Fixing Velociraptor

2020-07-26 17:41:58 -07:00
parent 2058aae44e
commit b1ef753f58
1 changed files with 14 additions and 3 deletions
--- a/ESXi/ansible/roles/logger/tasks/main.yml
+++ b/ESXi/ansible/roles/logger/tasks/main.yml
@@ -394,17 +394,28 @@
  become: yes
  shell: |
    echo "[$(date +%H:%M:%S)]: Installing Velociraptor..."
-    mkdir /opt/install_velociraptor
+    mkdir /opt/velociraptor
    echo "[$(date +%H:%M:%S)]: Attempting to determine the URL for the latest release of Velociraptor"
    LATEST_VELOCIRAPTOR_LINUX_URL=$(curl -sL https://github.com/Velocidex/velociraptor/releases/latest | grep 'linux-amd64' | grep -Eo "/(?[^\"]+)" | grep amd | sed 's#^#https://github.com#g')
    echo "[$(date +%H:%M:%S)]: The URL for the latest release was extracted as $LATEST_VELOCIRAPTOR_LINUX_URL"
    echo "[$(date +%H:%M:%S)]: Attempting to download..."
-    wget -P --progress=bar:force /opt/velociraptor "$LATEST_VELOCIRAPTOR_LINUX_URL"
+    wget -P /opt/velociraptor --progress=bar:force "$LATEST_VELOCIRAPTOR_LINUX_URL"
    if [ "$(file /opt/velociraptor/velociraptor*linux-amd64 | grep -c 'ELF 64-bit LSB executable')" -eq 1 ]; then
      echo "[$(date +%H:%M:%S)]: Velociraptor successfully downloaded!"
    else
      echo "[$(date +%H:%M:%S)]: Failed to download the latest version of Velociraptor. Please open a DetectionLab issue on Github."
-      return
+    fi
+    cd /opt/velociraptor || exit 1
+    mv velociraptor-*-linux-amd64 velociraptor
+    chmod +x velociraptor
+    cp /vagrant/resources/velociraptor/server.config.yaml /opt/velociraptor
+    echo "[$(date +%H:%M:%S)]: Creating Velociraptor dpkg..."
+    ./velociraptor --config /opt/velociraptor/server.config.yaml debian server
+    echo "[$(date +%H:%M:%S)]: Installing the dpkg..."
+    if dpkg -i velociraptor_*_server.deb >/dev/null; then
+      echo "[$(date +%H:%M:%S)]: Installation complete!"
+    else
+      echo "[$(date +%H:%M:%S)]: Failed to install the dpkg"
    fi

 - name: Install Suricata