrant
Virtual machine creation
SLIDE 9
Vagrant
▰ Infrastructure as code ▰ Automated virtual machines
9
SLIDE 10
Vagrant
10
SLIDE 11
3. Ansible
Vulnerability automation
SLIDE 12
Ansible
▰ Automate configuration of software ▰ Manage fleet of servers from your laptop
12
SLIDE 13
Ansible Roles
▰ Single role for each service ▰ HTTP ▰ SQL ▰ Cron ▰ Random Shells ▰ New Users
13
SLIDE 14
14
PHP Web Shell Random Bind Shells Anonymous FTP Shellshock Open SMB Shares SMTP Backdoor Trickshot Unauthenticated SSH Telnet Apache Tomcat Random Users
SLIDE 15
Ansible Playbooks
▰ Combine roles to create a useful configuration
15
SLIDE 16
Ansible Playbooks
16
❏ Create cron job to open shells on random ports ❏ Install telnet ❏ Edit PAM module to disable SSH
- authentication. Allow everyone in.
SLIDE 17
Demo
17
SLIDE 18
Thanks!
https:/ /github.com/becksteadn/Bytes-Of-Swiss/