diff --git a/Azure/Ansible/roles/common/tasks/main.yml b/Azure/Ansible/roles/common/tasks/main.yml index d157421..6a4ba2c 100644 --- a/Azure/Ansible/roles/common/tasks/main.yml +++ b/Azure/Ansible/roles/common/tasks/main.yml @@ -6,6 +6,7 @@ chdir: 'c:\vagrant\scripts' register: palantir_wef failed_when: "'Exception' in palantir_wef.stdout" + changed_when: "' already exists. Moving On.' not in palantir_wef.stdout" - debug: msg="{{ palantir_wef.stdout_lines }}" @@ -15,6 +16,7 @@ chdir: 'c:\vagrant\scripts' register: install_osquery failed_when: "'Exception' in install_osquery.stdout" + changed_when: "' already installed. Moving On.' not in install_osquery.stdout" - debug: msg="{{ install_osquery.stdout_lines }}" @@ -24,6 +26,7 @@ chdir: 'c:\vagrant\scripts' register: sysinternals failed_when: "'Exception' in sysinternals.stdout" + changed_when: "'Tools directory exists, no need to re-install.' not in sysinternals.stdout" - debug: msg="{{ sysinternals.stdout_lines }}" @@ -33,6 +36,7 @@ chdir: 'c:\vagrant\scripts' register: velociraptor failed_when: "'Exception' in velociraptor.stdout" + changed_when: "' already installed. Moving On.' not in velociraptor.stdout" - debug: msg="{{ velociraptor.stdout_lines }}" @@ -42,6 +46,7 @@ chdir: 'c:\vagrant\scripts' register: autorunstowineventlog failed_when: "'Exception' in autorunstowineventlog.stdout" + changed_when: "' already installed. Moving On.' not in autorunstowineventlog.stdout" - debug: msg="{{ autorunstowineventlog.stdout_lines }}" @@ -51,6 +56,7 @@ chdir: 'c:\vagrant\scripts' register: redteam failed_when: "'Exception' in redteam.stdout" + changed_when: "' already installed. Moving On.' not in redteam.stdout" - debug: msg="{{ redteam.stdout_lines }}" diff --git a/Azure/Ansible/roles/dc/tasks/main.yml b/Azure/Ansible/roles/dc/tasks/main.yml index d752629..6378468 100644 --- a/Azure/Ansible/roles/dc/tasks/main.yml +++ b/Azure/Ansible/roles/dc/tasks/main.yml @@ -21,6 +21,8 @@ - name: Copy scripts to c:\vagrant win_shell: Copy-Item -Recurse c:\DetectionLab\Vagrant c:\vagrant + args: + creates: c:\vagrant\Vagrantfile - name: Create an Administrator user win_user: @@ -28,7 +30,8 @@ password: Vagrant123 state: present groups: - - Users,Administrators + - Users + - Administrators password_never_expires: yes - name: Create the Domain diff --git a/Azure/Ansible/roles/wef/tasks/main.yml b/Azure/Ansible/roles/wef/tasks/main.yml index d1bed68..ffd6f19 100644 --- a/Azure/Ansible/roles/wef/tasks/main.yml +++ b/Azure/Ansible/roles/wef/tasks/main.yml @@ -21,6 +21,8 @@ - name: Copy scripts to c:\vagrant win_shell: Copy-Item -Recurse c:\DetectionLab\Vagrant c:\vagrant + args: + creates: c:\vagrant\Vagrantfile - name: Join the Domain win_shell: .\\provision.ps1 @@ -28,6 +30,7 @@ chdir: 'c:\vagrant\scripts' register: wef_join_domain changed_when: "'HasSucceeded : True' in wef_join_domain.stdout" + failed_when: '"failed to join domain" in wef_join_domain.stderr' - debug: msg="{{ wef_join_domain.stdout_lines }}" @@ -37,6 +40,7 @@ pre_reboot_delay: 15 reboot_timeout: 600 post_reboot_delay: 60 + when: wef_join_domain.changed - name: Download Microsoft ATA win_get_url: @@ -53,6 +57,7 @@ chdir: 'c:\vagrant\scripts' register: palantir_wef failed_when: "'Exception' in palantir_wef.stdout" + changed_when: "' already exists. Moving On.' not in palantir_wef.stdout" - debug: msg="{{ palantir_wef.stdout_lines }}" @@ -62,6 +67,7 @@ chdir: 'c:\vagrant\scripts' register: wef_subscriptions failed_when: "'Exception' in wef_subscriptions.stdout" + changed_when: "'already installed, moving on...' not in wef_subscriptions.stdout" - debug: msg="{{ wef_subscriptions.stdout_lines }}" @@ -71,6 +77,7 @@ chdir: 'c:\vagrant\scripts' register: splunkuf failed_when: "'Exception' in splunkuf.stdout" + changed_when: "' already installed. Moving on.' not in splunkuf.stdout" - debug: msg="{{ splunkuf.stdout_lines }}" @@ -80,6 +87,7 @@ chdir: 'c:\vagrant\scripts' register: windowsta failed_when: "'Exception' in windowsta.stdout" + changed_when: "' already installed. Moving on.' not in windowsta.stdout" - debug: msg="{{ windowsta.stdout_lines }}" @@ -98,6 +106,7 @@ chdir: 