trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Updating Powershell web calls to use TLS1.2

Browse Source
This commit is contained in:
Chris Long
2018-02-28 23:04:16 -08:00
parent fbb5a0dece
commit 3d1ba91ad9
7 changed files with 23 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Packer/scripts/debloat-windows.ps1
View File

@@ -2,6 +2,8 @@ if ($env:PACKER_BUILDER_TYPE -And $($env:PACKER_BUILDER_TYPE).startsWith("hyperv
Write-Host Skip debloat steps in Hyper-V build. Write-Host Skip debloat steps in Hyper-V build.
} else { } else {
Write-Host Downloading debloat zip Write-Host Downloading debloat zip
# GitHub requires TLS 1.2 as of 2/1/2018
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$url="https://github.com/StefanScherer/Debloat-Windows-10/archive/master.zip" $url="https://github.com/StefanScherer/Debloat-Windows-10/archive/master.zip"
(New-Object System.Net.WebClient).DownloadFile($url, "$env:TEMP\debloat.zip") (New-Object System.Net.WebClient).DownloadFile($url, "$env:TEMP\debloat.zip")
Expand-Archive -Path $env:TEMP\debloat.zip -DestinationPath $env:TEMP -Force Expand-Archive -Path $env:TEMP\debloat.zip -DestinationPath $env:TEMP -Force

2
Vagrant/scripts/download_palantir_osquery.ps1
View File

@@ -3,5 +3,7 @@ Write-Host "Downloading and unzipping the Palantir osquery Repo from Github..."
$osqueryRepoPath = 'C:\Users\vagrant\AppData\Local\Temp\osquery-Master.zip' $osqueryRepoPath = 'C:\Users\vagrant\AppData\Local\Temp\osquery-Master.zip'
# GitHub requires TLS 1.2 as of 2/1/2018
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-WebRequest -Uri "https://github.com/palantir/osquery-configuration/archive/master.zip" -OutFile $osqueryRepoPath Invoke-WebRequest -Uri "https://github.com/palantir/osquery-configuration/archive/master.zip" -OutFile $osqueryRepoPath
Expand-Archive -path "$osqueryRepoPath" -destinationpath 'c:\Users\vagrant\AppData\Local\Temp' -Force Expand-Archive -path "$osqueryRepoPath" -destinationpath 'c:\Users\vagrant\AppData\Local\Temp' -Force

6
Vagrant/scripts/download_palantir_wef.ps1
View File

@@ -1,7 +1,13 @@
# Purpose: Downloads and unzips a copy of the Palantir WEF Github Repo. This includes WEF subscriptions and custom WEF channels. # Purpose: Downloads and unzips a copy of the Palantir WEF Github Repo. This includes WEF subscriptions and custom WEF channels.
# GitHub requires TLS 1.2
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Write-Host "Downloading and unzipping the Palantir Windows Event Forwarding Repo from Github..." Write-Host "Downloading and unzipping the Palantir Windows Event Forwarding Repo from Github..."
$wefRepoPath = 'C:\Users\vagrant\AppData\Local\Temp\wef-Master.zip' $wefRepoPath = 'C:\Users\vagrant\AppData\Local\Temp\wef-Master.zip'
# GitHub requires TLS 1.2 as of 2/1/2018
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-WebRequest -Uri "https://github.com/palantir/windows-event-forwarding/archive/master.zip" -OutFile $wefRepoPath Invoke-WebRequest -Uri "https://github.com/palantir/windows-event-forwarding/archive/master.zip" -OutFile $wefRepoPath
Expand-Archive -path "$wefRepoPath" -destinationpath 'c:\Users\vagrant\AppData\Local\Temp' -Force Expand-Archive -path "$wefRepoPath" -destinationpath 'c:\Users\vagrant\AppData\Local\Temp' -Force

2
Vagrant/scripts/install-caldera-agent.ps1
View File

@@ -14,6 +14,8 @@ If (-not (Test-Path "C:\Program Files\cagent\cagent.exe")) {
Write-Host "Downloading Caldera Agent (cagent.exe)" Write-Host "Downloading Caldera Agent (cagent.exe)"
$cagentPath = "C:\Program Files\cagent\cagent.exe" $cagentPath = "C:\Program Files\cagent\cagent.exe"
$cagentConfPath = "C:\Program Files\cagent\conf.yml" $cagentConfPath = "C:\Program Files\cagent\conf.yml"
# GitHub requires TLS 1.2 as of 2/1/2018
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
(New-Object System.Net.WebClient).DownloadFile('https://github.com/mitre/caldera-agent/releases/download/v0.1.0/cagent.exe', $cagentPath) (New-Object System.Net.WebClient).DownloadFile('https://github.com/mitre/caldera-agent/releases/download/v0.1.0/cagent.exe', $cagentPath)
# Ignore SSL warning for conf file download # Ignore SSL warning for conf file download
# https://stackoverflow.com/questions/34331206/ignore-ssl-warning-with-powershell-downloadstring # https://stackoverflow.com/questions/34331206/ignore-ssl-warning-with-powershell-downloadstring

