DefensiveOrigins · oerlex · Nov 25, 2021 · Nov 25, 2021 · Nov 25, 2021 · Nov 26, 2021
diff --git a/.idea/.gitignore b/.idea/.gitignore
diff --git a/.idea/APT-Lab-Terraform.iml b/.idea/APT-Lab-Terraform.iml
diff --git a/.idea/inspectionProfiles/profiles_settings.xml b/.idea/inspectionProfiles/profiles_settings.xml
diff --git a/.idea/misc.xml b/.idea/misc.xml
diff --git a/.idea/modules.xml b/.idea/modules.xml
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
diff --git a/LabBuilder.py b/LabBuilder.py
@@ -1,7 +1,7 @@
 import urllib,json, subprocess, os, errno, shutil, argparse, configparser, csv, time
 from requests import get
 
-############ Setup section for students 
+############ Setup section for students
 #
 
 # By default your VMs will be deployed to Azure Cloud in a Central US data center.
@@ -10,24 +10,23 @@
 #
 # Apply the desired value from the "name" column in the region variable.
 
-region="centralus"
+region="westeurope"
+username="myadmin"
+password="Admin123!"
 
-# To deploy your VMs to Azure Cloud, you will first need to create an Azure 
-# Service Principal and a "secret token". These will be used by this script to 
+# To deploy your VMs to Azure Cloud, you will first need to create an Azure
+# Service Principal and a "secret token". These will be used by this script to
 # Terraform your lab environment.
 # See -> https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/service_principal_client_secret
 #
 # BEWARE!
 # The following information allows direct login to your Azure Cloud environment!
 # Treat this file as highly confidential!
 
-subscription_id = ""
-client_id       = ""
-client_secret   = ""
-tenant_id       = ""
-
-############ END OF Setup section for students 
-
+subscription_id = "xxxxx"
+client_id       = "yyyy"
+client_secret   = "zzzz"
+tenant_id       = "aaaa"
 
 def copy(src, dest):
     try:
@@ -43,121 +42,119 @@ def readmastertf(masterfile):
     filecontent = fileaccess.read()
     fileaccess.close()
     return filecontent
-   
+
 def buildmain(mgmtip):
     staticinfo='''provider "azurerm" {
-    # The "feature" block is required for AzureRM provider 2.x. 
-    # If you're using version 1.x, the "features" block is not allowed.
-    version = "1.27.0"
 
+    features{}
     subscription_id = "subid"
     client_id       = "clid"
     client_secret   = "clse"
     tenant_id       = "tenid"
-}
-locals {
-  resource_group_name   = "class-resources"
-  master_admin_username ="itadmin"
-  master_admin_password ="APTClass!"
-  master_domain         ="labs.local"
-}
-'''
+    }
+        locals {
+        resource_group_name   = "class-resources"
+        master_admin_username ="myadmin"
+        master_admin_password ="Admin123!"
+        master_domain         ="pentest.lab"
+    }
+    '''
     buildinfo='''
 
