copy new packages

godsapple · Aug 6, 2019 · 979b8c0 · 979b8c0
1 parent 9674279
commit 979b8c0
Show file tree

Hide file tree

Showing 12 changed files with 163 additions and 47 deletions.
diff --git a/commandovm.win10.config.fireeye/commandovm.win10.config.fireeye.nuspec b/commandovm.win10.config.fireeye/commandovm.win10.config.fireeye.nuspec
@@ -2,9 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>commandovm.win10.config.fireeye</id>
-    <version>1.2.0.0</version>
+    <version>1.2.0.9</version>
     <title>CommandoVM</title>
     <authors>Jake Barteaux</authors>
-    <description>CommandoVM - Penetration Testing Distribution</description>
+    <description>CommandoVM - Penetration Testing Distribution</description>    
+    <dependencies>
+      <dependency id="autohotkey.portable" />
+    </dependencies>
   </metadata>
 </package>
diff --git a/commandovm.win10.config.fireeye/tools/EnableWinRM.ahk b/commandovm.win10.config.fireeye/tools/EnableWinRM.ahk
@@ -0,0 +1,59 @@
+#NoEnv  ; Recommended for performance and compatibility with future AutoHotkey releases.
+#Warn  ; Enable warnings to assist with detecting common errors.
+#WinActivateForce
+
+
+SendMode Input  ; Recommended for new scripts due to its superior speed and reliability.
+SetWorkingDir %A_ScriptDir%  ; Ensures a consistent starting directory.
+SetKeyDelay, 50
+
+psScript =
+(
+    winrm quickconfig -q
+    Enable-PSRemoting -SkipNetworkProfileCheck -Force
+	Set-Service -Name WinRM -StartupType Automatic
+	Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP" -RemoteAddress Any
+    Set-Item wsman:localhost\client\trustedhosts -Value "*" -Force
+    Enable-WSManCredSSP -Role "Client" -DelegateComputer "*" -Force
+)
+
+RunWait PowerShell.exe -Command &{%psScript%}
+
+title = Local Group Policy Editor
+Run, C:\Windows\System32\gpedit.msc
+WinWait, %title%, , 5000
+IfWinExist %title%
+{
+	WinActivate %title%
+	WinMaximize, %title%
+	Sleep, 500
+	BlockInput On
+	SendInput, {down}{down}{down}{down}{right}					; Expand "Administrative Template"	
+	Sleep, 500
+	SendInput, {down}{down}{down}{down}{down}{down}{right}		; Expand "System"
+	Sleep, 500
+	SendInput, c												; Delegate credentials
+	Sleep, 500
+	SendInput, {tab}											; Switch Pane
+	Sleep, 500
+	SendInput, {down}{down}{down}{down}							; Delegate fresh creds with NTML-Only server Auth
+	Sleep, 500
+	SendInput, {enter}
+	Sleep, 500
+	SendInput, !E
+	Sleep, 500
+	SendInput, {tab}{tab}{tab}									; Show
+	Sleep, 500
+	SendInput, {enter}
+	Sleep, 500
+	SendInput, {tab}{tab}
+	Sleep, 500
+	SendInput, WSMAN/*
+	Sleep, 500
+	SendInput, !O       										; OK
+	Sleep, 500
+	SendInput, {tab}{enter}										; Done
+	SendInput, !fx												; Quit
+	BlockInput Off
+}
+Exit
diff --git a/commandovm.win10.config.fireeye/tools/UNCPathSoftening.ahk b/commandovm.win10.config.fireeye/tools/UNCPathSoftening.ahk
@@ -0,0 +1,58 @@
+#NoEnv  ; Recommended for performance and compatibility with future AutoHotkey releases.
+#Warn   ; Enable warnings to assist with detecting common errors.
+#WinActivateForce
+
+SendMode Input
+SetWorkingDir %A_ScriptDir%
+SetKeyDelay, 50
+
+; Handle installation
+title = Local Group Policy Editor
+Run, C:\Windows\system32\gpedit.msc
+WinWait, %title%,,5000
+IfWinExist %title%
+{
+  WinActivate, %title%  
+  WinMaximize, %title%
+
+  Sleep, 500
+  BlockInput On
+
+  Sleep, 500
+  SendInput, {down}{down}{down}{down}{right}        ; Administrative Template
+
+  Sleep, 500
+  SendInput, {down}{down}{right}                    ; Network
+
+  Sleep, 500
+  SendInput, N{down}{down}{down}{right}             ; Network Provider
+
+  Sleep, 500
+  SendInput, {tab}
+
+  Sleep, 500
+  SendInput, {Enter}
+
+  Sleep, 500
+  SendInput, !E
+
+  Sleep, 500
+  SendInput, {tab}{tab}{tab}{enter}
+
+  Sleep, 500
+  SendInput, {tab}{tab}
+
+  SendInput, \\*
+  SendInput, {tab}
+  SendInput, RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0
+
+  Sleep, 500
+  SendInput, !O
+  SendInput, {tab}{tab}{Enter}
+
+  Sleep, 500
+  WinClose
+  BlockInput Off
+}
+
+Exit,
diff --git a/commandovm.win10.config.fireeye/tools/chocolateyinstall.ps1 b/commandovm.win10.config.fireeye/tools/chocolateyinstall.ps1
@@ -1,4 +1,4 @@
-$ErrorActionPreference = 'Continue'
+$ErrorActionPreference = 'Stop'
 
