goad python wrapper update

ansible/wait5m.yml

@@ -0,0 +1,14 @@
+#Aleem Ladha @LadhaAleem
+#Credits to SOCFortress and Mayfly277
+- name: Install and configure Wazuh Manager
+  hosts: wazuh_server
+  become: yes
+  roles:
+    - { role: 'wazuh_manager', tags: 'wazuh_manager' }
+
+- name: Install Wazuh Agent
+  hosts: wazuh_agents
+  roles:
+    - { role: 'wazuh_agent', tags: 'wazuh_agent' }
+  vars:
+    wazuh_manager_host: "{{ hostvars['wazuh']['ansible_host'] }}"

globalsettings.ini

@@ -1,4 +1,5 @@
 [all:vars]
+; This is the global inventory file, data here will override all lab or provider inventory datas
 ; modify this to add layouts to VMs
 keyboard_layouts=["en-US", "fr-FR"]
 ; define here the default layout to use (must be in the keyboard_layouts list)

goad.ini

@@ -3,25 +3,10 @@
 lab = GOAD
 ; provider : virtualbox / vmware / aws / azure
 provider = vmware
-; providing method : local / docker
-providing_method = local
-
-
-[proxmox]
-
-[aws]
-profile=default
-aws_access_key_id=
-aws_secret_access_key=
-
-[azure]
-profile=default
-subcription=
-
-[GOAD-extensions]
-wazuh = false
-elk = false
-ws01 = false
-attackbox = false
-guacamole = false
-linux = false
+; provisioning method :
+; local (default) : use subprocess to run ansible playbook
+; runner : use ansible runner localy to run ansible playbook
+; docker : use docker container to run ansible
+; remote : launch ansible with ssh through the jumpbox (azure/aws only)
+; if provisioner is not compatible it will be force to default
+provisioner = local

goad.py

@@ -3,32 +3,17 @@
 from rich import print
 
 from goad.config import Config
-from goad.lab_controller import LabController
-from goad.menu import print_menu
+from goad.jumpbox import JumpBox
+from goad.lab_manager import LabManager
+from goad.menu import print_menu, print_logo
 from goad.log import Log
 from goad.utils import *
 from goad.labs import *
-from goad.gui import *
+from goad.infos import *
 
 
 class Goad(cmd.Cmd):
 
-    @staticmethod
-    def print_logo():
-        logo = """[white]
-   _____   _____          _____ 
-  / ____| / ||| \  [blue] /\\\\[/blue]   |  __ \ 
- | |  __||  |||  | [blue]/  \\\\[/blue]  | |  | |
- | | |_ ||  |||  |[blue]/ /\ \\\\[/blue] | |  | |
- | |__| ||  |||  [blue]/ /__\ \\\\[/blue]| |__| |
-  \_____| \_|||_[blue]/________\\\\[/blue]_____/
-    [bold]Game Of Active Directory[/bold]
-      [yellow][italic]Pwning is comming[/italic][/yellow]
-[/white]
-Goad management console type help or ? to list commands
-"""
-        print(logo)
-
     def __init__(self, args):
         super().__init__()
         # get the arguments
@@ -40,45 +25,78 @@ def __init__(self, args):
         config = Config().merge_config(args)
 
         # prepare lab controller to manage labs
-        self.lab_controller = LabController().init(labs, config)
+        self.lab_manager = LabManager().init(labs, config)
 
         # set current lab and provider
         self.refresh_prompt()
 
     def refresh_prompt(self):
-        self.prompt = f"\n{self.lab_controller.get_current_lab_name()} @ {self.lab_controller.get_current_provider_name()} > "
+        self.prompt = f"\n{self.lab_manager.get_current_lab_name()} @ {self.lab_manager.get_current_provider_name()} > "
 
     def default(self, line):
         print()
 
     def do_help(self, arg):
-        print_menu()
+        print_menu(self.lab_manager)
 
     def do_exit(self, arg):
         print('bye')
         return True
 
     # main commands
     def do_status(self, arg):
-        self.lab_controller.get_current_provider().status()
+        self.lab_manager.get_current_provider().status()
 
     def do_check(self, arg):
-        self.lab_controller.get_current_provider().check()
+        self.lab_manager.get_current_provider().check()
 
     def do_install(self, arg):
-        self.lab_controller.get_current_provider().install()
+        self.lab_manager.get_current_provider().install()
 
     def do_start(self, arg):
-        self.lab_controller.get_current_provider().start()
+        self.lab_manager.get_current_provider().start()
 
     def do_stop(self, arg):
-        self.lab_controller.get_current_provider().stop()
+        self.lab_manager.get_current_provider().stop()
 
     def do_destroy(self, arg):
-        self.lab_controller.get_current_provider().destroy()
+        self.lab_manager.get_current_provider().destroy()
+
+    def do_provide(self, arg):
+        self.lab_manager.get_current_provider().install()
+
+    def do_provision(self, arg):
+        if arg == '':
+            Log.error('missing playbook argument')
+            Log.info('provision <playbook>')
+        else:
+            # run playbook
+            self.lab_manager.get_current_provisioner().run(arg)
 