-resource "azurerm_resource_group" "stu" {
-  name     = local.resource_group_name
-  location = "regionalregion"
-}
-
-module "stu-network" {
-  source              = "./modules/network"
-  prefix              = "stu"
-  resource_group_name = azurerm_resource_group.stu.name
-  location            = azurerm_resource_group.stu.location
-}
-
-module "stu-DC" {
-  source                        = "./modules/active-directory"
-  resource_group_name           = azurerm_resource_group.stu.name
-  location                      = azurerm_resource_group.stu.location
-  prefix                        = "stu"
-  subnet_id                     = module.stu-network.domain_subnet_id
-  active_directory_domain       = local.master_domain
-  active_directory_netbios_name = "LABS"
-  admin_username                = local.master_admin_username
-  admin_password                = local.master_admin_password
-}
-
-module "stu-client" {
-  source                    = "./modules/windows-client1"
-  resource_group_name       = azurerm_resource_group.stu.name
-  location                  = azurerm_resource_group.stu.location
-  prefix                    = "stu"
-  subnet_id                 = module.stu-network.domain_clients_subnet_id
-  active_directory_domain   = local.master_domain
-  active_directory_username = local.master_admin_username
-  active_directory_password = local.master_admin_password
-  admin_username            = local.master_admin_username
-  admin_password            = local.master_admin_password
-  networksec_group          = azurerm_network_security_group.stu-rdp.id
-}
-
-output "stu_Public_IP" {
-  value = module.stu-client.public_ip_address
-}
-
-module "stu-linux" {
-  source                    = "./modules/linux"
-  resource_group_name       = azurerm_resource_group.stu.name
-  location                  = azurerm_resource_group.stu.location
-  prefix                    = "stu"
-  subnet_id                 = module.stu-network.domain_subnet_id
-  active_directory_domain   = local.master_domain
-  active_directory_username = local.master_admin_username
-  active_directory_password = local.master_admin_password
-  admin_username            = local.master_admin_username
-  admin_password            = local.master_admin_password
-}
-
-resource "azurerm_network_security_group" "stu-rdp" {
-  name     = "stu-rdp"
-  resource_group_name  = azurerm_resource_group.stu.name
-  location = "regionalregion"
-  security_rule{
-    name                       = "stu-rdp-rule-mgmt"
-    direction                       = "Inbound"
-    access                     = "Allow"
-    priority                   = 200
-    source_address_prefix      = "mgmtip"
-    source_port_range          = "*"
-    destination_address_prefix = "*"
-    destination_port_range     = "3389"
-    protocol                   = "TCP"
-  }
-  security_rule{
-    name                       = "stu-internal-in"
-    direction                       = "Inbound"
-    access                     = "Allow"
-    priority                   = 300
-    source_address_prefix      = "10.10.0.0/16"
-    source_port_range          = "*"
-    destination_address_prefix = "*"
-    destination_port_range     = "*"
-    protocol                   = "*"
-  }
-  security_rule{
-    name                       = "stu-internal-out"
-    direction                       = "Outbound"
-    access                     = "Allow"
-    priority                   = 400
-    source_address_prefix      = "10.10.0.0/16"
-    source_port_range          = "*"
-    destination_address_prefix = "*"
-    destination_port_range     = "*"
-    protocol                   = "*"
-}
-}'''
-    
+    resource "azurerm_resource_group" "stu" {
+      name     = local.resource_group_name
+      location = "regionalregion"
+    }
+
+    module "stu-network" {
+      source              = "./modules/network"
+      prefix              = "stu"
+      resource_group_name = azurerm_resource_group.stu.name
+      location            = azurerm_resource_group.stu.location
+    }
+
+    module "stu-DC" {
+      source                        = "./modules/active-directory"
+      resource_group_name           = azurerm_resource_group.stu.name
+      location                      = azurerm_resource_group.stu.location
+      prefix                        = "stu"
+      subnet_id                     = module.stu-network.domain_subnet_id
+      active_directory_domain       = local.master_domain
+      active_directory_netbios_name = "LABS"
+      admin_username                = local.master_admin_username
+      admin_password                = local.master_admin_password
+    }
+
+    module "stu-client" {
+      source                    = "./modules/windows-client1"
+      resource_group_name       = azurerm_resource_group.stu.name
+      location                  = azurerm_resource_group.stu.location
+      prefix                    = "stu"
+      subnet_id                 = module.stu-network.domain_clients_subnet_id
+      active_directory_domain   = local.master_domain
+      active_directory_username = local.master_admin_username
+      active_directory_password = local.master_admin_password
+      admin_username            = local.master_admin_username
+      admin_password            = local.master_admin_password
+      networksec_group          = azurerm_network_security_group.stu-rdp.id
+    }
+
+    output "stu_Public_IP" {
+      value = module.stu-client.public_ip_address
+    }
+
+    module "stu-linux" {
+      source                    = "./modules/linux"
+      resource_group_name       = azurerm_resource_group.stu.name
+      location                  = azurerm_resource_group.stu.location
+      prefix                    = "stu"
+      subnet_id                 = module.stu-network.domain_subnet_id
+      active_directory_domain   = local.master_domain
+      active_directory_username = local.master_admin_username
+      active_directory_password = local.master_admin_password
+      admin_username            = local.master_admin_username
+      admin_password            = local.master_admin_password
+    }
+
+    resource "azurerm_network_security_group" "stu-rdp" {
+      name     = "stu-rdp"
+      resource_group_name  = azurerm_resource_group.stu.name
+      location = "regionalregion"
+      security_rule{
+        name                       = "stu-rdp-rule-mgmt"
+        direction                  = "Inbound"
+        access                     = "Allow"
+        priority                   = 200
+        source_address_prefix      = "mgmtip"
+        source_port_range          = "*"
+        destination_address_prefix = "*"
+        destination_port_range     = "3389"
+        protocol                   = "TCP"
+      }
+      security_rule{
+        name                       = "stu-internal-in"
+        direction                  = "Inbound"
+        access                     = "Allow"
+        priority                   = 300
+        source_address_prefix      = "10.10.0.0/16"
+        source_port_range          = "*"
+        destination_address_prefix = "*"
+        destination_port_range     = "*"
+        protocol                   = "*"
+      }
+      security_rule{
+        name                       = "stu-internal-out"
+        direction                  = "Outbound"
+        access                     = "Allow"
+        priority                   = 400
+        source_address_prefix      = "10.10.0.0/16"
+        source_port_range          = "*"
+        destination_address_prefix = "*"
+        destination_port_range     = "*"
+        protocol                   = "*"
+        }
+    }'''
+
     maintf = open('./LABS/main.tf', 'a+')
     staticinfo=staticinfo.replace('subid',subscription_id)
     staticinfo=staticinfo.replace('clid',client_id)
@@ -167,19 +164,29 @@ def buildmain(mgmtip):
     tmp=buildinfo
     tmp=tmp.replace('mgmtip',mgmtip[0])
     tmp=tmp.replace('regionalregion',region)
-    maintf.write(tmp)    
+    maintf.write(tmp)
+
+def csvParser():
+    with open(csvpath) as csvfile:
+        csv-reader = csv.reader(csvfile, delimiter=' ', quotechar='|')
+        for row in csv-reader:
+                print(', '.join(row))
 
