Background
I've been using Kali linux as my main ethical hacking OS for several years. I use it in the classroom and in ethical hacking ranges such as hackthebox. One issue is the best way to consistently store tools, proven exploit code and target information.
Vagrant allows you to consistently configure your VM to your specifications to include folders that are synchronized between guest and host. Simply do a git clone on your tools and exploit directories on your host and capture target data in the synchronized folder on your guest, and you end up with one consistent repository of data rather than having key resources trapped in a VM that you may not use again.
Proof of Concept
Install Vagrant and provider
Place
Vagrantfileandprovision-kali.ymlin the same directory (example uses vmware provider)create a
shared_directorydirectoryrun
vagrant up
Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "kalilinux/rolling"
config.vm.provision :ansible do |ansible|
ansible.limit = "all"
ansible.playbook = "provision-kali.yml"
end
config.vm.provider "vmware_desktop" do |v|
v.gui=true
v.vmx["memsize"] = "8192"
v.vmx["numvcpus"] = "2"
end
config.vm.synced_folder "shared_directory", "/host_data"
end
provision-kali.yml
- name: provision
hosts: all
tasks:
- name: upgrade all packages
become: yes
apt:
upgrade: yes
update_cache: yes
- name: install chrome
become: yes
apt:
deb: "https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb"
- name: install chrome remote desktop
become: yes
apt:
deb: "https://dl.google.com/linux/direct/chrome-remote-desktop_current_amd64.deb"
- name: install misc kali packages
become: yes
apt:
pkg:
- seclists
- curl
- feroxbuster
- nbtscan
- oscanner
- redis-tools
- smbclient
- snmp
- sslscan
- sipvicious
- tnscmd10g
- wkhtmltopdf
- python3-venv
- python3-pip
- gobuster
- xlsx2csv
- mingw-w64
- flameshot
- atftp
- remmina
- gcc-multilib
- crowbar
- libssl-dev
- zlib1g-dev
- libbz2-dev
- libreadline-dev
- libsqlite3-dev
- wget
- llvm
- libncurses5-dev
- libncursesw5-dev
- xz-utils
- tk-dev
- liblzma-dev
- git
- name: add microsoft key
become: yes
apt_key:
url: https://packages.microsoft.com/keys/microsoft.asc
state: present
- name: add vscode repo
become: yes
apt_repository:
repo: deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main
- name: install vscode
become: yes
apt:
name: code
update_cache: yes
state: latest
- name: pip install nmap to csv
pip:
name: nmaptocsv
- name: pip install csv to md
pip:
name: csv2md
- name: download pyenv installer
get_url:
url: https://pyenv.run
dest: /tmp/pyenv.run
mode: 'u+rwx'
- name: run pyenv installer
shell: /tmp/pyenv.run
args:
creates: "/home/vagrant/.pyenv/README.md"
- name: modify user path for pip and pyenv
lineinfile:
path: "/home/vagrant/.zshrc"
line: "{{ item }}"
state: present
mode: 0644
create: yes
with_items:
- 'export PATH=$PATH:/home/vagrant/.local/bin'
- 'export PYENV_ROOT="$HOME/.pyenv"'
- 'export PATH="$PYENV_ROOT/bin:$PATH"'
- 'if command -v pyenv 1>/dev/null 2>&1; then; eval "$(pyenv init --path)";fi'
- name: install pyenv for python 2.7.18
shell: "/home/vagrant/.pyenv/bin/pyenv install 2.7.18"
args:
creates: "/home/vagrant/.pyenv/versions/2.7.18/include/python2.7/Python.h"
- name: reboot your box
become: yes
reboot:
- run
vagrant reload