You down with SOE?... Yeah you know me!
Every engagement I perform I have a standard set of tools I use. Many of these tools are included in popular Penetration Testing Linux Distros, such as Kali Linux, but as I have been testing longer, I find that many of the tools I do not need. I have also found issue with Kali's stability between builds and tools always working. A few months ago I decided to start rolling my own distro, and this is what has become of it.
To start, I am using a xUbuntu 18.04 base image. This lets me use most of the tools I regularly use without much setup, and is the distribution I am most comfortable with using. I simply install the base xUbuntu image in a new VM and setup the primary account and change the root password. I then place my SSH public key in the
The OVA file is an Open Virtualization Archive and essentially zips up the machine so you can deploy when you want to. I got tired of manually rolling the new VM per engagement, and installing all my tools beforehand made the OVA about 8GB (base install is around 4GB). I created a Python wrapper script to do a few things:
Currently the script is designed for a Mac base OS, but I will be updating to work using Ubuntu as a base OS as well.
The Setup:
To setup, just clone the repo
At this point, simply run the SOE_setup script
When finished, you should have a fully configured SOE for your next engagement.
Have thoughts or suggestions for improvement? Let me know or submit a pull request!
To start, I am using a xUbuntu 18.04 base image. This lets me use most of the tools I regularly use without much setup, and is the distribution I am most comfortable with using. I simply install the base xUbuntu image in a new VM and setup the primary account and change the root password. I then place my SSH public key in the
~/.ssh/authorized_keys file on the xUbuntu image, install SSH, and set SSH to start on boot by issuing the command sudo systemctl enable ssh. At this point I test to make sure SSH is working, then I shut down the VM, and create a OVA file.The OVA file is an Open Virtualization Archive and essentially zips up the machine so you can deploy when you want to. I got tired of manually rolling the new VM per engagement, and installing all my tools beforehand made the OVA about 8GB (base install is around 4GB). I created a Python wrapper script to do a few things:
- Clone a template folder to a new "customer" folder (Named based on user input).
- Clone the Template OVA to a new customer VM which is placed inside the customer folder.
- Start the new VM.
- Discover the IP address of the new VM.
- Run an ansible playbook against the new VM to update, install tools, and configure the environment so it is ready for a new engagement.
https://github.com/l0gan/SOE_DeployCurrently the script is designed for a Mac base OS, but I will be updating to work using Ubuntu as a base OS as well.
The Setup:
To setup, just clone the repo
git clone https://github.com/l0gan/SOE_Deploy
cd SOE_Deploy
[DEFAULT]
basePath = /home/[username]/Documents/customers
OVATemplate = xUbuntu-64-master.ova
privKeyLoc = /home/[username]/.ssh/id_rsa_soe
SOEuser = [soe_username]At this point, simply run the SOE_setup script
python3 SOE_setup.py
[Enter Customer Name]
... Wait ...When finished, you should have a fully configured SOE for your next engagement.
Have thoughts or suggestions for improvement? Let me know or submit a pull request!
