Hyperv and Ubuntu 20.04

README.md

@@ -18,6 +18,9 @@ For example, an instructor could use SamuraiWTF to easily set up a virtual machi
 
 This project includes and uses the [Samurai Katana][samurai-katana-url] project to manage installation and running of tools and targets in the virtual environment. 
 
+**Reference Implementation**
+Currently the reference implementation for this project is built on top of Ubuntu 20.04 (look in the ubuntu-20 subfolder).
+
 **Want to chat with us? Join us in either the OWASP Slack #project-samuraiwtf channel.**
 
 **Want to Contribute? See [here](#Contributors)**
@@ -31,27 +34,25 @@ There are several options available to you. The quickest option is to download a
 This option works best if you are not using Windows, or if you are using Windows without Hyper-V running.
 
 [<div style="text-align: center;">Download SamuraiWTF for VirtualBox</div>](https://downloads-samuraiwtf-com.s3.us-west-2.amazonaws.com/SamuraiWTF.ova)
-* MD5: `ec082f87d7f4644057c754afe9d39b93`
-* SHA256: `2211213df19ca97b430745a1442c6a488a592068c8fadd55b7c3b68497b44e82`
+* MD5: `edbcb6dd46d31ad2ca7a813520eee7e4`
+* SHA256: `f43d4c59bd49f032b5ae3b70a165398fa8dee68c88336c918c7b25f0ed633044`
 
 For more information on removing or disabling Hyper-V, see [these instructions from Microsoft](https://support.microsoft.com/en-us/help/3204980/virtualization-applications-do-not-work-together-with-hyper-v-device-g).
 
 ### Option 2: Download Pre-Built VHDX (for Hyper-V)
 This option works best if you are running Windows 10 or higher and already have Hyper-V installed. If you use the Windows Linux Subsystem (WLS), then you have Hyper-V installed.
 
 [<div style="text-align: center;">Download SamuraiWTF for Hyper-V</div>](https://downloads-samuraiwtf-com.s3.us-west-2.amazonaws.com/SamuraiWTF_HyperV.zip)
-* MD5: `6ef78ffcad8b2b88fef9bf500fb19346`
-* SHA256: `1ee0563075770f3a02060f4c0967336c0985e270164525c3cd727dd38e80a848`
+* MD5: `93d262417fc0dd3a16c96b516be60d2e`
+* SHA256: `d4aad0a92f94604e082f02b3247e9a1a1406aaad85f2c1114f2ae253cc5627fe`
 
-Once it is downloaded, you will want to unzip the file and then
+Once it is downloaded, you will want to unzip the file and then create a new VM in Hyper-V. Attach the .hvdx drive and set the RAM to 4096.
 
 ### Option 3: Build an Amazon Workspace
 This option works best if you are familiar with Amazon Web Services (AWS) and want your students to remote into the lab environments instead of running them as local virtual machines. This can be a great option when students are running potentially low-powered machines because it even works from a Chromebook. For details, view [/amazon-linux/README.md](https://github.com/SamuraiWTF/samuraiwtf/blob/main/amazon-linux/README.md).
 
-### Build on VirtualBox with Vagrant
-Currently, the most stable Vagrant build is the one for Amazon Linux. This builds from a Windows environment. Details are in the file [/amazon-linux/README.md](https://github.com/SamuraiWTF/samuraiwtf/blob/main/amazon-linux/README.md).
-
-If you are interested in building alternatives on different Linux distributions, use the Amazon Linux folder as a starting point, since that is the current reference implementation.  
+### Build on Hyper-V or VirtualBox with Vagrant
+Currently, the most stable Vagrant build is the one for Ubuntu 20.04.  Details are in the file [/amazon-linux/README.md](https://github.com/SamuraiWTF/samuraiwtf/blob/main/ubuntu-20/README.md).
 
