trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
master
DetectionLab/Vagrant/resources/velociraptor/server.config.yaml
Chris Long d66ff72b67 Update server.config.yaml
2021-04-26 22:44:43 -07:00

233 lines
11 KiB
YAML
Raw Permalink Blame History

version:
name: velociraptor
version: 0.5.7
commit: 21f75df9
build_time: "2021-03-15T11:56:06+10:00"
Client:
server_urls:
- https://logger:9000/
ca_certificate: |
-----BEGIN CERTIFICATE-----
MIIDTDCCAjSgAwIBAgIRAIaLicQSx5y0w31H+615b0YwDQYJKoZIhvcNAQELBQAw
GjEYMBYGA1UEChMPVmVsb2NpcmFwdG9yIENBMB4XDTIxMDQxNDAzMjUzMFoXDTMx
MDQxMjAzMjUzMFowGjEYMBYGA1UEChMPVmVsb2NpcmFwdG9yIENBMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphLicfKzrsZAAy9iFoqUmISymXmpMM56
hfeYzjtqB9apAo6xC/F13Aa2KVnuBszPlERXJ25dTDa/zs1yFtoYcyZd9sZ6v2jP
+wYeHNAp0Xef5iZAcS9qrfuBeNSNOirEeLiBnEugoRH485mFV1KuhxEjQZFTW6IG
n6x8HlxDId9jq4S726auflj6qJIpP19Qg0itQXQQjphNkMb0gFAidK2OXMYpUSgT
j1SNvp8Wyl7nI7xsFYNRIID3U+L3Rk4PD4G2a0dl5KDXKeN/nZ67jd5qyOyr1/9M
YX5WLALxJHYhPv3TJyhnarrO59VKFqVYHNAdhKzrXDmgRMMkHS3JUwIDAQABo4GM
MIGJMA4GA1UdDwEB/wQEAwICpDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU4WClUSREXxF2y+qoIn41okH4
zl4wKAYDVR0RBCEwH4IdVmVsb2NpcmFwdG9yX2NhLnZlbG9jaWRleC5jb20wDQYJ
KoZIhvcNAQELBQADggEBAGKEOxL5QQZ0Vgk5fYpIixIGxFHsxVDUEiyIVgUG+qN1
9edanQNvwiRuIkcgTzNA7A0LglTNyqpVBB9CE88vX8sMsLteOq/g75Kdwf9KOVPU
CNsk3fB9VEej9aInMMQC58fcAiM/aPDZQvdNfs/7kb1s8iSaAgBlEG2VyCMPExQJ
fT3Q6+ILGR5Ae/fkMExDOM1k1XtxA3nruuhkuaeoL0/EuqIhB5ecR9RXV9s0AgMp
indDIaZtK4kghXiRCPUskll5gObYoFbQSD1XiofNvVPWPXb1HjArI7ooFhgiIEvr
I9DtgL9uizANCHRUzGsldMSGQ/KwvYB2bsWxIOYgmew=
-----END CERTIFICATE-----
nonce: 6SaoGkJTZig=
writeback_darwin: /etc/velociraptor.writeback.yaml
writeback_linux: /etc/velociraptor.writeback.yaml
writeback_windows: $ProgramFiles\Velociraptor\velociraptor.writeback.yaml
tempdir_windows: $ProgramFiles\Velociraptor\Tools
max_poll: 60
windows_installer:
service_name: Velociraptor
install_path: $ProgramFiles\Velociraptor\Velociraptor.exe
service_description: Velociraptor service
darwin_installer:
service_name: com.velocidex.velociraptor
install_path: /usr/local/sbin/velociraptor
version:
name: velociraptor
version: 0.5.7
commit: 21f75df9
build_time: "2021-03-15T11:56:06+10:00"
use_self_signed_ssl: true