-    def do_lab_info(self, arg):
-        pass
+    def do_provision_lab(self, arg):
+        self.lab_manager.get_current_provisioner().run()
+
+    def do_provision_lab_from(self, arg):
+        self.lab_manager.get_current_provisioner().run_from(arg)
+
+    def do_prepare_jumpbox(self, arg):
+        if self.lab_manager.get_current_provisioner().provisioner_name == 'ansible_remote':
+            self.lab_manager.get_current_provisioner().prepare_jumpbox()
+        else:
+            Log.error('no remote provisioning')
+
+    def do_show_config(self, arg):
+        show_current_config(self.lab_manager)
+
+    def do_ssh_jumpbox(self, arg):
+        if self.lab_manager.get_current_provider_name() == AZURE or self.lab_manager.get_current_provider_name() == AWS:
+            try:
+                jump_box = JumpBox(self.lab_manager.get_current_lab_name(), self.lab_manager.get_current_provider())
+                jump_box.ssh()
+            except JumpBoxInitFailed as e:
+                Log.error('Jumpbox retrieve connection info failed, abort')
+        else:
+            Log.error('No jump box for this provider')
 
     # configuration
     def do_set_lab(self, arg):
@@ -92,15 +110,13 @@ def do_set_lab(self, arg):
             Log.info('set_lab <lab>')
         else:
             try:
-                if self.lab_controller.set_lab(arg):
+                if self.lab_manager.set_lab(arg):
                     Log.success(f'Lab {arg} loaded')
-                    # lab has changed, so change the provider too
-                    self.do_set_provider(self.lab_controller.get_current_provider_name())
                     self.refresh_prompt()
             except ValueError as err:
                 Log.error(err.args[0])
                 Log.info('Available labs :')
-                for lab in self.lab_controller.labs:
+                for lab in self.lab_manager.labs:
                     Log.info(f' - {lab}')
 
     def do_set_provider(self, arg):
@@ -111,31 +127,40 @@ def do_set_provider(self, arg):
         """
         if arg == '':
             Log.error('missing provider argument')
-            Log.info('set_provider <provider>')
+            Log.info(f'set_provider <provider> (allowed values : {",".join(ALLOWED_PROVIDERS)})')
         else:
             try:
-                if self.lab_controller.set_provider(arg):
+                if self.lab_manager.set_provider(arg):
                     Log.success(f'Provider {arg} loaded')
                     self.refresh_prompt()
                 else:
-                    Log.error(f'provider {arg} does not exist on lab {self.lab_controller.get_current_lab_name()}')
+                    Log.error(f'provider {arg} does not exist on lab {self.lab_manager.get_current_lab_name()}')
                     Log.info('Available Providers :')
-                    for provider_name in self.lab_controller.get_lab_providers(self.lab_controller.get_current_lab_name()):
+                    for provider_name in self.lab_manager.get_lab_providers(self.lab_manager.get_current_lab_name()):
                         Log.info(f' - {provider_name}')
             except ValueError as err:
                 Log.error(err.args[0])
 
-    # def do_show_config(self, arg):
-    #     self.config.show_config()
+    def do_set_provisioning_method(self, arg):
+        if arg == '':
+            Log.error('missing provisioner argument')
+            Log.info(f'set_provisioner <provisioner> (allowed values : {",".join(ALLOWED_PROVISIONER)})')
+        else:
+            try:
+                if self.lab_manager.set_provisioner(arg):
+                    Log.success(f'Provisioner {arg} loaded')
+                    self.refresh_prompt()
+                else:
+                    Log.error(f'provisioner {arg} does not exist on lab {self.lab_manager.get_current_lab_name()}')
+                    Log.info(f'Available Provisioner : {",".join(ALLOWED_PROVISIONER)}')
+            except ValueError as err:
+                Log.error(err.args[0])
 
-    def do_show_table_providers(self, arg):
-        show_labs_providers(self.lab_controller.get_labs())
+    def do_show_providers_table(self, arg):
+        show_labs_providers_table(self.lab_manager.get_labs())
 
     def do_show_list_providers(self, arg):
-        for lab in self.lab_controller.get_labs():
-            Log.success(f'*** {lab.lab_name} ***')
-            for provider in lab.providers.keys():
-                Log.info(f' {provider}')
+        show_labs_providers_list(self.lab_manager.get_labs())
 
 
 def parse_args():
@@ -163,7 +188,7 @@ def show_help():
 
 
 if __name__ == '__main__':
-    Goad.print_logo()
+    print_logo()
     args = parse_args()
     goad = Goad(args)
 

goad/command/cmd.py

@@ -1,5 +1,8 @@
 class Command:
 
