High Tide IADS VM

[marissaeinhorn]

Prerequisites

All testing was done on an Ubuntu 20.04 OS with >= 32GB disk Docker (version tested)

Client:
 Version:           20.10.12
 API version:       1.41
 Go version:        go1.16.2
 Git commit:        20.10.12-0ubuntu2~20.04.1
 Built:             Wed Apr  6 02:14:38 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server:
 Engine:
  Version:          20.10.12
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.2
  Git commit:       20.10.12-0ubuntu2~20.04.1
  Built:            Thu Feb 10 15:03:35 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.5.9-0ubuntu1~20.04.1
  GitCommit:        
 runc:
  Version:          1.1.0-0ubuntu1~20.04.1
  GitCommit:        
 docker-init:
  Version:          0.19.0
  GitCommit: 

Docker-compose (version tested)

docker-compose version 1.25.0, build unknown
docker-py version: 4.1.0
CPython version: 3.8.10
OpenSSL version: OpenSSL 1.1.1f  31 Mar 2020

Installation user has sudoless docker commands enabled Host has nginx installed or if not, has the ability to run sudo apt install nginx. This command will run as part of the host configuration script.

[marissaeinhorn]

All provided materials should be copied to the home directory of the host VM prior to attempting installation

• ht-docker-images.tar.gz - A tar archive of all the needed Docker images. This Also includes the binary application scenarioControl
• scenarioControl - An application that enables the web controller interface for High Tide
• High Tide project - Found at https://git.mgmt/blue-edge/high-tide/core.git. The configuration files and scripts needed to install and run High Tide
• High Tide Installation project - Found at https://git.mgmt/blue-edge/high-tide/core.git. Some extra configuration files and helpful scripts to improve the installation process for High Tide

Files are located on Ducknet I:\Development\VATER\HighTide

[marissaeinhorn]

Installation Method 2 (host is in standalone network)

1. Move the High Tide and Installation directories to the host's home directory
   • mv high-tide ~/high-tide && mv installation ~/installation
2. Extract the Docker images from ht-docker-images.tar.gz
   • tar xzf ht-docker-images.tar.gz
3. Copy the load-images.sh script into the images directory
   • cp ~/installation/load-images.sh ~/images
4. Install the Docker images and scenarioControl application
   • cd ~/images && ./load-images.sh
5. Copy the secrets.env file from the installation project to the High Tide project
   • The secrets.env file is a set of default environment variables that are used by Docker containers during High Tide operation.
   • cp ~/installation/secrets.env ~/high-tide/
6. Make any desired edits to the ~/high-tide/secrets.env file
   • The default file is split into three sections. The top section should not be edited. The middle section is the password database containers will use and all three environment variables must be the same string. The final section are the two editable passwords for the Delphi map.
     • MALAZAN_PASS - The password the teams will use
     • VALINAR_PASS - the password the instructors will use
7. Set configuration options in the ~/high-tide/proj/src/configure-host.sh script
   • Only the variables at the top of the script should be edited
   • Variable Definitions
     • MANAGEMENT_INTERFACE - The host's network interface that is connected to the management network
     • Exercise_INTERFACE - The host's network interface that is connected to the exercise network
     • REDSTAR_IP - The public webpage IP address for this team's REDSTAR enclave
     • GIT_IP - The internal REDSTAR Gitlab IP address that hosts the monitor_updates.py script
     • HOMEDIR - The absolute path of the directory that contains the high-tide directory (generally the expansion of the ~ directory)
     • CALLBACK_IP - The first three octets of the IPv4 subnet that the implant will call out to. This is used on the management web interface to determine if a callback has been successfully created
8. From the ~/high-tide/proj/src directory, run the configure-host.sh script
   • cd ~/high-tide/proj/src && ./configure-host.sh

The configure-host.sh script will prep the host system to run High Tide. It will generate required files and attempt to install nginx on the host. Once configuration is complete, the host will run a web server that can be used to control High Tide operation.

[marissaeinhorn]

Cross-posted from the wiki

Ubuntu build hangs while waiting on SSH This is a known issue with the High Tide IADS build. You'll have to manually open the VM packer is building in VSphere and wait for the autoinstall to finish. Once you can interact with the CLI, add the IP packer is trying to connect to. Ubuntu pulls a new IP when it restarts during the initial setup process, which makes it undiscoverable by Packer.

The management IP will need to be changed to the Labnet subnet. To do so, update the IP on interface ens192 to the desired IP. Next, run the update-conf.sh script located in /home/control/. This script will update all existing configuration files with the currently set management IP and restart the affected services.

The exercise IP on interface ens224 shouldn't need to be changed, but if it does the update will have to be performed manually. Instructions on how to do this are provided in the update-conf.sh script.