Replace build scripts with prepare scripts
This commit is contained in:
Chris Long
@@ -3,6 +3,11 @@
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Installing Red Team Tooling..."
|
||||
$hostname = $(hostname)
|
||||
|
||||
# Disabling the progress bar speeds up IWR https://github.com/PowerShell/PowerShell/issues/2138
|
||||
$ProgressPreference = 'SilentlyContinue'
|
||||
# GitHub requires TLS 1.2 as of 2/27
|
||||
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
|
||||
|
||||
# Windows Defender should be disabled already by O&O ShutUp10 and the GPO
|
||||
If ($hostname -eq "win10") {
|
||||
# Adding Defender exclusions just in case
|
||||
@@ -18,75 +23,78 @@ If ($hostname -ne "win10" -And (Get-Service -Name WinDefend -ErrorAction Silentl
|
||||
Try {
|
||||
Uninstall-WindowsFeature Windows-Defender -ErrorAction Stop
|
||||
Uninstall-WindowsFeature Windows-Defender-Features -ErrorAction Stop
|
||||
}
|
||||
Catch {
|
||||
} Catch {
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Windows Defender did not uninstall successfully..."
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) We'll try again during install-red-team.ps1"
|
||||
}
|
||||
}
|
||||
Else {
|
||||
} Else {
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Windows Defender has already been disabled or uninstalled."
|
||||
}
|
||||
|
||||
# Purpose: Downloads and unzips a copy of the latest Mimikatz trunk
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Determining latest release of Mimikatz..."
|
||||
# GitHub requires TLS 1.2 as of 2/27
|
||||
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
|
||||
$tag = (Invoke-WebRequest "https://api.github.com/repos/gentilkiwi/mimikatz/releases" -UseBasicParsing | ConvertFrom-Json)[0].tag_name
|
||||
$mimikatzDownloadUrl = "https://github.com/gentilkiwi/mimikatz/releases/download/$tag/mimikatz_trunk.zip"
|
||||
$mimikatzRepoPath = 'C:\Users\vagrant\AppData\Local\Temp\mimikatz_trunk.zip'
|
||||
if (-not (Test-Path $mimikatzRepoPath)) {
|
||||
If (-not (Test-Path $mimikatzRepoPath)) {
|
||||
Invoke-WebRequest -Uri "$mimikatzDownloadUrl" -OutFile $mimikatzRepoPath
|
||||
Expand-Archive -path "$mimikatzRepoPath" -destinationpath 'c:\Tools\Mimikatz' -Force
|
||||
}
|
||||
else {
|
||||
} Else {
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Mimikatz was already installed. Moving On."
|
||||
}
|
||||
|
||||
# Download and unzip a copy of PowerSploit
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Downloading Powersploit..."
|
||||
# GitHub requires TLS 1.2 as of 2/27
|
||||
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
|
||||
$powersploitDownloadUrl = "https://github.com/PowerShellMafia/PowerSploit/archive/dev.zip"
|
||||
$powersploitRepoPath = "C:\Users\vagrant\AppData\Local\Temp\powersploit.zip"
|
||||
if (-not (Test-Path $powersploitRepoPath)) {
|
||||
If (-not (Test-Path $powersploitRepoPath)) {
|
||||
Invoke-WebRequest -Uri "$powersploitDownloadUrl" -OutFile $powersploitRepoPath
|
||||
Expand-Archive -path "$powersploitRepoPath" -destinationpath 'c:\Tools\PowerSploit' -Force
|
||||
Copy-Item "c:\Tools\PowerSploit\PowerSploit-dev\*" "$Env:windir\System32\WindowsPowerShell\v1.0\Modules" -Recurse -Force
|
||||
}
|
||||
else {
|
||||
} Else {
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) PowerSploit was already installed. Moving On."
|
||||
}
|
||||
|
||||
# Download and unzip a copy of Atomic Red Team
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Downloading Atomic Red Team..."
|
||||
# GitHub requires TLS 1.2 as of 2/27
|
||||
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
|
||||
$atomicRedTeamDownloadUrl = "https://github.com/redcanaryco/atomic-red-team/archive/master.zip"
|
||||
$atomicRedTeamRepoPath = "C:\Users\vagrant\AppData\Local\Temp\atomic_red_team.zip"
|
||||
if (-not (Test-Path $atomicRedTeamRepoPath)) {
|
||||
Invoke-WebRequest -Uri "$atomicRedTeamDownloadUrl" -OutFile "$atomicRedTeamRepoPath"
|
||||
Expand-Archive -path "$atomicRedTeamRepoPath" -destinationpath 'c:\Tools\Atomic Red Team' -Force
|
||||
}
|
||||
else {
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Atomic Red Team was already installed. Moving On."