pinned_server_name: VelociraptorServer
max_upload_size: 5242880
local_buffer:
memory_size: 52428800
disk_size: 1073741824
filename_linux: /var/tmp/Velociraptor_Buffer.bin
filename_windows: $TEMP/Velociraptor_Buffer.bin
filename_darwin: /var/tmp/Velociraptor_Buffer.bin
API:
hostname: logger
bind_address: 0.0.0.0
bind_port: 8001
bind_scheme: tcp
pinned_gw_name: GRPC_GW
GUI:
bind_address: 0.0.0.0
bind_port: 9999
gw_certificate: |
-----BEGIN CERTIFICATE-----
MIIDQTCCAimgAwIBAgIQYtmVkK1iGj4TLrhltD9LcjANBgkqhkiG9w0BAQsFADAa
MRgwFgYDVQQKEw9WZWxvY2lyYXB0b3IgQ0EwHhcNMjEwNDE0MDMyNTMxWhcNMjIw
NDE0MDMyNTMxWjApMRUwEwYDVQQKEwxWZWxvY2lyYXB0b3IxEDAOBgNVBAMMB0dS
UENfR1cwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE0TbSgGWDrQlL
ndRwq2NH5nOGE78FtSrNwKnAZU9to07PGu34/Q3iu4G0picifv6rZAbKm/QYSdDu
S8OlHgi1gypiDzsB1hsDd41u2Q2+XNMpkkimNmb20Ilse0hk/5dVrgjoniDr3O95
a1/VELp3fvDGZsxWkOETdYTkRcbasm37YNcAYiSZasfM+20VW71IOvVc8H9quaXg
Uh8hV+hO672gejqmdPJCQVVtwySvyTGDuX3yZlLA7XfRV5dbbpmgALNrv/23qFO7
M9eHRYB8BM3b40/Wln26bo0aQsTG3NjUxO+aFg7unGGCs5UN0pBHhSrEfwIRDBQd
JpgHX4KjAgMBAAGjdDByMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBThYKVRJERf
EXbL6qgifjWiQfjOXjASBgNVHREECzAJggdHUlBDX0dXMA0GCSqGSIb3DQEBCwUA
A4IBAQB7I+WEkrjFTerGYHfGj4ASRetd7bXf4R4yPFaLDVilZBdGKoEgQvMjJRrz
tKIuMTGpo0Lf+jLf8ma4V6qyswCpnTIrnxKZttbwL1pJ+lifCnj+x1x/K7oL3ihg
AVl8J6y7HfPWQi8UkCba/hVlroErr66DkQn+GWnOd2Lc9ecWp67f2FEmp7RfnGux
Ga+Mk/6V5F+GBSlL2MAs+WCKkE7ms+4HF/VK4s84iHwCkGMIC+ggIUgKl01q5ERJ
V52xd9lfOfqqJgBzWeFST6fcYDNlK844m+Gkz2X5gadwxbQJgxvfoqJFWTIj/cEH
+NJrCEzekp/qKJdiwtaG7lZDD7ti
-----END CERTIFICATE-----
gw_private_key: |
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAxNE20oBlg60JS53UcKtjR+ZzhhO/BbUqzcCpwGVPbaNOzxrt
+P0N4ruBtKYnIn7+q2QGypv0GEnQ7kvDpR4ItYMqYg87AdYbA3eNbtkNvlzTKZJI
pjZm9tCJbHtIZP+XVa4I6J4g69zveWtf1RC6d37wxmbMVpDhE3WE5EXG2rJt+2DX
AGIkmWrHzPttFVu9SDr1XPB/arml4FIfIVfoTuu9oHo6pnTyQkFVbcMkr8kxg7l9
8mZSwO130VeXW26ZoACza7/9t6hTuzPXh0WAfATN2+NP1pZ9um6NGkLExtzY1MTv
mhYO7pxhgrOVDdKQR4UqxH8CEQwUHSaYB1+CowIDAQABAoIBAQCnHPUtmvOW8G96
ExL0b7GmtRfV+iIx2Hf1p+b6g4sDjqw10anJxiPqJkeleYa1FZtrL01M70o87UBH
dXEzW+MNK8fq5v+1OXRKZ1Jhkk7HGc35+ElTR9H5M2vb/nmjuBlpGJJb4RgW7Msx
D2iZYtDQ8anC7DoILo/Nk/U4Vb7YpTTwnlXmCbQeX2fDhKsmv9DVDw6ZaTHps1Vo
