mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2024-11-21 18:11:37 +01:00
Added vm-manager
This commit is contained in:
parent
98262b1cee
commit
e10c59cfef
@ -9,4 +9,33 @@
|
||||
|
||||
- **`playRTPStream.sh`** - Using rtpdump to play RTP streams from PCAP files with VLC. This script was useful to extract RTP Streams from sniffed VoIP communication and then with a help of VLC to dump those streams into valid .wav files. (https://github.com/hdiniz/rtpdump). [gist](https://gist.github.com/mgeeky/0b8bd81a3f6fb70eec543bc0bae2f079)
|
||||
|
||||
- **`vm-manager.sh`** - A bash script offering several aliases/functions for quick management of a single Virtualbox VM machine. Handy to use it for example to manage a Kali box. By issuing `startkali` the VM will raise, `sshkali` - offers instant SSH into your VM, `getkali` - returns VM's IP address, `iskali` - checks whether VM is running, `stopkali` goes without explanation. [gist](https://gist.github.com/mgeeky/80b1f7addb792796d8bfb67188d72f4a)
|
||||
|
||||
```
|
||||
user@my-box $ startkali
|
||||
[>] Launching kali in headless
|
||||
[>] Awaiting for machine to get up...
|
||||
Waiting for VM "kali" to power on...
|
||||
VM "kali" has been successfully started.
|
||||
1. Attempting to connect with kali...
|
||||
[.] Testing: 192.168.56.1
|
||||
[.] Testing: 192.168.56.101
|
||||
[+] Found VM by ssh probing: 192.168.56.101
|
||||
[+] Running VM init commands...
|
||||
[?] Timed out while trying to run VM_INIT_COMMANDS.
|
||||
Continuing anyway...
|
||||
[.] Testing: 192.168.56.1
|
||||
[.] Testing: 192.168.56.102
|
||||
[+] Found VM by ssh probing: 192.168.56.102
|
||||
[+] Running VM init commands...
|
||||
[+] Updated /etc/hosts file with '192.168.56.102 kali' entry.
|
||||
[+] Succeeded. kali found in network.
|
||||
|
||||
user@my-box $ sshkali
|
||||
Linux Kali 5.3.0-kali2-amd64 #1 SMP Debian 5.3.9-1kali1 (2019-11-11) x86_64
|
||||
Last login: Fri Dec 6 07:40:19 2019 from 192.168.56.1
|
||||
root@Kali:~ # hostname
|
||||
Kali
|
||||
```
|
||||
|
||||
- **`xor-key-recovery.py`** - Simple XOR brute-force Key recovery script - given a cipher text, plain text and key length - it searches for proper key that could decrypt cipher into text. ([gist](https://gist.github.com/mgeeky/589b2cf781901288dfea0894a780ff98))
|
||||
|
281
others/vm-manager.sh
Executable file
281
others/vm-manager.sh
Executable file
@ -0,0 +1,281 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# Simple vm-specific management bash functions and aliases.
|
||||
# Coming with basic functionality of starting, stopping and status checking
|
||||
# routines. Easy to change to manage other type of VMs.
|
||||
#
|
||||
# Providing commands for:
|
||||
# - starting/stopping selected VM
|
||||
# - checking whether selected VM is running
|
||||
# - easily ssh'ing to the selected VM
|
||||
# - scanning for other VMs
|
||||
# - setting selected VM's IP address within /etc/hosts (and alike) file
|
||||
#
|
||||
# Mariusz B. / mgeeky, '16-'19
|
||||
# v0.7
|
||||
#
|
||||
|
||||
# VM_NAME as defined in VirtualBox. Name must not contain any special characters, not
|
||||
# even space.
|
||||
VM_NAME=kali
|
||||
|
||||
# User's name to be used during ssh.
|
||||
VM_USER=root
|
||||
|
||||
# Host-only's interface network address and interface
|
||||
HOST_ONLY_NET=192.168.56.1
|
||||
HOST_ONLY_IFACE=vboxnet0
|
||||
|
||||
# Hosts file where to put the VM's host IP address
|
||||
HOSTS_FILE=/etc/hosts
|
||||
|
||||
# Command to be run to detect proper VM and pattern to be matched then.
|
||||
VM_DETECT_COMMAND="uname -a"
|
||||
VM_DETECT_PATTERN="Linux Kali"
|
||||
|
||||
# Initial commands one would like to get executed upon VM start.
|
||||
VM_INIT_COMMANDS="dhclient -r eth1 ; dhclient -v eth1"
|
||||
|
||||
|
||||
|
||||
#
|
||||
# Will set the following aliases:
|
||||
# - ssh<vm> alias for quick ssh-connection
|
||||
# - get<vm> alias for quick vm's ip resolution
|
||||
# - start<vm> alias for starting up particular vm
|
||||
# - stop<vm> alias for stopping particular vm
|
||||
# - is<vm> alias for checking whether the vm is running.
|
||||
#
|
||||
# For instance, when VM_NAME=Kali - the following aliases will be defined:
|
||||
# sshkali, getkali, and so on
|
||||
#
|
||||
function setup_aliases() {
|
||||
name=$VM_NAME
|
||||
if [ -z $name ]; then
|
||||
echo "[!] You must set the VM_NAME variable within that script first!"
