In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-28 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/02 Report--
This article mainly explains "what is Capsulecorp-Pentest". Interested friends may wish to have a look at it. The method introduced in this paper is simple, fast and practical. Now let the editor take you to learn "what is Capsulecorp-Pentest?"
Capsulecorp-Pentest
Capsulecorp-Pentest is a small virtual network driven by Vagrant and Ansible. The tool consists of five virtual machines and includes one Linux attack system running Xubuntu and four virtual machines running Windows 2019 server system and configured with multiple vulnerable services. This project can help security researchers learn and study network penetration testing techniques in a standard environment.
Building a virtual network to learn penetration testing is actually a tedious task, which not only consumes passion, but also consumes a lot of time and resources. However, the Capsulecorp environment has helped us configure all the components and environments. Once you have Vagrant, Ansible, and VirtualBox installed on your device, we only need to run a few simple Vagrant commands to have a fully functioning active directory domain and use it to learn and study penetration testing techniques.
Function introduction
Active directory domain with 1 DC and 3 server members
Domain controller: goku.capsulecorp.local server 01:vegeta.capsulecorp.local server 02:gohan.capsulecorp.local server 03:trunks.capsulecorp.localWrkstn 01:tien.capsulecorp.local
Vulnerable Jenkins server (running on vegeta)
Vulnerable Apache Tomcat server (running on trunks)
Vulnerable MSSQL server (running on gohan)
There is a MS17-010 vulnerability (running on tien)
Run XRDP's Xubuntu penetration test system, which contains the following components:
MetasploitCrackMapExecNmapRemmina RDP clientRVMPython/Pip/PipenvImpacket tool requirements
If you want to use the Capsulecorp penetration test network properly, the majority of users must pre-install the following tool components:
VirtualBox: [click me to download]
Vagrant: [click me to download]
Ansible: [click me to download]
Tool installation
First, clone the project source code locally using the following command:
Git clone https://github.com/R3dy/capsulecorp-pentest.git
Use the cd command to change to the project directory:
Cd capsulecorp-pentest
Next, we need to start the virtual machine in a specific order and configure the Ansible script. Then use the following command to configure the Goku environment:
Vagrant up gokuvagrant provision gokumacOS configuration
To manage the Windows host, you need to install pywinrm in the Ansible virtual environment using the pip command:
Source ~ / ansible/bin/activatepip install pywinrmdeactivate configure Windows host
First, we need to configure the domain controller. This system can take a long time to boot up, because things like dcpromo take a little time to configure.
Turn on the virtual machine:
Vagrant up goku
Configure the virtual machine:
Vagrant provision goku
We can configure different virtual machine environments by replacing "goku" in the above two commands with "gohan", "vegeta", and "trunks".
This part of the operation will take some time, because after configuring dcpromo, the system will have to restart.
TASK [promotedc: Set a static address to 172.28.128.100] * * changed: [goku] TASK [promotedc: Change hostname to goku] * * ok: [goku] TASK [promotedc: Install Active Directory Services] * * ok: [goku] TASK [promotedc: Promote goku to domain controller] * * changed: [goku] TASK [promotedc: Reboot after promotion] * * configure the penetration test platform
After starting and configuring all the virtual machines using Vagrant, use the cd command to enter the project directory, such as "cd ~ / capsulecorp-pentest", where the RDP forwarding port of the local host is required.
Vagrant up pentest
Configure penetration testing equipment:
Vagrant provision pentest
We can use the preferred RDP client to connect to the xrdp listener, or use SSH to access your penetration testing device:
Vagrant ssh pentest at this point, I believe you have a deeper understanding of "what is Capsulecorp-Pentest", might as well come to the actual operation of it! Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 232
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.