'c:\vagrant\scripts' register: evtxeventsamples failed_when: "'Exception' in evtxeventsamples.stdout" + changed_when: "' were already installed. Moving On.' not in evtxeventsamples.stdout" - debug: msg="{{ evtxeventsamples.stdout_lines }}" @@ -107,6 +116,7 @@ chdir: 'c:\vagrant\scripts' register: windowsata failed_when: "'Exception' in windowsata.stdout" + changed_when: "' was already installed. Moving On.' not in windowsata.stdout" - debug: msg="{{ windowsata.stdout_lines }}" diff --git a/Azure/Ansible/roles/win10/tasks/main.yml b/Azure/Ansible/roles/win10/tasks/main.yml index 3cc8c02..0b972b1 100644 --- a/Azure/Ansible/roles/win10/tasks/main.yml +++ b/Azure/Ansible/roles/win10/tasks/main.yml @@ -20,19 +20,27 @@ - name: Copy scripts to c:\vagrant win_shell: Copy-Item -Recurse c:\DetectionLab\Vagrant c:\vagrant + args: + creates: c:\vagrant\Vagrantfile - name: Making Windows10 Great Again win_shell: .\\MakeWindows10GreatAgain.ps1 args: chdir: 'c:\vagrant\scripts' + register: win10_great + changed_when: "' was already installed. Moving On.' not in win10_great.stdout" - name: Join the Domain win_shell: .\\provision.ps1 args: chdir: 'c:\vagrant\scripts' + register: win10_join_domain + changed_when: "'HasSucceeded : True' in win10_join_domain.stdout" + failed_when: '"failed to join domain" in win10_join_domain.stderr' - name: Update group policy win_shell: "gpupdate /force" + when: win10_join_domain.changed - name: Reboot Server win_reboot: @@ -40,6 +48,7 @@ pre_reboot_delay: 15 reboot_timeout: 600 post_reboot_delay: 60 + when: win10_join_domain.changed - name: Clear Event Logs win_shell: "wevtutil el | Select-String -notmatch \"Microsoft-Windows-LiveId\" | Foreach-Object {wevtutil cl \"$_\"}" diff --git a/ESXi/README.md b/ESXi/README.md index 8e2a464..b8d1c82 100644 --- a/ESXi/README.md +++ b/ESXi/README.md @@ -5,19 +5,17 @@ NOTE: This is an early release and it's possible that certain features may not w ## Prereqs (~30-60 minutes) 0. Have an ESXi instance version 6 or higher. VSphere is **NOT** required. -1. Install the [requirements from the ESXi Terraform Provider](https://github.com/josenk/terraform-provider-esxi#requirements) - * If building on MacOS, don't forget to change the GOOS from linux to darwin! - * `GOOS=linux` -> `GOOS=darwin` -2. Build and install the [terraform-provider-esxi](https://github.com/josenk/terraform-provider-esxi#building-the-provider) provider -3. Your ESXi must have at least two separate networks - one that is accessible from your current machine (VM Network) and a HostOnly network to allow the VMs to have internet access (HostOnly). -4. [OVFTool](https://my.vmware.com/web/vmware/details?downloadGroup=OVFTOOL420&productId=618) must be installed and in your path. +1. The ESXi Terraform Provider built by https://github.com/josenk/terraform-provider-esxi will be installed automatically from the Terraform Registry, if you are using Terraform 0.13.x or higher. If needed, the lastest provider package can be downloaded manually from https://github.com/josenk/terraform-provider-esxi/releases. +2. Your ESXi must have at least two separate networks - one that is accessible from your current machine (VM Network) and a HostOnly network to allow the VMs to have internet access (HostOnly). +3. [OVFTool](https://my.vmware.com/web/vmware/details?downloadGroup=OVFTOOL420&productId=618) must be installed and in your path. * On MacOS, I solved this by creating a symbolic link to the ovftool included in VMWare Fusion: `sudo ln -s "/Applications/VMware Fusion.app/Contents/Library/VMware OVF Tool/ovftool" "/usr/local/bin/ovftool"` -5. On your ESXI, you must: +4. On your ESXI, you must: 1. Enable SSH 2. Enable the "Guest IP Hack" 3. Open VNC ports on the firewall * Instructions for those steps are here: https://nickcharlton.net/posts/using-packer-esxi-6.html -6. [Install Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html) + * Alternatively, you can install the VIB file from https://github.com/sukster/ESXi-Packer-VNC which will automatically open the VNC ports on the ESXi firewall. +5. [Install Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html) ## Steps