2
Vagrant/scripts/install-utilities.ps1
View File

@@ -27,6 +27,8 @@ If ($env:computername -eq "WIN10") {
# Purpose: Downloads and unzips a copy of the latest Mimikatz trunk # Purpose: Downloads and unzips a copy of the latest Mimikatz trunk
Write-Host "Determining latest release of Mimikatz..." Write-Host "Determining latest release of Mimikatz..."
# GitHub requires TLS 1.2 as of 2/27
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$tag = (Invoke-WebRequest "https://api.github.com/repos/gentilkiwi/mimikatz/releases" -UseBasicParsing | ConvertFrom-Json)[0].tag_name $tag = (Invoke-WebRequest "https://api.github.com/repos/gentilkiwi/mimikatz/releases" -UseBasicParsing | ConvertFrom-Json)[0].tag_name
$mimikatzDownloadUrl = "https://github.com/gentilkiwi/mimikatz/releases/download/$tag/mimikatz_trunk.zip" $mimikatzDownloadUrl = "https://github.com/gentilkiwi/mimikatz/releases/download/$tag/mimikatz_trunk.zip"
$mimikatzRepoPath = 'C:\Users\vagrant\AppData\Local\Temp\mimikatz_trunk.zip' $mimikatzRepoPath = 'C:\Users\vagrant\AppData\Local\Temp\mimikatz_trunk.zip'

10
ci/automated_install.sh
View File

@@ -11,7 +11,7 @@
echo "deb http://download.virtualbox.org/virtualbox/debian xenial contrib" >> /etc/apt/sources.list echo "deb http://download.virtualbox.org/virtualbox/debian xenial contrib" >> /etc/apt/sources.list
wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add - wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -
apt-get update apt-get update
apt-get install -y virtualbox-5.2 build-essential unzip git ufw apache2 apt-get install -y linux-headers-"$(uname -r)" virtualbox-5.2 build-essential unzip git ufw apache2
echo "building" > /var/www/html/index.html echo "building" > /var/www/html/index.html
@@ -23,14 +23,14 @@ ufw --force enable
# Install Vagrant # Install Vagrant
mkdir /opt/vagrant mkdir /opt/vagrant
cd /opt/vagrant cd /opt/vagrant || exit 1
wget https://releases.hashicorp.com/vagrant/2.0.1/vagrant_2.0.1_x86_64.deb wget https://releases.hashicorp.com/vagrant/2.0.1/vagrant_2.0.1_x86_64.deb
dpkg -i vagrant_2.0.1_x86_64.deb dpkg -i vagrant_2.0.1_x86_64.deb
vagrant plugin install vagrant-reload vagrant plugin install vagrant-reload
# Install Packer # Install Packer
mkdir /opt/packer mkdir /opt/packer
cd /opt/packer cd /opt/packer || exit 1
wget https://releases.hashicorp.com/packer/1.1.3/packer_1.1.3_linux_amd64.zip wget https://releases.hashicorp.com/packer/1.1.3/packer_1.1.3_linux_amd64.zip
unzip packer_1.1.3_linux_amd64.zip unzip packer_1.1.3_linux_amd64.zip
cp packer /usr/local/bin/packer cp packer /usr/local/bin/packer
@@ -41,12 +41,12 @@ for file in $(ls *.json); do
done done
# Make the Vagrant instances headless # Make the Vagrant instances headless
cd /opt/DetectionLab/Vagrant cd /opt/DetectionLab/Vagrant || exit 1
sed -i 's/vb.gui = true/vb.gui = false/g' Vagrantfile sed -i 's/vb.gui = true/vb.gui = false/g' Vagrantfile
# Ensure the script is executable # Ensure the script is executable
chmod +x /opt/DetectionLab/build.sh chmod +x /opt/DetectionLab/build.sh
cd /opt/DetectionLab cd /opt/DetectionLab || exit 1
# Start the build in a tmux session # Start the build in a tmux session
sn=tmuxsession sn=tmuxsession

8
ci/automated_install_vagrant_only.sh
View File

@@ -11,7 +11,7 @@
echo "deb http://download.virtualbox.org/virtualbox/debian xenial contrib" >> /etc/apt/sources.list echo "deb http://download.virtualbox.org/virtualbox/debian xenial contrib" >> /etc/apt/sources.list
wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add - wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -
apt-get update apt-get update
apt-get install -y virtualbox-5.2 build-essential unzip git ufw apache2 apt-get install -y linux-headers-"$(uname -r)" virtualbox-5.2 build-essential unzip git ufw apache2
echo "building" > /var/www/html/index.html echo "building" > /var/www/html/index.html
@@ -23,18 +23,18 @@ ufw --force enable
# Install Vagrant # Install Vagrant
mkdir /opt/vagrant mkdir /opt/vagrant
cd /opt/vagrant cd /opt/vagrant || exit 1
wget https://releases.hashicorp.com/vagrant/2.0.1/vagrant_2.0.1_x86_64.deb wget https://releases.hashicorp.com/vagrant/2.0.1/vagrant_2.0.1_x86_64.deb
dpkg -i vagrant_2.0.1_x86_64.deb dpkg -i vagrant_2.0.1_x86_64.deb
vagrant plugin install vagrant-reload vagrant plugin install vagrant-reload
# Make the Vagrant instances headless # Make the Vagrant instances headless
cd /opt/DetectionLab/Vagrant cd /opt/DetectionLab/Vagrant || exit 1
sed -i 's/vb.gui = true/vb.gui = false/g' Vagrantfile sed -i 's/vb.gui = true/vb.gui = false/g' Vagrantfile
# Ensure the script is executable # Ensure the script is executable
chmod +x /opt/DetectionLab/build_vagrant_only.sh chmod +x /opt/DetectionLab/build_vagrant_only.sh
cd /opt/DetectionLab cd /opt/DetectionLab || exit 1
# Start the build in a tmux session # Start the build in a tmux session
sn=tmuxsession sn=tmuxsession