ga6CvkNa42d69k2+D4Edfqcc5Pbsn72YQPVkduha1qHoZoBGcFuqDjHA/n2iOkey
V0FWVcqkvY7kM5mZppTLW7dEDC3R/gzdVeJ/5bSq6HT4cGFW0D7hITc5Ka20CAGw
F8fvdkGBAoGBAPiAkbswLPGVmRZM4Ucsv3obw0oLNWqpM2cgUuGPeZKRWfvEB3+3
cXxmVpwpE3SaGAiuMoqZDx+HtWQfWo6i60Tdme98YsMj9vMJrtMmSUiPecDxs8Cn
6Ub5PflK6ks6cDFYZSwswmNXvcdUlrRmAuGtA9dukVRT586sbGuGlwXDAoGBAMrB
biCkYpsIOCocwbkjCE1+Q9nDjGE7EGvDGhpRmIa9Znb7Rces5gCkhMOvmg6b1KWX
O9NskcLFEe0S5qBgeYgSUngDDaC945/08Lduvqi8Okkb5Ym6xUENBbBFEOaSFWpZ
Dp7O2PZ99QtLGVhrcf1NgFuYr9gE1AMVBeqgkmGhAoGBAIQJnGU/lcHPYQYOV2zA
BAVXlw5SolFIEf3rmN4so8YS4SL655ke2Xfl0IMs+B9uePKzzDsEVJrGOsU2O6Gq
QyPWMyKijr9s7pv4OyIKJ8ocIe84/e+RyEtjx2AcRB0wscgmVauBJNAwILA269Ry
l3ldurrPDv0lj/eqefkwDDKNAoGAPl33gSTvi96gYBvOXyNuh1/CgTaMdNAVQgCW
g+f7cd7KqOir0zrU2PfCOutGCR5X78OwTF2GDJJP7Eu3Ezf5yihQo8fUplAit25B
qTrwfLjBeQGSvqXrzRGzYUAtba8b1UWloKXhyRh/isTD/BW4z4DKbeJunJUHnhcW
ZdCUlmECgYEAsufjSxCeYBvnJUKlC9AfaQFxSftYMiRDpC5OEEudxKVEip3v0wsi
vzNSDwjExTsEtFw8nFPADo+EcpyYMVHx/pmEmdjIYbA+4OdPzKvuADAYN5auvqfv
fJ4l+UiEfLZ88/zNNNVw2R8+Z/uwfPmEQSeSBiR6gS5TvRUB3pD/FUw=
-----END RSA PRIVATE KEY-----
internal_cidr:
- 127.0.0.1/12
- 192.168.0.0/16
initial_users:
- name: admin
password_hash: 9403c3ac1f5ccdebcf2f970038849f4fa1ff9a029a7e0f51d39ef5ad0a937fe8
password_salt: d9c40fea42efea4d7fe1e97593cdf6f95c3fe90b72b38627bd722a44c886af5c
authenticator:
type: Basic
CA:
private_key: |
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAphLicfKzrsZAAy9iFoqUmISymXmpMM56hfeYzjtqB9apAo6x
C/F13Aa2KVnuBszPlERXJ25dTDa/zs1yFtoYcyZd9sZ6v2jP+wYeHNAp0Xef5iZA
cS9qrfuBeNSNOirEeLiBnEugoRH485mFV1KuhxEjQZFTW6IGn6x8HlxDId9jq4S7
26auflj6qJIpP19Qg0itQXQQjphNkMb0gFAidK2OXMYpUSgTj1SNvp8Wyl7nI7xs
FYNRIID3U+L3Rk4PD4G2a0dl5KDXKeN/nZ67jd5qyOyr1/9MYX5WLALxJHYhPv3T
JyhnarrO59VKFqVYHNAdhKzrXDmgRMMkHS3JUwIDAQABAoIBAEUnc/fzEnNixmEN
KBEu37Wq/BwAlz1lnYuPkKfAAeUFtBcGiB7rCyL2AICzm/Rk8MNSueAHiv4jhjd9
QVbWtnusrFAIUjDGWmSzJXLmE6PP5luV7huznP6Zzk4cZDqmeG20lvQYYejwbPQz
J103ZsmDj2TMOSPdElkHICAcVzARA5Rc4X1m57qMVLsF9Cyu5Ltic6bpz4X9CuzH
EIz//0UWMt7pYFCWqUhE9eFpOp4U3qY9LPoNVoRwhyxXNJ+VE7ISIwsNd931N3c8
e2Q+pH9pZOJK/sG6RzKaqFOUv72e2Lz8TYOvr7MjJyFQpDVupAyoJ0NwStgUAB+W
4lJZflECgYEA2mrdd6QYUCf0MXxYREXPkyskFW2R/vhj19OvXZQBZ5zsKN3ovPb/
P8wCYA5+TtkEt2IGsf7PY88vstaleOdekOWOgYNvqDmWlLL6L3u2pXjKcALBRB2f
