trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/clong/detectionlab

Browse Source
This commit is contained in:
Chris Long
2020-07-27 22:20:02 -07:00
parent fcb8001bbe 6393da6c3a
commit 77f0cb3025
2 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ESXi/ansible/roles/logger/tasks/main.yml
View File

@@ -410,6 +410,18 @@
else else
echo "[$(date +%H:%M:%S)]: Failed to download the latest version of Velociraptor. Please open a DetectionLab issue on Github." echo "[$(date +%H:%M:%S)]: Failed to download the latest version of Velociraptor. Please open a DetectionLab issue on Github."
fi fi
cd /opt/velociraptor || exit 1
mv velociraptor-*-linux-amd64 velociraptor
chmod +x velociraptor
cp /vagrant/resources/velociraptor/server.config.yaml /opt/velociraptor
echo "[$(date +%H:%M:%S)]: Creating Velociraptor dpkg..."
./velociraptor --config /opt/velociraptor/server.config.yaml debian server
echo "[$(date +%H:%M:%S)]: Installing the dpkg..."
if dpkg -i velociraptor_*_server.deb >/dev/null; then
echo "[$(date +%H:%M:%S)]: Installation complete!"
else
echo "[$(date +%H:%M:%S)]: Failed to install the dpkg"
fi
cd /opt/velociraptor || exit 1 cd /opt/velociraptor || exit 1
mv velociraptor-*-linux-amd64 velociraptor mv velociraptor-*-linux-amd64 velociraptor

8
Vagrant/bootstrap.sh
View File

@@ -266,7 +266,7 @@ install_fleet_import_osquery_config() {
echo "[$(date +%H:%M:%S)]: Waiting for fleet service to start..." echo "[$(date +%H:%M:%S)]: Waiting for fleet service to start..."
while true; do while true; do
result=$(curl --silent -k https://192.168.38.105:8412) result=$(curl --silent -k https://127.0.0.1:8412)
if echo "$result" | grep -q setup; then break; fi if echo "$result" | grep -q setup; then break; fi
sleep 1 sleep 1
done done
@@ -391,12 +391,14 @@ install_zeek() {
install_velociraptor() { install_velociraptor() {
echo "[$(date +%H:%M:%S)]: Installing Velociraptor..." echo "[$(date +%H:%M:%S)]: Installing Velociraptor..."
mkdir /opt/install_velociraptor if [ ! -d "/opt/velociraptor" ]; then
mkdir /opt/velociraptor
fi
echo "[$(date +%H:%M:%S)]: Attempting to determine the URL for the latest release of Velociraptor" echo "[$(date +%H:%M:%S)]: Attempting to determine the URL for the latest release of Velociraptor"
LATEST_VELOCIRAPTOR_LINUX_URL=$(curl -sL https://github.com/Velocidex/velociraptor/releases/latest | grep 'linux-amd64' | grep -Eo "/(?[^\"]+)" | grep amd | sed 's#^#https://github.com#g') LATEST_VELOCIRAPTOR_LINUX_URL=$(curl -sL https://github.com/Velocidex/velociraptor/releases/latest | grep 'linux-amd64' | grep -Eo "/(?[^\"]+)" | grep amd | sed 's#^#https://github.com#g')
echo "[$(date +%H:%M:%S)]: The URL for the latest release was extracted as $LATEST_VELOCIRAPTOR_LINUX_URL" echo "[$(date +%H:%M:%S)]: The URL for the latest release was extracted as $LATEST_VELOCIRAPTOR_LINUX_URL"
echo "[$(date +%H:%M:%S)]: Attempting to download..." echo "[$(date +%H:%M:%S)]: Attempting to download..."
wget -P --progress=bar:force /opt/velociraptor "$LATEST_VELOCIRAPTOR_LINUX_URL" wget -P /opt/velociraptor --progress=bar:force "$LATEST_VELOCIRAPTOR_LINUX_URL"
if [ "$(file /opt/velociraptor/velociraptor*linux-amd64 | grep -c 'ELF 64-bit LSB executable')" -eq 1 ]; then if [ "$(file /opt/velociraptor/velociraptor*linux-amd64 | grep -c 'ELF 64-bit LSB executable')" -eq 1 ]; then
echo "[$(date +%H:%M:%S)]: Velociraptor successfully downloaded!" echo "[$(date +%H:%M:%S)]: Velociraptor successfully downloaded!"
else else