diff --git a/Terraform/main.tf b/Terraform/main.tf
index dc30ae6..a7361df 100644
--- a/Terraform/main.tf
+++ b/Terraform/main.tf
@@ -72,6 +72,20 @@ resource "aws_security_group" "logger" {
cidr_blocks = var.ip_whitelist
}
+ # Guacamole access
+ ingress {
+ from_port = 8080
+ to_port = 8080
+ protocol = "tcp"
+ cidr_blocks = var.ip_whitelist
+ }
+ ingress {
+ from_port = 8443
+ to_port = 8443
+ protocol = "tcp"
+ cidr_blocks = var.ip_whitelist
+ }
+
# Allow all traffic from the private subnet
ingress {
from_port = 0
@@ -167,6 +181,8 @@ resource "aws_instance" "logger" {
"sudo sed -i 's/ETH1/ETH0/g' /opt/DetectionLab/Vagrant/bootstrap.sh",
"sudo sed -i 's#/usr/local/go/bin/go get -u#GOPATH=/root/go /usr/local/go/bin/go get -u#g' /opt/DetectionLab/Vagrant/bootstrap.sh",
"sudo sed -i 's#/vagrant/resources#/opt/DetectionLab/Vagrant/resources#g' /opt/DetectionLab/Vagrant/bootstrap.sh",
+ "sudo sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config",
+ "sudo service ssh restart",
"sudo chmod +x /opt/DetectionLab/Vagrant/bootstrap.sh",
"sudo apt-get -qq update",
"sudo /opt/DetectionLab/Vagrant/bootstrap.sh",
diff --git a/Vagrant/bootstrap.sh b/Vagrant/bootstrap.sh
index 1e1279f..b6f2a3e 100644
--- a/Vagrant/bootstrap.sh
+++ b/Vagrant/bootstrap.sh
@@ -423,6 +423,29 @@ test_suricata_prerequisites() {
done
}
+install_guacamole() {
+ echo "[$(date +%H:%M:%S)]: Installing Guacamole..."
+ cd /home/vagrant
+ apt-get -qq install -y libcairo2-dev libjpeg62-dev libpng12-dev libossp-uuid-dev libfreerdp-dev libpango1.0-dev libssh2-1-dev libssh-dev tomcat8 tomcat8-admin tomcat8-user
+ wget --progress=bar:force "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/1.0.0/source/guacamole-server-1.0.0.tar.gz" -O guacamole-server-1.0.0.tar.gz
+ tar -xvf guacamole-server-1.0.0.tar.gz && cd guacamole-server-1.0.0
+ ./configure &> /dev/null && make --quiet &> /dev/null && make --quiet install &> /dev/null || echo "[-] An error occurred while installing Guacamole."
+ ldconfig
+ cd /var/lib/tomcat8/webapps
+ wget --progress=bar:force "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/1.0.0/binary/guacamole-1.0.0.war" -O guacamole.war
+ mkdir /etc/guacamole
+ mkdir /usr/share/tomcat8/.guacamole
+ cp /vagrant/resources/guacamole/user-mapping.xml /etc/guacamole/
+ cp /vagrant/resources/guacamole/guacamole.properties /etc/guacamole/
+ cp /vagrant/resources/guacamole/guacd.service /lib/systemd/system
+ sudo ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat8/.guacamole/
+ sudo ln -s /etc/guacamole/user-mapping.xml /usr/share/tomcat8/.guacamole/
+ systemctl enable guacd
+ systemctl enable tomcat8
+ systemctl start guacd
+ systemctl start tomcat8
+}
+
postinstall_tasks() {
# Include Splunk and Bro in the PATH
echo export PATH="$PATH:/opt/splunk/bin:/opt/bro/bin" >> ~/.bashrc
@@ -438,6 +461,7 @@ main() {
import_osquery_config_into_fleet
install_suricata
install_bro
+ install_guacamole
postinstall_tasks
}
diff --git a/Vagrant/resources/guacamole/guacamole.properties b/Vagrant/resources/guacamole/guacamole.properties
new file mode 100644
index 0000000..0015d45
--- /dev/null
+++ b/Vagrant/resources/guacamole/guacamole.properties
@@ -0,0 +1,24 @@
+# Guacamole - Clientless Remote Desktop
+# Copyright (C) 2010 Michael Jumper
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see .
+
+
+# Hostname and port of guacamole proxy
+guacd-hostname: localhost
+guacd-port: 4822
+
+# Auth provider class (authenticates user/pass combination, needed if using the provided login screen)
+auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
+basic-user-mapping: /etc/guacamole/user-mapping.xml
\ No newline at end of file
diff --git a/Vagrant/resources/guacamole/guacd.service b/Vagrant/resources/guacamole/guacd.service
new file mode 100644
index 0000000..af83958
--- /dev/null
+++ b/Vagrant/resources/guacamole/guacd.service
@@ -0,0 +1,29 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+[Unit]
+Description=Guacamole Server
+Documentation=man:guacd(8)
+After=network.target
+
+[Service]
+User=daemon
+ExecStart=/usr/local/sbin/guacd -f
+Restart=on-abnormal
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/Vagrant/resources/guacamole/user-mapping.xml b/Vagrant/resources/guacamole/user-mapping.xml
new file mode 100644
index 0000000..df7e54e
--- /dev/null
+++ b/Vagrant/resources/guacamole/user-mapping.xml
@@ -0,0 +1,41 @@
+
+
+
+ ssh
+ 192.168.38.105
+ 22
+ vagrant
+ vagrant
+
+
+
+ rdp
+ 192.168.38.103
+ 3389
+ vagrant
+ vagrant
+ nla
+ true
+
+
+
+ rdp
+ 192.168.38.104
+ 3389
+ vagrant
+ vagrant
+ nla
+ true
+
+
+
+ rdp
+ 192.168.38.102
+ 3389
+ vagrant
+ vagrant
+ nla
+ true
+
+
+
\ No newline at end of file