Bambi8

.github/workflows/cleanup.yaml

@@ -0,0 +1,31 @@
+name: Clean up hcloud resources
+
+# prevent mutliple concurrent workflow executions to avoid hcloud resources interfering with each other
+concurrency: hcloud
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 3 * * *"
+  # run the workflow after a packer build workflow is finished to clean up all images created by the workflow (and potentially also left-over servers)
+  workflow_run:
+    workflows: ["Packer build"]
+    types:
+      - completed
+
+jobs:
+  cleanup:
+    runs-on: ubuntu-latest
+    steps:
+      - name: setup hcloud
+        run: |
+          curl -o hcloud-linux-amd64.tar.gz -L https://github.com/hetznercloud/cli/releases/download/v1.34.0/hcloud-linux-amd64.tar.gz
+          tar xf hcloud-linux-amd64.tar.gz -C /usr/bin hcloud
+          chmod +x /usr/bin/hcloud
+      - name: clean up resources
+        env:
+          HCLOUD_TOKEN: ${{ secrets.HCLOUD_TOKEN }}
+        run: |
+          for i in $(hcloud ssh-key list -o noheader -o columns=id); do hcloud ssh-key delete $i; done
+          for i in $(hcloud server list -o noheader -o columns=id); do hcloud server delete $i; done
+          for i in $(hcloud image list -t snapshot -o noheader -o columns=id); do hcloud image delete $i; done

.github/workflows/packer.yaml

@@ -0,0 +1,58 @@
+name: Packer build
+
+# prevent mutliple concurrent workflow executions to avoid hcloud resources interfering with each other
+concurrency: hcloud
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  docker-build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Build and save Docker image
+        run: |
+          docker build -t ghcr.io/enowars/bambictf:latest .
+          docker save --output /tmp/bambictf.tar ghcr.io/enowars/bambictf:latest
+      - name: Upload artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: bambictf
+          path: /tmp/bambictf.tar
+
+  packer-build:
+    strategy:
+      # fail-fast needs to be disabled, otherwise packer processes may be ungracefully killed and leave stale builder VMs
+      fail-fast: false
+      matrix:
+        image: ["bambichecker", "bambielk", "bambiengine", "bambirouter", "bambivulnbox"]
+    runs-on: ubuntu-latest
+    needs: docker-build
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Download artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: bambictf
+          path: /tmp
+      - name: Load Docker image
+        run: docker load --input /tmp/bambictf.tar
+      - name: start docker-compose setup
+        env:
+          HCLOUD_TOKEN: ${{ secrets.HCLOUD_TOKEN }}
+        run: docker-compose up -d
+      - name: prepare ansible config
+        run: docker-compose exec -T bambictf sh -c 'cp ansible/config_bambi.yml.sample ansible/config_bambi.yml'
+      - name: generate config files
+        run: docker-compose exec -T bambictf sh -c 'cd config; TEAM_COUNT=4 GATEWAY_COUNT=2 CHECKER_COUNT=2 ./gen_config.sh'
+      - name: build packer image
+        run: docker-compose exec -T bambictf sh -c 'cd packer; packer build ${{ matrix.image }}.json'

.gitignore

@@ -14,3 +14,5 @@ config*.yml
 .trash/
 .env
 id_ed25519
+.secrets
+ctf*json

Dockerfile

@@ -1,4 +1,4 @@
-FROM ubuntu:20.04
+FROM ubuntu:22.04
 
 # Core deps
 RUN apt-get update
@@ -27,6 +27,9 @@ ENV PATH="/usr/share/easy-rsa:${PATH}"
 # QOL
 RUN echo "set -g mouse on" > /root/.tmux.conf
 
+# fix SSH host key checking
+RUN mkdir /root/.ssh && echo "Host 127.0.0.1\n  HostKeyAlgorithms=+ssh-rsa\n  PubkeyAcceptedKeyTypes=+ssh-rsa" > /root/.ssh/config
+
 WORKDIR /bambictf
 