|
||||
}
|
||||
|
||||
# Download and unzip a copy of BadBlood
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Downloading BadBlood..."
|
||||
# GitHub requires TLS 1.2 as of 2/27
|
||||
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
|
||||
$badbloodDownloadUrl = "https://github.com/davidprowe/BadBlood/archive/master.zip"
|
||||
$badbloodRepoPath = "C:\Users\vagrant\AppData\Local\Temp\badblood.zip"
|
||||
if (-not (Test-Path $badbloodRepoPath)) {
|
||||
If (-not (Test-Path $badbloodRepoPath)) {
|
||||
Invoke-WebRequest -Uri "$badbloodDownloadUrl" -OutFile "$badbloodRepoPath"
|
||||
Expand-Archive -path "$badbloodRepoPath" -destinationpath 'c:\Tools\BadBlood' -Force
|
||||
# Lower the number of default users to be created by BadBlood
|
||||
$invokeBadBloodPath = "c:\Tools\BadBlood\BadBlood-master\Invoke-BadBlood.ps1"
|
||||
((Get-Content -path $invokeBadBloodPath -Raw) -replace '1000..5000','500..1500') | Set-Content -Path $invokeBadBloodPath
|
||||
}
|
||||
else {
|
||||
} Else {
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) BadBlood was already installed. Moving On."
|
||||
}
|
||||
|
||||
# Download and install Invoke-AtomicRedTeam
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Downloading Invoke-AtomicRedTeam and atomic tests..."
|
||||
If (-not (Test-Path "C:\Tools\AtomicRedTeam")) {
|
||||
Install-PackageProvider -Name NuGet -Force
|
||||
IEX (IWR 'https://raw.githubusercontent.com/redcanaryco/invoke-atomicredteam/master/install-atomicredteam.ps1' -UseBasicParsing);
|
||||
Install-AtomicRedTeam -getAtomics -InstallPath "c:\Tools\AtomicRedTeam"
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Updating Profile.ps1 to import the Invoke-AtomicRedTeam module..."
|
||||
Add-Content -Path C:\Windows\System32\WindowsPowerShell\v1.0\Profile.ps1 'Import-Module "C:\Tools\AtomicRedTeam\invoke-atomicredteam\Invoke-AtomicRedTeam.psd1" -Force
|
||||
$PSDefaultParameterValues = @{"Invoke-AtomicTest:PathToAtomicsFolder"="C:\Tools\AtomicRedTeam\atomics"}' -Force
|
||||
} Else {
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Invoke-AtomicRedTeam was already installed. Moving On."
|
||||
}
|
||||
|
||||
# Purpose: Downloads the latest release of PurpleSharpNewtonsoft.Json.dll
|
||||
New-Item -Path "c:\Tools\" -Name "PurpleSharp" -ItemType "directory"
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Determining latest release of Purplesharp..."
|
||||
$tag = (Invoke-WebRequest "https://api.github.com/repos/mvelazc0/PurpleSharp/releases" -UseBasicParsing | ConvertFrom-Json)[0].tag_name
|
||||
$purplesharpDownloadUrl = "https://github.com/mvelazc0/PurpleSharp/releases/download/$tag/PurpleSharp.exe"
|
||||
$purplesharpDllDownloadURL = "https://github.com/mvelazc0/PurpleSharp/releases/download/$tag/Newtonsoft.Json.dll"
|
||||
If (-not (Test-Path "c:\Tools\PurpleSharp\PurpleSharp.exe")) {
|
||||
Invoke-WebRequest -Uri $purplesharpDownloadUrl -OutFile "c:\Tools\PurpleSharp\PurpleSharp.exe"
|
||||
Invoke-WebRequest -Uri $purplesharpDllDownloadUrl -OutFile "c:\Tools\PurpleSharp\Newtonsoft.Json.dll"
|
||||
}
|
||||
Else {
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) PurpleSharp was already installed. Moving On."
|
||||
}
|
||||
|
||||
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Red Team tooling installation complete!"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user