-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathc2.tf
97 lines (90 loc) · 2.84 KB
/
c2.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
resource "aws_security_group" "sg_c2server" {
name = format("%s-sg_c2server", "${var.region}")
description = "Security group for C2Server_01"
ingress {
description = "SSH from my IP"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["${var.my_ip_address}/32"]
}
ingress {
description = "Cobalt Strike Client connections"
from_port = 50050
to_port = 50050
protocol = "tcp"
cidr_blocks = ["${var.my_ip_address}/32"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
tags = {
Name = format("%s-sg_c2server", "${var.region}")
}
}
resource "aws_security_group_rule" "sg_c2server_http" {
count = var.nb_redirectors
security_group_id = aws_security_group.sg_c2server.id
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["${aws_instance.ec2_redirector[count.index].public_ip}/32"]
type = "ingress"
}
resource "aws_security_group_rule" "sg_c2server_https" {
count = var.nb_redirectors
security_group_id = aws_security_group.sg_c2server.id
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["${aws_instance.ec2_redirector[count.index].public_ip}/32"]
type = "ingress"
}
resource "aws_instance" "ec2_c2server" {
count = var.nb_c2servers
ami = var.ami
instance_type = "t2.micro"
associate_public_ip_address = true
key_name = aws_key_pair.rte-ec2.key_name
security_groups = [aws_security_group.sg_c2server.name]
root_block_device {
volume_size = "8"
volume_type = "gp2"
encrypted = true
delete_on_termination = true
}
tags = {
Name = format("%s-ec2_c2server-%03d", "${var.region}", count.index + 1)
}
}
output "c2servers_ips" {
value = ["${aws_instance.ec2_c2server.*.public_ip}"]
}
resource "null_resource" "init_c2server" {
count = var.nb_c2servers
provisioner "remote-exec" {
inline = [
"sudo su <<EOF",
"add-apt-repository ppa:webupd8team/java -y",
"apt-get update",
"apt-get install openjdk-18-jre-headless -y",
"apt-get install p7zip -y",
"cd /opt",
"git clone https://github.com/trewisscotch/CobaltStr4.4.git",
"cd /opt/CobaltStr4.4/cobaltstrike4.4/",
"7zr e cobaltstrike.7z",
"chmod +x teamserver",
"./teamserver ${aws_instance.ec2_c2server[count.index].public_ip} ${var.cs_password} &"
]
connection {
type = "ssh"
user = "ubuntu"
private_key = file("${var.private_key_loc}")
host = aws_instance.ec2_c2server[count.index].public_ip
}
}
}