Merge pull request #1018 from splunk/ar_local_improvements_3

Attack Range local improvements
splunk · Dec 9, 2024 · dffedb2 · dffedb2
2 parents 6632d79 + b6e07e9
commit dffedb2
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 2 deletions.
diff --git a/modules/vagrant_controller.py b/modules/vagrant_controller.py
@@ -30,6 +30,21 @@ def build(self) -> None:
         vagrantfile += self.read_vagrant_file('splunk_server/Vagrantfile')
         vagrantfile += '\n\n'
 
+        for i in range(len(self.config["windows_servers"])):
+            image_name = self.config["windows_servers"][i]["windows_image"]
+            if image_name.startswith("windows-server-2016"):
+                self.config["windows_servers"][i][
+                    "windows_image"
+                ] = "d1vious/windows2016"
+
+            elif image_name.startswith("windows-server-2019"):
+                self.config["windows_servers"][i][
+                    "windows_image"
+                ] = "StefanScherer/windows_2019"
+            else:
+                self.logger.error("Image " + image_name + " not supported for Attack Range local provider.")
+                sys.exit(1)
+
         for idx, x in enumerate(self.config['windows_servers']):
             vagrantfile += self.read_vagrant_file_array('windows_server/Vagrantfile', x, idx)
             vagrantfile += '\n\n'

diff --git a/terraform/azure/modules/windows/resources.tf b/terraform/azure/modules/windows/resources.tf
@@ -105,6 +105,7 @@ resource "azurerm_virtual_machine" "windows" {
         "splunk_server": ${jsonencode(var.splunk_server)},
         "simulation": ${jsonencode(var.simulation)},
         "windows_servers": ${jsonencode(var.windows_servers[count.index])},
+        "caldera_server": ${jsonencode(var.caldera_server)},
       }
       EOF
     EOT

diff --git a/vagrant/windows_server/Vagrantfile b/vagrant/windows_server/Vagrantfile
@@ -1,5 +1,5 @@
 config.vm.define "ar-win-{{ config.general.key_name }}-{{ config.general.attack_range_name }}-{{ count }}" do |config|
-    config.vm.box = "d1vious/windows2016"
+    config.vm.box = "{{ server.windows_image }}"
     config.vm.hostname = "{{ server.hostname }}"
     config.vm.boot_timeout = 600
     config.vm.communicator = "winrm"
@@ -28,7 +28,8 @@ config.vm.define "ar-win-{{ config.general.key_name }}-{{ config.general.attack_
         "general" => {{ config.general | tojson }},
         "splunk_server" => {{ config.splunk_server | tojson }},
         "simulation" => {{ config.simulation | tojson }},
-        "windows_servers" => {{ config.windows_servers[count] | tojson }}
+        "windows_servers" => {{ config.windows_servers[count] | tojson }},
+        "caldera_server" => {{ config.caldera_server | tojson }}
       }
 
       File.write("windows_vars_{{ count }}.json", JSON.pretty_generate(windows_vars))