 $packageName = 'commandovm.win10.config.fireeye'
 $toolsDir    = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
@@ -199,6 +199,16 @@ if ($env_path -ne $old_path) {
 Get-ChildItem -Path (Join-Path ${Env:UserProfile} "Desktop") -Hidden -Filter "desktop.ini" -Force | foreach {$_.Delete()}
 Get-ChildItem -Path (Join-Path ${Env:Public} "Desktop") -Hidden -Filter "desktop.ini" -Force | foreach {$_.Delete()}
 
+# Use AutoHotKey to modify various settings
+$scripts = @(
+  "UNCPathSoftening.ahk",           # "Softening" MS UNC Path Hardning stuffs....
+  "EnableWinRM.ahk"                 # Enable WinRM
+)
+ForEach ($name in $scripts) {
+  $script = Join-Path $toolsDir $name
+  Write-Host "[+] Executing $script" -ForegroundColor Green
+  AutoHotKey $script
+}
 
 # Should be PS >5.1 now, enable transcription and script block logging
 # More info: https://www.fireeye.com/blog/threat-research/2016/02/greater_visibilityt.html

diff --git a/commandovm.win10.installer.fireeye/commandovm.win10.installer.fireeye.nuspec b/commandovm.win10.installer.fireeye/commandovm.win10.installer.fireeye.nuspec
@@ -2,9 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>commandovm.win10.installer.fireeye</id>
-    <version>1.2.0.0</version>
+    <version>2.0</version>
     <title>CommandoVM</title>
     <authors>Jake Barteaux</authors>
     <description>CommandoVM - Penetration Testing Distribution</description>
+    <dependencies>
+      <dependency id="common.fireeye" />
+    </dependencies>    
   </metadata>
 </package>
diff --git a/commandovm.win10.installer.fireeye/tools/chocolateyinstall.ps1 b/commandovm.win10.installer.fireeye/tools/chocolateyinstall.ps1
@@ -8,7 +8,6 @@ $toolsDir         = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
 $fireeyeFeed      = "https://www.myget.org/F/fireeye/api/v2"
 $cache            =  "$env:userprofile\AppData\Local\ChocoCache"
 $globalCinstArgs  = "--cacheLocation $cache -y"
-$toolList         = Join-Path ${Env:ProgramData} "Microsoft\Windows\Start Menu\Programs\Tool List"
 $pkgPath          = Join-Path $toolsDir "packages.json"
 
 
@@ -56,7 +55,7 @@ function InstallOnePackage {
     $args = $pkgargs,$globalCinstArgs -Join " "
   }
 
-  if ($args -like "*-source*" -Or $args -like "*--package-parameters*" -Or $args -like "*--parameters*") {
+  if ($args) {
     Write-Warning "[!] Installing using host choco.exe! Errors are ignored. Please check to confirm $name is installed properly"
     Write-Warning "[!] Executing: iex choco upgrade $name $args"
     $rc = iex "choco upgrade $name $args"
@@ -90,24 +89,15 @@ function InitialSetup {
   # Create the cache directory
   New-Item -Path $cache -ItemType directory -Force
 
