attack_range
attack_range copied to clipboard
splunk
attack_range 3 local error
(attack-range-platform-x8LYIQ3F-py3.10) jhernandez in ~/splunk/attack_range on attack_range_3 ● λ python attack_range.py configure
? File attack_range.yml already exist, are you sure you want to continue?
THIS WILL OVERWRITE YOUR CURRENT CONFIG! Yes
> continuing with attack_range configuration...
________________
|'-.--._ _________:
| / | __ __\\
| | _ | [\_\= [\_\
| |.' '. \.........|
| ( <) ||: :|_
\ '._.' | :.....: |_(o
'-\_ \ .------./
_ \ ||.---.|| _
/ \ '-._|/\n~~\n' | \\
(| []=.--[===[()]===[) |
<\_/ \_______/ _.' /_/
/// (_/_/
|\\ [\\
||:| | I|
|::| | I|
||:| | I|
||:| : \:
|\:| \I|
:/\: ([])
([]) [|
|| |\_
_/_\_ [ -'-.__
snd <] \> \_____.>
\__/
starting configuration for AT-ST mech walker
? select cloud provider local
? enter a master password for your attack_range XXXX
> configuring attack_range settings
> configuring attack_range environment
? shall we build a windows server Yes
? which version should it be 2022
? should the windows server be a domain controller Yes
? shall we build another windows server No
? shall we build a linux server Yes
? shall we include Splunk SOAR No
> configuration file was written to: /home/jhernandez/splunk/attack_range/attack_range.yml, run `python attack_range.py build` to create a new attack_range
you can also edit this file to configure advance parameters
> setup has finished successfully ... exiting
(attack-range-platform-x8LYIQ3F-py3.10) jhernandez in ~/splunk/attack_range on attack_range_3 ● λ python attack_range.py build
starting program loaded for B1 battle droid
||/__'`.
|//()'-.:
|-.||
|o(o)
|||\\ .==._
|||(o)==::'
`|T ""
()
|\
||\
()()
||//
|//
.'=`=.
2022-09-13 14:59:46,136 - INFO - attack_range - [action] > build
<internal:/usr/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_require.rb>:85:in `require': cannot load such file -- winrm (LoadError)
from <internal:/usr/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_require.rb>:85:in `require'
from /usr/share/rubygems-integration/all/gems/vagrant-2.2.19/plugins/communicators/winrm/shell.rb:9:in `block in <top (required)>'
from /usr/share/rubygems-integration/all/gems/vagrant-2.2.19/lib/vagrant/util/silence_warnings.rb:8:in `silence!'
from /usr/share/rubygems-integration/all/gems/vagrant-2.2.19/plugins/communicators/winrm/shell.rb:8:in `<top (required)>'
from /usr/share/rubygems-integration/all/gems/vagrant-2.2.19/plugins/communicators/winrm/communicator.rb:6:in `require_relative'
from /usr/share/rubygems-integration/all/gems/vagrant-2.2.19/plugins/communicators/winrm/communicator.rb:6:in `<top (required)>'
from <internal:/usr/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_require.rb>:85:in `require'
from <internal:/usr/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_require.rb>:85:in `require'
fails on latest Ubuntu due to missing
$ vagrant plugin install winrm
$ vagrant plugin install winrm-fs
$ vagrant plugin install winrm-elevated
even after vagrant is installed on attack_range_3
or maybe an install script for each OS similar to before? I think we need to install the latest packer from hashicorp as well, the one that comes from apt-get repos is too old.
Hi, @d1vious - asking my question in this issue as it might be related. Is a local install for Splunk Attack range possible or will it be possible in the future?
The older repo: https://github.com/splunk/attack_range_local is quite outdated and it would be nice to be able to run it locally as the costs for running it continuously on AWS/Azure etc could ramp up the costs quite quickly.
Kind regards,
Pusherman
Hey we just did: https://github.com/splunk/attack_range/releases/tag/v3.0.0 Also not getting this anymore :smile: