OSX

Setup the Capsulecorp-pentest network on an Intel Mac (M1 docs are TBD)

1. Virtualbox

https://www.virtualbox.org/wiki/Downloads

  • Download the file labeled OS X hosts

  • Run the setup .dmg file and use the wizard to install. Should be able to accept all the defaults.

2. Vagrant

https://www.vagrantup.com/downloads.html

  • Download the 64-bit install file for macOS

  • Run the setup .dmg file and use the wizard to install. Should be able to accept all the defaults.

  • Open up a new bash prompt and type vagrant -v. Should see similar to the following

Vagrant 2.2.7

3. Ansible

Need to have pip installed first.

  • Download get-pip.py with curl.

curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py

  • Make sure your user can modify the /usr/local/lib directory

sudo chown -R $USER:admin /usr/local/lib

  • Install pip

python get-pip.py

You should see an ouput ismilar to the following

 WARNING: The script wheel is installed in '/usr/local/Cellar/python@2/2.7.16/Frameworks/Python.framework/Versions/2.7/bin' which is not on PATH.                    
  Consider adding this directory to PATH or, if you prefer to suppress this warning, use --no-warn-script-location.

Place the following at the bottom of your *rc file. For me ~/.bashrc

#Pip
export PATH=$PATH:/usr/local/Cellar/python@2/2.7.16/Frameworks/Python.framework/Versions/2.7/bin

Then, restart your terminal.

Update pip to the latest version

pip install -U pip

  • Install ansible

pip install ansible --user

  • Install PyWinRM

pip install pywinrm --user

Should see similar output to the following after running asible -v

ansible 2.9.6
  config file = None
  configured module search path = [u'/Users/royce/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']                                                   
  ansible python module location = /usr/local/Cellar/python@2/2.7.16/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/ansible                     
  executable location = /usr/local/Cellar/python@2/2.7.16/Frameworks/Python.framework/Versions/2.7/bin/ansible                                                        
  python version = 2.7.16 (default, Mar  4 2019, 09:01:38) [GCC 4.2.1 Compatible Apple LLVM 10.0.0 (clang-1000.11.45.5)]

In order for some of the ansible provision scripts to work you will need to place the following inside your ~/.bashrc or ~/.zshrc

export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES

4. Capsulecorp-pentest network

  • Check out the code from Github

git clone https://github.com/R3dy/capsulecorp-pentest.git

  • cd into the repo directory

cd capsulecorp-pentest

  • Bring up the VMs The VMs need to be brought up in a specific order and the provisioning ansible scripts need to execute properly on Goku first and foremost.

4.1. Goku

vagrant up goku

Vagrant will attempt to run the provision scripts which will take 10-15 minutes due to the 600 second timeout of the DC promotion reboot task. for reasons unknown this initial provision sometimes works and sometimes doesnt. If it doesn't rerun the provision playbooks

vagrant provision goku

If Goku is provision correctly the rest of the VMs should not have any issues. Double check by connecting to GOKU via RDP and ensuring that you can login with the DA creds goku\PassW0rd432!.

4.2. Vegeta

Next bring up vegeta and run the provisioning ansible playbooks.

vagrant up vegeta

and

vagrant provision vegeta

PreviousWindowsNextLinux

Last updated