-  # Create tool list desktop shortcut
-  if (-Not (Test-Path -Path $toolList) ) {
-    New-Item -Path $toolList -ItemType directory
+  # Update old env var if it points to a directory vs a file (.lnk)
+  $toolListDirShortcut = [Environment]::GetEnvironmentVariable("TOOL_LIST_SHORTCUT", 2)
+  if (-Not ($toolListDirShortcut -eq $null) -And ((Get-Item $toolListDirShortcut) -is [System.IO.Directory])) {
+    try {
+      $toolListDirShortcut = Join-Path ${Env:UserProfile} "Desktop\Tools.lnk"
+      [Environment]::SetEnvironmentVariable("TOOL_LIST_SHORTCUT", $toolListDirShortcut, 2)
+    } catch {}
   }
 
-  # Create C:\Tools directory
-  if (-Not (Test-Path -Path "${Env:HomeDrive}\Tools")) {
-    New-Item -Path "${Env:HomeDrive}\Tools" -ItemType directory
-  }
-
-  $desktopShortcut = Join-Path ${Env:UserProfile} "Desktop\Tools.lnk"
-  Install-ChocolateyShortcut -shortcutFilePath $desktopShortcut -targetPath $toolList
-
-  # Set common paths in environment variables
-  Install-ChocolateyEnvironmentVariable -VariableName "FLARE_START" -VariableValue $toolList -VariableType 'Machine'
-  Install-ChocolateyEnvironmentVariable -VariableName "TOOL_LIST_SHORTCUT" -VariableValue $toolList -VariableType 'Machine'
-  refreshenv
-
   # BoxStarter setup
   Set-BoxstarterConfig -NugetSources "$fireeyeFeed;https://chocolatey.org/api/v2"
 

diff --git a/commandovm.win10.installer.fireeye/tools/chocolateyuninstall.ps1 b/commandovm.win10.installer.fireeye/tools/chocolateyuninstall.ps1
@@ -94,8 +94,7 @@ function PostUninstall
         # Ignore exception, in case the directory does not exist.
     }
 
-    $desktopShortcut = Join-Path ${Env:USERPROFILE} "Desktop\Tools.lnk"
-    Remove-Item $desktopShortcut
+    Remove-Item ${Env:TOOL_LIST_SHORTCUT}
 }
 
 

diff --git a/commandovm.win10.installer.fireeye/tools/packages.json b/commandovm.win10.installer.fireeye/tools/packages.json
@@ -43,7 +43,6 @@
         {"name": "vlc.fireeye"},
         {"name": "yed.fireeye"},
         {"name": "hashcat.fireeye"},
-        {"name": "winrar"},
         {"name": "7zip"},
         {"name": "Greenshot.fireeye"},
         {"name": "winscp.fireeye"},
@@ -82,13 +81,15 @@
             "x64Only": true
         },
         {"name": "burp.free.fireeye"},
+        {"name": "kali.fireeye", "args": "--timeout 7200"},
         {"name": "kali_windowsbinaries.fireeye"},
         {"name": "unxUtils"},
 
         {"name": "ADACLScanner.fireeye"},
         {"name": "ADAPE-Script.fireeye"},
         {"name": "ADOffline.fireeye"},
         {"name": "ADRecon.fireeye"},
+        {"name": "amass.docker.fireeye"},
         {"name": "ASREPRoast.fireeye"},
         {"name": "BloodHound.fireeye"},
         {"name": "CheckPlease.fireeye"},
@@ -98,6 +99,7 @@
         {"name": "CrackMapExec.fireeye"},
         {"name": "CrackMapExecWin.fireeye"},
         {"name": "demiguise.fireeye"},
+        {"name": "docker.fireeye"},
         {"name": "DotNetToJScript.fireeye"},
         {"name": "DomainPasswordSpray.fireeye"},
         {"name": "DSInternals.fireeye"},
@@ -172,6 +174,7 @@
         {"name": "SharpUp.fireeye"},
         {"name": "SharpView.fireeye"},
         {"name": "SharpWMI.fireeye"},
+        {"name": "spiderfoot.docker.fireeye"},
         {"name": "SpoolerScanner.fireeye"},
         {"name": "StarFighters.fireeye"},
         {"name": "SpoolSample.fireeye"},
@@ -200,7 +203,7 @@
         {"name": "PwndPasswordsNTLM.fireeye"},
         {"name": "RottenPotatoNG.fireeye"},
         {"name": "SharpClipHistory.fireeye"},
-        {"name": "SharpSloit.fireeye"},
+        {"name": "SharpSploit.fireeye"},
         {"name": "openvpn.fireeye", "args":"--parameters \'/SELECT_SHORTCUTS=0 /SELECT_LAUNCH=0\'"}
     ]
 }
diff --git a/commandovm.win7.installer.fireeye/commandovm.win7.installer.fireeye.nuspec b/commandovm.win7.installer.fireeye/commandovm.win7.installer.fireeye.nuspec
@@ -2,9 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>commandovm.win7.installer.fireeye</id>
-    <version>1.2.0.0</version>
+    <version>1.3.0.3</version>
     <title>CommandoVM</title>
     <authors>Jake Barteaux</authors>
     <description>CommandoVM - Penetration Testing Distribution</description>
+    <dependencies>
+      <dependency id="common.fireeye" />
+    </dependencies>    
   </metadata>
 </package>
diff --git a/commandovm.win7.installer.fireeye/tools/chocolateyinstall.ps1 b/commandovm.win7.installer.fireeye/tools/chocolateyinstall.ps1
@@ -8,7 +8,6 @@ $toolsDir         = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
 $fireeyeFeed      = "https://www.myget.org/F/fireeye/api/v2"
 $cache            =  "$env:userprofile\AppData\Local\ChocoCache"
 $globalCinstArgs  = "--cacheLocation $cache -y"
-$toolList         = Join-Path ${Env:ProgramData} "Microsoft\Windows\Start Menu\Programs\Tool List"
 $pkgPath          = Join-Path $toolsDir "packages.json"
 