|
||||
exit 1
|
||||
fi
|
||||
alias ssh$name="ssh -o StrictHostKeyChecking=no -Y $VM_USER@$name"
|
||||
alias get$name="cat $HOSTS_FILE | grep -i $name | cut -d' ' -f1"
|
||||
alias start$name="startvm"
|
||||
alias stop$name="stopvm"
|
||||
alias is$name="VBoxManage list runningvms | grep -qi $name && echo '[+] Running' || echo '[-] Not running';"
|
||||
}
|
||||
|
||||
|
||||
#
|
||||
# Function for starting particular VM and then detecting it within
|
||||
# user-specified host-only network, in order to setup correct entry in hosts file.
|
||||
# Afterwards some additional actions like sshfs mounting could be deployed.
|
||||
#
|
||||
function startvm() {
|
||||
if [ -n "$1" ] && [[ "$1" == "-h" ]]; then
|
||||
echo "[?] Usage: startvm [mode] - where [mode] is: headless (default) or gui"
|
||||
return
|
||||
fi
|
||||
|
||||
name=$VM_NAME
|
||||
#hostname=${name,,}
|
||||
hostname=$name
|
||||
mode=$1
|
||||
if [[ "$mode" == "" ]]; then
|
||||
mode='headless'
|
||||
elif [[ "$mode" == "gui" ]]; then
|
||||
mode='gui'
|
||||
else
|
||||
echo "[?] Usage: startvm [mode] - where [mode] is: headless (default) or gui"
|
||||
return
|
||||
fi
|
||||
|
||||
echo "[>] Launching $name in $mode"
|
||||
if [[ $(VBoxManage list runningvms | grep -i $name) ]]; then
|
||||
echo "[+] Already running..."
|
||||
else
|
||||
echo "[>] Awaiting for machine to get up..."
|
||||
VBoxManage startvm $name --type $mode
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "[!] Could not get $name started. Bailing out."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
found=0
|
||||
sleep 16
|
||||
|
||||
for i in `seq 1 25`;
|
||||
do
|
||||
if [ $found -ne 0 ]; then
|
||||
break
|
||||
fi
|
||||
|
||||
echo -e "\t$i. Attempting to connect with $name..."
|
||||
sleep 3
|
||||
|
||||
if scan_for_vm; then
|
||||
found=1
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
if [ $found -ne 1 ]; then
|
||||
echo "[!] Critical - could not locate $name VM machine on network."
|
||||
echo -e "\tYou can always try 'scan_for_vm' command to do a sweep again and retry process."
|
||||
return
|
||||
fi
|
||||
|
||||
echo "[+] Succeeded. $name found in network."
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
#
|
||||
# Function for stopping particular VM.
|
||||
#
|
||||
function stopvm() {
|
||||
name=$VM_NAME
|
||||
hostname=$name
|
||||
|
||||
if VBoxManage list runningvms | grep -qi $name
|
||||
then
|
||||
sleep 2
|
||||
sudo sed -i "/$hostname/d" $HOSTS_FILE
|
||||
echo "[+] Stopping $VM_NAME..."
|
||||
VBoxManage controlvm $name savestate
|
||||
else
|
||||
echo "[-] Not running."
|
||||
return
|
||||
fi
|
||||
|
||||
sleep 3
|
||||
if VBoxManage list runningvms | grep -qi $name
|
||||
then
|
||||
echo "[?] Seems that $name do not want to be pasued..."
|
||||
sleep 2
|
||||
VBoxManage controlvm $name acpipowerbutton
|
||||
|
||||
if VBoxManage list runningvms | grep -qi $name
|
||||
then
|
||||
echo "[-] Could not pause $name politely. Cut his head!"
|
||||
sleep 3
|
||||
VBoxManage controlvm $name poweroff
|
||||
else
|
||||
echo "[+] Ok, it had shut itself down."
