Vagrantfile for Kali x64

Vagrantfile x64

# -*- mode: ruby -*-
# vi: set ft=ruby :

# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|

  unless Vagrant.has_plugin?("vagrant-disksize")
    puts 'Installing vagrant-disksize Plugin...'
    system('vagrant plugin install vagrant-disksize')
  end

  unless Vagrant.has_plugin?("vagrant-vbguest")
    puts 'Installing vagrant-vbguest Plugin...'
    system('vagrant plugin install vagrant-vbguest')
  end

  config.vagrant.plugins = ["vagrant-disksize"]
  # The most common configuration options are documented and commented below.
  # For a complete reference, please see the online documentation at
  # https://docs.vagrantup.com.

  # Every Vagrant development environment requires a box. You can search for
  # boxes at https://vagrantcloud.com/search.
  config.vm.box = "kalilinux/rolling"

  config.vm.hostname = "kali"

  # Disable automatic box update checking. If you disable this, then
  # boxes will only be checked for updates when the user runs
  # `vagrant box outdated`. This is not recommended.
  # config.vm.box_check_update = false

  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine. In the example below,
  # accessing "localhost:8080" will access port 80 on the guest machine.
  # NOTE: This will enable public access to the opened port
  # config.vm.network "forwarded_port", guest: 80, host: 8080

  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine and only allow access
  # via 127.0.0.1 to disable public access
  # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"

  # Create a private network, which allows host-only access to the machine
  # using a specific IP.
  # config.vm.network "private_network", ip: "192.168.33.10"

  # Create a public network, which generally matched to bridged network.
  # Bridged networks make the machine appear as another physical device on
  # your network.
  # config.vm.network "public_network"

  # Share an additional folder to the guest VM. The first argument is
  # the path on the host to the actual folder. The second argument is
  # the path on the guest to mount the folder. And the optional third
  # argument is a set of non-required options.
  # config.vm.synced_folder "../data", "/vagrant_data"

  config.disksize.size = '100GB'

  # Provider-specific configuration so you can fine-tune various
  # backing providers for Vagrant. These expose provider-specific options.
  # Example for VirtualBox:
  #
  config.vm.provider "virtualbox" do |vb|
     # Display the VirtualBox GUI when booting the machine
     vb.gui = false
  
     # Customize the amount of memory on the VM:
     vb.memory = "6144"
     vb.cpus = 2
     vb.name = "Kali-x64-Vagrant"
  end

  config.vm.provision "shell", inline: $script_packages
  config.vm.provision "shell", inline: $script_aliases
  config.vm.provision "shell", inline: $script_tools
  config.vm.provision "shell", inline: $script_swap

  # View the documentation for the provider you are using for more
  # information on available options.

  # Enable provisioning with a shell script. Additional provisioners such as
  # Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
  # documentation for more information about their specific syntax and use.
  # config.vm.provision "shell", inline: <<-SHELL
  # sudo DEBIAN_FRONTEND=noninteractive apt-get update   
  # SHELL
end

