ralphte / build_a_phish Goto Github PK
View Code? Open in Web Editor NEWAnsible playbook to deploy a phishing engagement in the cloud.
Ansible playbook to deploy a phishing engagement in the cloud.
Can you please make video a tutorial for these configuration, how to setup and make changes if we need?
After capturing session data in logs Evilgnix2 usually presents the data in a clear and concise manner with the 'sessions' command. Is there a way to access the same presentation with this setup?
Steps I tried:
I tried to enter docker -> docker exec -t evilgnix2 sh
and the run evilgnix2 from there but that didnt work.
I tried to manually piece together all the o365 data captured but its too big a mess.
Any Help would be appreciated.
I was actually a bit confused about the OS User portion of the config. I have a feeling the error has to do with that...
#OS Users
users:
- username: shxxxx
name: shxxxx
authorized_keys:
- "{{ lookup('file', '~/.ssh/id_rsa') }}"
home_create: yes
append: yes
home_mode: "0750"
shell: '/usr/bin/zsh'
# - username: Razor
# name: Razor
# authorized_keys:
# - "{{ lookup('file', '~/.ssh/id_rsa') }}"
# home_create: yes
# append: yes
# home_mode: "0750"
# shell: '/usr/bin/zsh'
users_authorized_keys_exclusive: yes
security_sudoers_passwordless:
- ralph
UPDATE
It seems the file being grabbed to be copied into the authorized_hosts wasnt id_rsa.pub but rather id_rsa. That being said I fixed it temporarily by making a backup of id_rsa called bak_id_rsa and copied the content of id_rsa.pub into id_rsa. That worked
UPDATE 2 Solved
authorized_keys:
- "{{ lookup('file', '~/.ssh/id_rsa') }}"
should be changed to:
authorized_keys:
- "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
I'm trying to deploy and when I do I receive this terraform error
TASK [digitalocean : Deploy Phish Digital Ocean] *********************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "cmd": "/usr/bin/terraform validate -var do_token=<token> -var do_img=ubuntu-20-04-x64 -var do_name=phish-2021-0123-phish -var do_region=nyc3 -var do_size=s-2vcpu-4gb -var op=2021-0123 -var ttl=2021-03-30 -var tl_domain=<domain> -var 'ansible_ssh_key=<key>' -var 'ansible_ssh_key_private=<key>'", "msg": "\u001b[31m╷\u001b[0m\u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\u001b[1m\u001b[31mError: \u001b[0m\u001b[0m\u001b[1mFailed to parse command-line flags\u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\u001b[0mflag provided but not defined: -var\n\u001b[31m╵\u001b[0m\u001b[0m\n\u001b[31m╷\u001b[0m\u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\u001b[1m\u001b[31mError: \u001b[0m\u001b[0m\u001b[1mToo many command line arguments\u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\u001b[0mExpected at most one positional argument.\n\u001b[31m╵\u001b[0m\u001b[0m\n\nFor more help on using this command, run:\n terraform validate -help", "rc": 1, "stderr": "\u001b[31m╷\u001b[0m\u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\u001b[1m\u001b[31mError: \u001b[0m\u001b[0m\u001b[1mFailed to parse command-line flags\u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\u001b[0mflag provided but not defined: -var\n\u001b[31m╵\u001b[0m\u001b[0m\n\u001b[31m╷\u001b[0m\u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\u001b[1m\u001b[31mError: \u001b[0m\u001b[0m\u001b[1mToo many command line arguments\u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\n\u001b[31m│\u001b[0m \u001b[0m\u001b[0mExpected at most one positional argument.\n\u001b[31m╵\u001b[0m\u001b[0m\n\nFor more help on using this command, run:\n terraform validate -help\n", "stderr_lines": ["\u001b[31m╷\u001b[0m\u001b[0m", "\u001b[31m│\u001b[0m \u001b[0m\u001b[1m\u001b[31mError: \u001b[0m\u001b[0m\u001b[1mFailed to parse command-line flags\u001b[0m", "\u001b[31m│\u001b[0m \u001b[0m", "\u001b[31m│\u001b[0m \u001b[0m\u001b[0mflag provided but not defined: -var", "\u001b[31m╵\u001b[0m\u001b[0m", "\u001b[31m╷\u001b[0m\u001b[0m", "\u001b[31m│\u001b[0m \u001b[0m\u001b[1m\u001b[31mError: \u001b[0m\u001b[0m\u001b[1mToo many command line arguments\u001b[0m", "\u001b[31m│\u001b[0m \u001b[0m", "\u001b[31m│\u001b[0m \u001b[0m\u001b[0mExpected at most one positional argument.", "\u001b[31m╵\u001b[0m\u001b[0m", "", "For more help on using this command, run:", " terraform validate -help"], "stdout": "", "stdout_lines": []}
How might I be able to fix this? Thanks.
Just wanted to make sure what to configure in:
In the GoPhish > Campaigns > New Campaign > URL, which of the following shall I put? company-www...
, company-login...
, company-loading...
or the IP of the DO Droplet?
In the GoPhish > Landing pages > New Page, which site shall I import? company-www...
, company-login...
, company-loading ...
or something else? Also which redirector shall I define?
Thats all, thank you for your time and great project!
Hi mate!
Nice project, thanks for that.
Could you please advice how to amend this error while deploying Deploy Azure CDN
fatal: [localhost]: FAILED! => {"msg": "'dict object' has no attribute 'phish'"}
Cheers
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.