 ## Default Password
 There is a default user and password for the SamuraiWTF environment: `samurai` / `samurai`

ubuntu-20/README.md

@@ -0,0 +1,46 @@
+# Choose a Provider
+We use Vagrant to build this VM, so that is the prerequisite. Hyper-V is the default provider because most people using SamuraiWTF are doing so from a Windows host and Hyper-V tends to go considerably smoother than other vagrant providers on Windows. This version of SamuraiWTF is built on top of the [_bento/ubuntu-20.04_ base box](https://app.vagrantup.com/bento/boxes/ubuntu-20.04) ,which supports additional providers. We have a configuration for virtualbox but if you need a different provider (e.g. vmware_fusion) then it may be possible by adding its configuration to the Vagrant file in this folder.
+
+## Hyper-V (Default, Windows)
+1. From an Administrator PowerShell window, navigate to this folder and run `vagrant up`
+2. Select the _Default Switch_ when prompted to select which switch to use. If you don't have a _Default Switch_ option then you will need to create or use a switch that will allow the VM to access the Internet.
+3. Wait for the script to complete. This may take a long time (20-30 minutes).
+4. Run `vagrant reload` to restart the VM and ensure all the configuration is in place during boot.
+5. Connect to the VM and login in with user: _samurai_ , password: _samurai_ 
+
+## VirtualBox
+1. From the command line, navigate to this folder and run `vagrant up --provider=virtualbox`
+2. The VirtualBox provider will automatically open a new window. Ignore that window for now and wait for the script to complete. This may take a long time (20-30 minutes, possibly longer when running alongside Hyper-V).
+3. Run `vagrant reload` to restart the VM and ensure all the configuration is in place during boot.
+4. Connect to the VM and login in with user: _samurai_ , password: _samurai_
+
+# Final Setup
+If you intend to make this VM available to others, for example as a lab environment for a class, there are a few other recommended steps:
+
+- From the command line, run `gnome-tweaks`, navigate to _Extensions_ and enable the _Applications menu_ option. Also enable the _Window list_ option. (_note: if you don't see the Extensions menu option, try closing gnome-tweaks, resizing your window, and opening it again)_.
+- In firefox, visit `about:preferences#privacy` and select appropriate options. Since this is going to be used to practice penetration testing, it may be preferable to disable features that may interfere such as block content and popup windows.
+- On the same page in firefox, scroll down to Certificates, uncheck the _Query OCSP_ option, and click _View Certificates_. Click the import button and navigate to and open `/etc/samurai.d/certs/localRootCA.crt`. Check the box _Trust this CA to identify websites._ and click the _OK_ button.
+- Now on a second tab visit `https://katana.test:8443`. You should see the Katana dashboard. You can set this as the default Homepage in _Settings-->Home_.
+- Although the interface can be used to install applications, the command line provides better feedback and error messages. Use katana to install each of the tools and targets you need.  The following example set is a good start for most (note: katana always runs as root):
+```bash
+katana install zap
+katana install wordlists
+katana install sqlmap
+katana install juice-shop
+katana install wayfarer
+katana install samurai-dojo
+katana install musashi
+```
+
+There is also a convenience shell script at `/vagrant/ubuntu-20/install_recommended.sh` that will install all of this plus a few other recommended targets and tools.
+
+- Test that all the targets and tools start as expected before moving on to the final steps.
+- Run `katana lock` to freeze the set of targets and tools displayed in the katana UI. Note that a restart (i.e. `katana stop katana && katana start katana`) is needed to see the changes.
+- Remove the vagrant user with the command `sudo userdel vagrant` and to save some space you can also remove the working vagrant folder with `sudo rm -rf /vagrant`.
+-  **Optional**: If you want to minimize the final size of the image, use a tool such as bleachbit (i.e. `sudo apt install bleachbit`, run with sudo).
+
+## Prepare for Distribution
+If you are distributing your image (e.g. for a class), you will want to put it in a suitable format for download / USB storage and importing into Hyper-V.  To do this, perform the following steps:
+- Shut down the VM
+- Export the VM from HyperV
+- Find the vhdx file in the Virtual Hard Disks subfolder (it will likely be labeled Ubuntu), rename it if necessary, and zip it up. This is the only file that needs to be distributed for HyperV. 

