STRLCPY/goc2

■ ■ ■ ■ ■ ■

terraform/instances.tf

1	+	resource "aws_instance" "goc2" {
2	+	tags = {
3	+	Name = "goc2-server",
4	+	role = "goc2-server"
5	+	}
6	+
7	+	ami = "ami-011e27968f706be25"
8	+	instance_type = "t2.micro"
9	+	iam_instance_profile = "AmazonSSMRoleForInstancesQuickSetup"
10	+	security_groups = [aws_security_group.goc2_servers.id]
11	+	subnet_id = aws_subnet.private.id
12	+	associate_public_ip_address = false
13	+
14	+	user_data = <<EOS
15	+	#!/bin/bash
16	+	cd /home/ubuntu
17	+	chmod +x goc2
18	+	./goc2 --web
19	+	EOS
20	+
21	+	ebs_block_device {
22	+	device_name = "/dev/sda1"
23	+	volume_type = "standard"
24	+	volume_size = 30
25	+	}
26	+
27	+	lifecycle {
28	+	ignore_changes = [
29	+	tags, security_groups, ebs_block_device
30	+	]
31	+	}
32	+	}
33	+
34	+	resource "aws_instance" "redirector" {
35	+	tags = {
36	+	Name = "redirector",
37	+	role = "redirector"
38	+	}
39	+
40	+	ami = "ami-04264ced02c5fea4d"
41	+	instance_type = "t2.micro"
42	+	iam_instance_profile = "AmazonSSMRoleForInstancesQuickSetup"
43	+	security_groups = [aws_security_group.redirectors.id]
44	+	subnet_id = aws_subnet.public.id
45	+	associate_public_ip_address = true
46	+
47	+	user_data = <<EOS
48	+	#!/bin/bash
49	+	mkdir /var/log/redirector
50	+	chown -R ubuntu /var/log/redirector
51	+	EOS
52	+
53	+	lifecycle {
54	+	ignore_changes = [
55	+	tags, security_groups
56	+	]
57	+	}
58	+	}

■ ■ ■ ■ ■ ■

terraform/network.tf

1	+	resource "aws_vpc" "vpc" {
2	+	cidr_block = "10.0.0.0/16"
3	+
4	+	enable_dns_hostnames = true
5	+
6	+	tags = {
7	+	Name = "goc2"
8	+	}
9	+	}
10	+
11	+	resource "aws_internet_gateway" "gateway" {
12	+	vpc_id = aws_vpc.vpc.id
13	+
14	+	tags = {
15	+	Name = "goc2-infra"
16	+	}
17	+	}
18	+
19	+	resource "aws_nat_gateway" "nat" {
20	+	allocation_id = aws_eip.eip.id
21	+	subnet_id = aws_subnet.public.id
22	+	}
23	+
24	+	resource "aws_eip" "eip" {
25	+	vpc = true
26	+	}
27	+
28	+	resource "aws_eip" "goc2_eip" {
29	+	vpc = true
30	+	instance = aws_instance.goc2.id
31	+	}
32	+
33	+	resource "aws_subnet" "private" {
34	+	vpc_id = aws_vpc.vpc.id
35	+	cidr_block = "10.0.2.0/24"
36	+
37	+	tags = {
38	+	Name = "goc2-private"
39	+	}
40	+	}
41	+
42	+	resource "aws_subnet" "public" {
43	+	vpc_id = aws_vpc.vpc.id
44	+	cidr_block = "10.0.1.0/24"
45	+	map_public_ip_on_launch = true
46	+
47	+	tags = {
48	+	Name = "goc2-public"
49	+	}
50	+	}
51	+
52	+	resource "aws_route_table" "private" {
53	+	vpc_id = aws_vpc.vpc.id
54	+	}
55	+
56	+	resource "aws_route" "private" {
57	+	route_table_id = aws_route_table.private.id
58	+	nat_gateway_id = aws_nat_gateway.nat.id
59	+	destination_cidr_block = "0.0.0.0/0"
60	+	}
61	+
62	+	resource "aws_route_table_association" "private_subnet" {
63	+	subnet_id = aws_subnet.private.id
64	+	route_table_id = aws_route_table.private.id
65	+	}
66	+
67	+	resource "aws_route_table" "public" {
68	+	vpc_id = aws_vpc.vpc.id
69	+	}
70	+
71	+	resource "aws_route" "public" {
72	+	route_table_id = aws_route_table.public.id
73	+	gateway_id = aws_internet_gateway.gateway.id
74	+	destination_cidr_block = "0.0.0.0/0"
75	+	}
76	+
77	+	resource "aws_route_table_association" "public_subnet" {
78	+	subnet_id = aws_subnet.public.id
79	+	route_table_id = aws_route_table.public.id
80	+	}