 ENTRYPOINT tail -f /dev/null

README.md

@@ -30,8 +30,6 @@ github_ssh_keys:
     - domenukk
     - ldruschk
     - MMunier
-elk_address: ip or url
-moloch_internal_ip: ip or url
 ```
 2. Create `./terraform/terraform.tfvars`:
 ```
@@ -69,7 +67,7 @@ export HCLOUD_TOKEN="..."
 ```
 
 ## Docker
-- Have at least one ssh key with the label `type=admin` in your project
+- Have at least one ssh key with the label `type=admin` in your project **(HETZNER's WEBSITE)**
 - Set `HCLOUD_TOKEN` and `HETZNERDNS_TOKEN`
 - Create `./ansible/config_bambi.yml`
 - Obtain a private ssh ed25519 key that can clone your repositories (`cp ~/.ssh/id_ed25519 .`)
@@ -88,7 +86,7 @@ export HCLOUD_TOKEN="..."
 - Create `./terraform/terraform.tfvars`
     - set `vpn_floating_ip_only = false`
     - set `internal_floating_ip_only = false`
-- `cd ./terraform`
+- `cd /bambictf/terraform`
 - `terraform init`
 - `terraform apply`
 

ansible/roles/bambi-wireguard-router/tasks/main.yml

@@ -118,22 +118,15 @@
       out_interface: router
       jump: ACCEPT
 
-  - name: allow intra-team traffic part 1
-    iptables:
-      chain: FORWARD
-      out_interface: router
-      source: "10.1.{{ item }}.0/24"
-      destination: "10.1.{{ item }}.0/24"
-      jump: ACCEPT
+  # this is a pretty hacky workaround, but the execution of the iptables-module in ansible is just painfully slow
+  - name: "allow intra-team traffic part 1"
+    shell: "iptables -A FORWARD -s 10.1.{{ item }}.0/24 -d 10.1.{{ item }}.0/24 -o router -j ACCEPT"
+    when: '"-A FORWARD -s 10.1."+item+".0/24 -d 10.1."+item+".0/24 -o router -j ACCEPT" not in iptablessave.stdout'
     with_sequence: start=1 end=255
 
-  - name: allow intra-team traffic part 2
-    iptables:
-      chain: FORWARD
-      out_interface: team+
-      source: "10.1.{{ item }}.0/24"
-      destination: "10.1.{{ item }}.0/24"
-      jump: ACCEPT
+  - name: "allow intra-team traffic part 2"
+    shell: "iptables -A FORWARD -s 10.1.{{ item }}.0/24 -d 10.1.{{ item }}.0/24 -o team+ -j ACCEPT"
+    when: '"-A FORWARD -s 10.1."+item+".0/24 -d 10.1."+item+".0/24 -o router -j ACCEPT" not in iptablessave.stdout'
     with_sequence: start=1 end=255
 
   - name: persist iptables config

ansible/roles/bambixploit/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
   - name: Install bambixploit
     get_url:
-      url: "https://github.com/enowars/bambiXploit-dotnet/releases/download/v0.0.9/bambixploit-linux-x64"
+      url: "https://github.com/enowars/bambiXploit-dotnet/releases/download/v0.0.10/bambixploit-linux-x64"
       dest: /usr/local/bin/bambixploit
       mode: 0755
 

ansible/roles/dotnetsdk/tasks/main.yml

@@ -5,23 +5,23 @@
     failed_when: dotnet_sdk_deb.rc > 1
     changed_when: dotnet_sdk_deb.rc == 1
 
-  - name: Download Microsoft PGP key
-    get_url:
-      url: "https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb"
-      dest: "/tmp/packages-microsoft-prod.deb"
-    when: dotnet_sdk_deb.rc == 1
+  # - name: Download Microsoft PGP key
+  #   get_url:
+  #     url: "https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb"
+  #     dest: "/tmp/packages-microsoft-prod.deb"
+  #   when: dotnet_sdk_deb.rc == 1
 
-  - name: Install Microsoft PGP key
-    apt:
-      deb: "/tmp/packages-microsoft-prod.deb"
-    become: yes
-    when: dotnet_sdk_deb.rc == 1
+  # - name: Install Microsoft PGP key
+  #   apt:
+  #     deb: "/tmp/packages-microsoft-prod.deb"
+  #   become: yes
+  #   when: dotnet_sdk_deb.rc == 1
 
-  - name: Install dotnet deps
-    apt:
-      name: "apt-transport-https"
-      state: present
-    when: dotnet_sdk_deb.rc == 1
+  # - name: Install dotnet deps
+  #   apt:
+  #     name: "apt-transport-https"
+  #     state: present
+  #   when: dotnet_sdk_deb.rc == 1
 
   - name: Install dotnet sdk
     apt:

ansible/roles/enomoloch/files/enodump.service

@@ -8,7 +8,7 @@ Restart=always
 TimeoutStartSec=300
 WorkingDirectory=/pcaps
 
-ExecStart=/usr/sbin/tcpdump -i game -G 30 -w '%%Y_%%m_%%d-%%H_%%M_%%S.pcap' -s 0
+ExecStart=/usr/bin/tcpdump -i game -G 30 -w '%%Y_%%m_%%d-%%H_%%M_%%S.pcap' -s 0
 
 [Install]
 WantedBy=multi-user.target

clean_records.py

@@ -0,0 +1,65 @@
+
+# Install the Python Requests library:
+# `pip install requests`
+import os
+import requests
+
+AUTH_API_TOKEN = os.environ["HETZNERDNS_TOKEN"]
+print(AUTH_API_TOKEN)
+
+def list_records(ZoneID):
+    # Get Records
+    # GET https://dns.hetzner.com/api/v1/records
+
+    try:
