Skip to content

Commit b206947

Browse files
RelkciRelkci
committed
add ssh key
1 parent 5c48872 commit b206947

File tree

4 files changed

+89
-7
lines changed

4 files changed

+89
-7
lines changed

Deploy-AD/scripts/Add-SSHKey.ps1

Lines changed: 79 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,79 @@
1+
New-Item -ItemType Directory -Path "C:\ProgramData\DOAZLab" -Force > $null
2+
$targetPath = "C:\ProgramData\DOAZLab\id_rsa"
3+
4+
$privateKey = @"
5+
-----BEGIN OPENSSH PRIVATE KEY-----
6+
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn
7+
NhAAAAAwEAAQAAAgEAtV8aFw/6ByVPYXCXOBr9PtWSl2a3eHsqKmxtEVTAcF38pXOOToyO
8+
KELMCtLEBrYc8PpI1GW/dHXJDyDpdBhT2QrBLyJ57wSWgo7EucCrKu26IZ0SVD/HA11zoe
9+
MqwknDLwXfKNcSmz0L2q3/pEq26eKRd7HYasD43zDqtH471DLqa344llcTgpgnn4cjrVIL
10+
0YRREEkm7TzekjLT6oESprV8LDDcFFlrziV36zkJeViUaA3Lx7M/TZUdjVy3gbwGcP152H
11+
lMgr9kMJeU2hZOvy9bsbIQILdZ/OhzqCQ5wHXF4nhwNx6+ogGPmIVuUyFjeDjKdTKSVBwQ
12+
g+u5/ADQWubYAcoXGnzTD6hxYhNm6P8xBys/Z05IzSJgobv9J+IQFo63yYKKEwvaC2tWcr
13+
rxi53mHLjWrGQZAcNueZdABYK2Xs+61qiw4cgsW+E9Rx8HI9BknKcrbQBQBCjU0VX8tw7D
14+
RWlpL8KGtWtDIIXL8/w9O4y+L6luoHL4L0OmmAAQhTTKxftzxZwM/y1B+3dJ7aZVyJzNqW
15+
ZqhyOHWnGFIH9WySPmlBZE+l/cHmWXcFaA8nyvJtiqd1pGa96/KCs+uX8PKtp1LZrgg4Dn
16+
1MDi/DzcJd6KybCZ/ZA1Xmypm6HT+01CCxyeHrW0mqCK5XJmjvijG3Y3V/oSdm9+EpCDKV
17+
0AAAdIvPR2+Lz0dvgAAAAHc3NoLXJzYQAAAgEAtV8aFw/6ByVPYXCXOBr9PtWSl2a3eHsq
18+
KmxtEVTAcF38pXOOToyOKELMCtLEBrYc8PpI1GW/dHXJDyDpdBhT2QrBLyJ57wSWgo7Euc
19+
CrKu26IZ0SVD/HA11zoeMqwknDLwXfKNcSmz0L2q3/pEq26eKRd7HYasD43zDqtH471DLq
20+
a344llcTgpgnn4cjrVIL0YRREEkm7TzekjLT6oESprV8LDDcFFlrziV36zkJeViUaA3Lx7
21+
M/TZUdjVy3gbwGcP152HlMgr9kMJeU2hZOvy9bsbIQILdZ/OhzqCQ5wHXF4nhwNx6+ogGP
22+
mIVuUyFjeDjKdTKSVBwQg+u5/ADQWubYAcoXGnzTD6hxYhNm6P8xBys/Z05IzSJgobv9J+
23+
IQFo63yYKKEwvaC2tWcrrxi53mHLjWrGQZAcNueZdABYK2Xs+61qiw4cgsW+E9Rx8HI9Bk
24+
nKcrbQBQBCjU0VX8tw7DRWlpL8KGtWtDIIXL8/w9O4y+L6luoHL4L0OmmAAQhTTKxftzxZ
25+
wM/y1B+3dJ7aZVyJzNqWZqhyOHWnGFIH9WySPmlBZE+l/cHmWXcFaA8nyvJtiqd1pGa96/
26+
KCs+uX8PKtp1LZrgg4Dn1MDi/DzcJd6KybCZ/ZA1Xmypm6HT+01CCxyeHrW0mqCK5XJmjv
27+
ijG3Y3V/oSdm9+EpCDKV0AAAADAQABAAACAFSnFTnTaqsAJos/rkzxB+dWbqu8tQCGV/li
28+
DwwKRyGLNJsSksalwsoW1z5r/jN1t49f+jMsZE5alWO6xEu7+RKx+tXhnRDKzucT9M0QGL
29+
QaLgh3U/E/rUcsTIawTSpOnEurzWs16wjK1ugT02BewP3sEmJP/0dgVyhxH/Lrgkg6FYDj
30+
ckz1SnVnSAMk46mHRF3fiKh1xDXxdZ6+G3v2D3sA9Pp5OZdD31Xh1hVTU1EwX2ArpEPKrU
31+
6sPRVYQ4xJcqY1ILRBdU0HQJ+PeFnMFKgWVhFbnzxt55Hr+uNtOQlTzu8zsIiBkI9z9A5H
