-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathcloudcat-create.yml
132 lines (121 loc) · 3.79 KB
/
cloudcat-create.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
---
- hosts: localhost
connection: local
vars:
instance_name: cloudcat-cracker
image: ami-0ee246e709782b1be
region: regionxxx
vars_files:
- external_vars.yml
tasks:
- name: Checking public IP address of localhost
ipify_facts:
register: ipify
# Create AWS security group when the localhost is the only IP that needs to interact with the instance
# OR
# Create AWS security group when the localhost is one of x IP addresses that need to access the instance
- name: Creating AWS security group with one source IP address
when: oneip is defined
ec2_group:
aws_access_key: "{{ access }}"
aws_secret_key: "{{ secret }}"
region: "{{ region }}"
name: cloudcat
description: "Cloudcat security group"
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: "{{ ipify.ansible_facts.ipify_public_ip }}/32"
register: singlegroup
- name: Creating AWS security group with two source IP addresses
when: guestip is defined
ec2_group:
aws_access_key: "{{ access }}"
aws_secret_key: "{{ secret }}"
region: "{{ region }}"
name: cloudcat
description: "Cloudcat security group"
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: "{{ ipify.ansible_facts.ipify_public_ip }}/32"
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: "{{ guestip }}/32"
register: guestgroup
###
### END of security group block
###
###
### Start of Cracking AWS block
###
- name: Creating EC2 instance
ec2_instance:
aws_access_key: "{{ access }}"
aws_secret_key: "{{ secret }}"
name: "{{ instance_name }}"
state: present
security_group: "{{ guestgroup.group_id | default(singlegroup.group_id) }}"
image_id: "{{ image }}"
instance_type: "{{ type }}"
key_name: "{{ identity }}"
region: "{{ region }}"
tags:
name: "cloudcat-instance"
wait_timeout: "300"
wait: true
register: ec2
- name: Creating wordlist volume from public snapshot
ec2_vol:
aws_access_key: "{{ access }}"
aws_secret_key: "{{ secret }}"
instance: "{{ ec2.instances.0.instance_id }}"
volume_size: "50"
device_name: /dev/xvdf
state: present
region: "{{ region }}"
snapshot: "{{ wordsnap }}"
tags:
name: "cloudcat-wordlist"
volume_type: "gp2"
register: ec2vol
- set_fact:
wordvol: "{{ec2vol.device}}"
- debug:
msg: "{{ type }} EC2 instance created. Located at {{ ec2.instances.0.public_ip_address }}"
- set_fact:
serverip: "{{ec2.instances.0.public_ip_address}}"
- set_fact:
serverid: "{{ec2.instances.0.instance_id}}"
- name: Waiting for live SSH connection to AWS host
wait_for:
host: "{{ ec2.instances.0.public_ip_address }}"
port: 22
connect_timeout: 5
timeout: 90
- name: Instance live - adding host to in-memory inventory
add_host:
host: "{{ ec2.instances.0.public_ip_address }}"
group: cloudcat
ansible_ssh_private_key_file: "/home/{{ ansible_user_id}}/.ssh/{{ ssh_key }}"
# - name: Adding live hosts to register
# lineinfile:
# state: present
# create: yes
# path: "{{ ansible_env.PWD }}/cloudcats.up"
# line: 'ip: "{{ serverip }}"'
#
# - name: Adding live hosts to register
# blockinfile:
# create: yes
# path: "{{ ansible_env.PWD }}/cloudcats.up"
# block: |
# {{ instance_name }} {{ serverip }} {{ serverid }}
- hosts: cloudcat
remote_user: ubuntu
become: true
roles:
- role: taskcat