 def main():
     parser = argparse.ArgumentParser(description='Creates Azure resources for Lab environment with terraform')
-    parser.add_argument('-m', help='Public IP Addresses for management access rules(ex. 1.1.1.1 or 1.1.1.0/24', 
+    parser.add_argument('-m', help='Public IP Addresses for management access rules(ex. 1.1.1.1 or 1.1.1.0/24',
         metavar='input_mgmt', dest='mgmtip', type=str, nargs='+', required=False)
     parser.add_argument('-d','-destroy', help='Will use terraform Destroy to destroy everything created by this script in Azure',  action='store_true', dest='destroy_switch',  required=False)
+    parser.add_argument('-r','-region', help='Set the region where you want the lab to be deployed. Default "westeurope"', dest='region', type=str, required=False)
+    parser.add_argument('-u','-username', help='Specify the username of the domain administrator. Default: myadmin',dest='username', type=str, required=False)
+    parser.add_argument('-p','-password', help='Specify the password of the domain administrator. Default: Admin123!. Remember to follow the default password complexity --> https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements',dest='password', type=str, required=False)
+    parser.add_argument('-c','-csv-file', help='Specify the path the .csv file. This file enables bulk creation. The user can define all VMs in the .csv template and create them by parsing that file. It needs to follow a certain structure. You can find the template at https://github.com/oerlex/APT-Lab-Terraform',dest='csv', type=str, required=False)
     args=parser.parse_args()
 
     if args.destroy_switch:
         print("===This will use Terraform to DESTROY the Lab environment that was created in Azure====== \n This will 'un-build' the lab and all the data will be destroyed")
         time.sleep(3)
-        os.system("cd LABS && terraform destroy")  
+        os.system("cd LABS && terraform destroy")
     else:
       def split_args(arg):
           try:
@@ -196,6 +203,10 @@ def split_args(arg):
               return None
 
       mgmtip=args.mgmtip
+      region=args.region
+      username=args.username
+      password=args.password
+      csvpath=args.csv
       masterfolder="./master"
       classfolder="./LABS"
       copy(masterfolder,classfolder)