vulnerable machines with ansible
play

Vulnerable Machines with Ansible Nathaniel Beckstead whoami - PowerPoint PPT Presentation

May 19, 2023 •116 likes •304 views

Vulnerable Machines with Ansible Nathaniel Beckstead whoami Nathaniel Beckstead Automation Infrastructure Tooling scriptingis.life 2 Why Vulnerable Machines? King of the Hill Practice Red team - scan and exploit Blue team

  1. Vulnerable Machines with Ansible Nathaniel Beckstead

  2. whoami Nathaniel Beckstead Automation Infrastructure Tooling scriptingis.life 2

  3. Why Vulnerable Machines? ▰ King of the Hill ▰ Practice ▰ Red team - scan and exploit ▰ Blue team - audit configs ▰ Testing tools Vulnerability scanner ▰ 3

  5. 1. Molecule Manager

  6. Molecule ▰ Manage execution and testing of roles ▰ Write best roles possible 6

  7. Rapidly Build & Test Ansible Roles with Molecule + Docker 7

  8. 2. Vagrant Virtual machine creation

  9. Vagrant ▰ Infrastructure as code ▰ Automated virtual machines 9

  10. Vagrant 10

  11. 3. Ansible Vulnerability automation

  12. Ansible ▰ Automate configuration of software ▰ Manage fleet of servers from your laptop 12

  13. Ansible Roles ▰ Single role for each service ▰ HTTP ▰ SQL ▰ Cron ▰ Random Shells ▰ New Users 13

  14. PHP Web Shell Random Bind Shells Anonymous FTP Open SMB Shares Shellshock SMTP Backdoor Random Users Trickshot Apache Tomcat Telnet Unauthenticated SSH 14

  15. Ansible Playbooks ▰ Combine roles to create a useful configuration 15

  16. Ansible Playbooks Create cron job to open shells on ❏ random ports Install telnet ❏ Edit PAM module to disable SSH ❏ authentication. Allow everyone in. 16

  17. Demo 17

  18. Thanks! https:/ /github.com/becksteadn/Bytes-Of-Swiss/

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Infrastructure Automation Infrastructure Automation 2 Ansible Ansible What is Ansible?

Infrastructure Automation Infrastructure Automation 2 Ansible Ansible What is Ansible?

Infrastructure Automation Infrastructure Automation 2 Ansible Ansible What is Ansible? Ansible is an open source automation engine Why Ansible? Modular Idempotent Huge support/community Agentless Simple to learn

709 views • 29 slides
Ansible Wechat Account Ansible Meetup Shanghai August 17th ansible.com wiredcraft.com

Ansible Wechat Account Ansible Meetup Shanghai August 17th ansible.com wiredcraft.com

Ansible Wechat Account Ansible Meetup Shanghai August 17th ansible.com wiredcraft.com Introduction What is Ansible? Ansible.com Gaining momentum Ansible on GitHub Very fast learning curve Python based Easy to get

375 views • 18 slides
SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red Hat whoami ? 2 AGENDA Ansible use cases Information security Why Ansible? Examples Get involved 3 FreeImages.com/kovik COMMON ANSIBLE USE

495 views • 22 slides
SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red Hat whoami ? 2 AGENDA Ansible use cases Information security Why Ansible? Examples Get involved 3 FreeImages.com/kovik COMMON ANSIBLE USE

513 views • 29 slides
Contributing to Ansible Developing Ansible Modules ....wait a min....what the heck is Ansible?

Contributing to Ansible Developing Ansible Modules ....wait a min....what the heck is Ansible?

Contributing to Ansible Developing Ansible Modules ....wait a min....what the heck is Ansible? software platform for CM systems Agentless Secure Scalable ....so what can we do with ansible? package installation

497 views • 16 slides
Ansible weithenn.org Agenda Infrastructure as Code

Ansible weithenn.org Agenda Infrastructure as Code

Ansible AWX Ansible weithenn.org Agenda Infrastructure as Code (IaC) Why Ansible Ansible Engine vs Tower vs AWX Ansible AWX Features Use Case Demo 3 Infrastructure as Code (IaC)

622 views • 23 slides
Whats New With Ansible Collections Diving into the How to use Collections with Ansible

Whats New With Ansible Collections Diving into the How to use Collections with Ansible

INSERT CONFIDENTIAL designator Whats New With Ansible Collections Diving into the How to use Collections with Ansible 2.9.10+ and beyond Andrius Benokraitis Iftikhar Khan Bradley Thornton Sr. Principal Product Manager Sr. Manager,

423 views • 19 slides
ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub:

ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub:

ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub: tima Twitter: appnelgroup THE ANSIBLE WAY 2 COMPLEXITY KILLS PRODUCTIVITY That's not just a marketing slogan. We really mean it and believe that.