ubuntu-20/Vagrantfile

@@ -0,0 +1,144 @@
+$bootstrapscript = <<-SCRIPT
+set -euxvo pipefail
+echo ">>>>>>>>>>>>> Installing prerequisites and Mate UI..."
+add-apt-repository ppa:ubuntu-mate-dev/fresh-mate -y
+apt update -y
+apt upgrade -y
+
+apt install mate-desktop-environment -y
+apt install ansible git -y
+
+echo ">>>>>>>>>>>>>>>> Running Playbook"
+pushd /vagrant
+ansible-playbook -K ubuntu-20/local_playbook.yml
+popd
+
+# TODO: This doesn't seem to be doing anything. Prefs may need to be set locally for the samurai user.
+# echo ">>>>>>>>>>>>>>>> Update Firefox Prefs"
+# ff_preferences="/etc/firefox/syspref.js"
+# touch $ff_preferences
+# echo "pref('browser.startup.homepage', 'https://katana.test:8443');" >> $ff_preferences
+
+echo ">>>>>>>>>>>>>>>> Initializing certificates"
+openssl genrsa -out /etc/samurai.d/certs/rootCAKey.pem 2048
+openssl req -x509 -sha256 -new -nodes -key /etc/samurai.d/certs/rootCAKey.pem -days 365 -out /etc/samurai.d/certs/rootCACert.pem -subj "/C=US/ST=Hacking/L=Springfield/O=SamuraiWTF/CN=samuraiwtf"
+openssl req -new -newkey rsa:4096 -nodes -keyout /etc/samurai.d/certs/katana.test.key -out /etc/samurai.d/certs/katana.test.csr -subj "/C=US/ST=Hacking/L=Springfield/O=SamuraiWTF/CN=katana.test"
+openssl x509 -inform pem -outform der -in /etc/samurai.d/certs/rootCACert.pem -out /etc/samurai.d/certs/localRootCA.crt
+cp /etc/samurai.d/certs/localRootCA.crt /usr/local/share/ca-certificates/
+update-ca-certificates
+
+echo ">>>>>>>>>>>>>>>> Installing Katana"
+katana --update
+katana install katana
+systemctl enable samurai-katana
+katana start katana
+
+echo ">>>>>>>>>>>>>>>> Setting default session to graphical.target"
+# systemctl set-default graphical.target
+SCRIPT
+
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure("2") do |config|
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://vagrantcloud.com/search.
+
+  config.vm.box = "bento/ubuntu-20.04"
+
+  config.vm.define "samuraiwtf", primary: true do |samuraiwtf|
+      samuraiwtf.vm.host_name = "SamuraiWTF"
+      samuraiwtf.vm.synced_folder "..", "/vagrant", type: "rsync", rsync_exclude: ".git/"
+
+      samuraiwtf.vm.provider "hyperv" do |hv|
+        hv.vmname = "SamuraiWTF-5.2.1"
+        hv.maxmemory = "4096"
+        hv.vm_integration_services = {
+            guest_service_interface: true
+            }
+       end
+
+      samuraiwtf.vm.provider "virtualbox" do |vb|
+        vb.gui = true
+        vb.name = "SamuraiWTF-5.2.1"
+        vb.memory = "4096"
+        vb.customize ["modifyvm", :id, "--vram", "128"]
+        vb.customize ["modifyvm", :id, "--cpus", "2"]
+        vb.customize ["modifyvm", :id, "--vrde", "off"]
+        vb.customize ["modifyvm", :id, "--graphicscontroller", "vmsvga"]
+        vb.customize ["modifyvm", :id, "--accelerate2dvideo", "on"]
+      end
+
+  end
+
+  #   config.vm.provider "virtualbox" do |v|
+  #     v.customize ["modifyvm", :id, "--memory", "2048"]
+  #   end
+  #
+  #   config.vm.provider "vmware_fusion" do |v|
+  #     v.vmx["memsize"] = "2048"
+  #   end
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine. In the example below,
+  # accessing "localhost:8080" will access port 80 on the guest machine.
+  # NOTE: This will enable public access to the opened port
+  # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine and only allow access
+  # via 127.0.0.1 to disable public access
+  # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
+
+  # Create a private network, which allows host-only access to the machine
+  # using a specific IP.
+  # config.vm.network "private_network", ip: "192.168.33.10"
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  # config.vm.network "public_network"
+
+  # Share an additional folder to the guest VM. The first argument is
+  # the path on the host to the actual folder. The second argument is
+  # the path on the guest to mount the folder. And the optional third
+  # argument is a set of non-required options.
+  # config.vm.synced_folder "../data", "/vagrant_data"
+
+  # Provider-specific configuration so you can fine-tune various
+  # backing providers for Vagrant. These expose provider-specific options.
+  # Example for VirtualBox:
+  #
+  # config.vm.provider "virtualbox" do |vb|
+  #   # Display the VirtualBox GUI when booting the machine
+  #   vb.gui = true
+  #
+  #   # Customize the amount of memory on the VM:
+  #   vb.memory = "1024"
+  # end
+  #
+  # View the documentation for the provider you are using for more
+  # information on available options.
+
+  # Enable provisioning with a shell script. Additional provisioners such as
+  # Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
+  # documentation for more information about their specific syntax and use.
+  # config.vm.provision "shell", inline: <<-SHELL
+  #   apt-get update
+  #   apt-get install -y apache2
+  # SHELL
+  config.vm.provision "shell", inline: $bootstrapscript
+end

ubuntu-20/install_recommended.sh

@@ -0,0 +1,11 @@
+katana install zap
+katana install burpsuite
+katana install wordlists
+katana install sqlmap
+katana install nikto
+katana install juice-shop
+katana install wayfarer
+katana install mutillidae
+katana install dvwa
+katana install samurai-dojo
+katana install musashi