search

ezra-buckingham / terry-the-terraformer

A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
https://github.com/ezra-buckingham/terry-the-terraformer/wiki
MIT License
110 stars 15 forks source link

Update .htaccess file so that it redirects correctly #45

Closed 5stars217 closed 1 year ago

5stars217 commented 1 year ago

the container_mappings_example.yml maps 443 to 1443, but the redirector redirects to 443, on the wrong side of the container mapping. When the .htacces file is updated to redirect to $domain:1443, the redirector and teamserver can communicate and receive beaconing responses.

The teamserver's firewall rules also reflect this:

1443/tcp                   ALLOW       $defined_ip               # Allow 1443/1443 terry

.htaccess file after change:

image image

Note: accessing the cobalt strike teamserver is similar, the container_mappings.yml defines 1111:50050, so you need to edit the default client connection from 50050 to 1111 to connect. I assume this was intentional.

ezra-buckingham commented 1 year ago

So this is intentional because it is not always going to be going to 1443. This is one of the parts of Terry that will need manual intervention after the fact to make sure you have the proper port being redirected as you may need it to redirect to a totally non-standard port

5stars217 commented 1 year ago

Can do. I'll look to make the documentation clearer instead. Thanks!