+    def run(self, cmd, args, path):
+        pass
+
     def check_vagrant(self):
         pass
 
@@ -11,3 +14,13 @@ def check_terraform(self):
 
     def run_terraform(self, args, path):
         pass
+
+    def run_terraform_output(self, args, path):
+        pass
+
+    def run_ansible(self, args, path):
+        pass
+
+    def get_azure_account_output(self):
+        pass
+

goad/command/linux.py

@@ -3,10 +3,29 @@
 from goad.command.cmd import Command
 import subprocess
 from goad.log import Log
+from goad.utils import *
 
 
 class LinuxCommand(Command):
 
+    def run_shell(self, command, path):
+        try:
+            Log.info('CWD: ' + get_relative_path(str(path)))
+            Log.cmd(command)
+            subprocess.run(command, cwd=path, shell=True)
+        except subprocess.CalledProcessError as e:
+            Log.error(f"An error occurred while running the command: {e}")
+
+    def run_command(self, command, path):
+        result = None
+        try:
+            Log.info('CWD: ' + get_relative_path(str(path)))
+            Log.cmd(command)
+            result = subprocess.run(command, cwd=path, stderr=sys.stderr, stdout=sys.stdout, shell=True)
+        except subprocess.CalledProcessError as e:
+            Log.error(f"An error occurred while running the command: {e}")
+        return result
+
     def check_vagrant(self):
         command = 'which vagrant >/dev/null'
         try:
@@ -22,7 +41,7 @@ def run_vagrant(self, args, path):
         try:
             command = ['vagrant']
             command += args
-            Log.info('CWD: ' + str(path))
+            Log.info('CWD: ' + get_relative_path(str(path)))
             Log.cmd(' '.join(command))
             result = subprocess.run(command, cwd=path, stderr=sys.stderr, stdout=sys.stdout)
         except subprocess.CalledProcessError as e:
@@ -44,15 +63,63 @@ def run_terraform(self, args, path):
         try:
             command = ['terraform']
             command += args
-            Log.info('CWD: ' + str(path))
+            Log.info('CWD: ' + get_relative_path(str(path)))
             Log.cmd(' '.join(command))
             result = subprocess.run(command, cwd=path, stderr=sys.stderr, stdout=sys.stdout)
         except subprocess.CalledProcessError as e:
             Log.error(f"An error occurred while running the command: {e}")
         return result
 
+    def run_terraform_output(self, args, path):
+        result = None
+        try:
+            command = ['terraform', 'output', '-raw']
+            command += args
+            Log.info('CWD: ' + get_relative_path(str(path)))
+            Log.cmd(' '.join(command))
+            result = subprocess.run(command, cwd=path,
+                                    stdout=subprocess.PIPE,
+                                    stderr=subprocess.PIPE,
+                                    text=True
+                                    )
+            if result.returncode != 0:
+                print(f"Error: {result.stderr}")
+                return None
+
+            return result.stdout
+        except subprocess.CalledProcessError as e:
+            Log.error(f"An error occurred while running the command: {e}")
+        return None
+
     def run_ansible(self, args, path):
-        pass
+        result = None
+        try:
+            command = 'ansible-playbook '
+            command += args
+            Log.info('CWD: ' + get_relative_path(str(path)))
+            Log.cmd(command)
+            result = subprocess.run(command, cwd=path, stderr=sys.stderr, stdout=sys.stdout, shell=True)
+        except subprocess.CalledProcessError as e:
+            Log.error(f"An error occurred while running the command: {e}")
+            return False
+        return result
+
+    def get_azure_account_output(self):
+        result = subprocess.run(
+            ["az", "account", "list", "--output", "json"],
+            stdout=subprocess.PIPE,
+            stderr=subprocess.PIPE,
+            text=True
+        )
+        if result.returncode != 0:
+            print(f"Error: {result.stderr}")
+            return None
+
+        return result.stdout
 
-    def run_bash_script(self, args, path):
-        pass
+    def rsync(self, source, destination, ssh_key):
+        # rsync = f'rsync -a --exclude-from='.gitignore' -e "ssh -o 'StrictHostKeyChecking no' -i $CURRENT_DIR/ad/$lab/providers/$provider/ssh_keys/ubuntu-jumpbox.pem" "$CURRENT_DIR/" goad@$public_ip:~/GOAD/'
+        Log.info(f'Launch Rsync {source} -> {destination}')
+        ssh_command = f"ssh -o 'StrictHostKeyChecking no' -i {ssh_key}"
+        command = f'rsync -a --exclude-from=".gitignore" -e "{ssh_command}" {source} {destination}'
+        self.run_shell(command, source)