922 views • 38 slides
Zero Downtime Deployment with Ansible Zero Downtime Deployment with Ansible DevOps Pro Moscow

Zero Downtime Deployment with Ansible Zero Downtime Deployment with Ansible DevOps Pro Moscow

Zero Downtime Deployment with Ansible Zero Downtime Deployment with Ansible DevOps Pro Moscow 2016 @steinim stein.inge.morisbak@BEKK.no OPEN Slides Slides http://steinim.github.io/slides/devopspro/zero-downtime-ansible/tutorial.html Source

884 views • 61 slides
Running Ansible within Salt How to smoothly migrate away from Ansible to Salt Pablo Surez

Running Ansible within Salt How to smoothly migrate away from Ansible to Salt Pablo Surez

Running Ansible within Salt How to smoothly migrate away from Ansible to Salt Pablo Surez Hernndez Don Vosburg SUSE Senior Software Engineer SUSE Technology Specialist psuarezhernandez@suse.com dvosburg@suse.com People are using Ansible

476 views • 31 slides
ANSIBLE BEST PRACTICES: THE ESSENTIALS Ansible Automates: DC Jamie Duncan @jamieeduncan

ANSIBLE BEST PRACTICES: THE ESSENTIALS Ansible Automates: DC Jamie Duncan @jamieeduncan

ANSIBLE BEST PRACTICES: THE ESSENTIALS Ansible Automates: DC Jamie Duncan @jamieeduncan cloudguy@redhat.com about jduncan 6+ years with Red Hat Coming Soon #shamelessPlug My daughter Elizabeth #cutestThingEver 2 THIS SESSION IS ABOUT

656 views • 37 slides
Introduction to Ansible Collections Ganesh Nalawade Principal Software Engineer Ansible

Introduction to Ansible Collections Ganesh Nalawade Principal Software Engineer Ansible

Introduction to Ansible Collections Ganesh Nalawade Principal Software Engineer Ansible Engineering Agenda Whats a Collection? Why Collections? Deep dive with Collections Collection demo Ansible galaxy for Collections

904 views • 21 slides
Foolproof Ansible Playbooks with Molecule Nathaniel Beckstead 1 Nathaniel Beckstead

Foolproof Ansible Playbooks with Molecule Nathaniel Beckstead 1 Nathaniel Beckstead

Foolproof Ansible Playbooks with Molecule Nathaniel Beckstead 1 Nathaniel Beckstead Automation extraordinaire Never enough infrastructure Favorite ice cream flavor is mint chocolate chip 2 Ansible 3 Ansible

831 views • 27 slides
Using Ansible Robin Long June 15, 2017 Can you build a presentation in Ansible? Well this

Using Ansible Robin Long June 15, 2017 Can you build a presentation in Ansible? Well this

Using Ansible Robin Long June 15, 2017 Can you build a presentation in Ansible? Well this would be proof Its is not the pretiest, but it is functional Assuming you use LaTeX Who doesnt? Shame on you. Robin Long ( Lancaster

111 views • 7 slides
Managing 15,000 network devices with Ansible Landon Holley & James Mighion December 4, 2018

Managing 15,000 network devices with Ansible Landon Holley & James Mighion December 4, 2018

Managing 15,000 network devices with Ansible Landon Holley & James Mighion December 4, 2018 What is it Combining the foundation of Ansible Engine with the enterprise abilities of Ansible Tower to automate physical networking devices.