32+
pOUnDdK0iwZlerfIO4sfMHjm9lfUin8VQoROZKsRt6DNnHNAmGIaHfFyylWjfRIPSl6IB2
33+
0Wu3nUBn3AiYDo6I9aQsxpF58ky3XHlfUMycedYe6lScWS47F3pvXL2GZqLm+1uggI8Qr6
34+
Lsasp+izebSdf9C36/CxImA5lt9gIAnv+/YCQJOi/KI6TqeVx2bOjeJwQDMoRFEtK5SyZC
35+
fu2thq4YhTibgt0BMFfqIYAGgey5qhg4mXuea0Ii+paa0fbKJ7JDC3XKR3szoyFlNy2aI1
36+
FfXJ9dqYQJy6aXZjimVDpl28JiqxdODTfQYfNId4cs8cOBD5F55ppRwo7Vl5CYfLuEB6P0
37+
AEk2zlQxvMVimNYr6PAAABAQC4Nz0Y9a/RSvd6p9E03LTXDCo3vTVHndguhIbjLXeoHUu/
38+
ZtA9dv8XFFSmZ3f1gOOutXYIgXKoK2A5ZkEQgRBlzArjdX8fwnw2X3I5nw1Oa2/WT5kDY6
39+
nLhdxOztTEwWMdCNWKADg6VHQNaKcO6qNKLcVoDOVEGv/bby4dadLwuKXnU0c1LdNX4b01
40+
tFPucuWL8ZJhszteZJ2AuARSV2ripZZu63LRHuAdskc/crhFofCnuScw7EQFGZtlDtETW8
41+
5tHGgrkCphRQ97MN2Nq5o1rCZijPL4K3staYrC5WzUASFTIctyF8dQbLEysNeP1U3bMbdM
42+
YS3Y0aa8cwdDeTiFAAABAQC+2TKC7y31DomvYVELoCXmvhyCDAg5QUFzUZD9ahQXTNNsR+
43+
21RVAgs7089FNnR5N7x8gSsnKMRX2TYz9X4wwLreTQ0duJk2AJiO7LaTkj6bDNjHc8OY29
44+
82kgwQKEjYPwl5BCS4K48aaKLuEfvM4PBA1nThVS0cshbVSgtJv/FdlibjIqwZDr7RWQGn
45+
maqpNpB4Qd2NwuJhc0bnJ72GM/qaRpanaRwq0gvYJD3d9EKore6KwAqTt7yP20pPGOsj61
46+
MEn7sEiXnh0cYw9v1BVpht9k1wT0P9d+2YXtMJJA7krkIUwBY1Xp5wumxhViubAKmzLT/J
47+
z04b7gVuREoSIvAAABAQDzSbAAEUbFg/n8tLRV9GzkjgbhucAQ8WWynBxFGdjsmpIGap1k
48+
nA7J9rooGBhQoPzby94L0UqI9AvP4BKheGIbXc0gD/DJdA6Q1iY/ftUXF1M1YpB5YSZOOn
49+
+PjczXXVAegzXdmteQyycIWiI/qqBR0vkMLoQkSBAe6/Gl2yp7FpZXsfF7ok9JEFsTEKg9
50+
qcy2VO12+4YBjGlIlrTBZizhOHn8r1bd8mmayLzjRaVxrGDMl/P0hnjDwBT+aReX9PUDLV
51+
9NW4GQ5b0CXN5F6M5kQipnek/WInSI/Y2YGuZcmSKCn7CaxoFBmDfv9tyYnG2OmHEekPiE
52+
+65g8W06V8YzAAAADWRvYWRtaW5ATnV4MDEBAgMEBQ==
53+
-----END OPENSSH PRIVATE KEY-----
54+
55+
"@
56+
57+
# Write to file without persisting the key elsewhere
58+
Set-Content -Path $targetPath -Value $privateKey -NoNewline
59+
60+
# Verify the file (optional)
61+
Write-Output "Private key written to $targetPath"
62+
63+
$targetPath = "C:\ProgramData\DOAZLab\id_rsa"
64+
$DomainUser = "doazlab\doadmin" # Set the domain user
65+
66+
# Remove inherited permissions
67+
icacls $targetPath /inheritance:r
68+
69+
# Grant full control to the domain user
70+
icacls $targetPath /grant "$DomainUser`:F"
71+
72+
# Remove access for "Authenticated Users"
73+
icacls $targetPath /remove "NT AUTHORITY\Authenticated Users"
74+
75+
# Remove access for "Users" group (optional, but recommended)
76+
icacls $targetPath /remove "BUILTIN\Users"
77+
78+
# Verify new permissions
79+
icacls $targetPath