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
#
|
||||
# One can use that very function to enumerate available machines
|
||||
# visible from VMs network interface (under ARP scanning).
|
||||
#
|
||||
function find_vms_netdiscover {
|
||||
sudo netdiscover -i $HOST_ONLY_IFACE -r $HOST_ONLY_NET/24 -N -P | grep ${HOST_ONLY_NET:0:5} | cut -d' ' -f2 | tail -n +2
|
||||
}
|
||||
|
||||
function find_vms_nmap {
|
||||
nmap -sn $HOST_ONLY_NET/24 -oG - | grep Up | awk '{print $2}'
|
||||
}
|
||||
|
||||
function find_vms {
|
||||
sudo ifconfig $HOST_ONLY_IFACE up
|
||||
out=""
|
||||
if [ -x "$(command -v nmap)" ]; then
|
||||
out=$(find_vms_nmap)
|
||||
if test "$out" != ""; then
|
||||
echo "$out"
|
||||
return
|
||||
fi
|
||||
fi
|
||||
if [ -x "$(command -v netdiscover)" ]; then
|
||||
out=$(find_vms_netdiscover)
|
||||
if test "$out" != ""; then
|
||||
echo "$out"
|
||||
return
|
||||
fi
|
||||
fi
|
||||
echo ""
|
||||
}
|
||||
|
||||
function detect_vm {
|
||||
out=$(timeout 30s ssh -o BatchMode=yes -o StrictHostKeyChecking=no -o ConnectTimeout=5 $VM_USER@$1 "$VM_DETECT_COMMAND" 2>/dev/null )
|
||||
if [ $? -eq 124 ] || [ $? -eq 255 ]; then
|
||||
echo "[!] Machine $1 timed out while trying to detect it by ssh probing."
|
||||
return 1
|
||||
fi
|
||||
|
||||
if echo "$out" | grep -qi "$VM_DETECT_PATTERN" ; then
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
#
|
||||
# If for some reason `start` command didn't manage to find the VM
|
||||
# that was starting at that moment, one can repeat the scan & set process
|
||||
# manually using the below command.
|
||||
#
|
||||
function scan_for_vm {
|
||||
|
||||
# Scanning hosts in host-only network made by VirtualBox and then every
|
||||
# found host will be ssh'd to get it's uname and determine whether it is our vm.
|
||||
# Thanks to this loop we will not be failing to connect to our VM in case it's
|
||||
# IP would get assigned differently from VBox dhcp.
|
||||
hosts=$(find_vms)
|
||||
|
||||
declare -a hostsarray
|
||||
while read -r host
|
||||
do
|
||||
hostsarray+=($host)
|
||||
done <<< "$hosts"
|
||||
|
||||
sorted_hostsarray=($(echo "${hostsarray[@]}" | tr ' ' '\n' | sort -u))
|
||||
for host in $sorted_hostsarray[@]; do
|
||||
echo "[.] Testing: $host"
|
||||
detect_vm $host
|
||||
if [ $? -eq 0 ]
|
||||
then
|
||||
# VM found by match in uname's output.
|
||||
echo "[+] Found VM by ssh probing: $host"
|
||||
|
||||
if [ -n "$VM_INIT_COMMANDS" ]; then
|
||||
echo "[+] Running VM init commands..."
|
||||
timeout 1m ssh -o BatchMode=yes -o StrictHostKeyChecking=no -o ConnectTimeout=5 $VM_USER@$host "$VM_INIT_COMMANDS" 2>/dev/null
|
||||
if [ $? -eq 124 ]; then
|
||||
echo "[?] Timed out while trying to run VM_INIT_COMMANDS."
|
||||
#return 1
|
||||
echo "Continuing anyway..."
|
||||
fi
|
||||
detect_vm $host
|
||||
if [ $? -ne 0 ]; then
|
||||
if [ $# -eq 1 ] && [ "$1" == "again" ] ; then
|
||||
echo "[!] After initial commands the connection with VM is lost. Repeat the 'scan_for_vm' process"
|
||||
return 1
|
||||
else
|
||||
scan_for_vm "again"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# Since the shell does output redirection not sudo, we have to write
|
||||
# to the hosts file like so:
|
||||
#
|
||||
cat $HOSTS_FILE | grep -qi $VM_NAME
|
||||
if [ $? -eq 0 ] && [ "$1" != "again" ]; then
|
||||
sudo sed -i -E "s/^[0-9]{1,3}.[0-9]{1,3}+.[0-9]{1,3}+.[0-9]{1,3}+\s+$VM_NAME/$host $VM_NAME/" $HOSTS_FILE
|
||||
echo "[+] Updated /etc/hosts file with '$host $VM_NAME' entry."
|
||||
else
|
||||
echo "$host $hostname" | sudo tee --append $HOSTS_FILE > /dev/null
|
||||
fi
|
||||
return 0
|
||||
else
|
||||
#echo "[.] Not our target VM: '$host'"
|
||||
continue
|
||||
fi
|
||||
done
|
||||
|
||||
echo "[!] Could not locate $VM_NAME machine within the network."
|
||||
return 1
|
||||
}
|
||||
|
||||
setup_aliases
|
Loading…
Reference in New Issue
Block a user