■ ■ ■ ■ ■ ■

terraform/packer/configs/redirector.service

1	+	[Unit]
2	+	Description="socat redirector running in a split tmux session"
3	+	Documentation=
4	+	Requires=network-online.target
5	+	After=network-online.target
6	+
7	+	[Service]
8	+	Type=forking
9	+	User=ubuntu
10	+	Group=ubuntu
11	+	ExecStart=/usr/bin/tmux new -d "sudo socat -d -d -lf /var/log/redirector/http.log TCP4-LISTEN:80,fork,reuseaddr TCP4:go.c2.target:8005" ';' split "sudo socat -d -d -lf /var/log/redirector/https.log TCP4-LISTEN:443,fork,reuseaddr TCP4:go.c2.target:8006"
12	+	KillMode=control-group
13	+
14	+	[Install]
15	+
16	+	WantedBy=default.target

■ ■ ■ ■ ■ ■

terraform/packer/goc2-redirector.json

1	+	{
2	+	"builders": [
3	+	{
4	+	"profile": "hashi-dev",
5	+	"ami_name": "goc2-redirector-{{ timestamp }}",
6	+	"instance_type": "t2.micro",
7	+	"region": "{{user `region`}}",
8	+	"source_ami_filter": {
9	+	"filters": {
10	+	"name": "ubuntu/images/ubuntu-bionic-18.04-amd64-server-",
11	+	"root-device-type": "ebs",
12	+	"virtualization-type": "hvm"
13	+	},
14	+	"most_recent": true,
15	+	"owners": [
16	+	"099720109477"
17	+	]
18	+	},
19	+	"ssh_username": "ubuntu",
20	+	"tags": {
21	+	"OS": "Ubuntu-18.04",
22	+	"Purpose": "Go C2 Redirector"
23	+	},
24	+	"type": "amazon-ebs"
25	+	}
26	+	],
27	+	"provisioners": [
28	+	{
29	+	"inline": "/usr/bin/cloud-init status --wait",
30	+	"type": "shell"
31	+	},
32	+	{
33	+	"destination": "/tmp/redirector.service",
34	+	"source": "configs/redirector.service",
35	+	"type": "file"
36	+	},
37	+	{
38	+	"type": "shell",
39	+	"inline": [
40	+	"sudo cp /tmp/redirector.service /etc/systemd/system/redirector.service",
41	+	"sudo apt update",
42	+	"sudo apt install -y socat"
43	+	]
44	+	}
45	+	],
46	+	"variables": {
47	+	"region": "us-west-2"
48	+	}
49	+	}