bpij7c5NwaXp2tCuTIyYX4+zdmWfcSq5w2yXzw78/4EZUvuN5pdxso8CgYEAwqZR
PyFIVxT40gjCteCsfNb/LEsBK8xh93T98u26b9MIVXtMRe3XKOmXk18f3IfS7asf
auKUoKkS3t56LYoDvkLPfkBywhUbbofo5PXRHYLoma/AMUG6iCFaLuXBdj2D53ZG
RY7TUKRsxIOQNPu6aXMmRwi0wlVZX1HPXdFrjv0CgYBZACzIgLxLhUxTEdkh0NSZ
on2soZ5ZKDv/CUovNo0v/Fia+nnI7ljqVSYuoBlF5davJymVRECb6iQEmsSItLbr
Ei90hOttwDGk3B1oVeACI2tSIz0/lVaPCXHbCDLVEtdtC5XKqYu5fOPi/dvvkDpr
8IcXn4LmVmPMVabn7JQu7wKBgE0vrqAeDpWZl2GSX8PHqB6JEv75bylzDpYWKm2e
n4OgZ3mePwyr19o9ZwHlgrjsk1Pzu62i09Uxtm3yQviz9fAIhkdGPzt/KzWVZ2ED
qTzOoHXxH4Fo0xMQRra6HRFKK3gpiowiquEbkpYKpbCc8brHErKwXR2CwsHtqxFE
7iXxAoGANkP1bQQ3FhF5eS3c5+kzzrmvgeBo8d4IWUPfEi6sB9aV5AnC+NEYcHRa
y20eHXaEY0127qhBl9jc8L/ySkT5Jd1/vZjqQRvP2dj1XXJoeO7sFTDq7v4HFz9D
zs4PWe3QWbgt5xHYAFogU1cDGnVqSM9wWD7v6Q4y8Fj5dtPNB6U=
-----END RSA PRIVATE KEY-----
Frontend:
hostname: logger
bind_address: 0.0.0.0
bind_port: 9000
certificate: |
-----BEGIN CERTIFICATE-----
MIIDVzCCAj+gAwIBAgIQAqHowSI5b6LJ2gtk4r245DANBgkqhkiG9w0BAQsFADAa
MRgwFgYDVQQKEw9WZWxvY2lyYXB0b3IgQ0EwHhcNMjEwNDE0MDMyNTMwWhcNMjIw
NDE0MDMyNTMwWjA0MRUwEwYDVQQKEwxWZWxvY2lyYXB0b3IxGzAZBgNVBAMTElZl
bG9jaXJhcHRvclNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANelcIU48eLlDELCVGly/OlEoficzv3Vy1nKxULy416nS/LumtrkZE4v7PQG7yiw
+gQEGBast/xCR3cznTKuvgqDprL6EDaS/PZzJmrhbot64ikEb77SSTamPWar7ebi
oAi1I4fIK2BZVkcAoBqce2MRC+8FcpEnt/cGvgwKchWi8xAfND6rUh6psXRZudgL
cR0cMTMsw7PT7Fa3nGGG/mwwiTzoxFsrM7E87c8j+UnP6FcXiVxgijBFG/ri2Hwj
K5cMRewxZd8FgbrQ6ig+26SzNyA6+5bJWb4r7l4+74qrJR3o5lk6F22td4peQbzp
6UKjqxJNfEWti8cnu3lCQj0CAwEAAaN/MH0wDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB8GA1UdIwQY
MBaAFOFgpVEkRF8RdsvqqCJ+NaJB+M5eMB0GA1UdEQQWMBSCElZlbG9jaXJhcHRv
clNlcnZlcjANBgkqhkiG9w0BAQsFAAOCAQEAcY6KUw4waSMp56TMqwWFMWU96ryZ
Yk8dVsVSr5i7oN67PlwNRHKwQKdh9i8sBPdi+0fgaDWabs0IcqW3NXAzTPpH7Axy
LMwpbuczNRZUkYkhHw6Yw+w0qDHJErYkuN7ZduQjU3Xyu5JNMOxAjzn7Xk+EJsJo
P9+fUqf2kMr9xqrNKWuNQDG9K7tgBqVhVqccOanJKbD4YNwpnRSJDeyLPHM15tMF
iLVFybXDVT6ueoieitI+1UQofmOW9mmbO1dz8fXcI0yFQRHlYPBWOUYrce7hIpa9
Mevrf+ST/yAXLFNIacArOjgTVU/hAsJbJU68+dzGeUtYFzdDiIhTfcvZpw==
-----END CERTIFICATE-----
private_key: |
-----BEGIN RSA PRIVATE KEY-----
MIIEpgIBAAKCAQEA16VwhTjx4uUMQsJUaXL86USh+JzO/dXLWcrFQvLjXqdL8u6a