+        response = requests.get(
+            url="https://dns.hetzner.com/api/v1/records",
+            params={
+                "zone_id": ZoneID,
+            },
+            headers={
+                "Auth-API-Token": AUTH_API_TOKEN,
+            },
+        )
+        print('Response HTTP Status Code: {status_code}'.format(
+            status_code=response.status_code))
+        print('Response HTTP Response Body: {content}'.format(
+            content=response.content))
+    except requests.exceptions.RequestException:
+        print('HTTP Request failed')
+
+    return response.json()
+
+def delete_record(RecordID):
+    # Delete Record
+    # DELETE https://dns.hetzner.com/api/v1/records/{RecordID}
+
+    try:
+        response = requests.delete(
+            url=f"https://dns.hetzner.com/api/v1/records/{RecordID}",
+            headers={
+                "Auth-API-Token": AUTH_API_TOKEN,
+            },
+        )
+        print('Response HTTP Status Code: {status_code}'.format(
+            status_code=response.status_code))
+        print('Response HTTP Response Body: {content}'.format(
+            content=response.content))
+    except requests.exceptions.RequestException:
+        print('HTTP Request failed')
+
+
+records = list_records("bambi.ovh")["records"]
+print(records)
+
+for record in records:
+    print("RECORD", record["name"], "->", record["value"])
+    #delete_record(record['id'])
+
+
+confirm = input("Enter \"yes\" to delete all records")
+
+if confirm.strip() == "yes":
+    for record in records:
+        print("DETLETING RECORD", record["name"], "->", record["value"])
+        delete_record(record['id'])

config/gen_config.sh

@@ -1,8 +1,8 @@
 #!/bin/bash
 
-TEAM_COUNT=256
-GATEWAY_COUNT=1
-CHECKER_COUNT=5
+TEAM_COUNT=$(if [ -z "$TEAM_COUNT" ]; then echo 255; else echo "$TEAM_COUNT"; fi)
+GATEWAY_COUNT=$(if [ -z "$GATEWAY_COUNT" ]; then echo 2; else echo "$GATEWAY_COUNT"; fi)
+CHECKER_COUNT=$(if [ -z "$CHECKER_COUNT" ]; then echo 4; else echo "$CHECKER_COUNT"; fi)
 
 mkdir -p "export"
 mkdir -p "internal_router"

packer/bambichecker.json

@@ -13,14 +13,15 @@
     "builders": [
         {
             "type": "hcloud",
-            "image": "ubuntu-20.04",
+            "image": "ubuntu-22.04",
             "location": "fsn1",
             "server_type": "cx11",
             "ssh_username": "root",
             "snapshot_name": "bambichecker-{{timestamp}}",
             "snapshot_labels": {
                 "type": "bambichecker"
-            }
+            },
+            "user_data": "#!/bin/sh\necho PubkeyAcceptedKeyTypes=+ssh-rsa >> /etc/ssh/sshd_config; service ssh reload"
         }
     ]
 }

packer/bambielk.json

@@ -13,14 +13,15 @@
     "builders": [
         {
             "type": "hcloud",
-            "image": "ubuntu-20.04",
+            "image": "ubuntu-22.04",
             "location": "fsn1",
             "server_type": "cx11",
             "ssh_username": "root",
             "snapshot_name": "bambielk-{{timestamp}}",
             "snapshot_labels": {
                 "type": "bambielk"
-            }
+            },
+            "user_data": "#!/bin/sh\necho PubkeyAcceptedKeyTypes=+ssh-rsa >> /etc/ssh/sshd_config; service ssh reload"
         }
     ]
 }

packer/bambiengine.json

@@ -13,14 +13,15 @@
     "builders": [
         {
             "type": "hcloud",
-            "image": "ubuntu-20.04",
+            "image": "ubuntu-22.04",
             "location": "fsn1",
             "server_type": "cx11",
             "ssh_username": "root",
             "snapshot_name": "bambiengine-{{timestamp}}",
             "snapshot_labels": {
                 "type": "bambiengine"
-            }
+            },
+            "user_data": "#!/bin/sh\necho PubkeyAcceptedKeyTypes=+ssh-rsa >> /etc/ssh/sshd_config; service ssh reload"
         }
     ]
 }

packer/bambirouter.json

@@ -7,6 +7,9 @@
             "extra_arguments": [
                 "--extra-vars",
                 "ansible_python_interpreter=/usr/bin/python3"
+            ],
+            "ansible_env_vars": [
+                "ANSIBLE_PIPELINING=True"
             ]
         }
     ],
@@ -20,7 +23,8 @@
             "snapshot_name": "bambirouter-{{timestamp}}",
             "snapshot_labels": {
                 "type": "bambirouter"
-            }
+            },
+            "user_data": "#!/bin/sh\necho PubkeyAcceptedKeyTypes=+ssh-rsa >> /etc/ssh/sshd_config; service ssh reload"
         }
     ]
 }