 
@@ -90,24 +89,15 @@ function InitialSetup {
   # Create the cache directory
   New-Item -Path $cache -ItemType directory -Force
 
-  # Create tool list desktop shortcut
-  if (-Not (Test-Path -Path $toolList) ) {
-    New-Item -Path $toolList -ItemType directory
+  # Update old env var if it points to a directory vs a file (.lnk)
+  $toolListDirShortcut = [Environment]::GetEnvironmentVariable("TOOL_LIST_SHORTCUT", 2)
+  if (-Not ($toolListDirShortcut -eq $null) -And ((Get-Item $toolListDirShortcut) -is [System.IO.Directory])) {
+    try {
+      $toolListDirShortcut = Join-Path ${Env:UserProfile} "Desktop\Tools.lnk"
+      [Environment]::SetEnvironmentVariable("TOOL_LIST_SHORTCUT", $toolListDirShortcut, 2)
+    } catch {}
   }
 
-  # Create C:\Tools directory
-  if (-Not (Test-Path -Path "${Env:HomeDrive}\Tools")) {
-    New-Item -Path "${Env:HomeDrive}\Tools" -ItemType directory
-  }
-
-  $desktopShortcut = Join-Path ${Env:UserProfile} "Desktop\Tools.lnk"
-  Install-ChocolateyShortcut -shortcutFilePath $desktopShortcut -targetPath $toolList
-
-  # Set common paths in environment variables  
-  Install-ChocolateyEnvironmentVariable -VariableName "FLARE_START" -VariableValue $toolList -VariableType 'Machine'
-  Install-ChocolateyEnvironmentVariable -VariableName "TOOL_LIST_SHORTCUT" -VariableValue $toolList -VariableType 'Machine'
-  refreshenv
-
   # BoxStarter setup
   Set-BoxstarterConfig -NugetSources "$fireeyeFeed;https://chocolatey.org/api/v2"
 

diff --git a/commandovm.win7.installer.fireeye/tools/chocolateyuninstall.ps1 b/commandovm.win7.installer.fireeye/tools/chocolateyuninstall.ps1
@@ -94,8 +94,7 @@ function PostUninstall
         # Ignore exception, in case the directory does not exist.
     }
 
-    $desktopShortcut = Join-Path ${Env:USERPROFILE} "Desktop\FLARE.lnk"
-    Remove-Item $desktopShortcut
+    Remove-Item ${Env:TOOL_LIST_SHORTCUT}
 }
 
 

diff --git a/commandovm.win7.installer.fireeye/tools/packages.json b/commandovm.win7.installer.fireeye/tools/packages.json
@@ -43,7 +43,6 @@
         {"name": "vlc.fireeye"},
         {"name": "yed.fireeye"},
         {"name": "hashcat.fireeye"},
-        {"name": "winrar"},
         {"name": "7zip"},
         {"name": "Greenshot.fireeye"},
         {"name": "winscp.fireeye"},