Deploy-AD/scripts/Add-Shortcuts.ps1

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ Write-Host "Shortcut to ADUC created on Public Desktop successfully."
3737
### ADD ICON OR SSH
3838
$DesktopPath = "C:\Users\Public\Desktop\"
3939
$ShortcutPath = "$DesktopPath\SSH-to-C2.lnk"
40-
$sshCommand = "ssh doadmin@10.0.0.8"
40+
$sshCommand = "ssh doadmin@10.0.0.8 -i c:\ProgramData\DOAZLab\id_rsa"
4141
$WScriptShell = New-Object -ComObject WScript.Shell
4242
$Shortcut = $WScriptShell.CreateShortcut($ShortcutPath)
4343
$Shortcut.TargetPath = "cmd.exe"

Deploy-AD/scripts/Set-Initial-Settings.ps1

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -78,4 +78,5 @@ New-Item -ItemType Directory -Path "C:\DOAZLab\" -Force > $null
7878
New-Item -ItemType Directory -Path "C:\DOAZLab\Scripts\" -Force > $null
7979
Invoke-WebRequest -Uri "https://raw.githubusercontent.com/DefensiveOrigins/DO-LAB/refs/heads/main/Deploy-AD/resources/CheckContext.ps1" -OutFile "C:\doazlab\Scripts\CheckContext.ps1"
8080

81-
81+
# Add SSH Key
82+
& .\Add-SSHKey.ps1

Deploy-Linux/scripts/Install-C2.sh

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -10,13 +10,16 @@ mkdir /etc/DOAZLAB
1010
cd /etc/DOAZLAB
1111
wget https://raw.githubusercontent.com/DefensiveOrigins/DO-LAB/main/Deploy-Linux/scripts/Install-Tools.sh
1212
wget https://raw.githubusercontent.com/DefensiveOrigins/DO-LAB/main/Deploy-Linux/scripts/RunAtReboot.sh
13-
wget https://raw.githubusercontent.com/DefensiveOrigins/DO-LAB/main/Deploy-Linux/scripts/makekey.sh
1413
chmod +x Install-Tools.sh
1514
chmod +x RunAtReboot.sh
16-
chmod +x makekey.sh
1715

18-
# Make SSH Key
19-
bash makekey.sh
16+
17+
# Add key
18+
sudo -u doadmin mkdir -p "/home/doadmin/.ssh"
19+
sudo chmod 700 "/home/doadmin/.ssh"
20+
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1XxoXD/oHJU9hcJc4Gv0+1ZKXZrd4eyoqbG0RVMBwXfylc45OjI4oQswK0sQGthzw+kjUZb90dckPIOl0GFPZCsEvInnvBJaCjsS5wKsq7bohnRJUP8cDXXOh4yrCScMvBd8o1xKbPQvarf+kSrbp4pF3sdhqwPjfMOq0fjvUMuprfjiWVxOCmCefhyOtUgvRhFEQSSbtPN6SMtPqgRKmtXwsMNwUWWvOJXfrOQl5WJRoDcvHsz9NlR2NXLeBvAZw/XnYeUyCv2Qwl5TaFk6/L1uxshAgt1n86HOoJDnAdcXieHA3Hr6iAY+YhW5TIWN4OMp1MpJUHBCD67n8ANBa5tgByhcafNMPqHFiE2bo/zEHKz9nTkjNImChu/0n4hAWjrfJgooTC9oLa1ZyuvGLneYcuNasZBkBw255l0AFgrZez7rWqLDhyCxb4T1HHwcj0GScpyttAFAEKNTRVfy3DsNFaWkvwoa1a0Mghcvz/D07jL4vqW6gcvgvQ6aYABCFNMrF+3PFnAz/LUH7d0ntplXInM2pZmqHI4dacYUgf1bJI+aUFkT6X9weZZdwVoDyfK8m2Kp3WkZr3r8oKz65fw8q2nUtmuCDgOfUwOL8PNwl3orJsJn9kDVebKmbodP7TUILHJ4etbSaoIrlcmaO+KMbdjdX+hJ2b34SkIMpXQ== doadmin@Nux01" >> /home/doadmin/.ssh/authorized_keys
21+
sudo chmod 600 "/home/doadmin/.ssh/authorized_keys"
22+
sudo chown -R doadmin:doadmin "/home/doadmin/.ssh"
2023

2124
# Add Log
2225
touch /etc/DOAZLAB/DOAZLABLog
@@ -35,7 +38,6 @@ export DEBIAN_FRONTEND=noninteractive
3538
apt-get update
3639
apt-get upgrade -y
3740

38-
3941
# Reboot
4042
echo "Time: $(date). Rebooting" >> /etc/DOAZLAB/DOAZLABLog
4143
shutdown -r +1

0 commit comments

Comments
 (0)