2uRkTi/s9AbvKLD6BAQYFqy3/EJHdzOdMq6+CoOmsvoQNpL89nMmauFui3riKQRv
vtJJNqY9Zqvt5uKgCLUjh8grYFlWRwCgGpx7YxEL7wVykSe39wa+DApyFaLzEB80
PqtSHqmxdFm52AtxHRwxMyzDs9PsVrecYYb+bDCJPOjEWyszsTztzyP5Sc/oVxeJ
XGCKMEUb+uLYfCMrlwxF7DFl3wWButDqKD7bpLM3IDr7lslZvivuXj7viqslHejm
WToXba13il5BvOnpQqOrEk18Ra2Lxye7eUJCPQIDAQABAoIBAQDEkJ8CMKf75EDK
0YxUGmaC0va5QWZEZo7XqEcrAW9TpjdKl0g8Ypcz1eetgGybsMYUxw6WDJYgsOGn
vDp8KmA8AUkAN4Rz2oQOuWO5ZQd4yGhCbzLUw6XM1Ld/URSnssehaEucx08SohxM
2DsYRq8J3E3+b/7AZW4BE/pDy3m2UYfMSiGjvoJlysF4WMCHp+9Sx4qL2CW/YtbD
/w7xo/KyvHz7PVbp5fXWVEWR/YT/PcmbkT8EbQnQLlJkJ22cBdnaXnaqL2S1rgqh
IRG5HL374DbP2QyR3Ls7Sb0+JMUnaMfo/qEZP5Imruvmr/2xvG3vBIHvQKWcxEpV
zBJx17GZAoGBAO6sd85mhOT/Auj+pnwDM/Ftwk4obQPlC2NeU26lvbNFAqZer9eF
12VTxaATi3DQPbVvsJ6VnIx8edrRoJDLOtOXiTCLnuv44oVgXwEVJHnFbeQ/Dyu2
NxWqzPYNqJu1nMHD8bgJuDSwjs3LuunK7gTCIeZqjAWh03LIw0SDMGoDAoGBAOdN
BwN2DG44KuD1dqjesAa21pglDutKCXMGitq9aTJfPnr7qVsOeTOTcbdH02+KDtBk
9cE+corFk+S/y+bYBK3gS8WfoILgZBrk++eS7xYywflSzYgpas9eGGMzg+CsvViN
oLXKAaB6JK1fLWq1MxknjsQVA2UDM7nVC5xQHQ6/AoGBAJpn3UIcNNFo4NsXE2Gb
ONlx5ohlwtEINqvcdCFa/DSj6qjzDNNjdQvKfEmpG0aqkaF1Vk/h/lsslDCp+TRz
JeWJXWmYigGjC/i5dfzfTq+wt/03hnsC8PQFgX+VKoVBot4AA7rKHu+HYXtl19A0
RnOxm/jS6S8jmAXkN99097c9AoGBAMJiXKOPAPFcKMT35SoUQ/DQldY1Rq18giZ1
+BnOlurrWlH2z6QjrL4oiqfSKCIT71E5l8M4nQB8/UZ/3Xd6Uaxi1KsX9Mgollh3
2jAKrv2D2LqU2QA2dnohhPNRpuIZqeMS214Lj4RzQgGl/EAyWego83Vch4bLwxvI
rMJIHbN3AoGBANRa2LMMetW+eNHApY+0qWheLr9RARv6H61yjNX04CiXthDqk27o
cCZDo/izLBsP/xGe163ldPGoh26ur9JozsPWSDbFj/Peq/MPetJPFXVaqk9jofdw
+A9En9WU9OYp+R8l/ONEq/Mc18wed6beq3D7eNnk8+Bus9+UQGPLUPSo
-----END RSA PRIVATE KEY-----
dyn_dns: {}
default_client_monitoring_artifacts:
- Generic.Client.Stats
run_as_user: velociraptor
GRPC_pool_max_size: 100
GRPC_pool_max_wait: 60
resources:
connections_per_second: 100
notifications_per_second: 10
max_upload_size: 10485760
expected_clients: 10000
Datastore:
implementation: FileBaseDataStore
location: /opt/velociraptor
filestore_directory: /opt/velociraptor
Writeback: {}
Mail: {}
Logging:
output_directory: /opt/velociraptor/logs
separate_logs_per_component: true
debug: {}
Monitoring:
bind_address: 127.0.0.1
bind_port: 8003
api_config: {}
server_type: linux
obfuscation_nonce: tx/YAJ8CchA=
Reference in New Issue View Git Blame Copy Permalink