■ ■ ■ ■ ■ ■

terraform/packer/goc2.json

1	+	{
2	+	"builders": [
3	+	{
4	+	"profile": "hashi-dev",
5	+	"ami_name": "goc2-server-{{ timestamp }}",
6	+	"instance_type": "t2.micro",
7	+	"region": "{{user `region`}}",
8	+	"source_ami_filter": {
9	+	"filters": {
10	+	"name": "ubuntu/images/ubuntu-bionic-18.04-amd64-server-",
11	+	"root-device-type": "ebs",
12	+	"virtualization-type": "hvm"
13	+	},
14	+	"most_recent": true,
15	+	"owners": [
16	+	"099720109477"
17	+	]
18	+	},
19	+	"ssh_username": "ubuntu",
20	+	"tags": {
21	+	"OS": "Ubuntu-18.04",
22	+	"Purpose": "Go C2"
23	+	},
24	+	"type": "amazon-ebs"
25	+	}
26	+	],
27	+	"provisioners": [
28	+	{
29	+	"inline": "/usr/bin/cloud-init status --wait",
30	+	"type": "shell"
31	+	},
32	+	{
33	+	"type": "file",
34	+	"source": "../build/goc2",
35	+	"destination": "/home/ubuntu/goc2"
36	+	},
37	+	{
38	+	"type": "shell",
39	+	"inline": [
40	+	"sudo apt update",
41	+	"sudo apt install -y mongodb"
42	+	]
43	+	}
44	+	],
45	+	"variables": {
46	+	"region": "us-west-2"
47	+	}
48	+	}

■ ■ ■ ■ ■ ■

terraform/provider.tf

1	+	provider "aws" {
2	+	region = "us-west-2"
3	+	profile = "hashi-dev"
4	+	}

■ ■ ■ ■ ■ ■

terraform/security_groups.tf

1	+	// GO C2 Servers
2	+
3	+	resource "aws_security_group" "goc2_servers" {
4	+	name = "goc2-servers"
5	+	description = "Go C2 servers"
6	+
7	+	vpc_id = aws_vpc.vpc.id
8	+	}
9	+
10	+	resource "aws_security_group_rule" "goc2_server_egress" {
11	+	type = "egress"
12	+	from_port = 0
13	+	to_port = 0
14	+	protocol = "-1"
15	+	cidr_blocks = ["0.0.0.0/0"]
16	+	security_group_id = aws_security_group.goc2_servers.id
17	+	}
18	+
19	+	resource "aws_security_group_rule" "goc2_server_ssh" {
20	+	type = "ingress"
21	+	from_port = 22
22	+	to_port = 22
23	+	protocol = "tcp"
24	+	cidr_blocks = ["0.0.0.0/0"]
25	+	security_group_id = aws_security_group.goc2_servers.id
26	+	}
27	+
28	+	resource "aws_security_group_rule" "goc2_servers_admin" {
29	+	type = "ingress"
30	+	from_port = 8005
31	+	to_port = 8005
32	+	protocol = "tcp"
33	+	cidr_blocks = ["0.0.0.0/0"]
34	+	security_group_id = aws_security_group.goc2_servers.id
35	+	}
36	+
37	+	// Redirectors
38	+
39	+	resource "aws_security_group" "redirectors" {
40	+	name = "redirectors"
41	+	description = "Redirector"
42	+
43	+	vpc_id = aws_vpc.vpc.id
44	+	}
45	+
46	+	resource "aws_security_group_rule" "redirector_egress" {
47	+	type = "egress"
48	+	from_port = 0
49	+	to_port = 0
50	+	protocol = "-1"
51	+	cidr_blocks = ["0.0.0.0/0"]
52	+	security_group_id = aws_security_group.redirectors.id
53	+	}
54	+
55	+	resource "aws_security_group_rule" "redirectors_http" {
56	+	type = "ingress"
57	+	from_port = 80
58	+	to_port = 80
59	+	protocol = "tcp"
60	+	cidr_blocks = ["0.0.0.0/0"]
61	+
62	+	security_group_id = aws_security_group.redirectors.id
63	+	}
64	+
65	+	resource "aws_security_group_rule" "redirectors_https" {
66	+	type = "ingress"
67	+	from_port = 443
68	+	to_port = 443
69	+	protocol = "tcp"
70	+	cidr_blocks = ["0.0.0.0/0"]
71	+
72	+	security_group_id = aws_security_group.redirectors.id
73	+	}
74	+

+ terraform