253 views • 22 slides
ANSIBLE Configuration Management System done right Fabio Alessandro Locati Senior Cloud

ANSIBLE Configuration Management System done right Fabio Alessandro Locati Senior Cloud

ANSIBLE Configuration Management System done right Fabio Alessandro Locati Senior Cloud Consultant 29 November 2016 OUTLINE Intro Automation Automation Concepts Ansible 2 INTRO IT Consultant since 2004 Ansible user since 2013

1.11k views • 55 slides
JAP Web-Mixes Stefan Kpsell, TU Dresden, sk13@inf.tu-dresden.de Overview Statistics

JAP Web-Mixes Stefan Kpsell, TU Dresden, sk13@inf.tu-dresden.de Overview Statistics

JAP Web-Mixes Stefan Kpsell, TU Dresden, sk13@inf.tu-dresden.de Overview Statistics Mix Development and Deployment How to attract Developers ? Attracting Users Abuse Results of a users Survey Overview

441 views • 17 slides
Show n Tell (Berkeley Style) Bruce A. Mah bmah@tenet.Berkeley.EDU 15 June 1992 Show

Show n Tell (Berkeley Style) Bruce A. Mah bmah@tenet.Berkeley.EDU 15 June 1992 Show

Show n Tell (Berkeley Style) Bruce A. Mah bmah@tenet.Berkeley.EDU 15 June 1992 Show n Tell (bmah) 1/8 What Ive Been Doing RCAP (Will he ever finish?) XUNET 3 (The Search for Gigabits) Sendmail (Once a sysadmin...) Show

426 views • 8 slides
Data Support Readiness for the AIRS Mission at the DAAC George Serafino Code 902, NASA/GSFC

Data Support Readiness for the AIRS Mission at the DAAC George Serafino Code 902, NASA/GSFC

Data Support Readiness for the AIRS Mission at the DAAC George Serafino Code 902, NASA/GSFC AIRS Science Team Meeting February 14, 2002 6/24/03 DAAC Data Support Services Basic services include: User support via dedicated Atmospheric

428 views • 11 slides
QED: A grand unified theory? John Harrison Intel Corporation 18th July 2014 (09:0009:35)

QED: A grand unified theory? John Harrison Intel Corporation 18th July 2014 (09:0009:35)

QED: A grand unified theory? John Harrison Intel Corporation 18th July 2014 (09:0009:35) 14th March 1993: The QED mailing list To: avenhaus@de.uni-kl.informatik, bibel@de.th-darmstadt.informatik.intellektik, bledsoe@edu.utexas.cs,

520 views • 41 slides
INTERNET CLIENT PROGRAMMING USING PYTHON C U A U H T E M O C C A R B A J A L I T E S M C E M A

INTERNET CLIENT PROGRAMMING USING PYTHON C U A U H T E M O C C A R B A J A L I T E S M C E M A

INTERNET CLIENT PROGRAMMING USING PYTHON C U A U H T E M O C C A R B A J A L I T E S M C E M A P R I L 0 6 , 2 0 1 3 1 INTRODUCTION In the previous lecture we took a look at low-level networking communication protocols using sockets.

1.16k views • 76 slides
Anonymity Networks for Crypto Geeks, the Department of Defense, and you. Nick Mathewson

Anonymity Networks for Crypto Geeks, the Department of Defense, and you. Nick Mathewson

Anonymity Networks for Crypto Geeks, the Department of Defense, and you. Nick Mathewson <nickm@freehaven.net> The Free Haven Project MIT SIPB talk; 2 Feb 2006 This talk is about anonymity. Technical Social 1. What is it? 2. Why does

1.02k views • 71 slides
User Management Xavier Martorell-Bofill 1 Ren Serral-Graci 1 Universitat Politcnica de

User Management Xavier Martorell-Bofill 1 Ren Serral-Graci 1 Universitat Politcnica de

User Management Xavier Martorell-Bofill 1 Ren Serral-Graci 1 Universitat Politcnica de Catalunya (UPC) May 26, 2014 Introduction Databases Baixa Login Permisos Lectures System administration introduction 1 Operating System

821 views • 28 slides
Unix Security Cunsheng Ding HKUST, Hong Kong, CHINA cding@cs.ust.hk C. Ding - COMP4631 - L19 1

Unix Security Cunsheng Ding HKUST, Hong Kong, CHINA cding@cs.ust.hk C. Ding - COMP4631 - L19 1

Unix Security Cunsheng Ding HKUST, Hong Kong, CHINA cding@cs.ust.hk C. Ding - COMP4631 - L19 1 Agenda A short history of Unix Login and user accounts access control Instances of general security principles Audit configuration

641 views • 38 slides

More recommend