$script_packages = <<-SCRIPT
  touch ~/.hushlogin
  sed -i s/us/pt/ /etc/default/keyboard
  timedatectl set-timezone Europe/Lisbon
  dpkg --add-architecture i386
  DEBIAN_FRONTEND=noninteractive apt-get update
  DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" upgrade
  DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" dist-upgrade
  DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" full-upgrade
  DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" autoremove
  DEBIAN_FRONTEND=noninteractive apt-get -y clean
  DEBIAN_FRONTEND=noninteractive apt-get -y autoclean
  DEBIAN_FRONTEND=noninteractive apt-get -y install realtek-rtl88xxau-dkms hcxtools hcxdumptool bloodhound neo4j seclists eyewitness dirsearch sqlmap amass mingw-w64 python3-impacket impacket-scripts veil wine32 tmux libreoffice krb5-config krb5-user libgssrpc4 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 make build-essential libssl-dev zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev wget curl llvm libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev ntpdate golang libpcap-dev
  # 
  # DEBIAN_FRONTEND=noninteractive apt-get -y remove ntp
  # timedatectl set-ntp on
  # sed -i 's/# pt_PT.UTF-8 UTF-8/pt_PT.UTF-8 UTF-8/' /etc/locale.gen
  # locale-gen
  # sed -i s/en_US/pt_PT/ /etc/default/locale
  # loadkeys pt
  # localectl set-keymap pt
  # export LANGUAGE=en_US.UTF-8
  # export LANG=en_US.UTF-8
  # export LC_ALL=en_US.UTF-8
  # export TZ="Europe/Lisbon"
  #
  # tee > /dev/null /etc/apt/apt.conf.d/20auto-upgrades <<EOF
  # APT::Periodic::Update-Package-Lists "1";
  # APT::Periodic::Unattended-Upgrade "1";
  # APT::Periodic::Download-Upgradeable-Packages "1";
  # APT::Periodic::AutocleanInterval "7";
  # EOF
  # tee > /dev/null /etc/apt/apt.conf.d/50unattended-upgrades <<EOF
  # Unattended-Upgrade::Origins-Pattern {
  # "o=Kali,a=kali-rolling,n=kali-rolling,c=main";
  # "o=Kali,a=kali-rolling,n=kali-rolling,c=contrib";
  # "o=Kali,a=kali-rolling,n=kali-rolling,c=non-free";
  # };
  # Unattended-Upgrade::Package-Blacklist {
  # };
  # Unattended-Upgrade::AutoFixInterruptedDpkg "true";
  # Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
  # Unattended-Upgrade::Remove-New-Unused-Dependencies "true";
  # Unattended-Upgrade::Remove-Unused-Dependencies "true";
  # Unattended-Upgrade::Automatic-Reboot "true";
  # Unattended-Upgrade::Automatic-Reboot-WithUsers "true";
  # Unattended-Upgrade::Automatic-Reboot-Time "05:00";
  # EOF
SCRIPT

$script_aliases = <<-SCRIPT
  if [ -f "/root/.bash_aliases" ]; then
    echo "Bash aliases already created. exiting..."
  else
    touch /root/.bash_aliases
    echo "alias ll='ls -lvhAF --color=auto --file-type --group-directories-first'" >> ~/.bash_aliases
    echo "alias lr='ll -R'" >> ~/.bash_aliases
    echo "alias ld='ll -tr'" >> ~/.bash_aliases
    echo "alias lc='ll -tcr'" >> ~/.bash_aliases
    echo "alias msfconsole='msfconsole -q -r ~/.msf4/msfconsole.rc'" >> ~/.bash_aliases
    echo "setxkbmap -layout pt" >> ~/.bashrc
    cp ~/.bashrc /home/vagrant/.bashrc
    cp ~/.bash_aliases /home/vagrant/.bash_aliases
    cp ~/.hushlogin /home/vagrant/.hushlogin
    chown vagrant:vagrant /home/vagrant/.bash_aliases
    chown vagrant:vagrant /home/vagrant/.bashrc
    chown vagrant:vagrant /home/vagrant/.hushlogin
    chsh --shell /bin/bash vagrant
  fi
SCRIPT

$script_tools = <<-SCRIPT
  systemctl start postgresql
  systemctl enable postgresql
  msfdb init
  mkdir -p /root/.msf4/
  mkdir -p /home/vagrant/.msf4/
  mkdir -p /home/vagrant/.config/bloodhound/
  wget https://gist.githubusercontent.com/ricardojba/f3b1fd1540c6d7e6404d0b08a7365c7e/raw/adb50f0001e7dd7167d5541b7f3f8e609947812e/msfconsole.rc -O /root/.msf4/msfconsole.rc
  wget https://gist.githubusercontent.com/ricardojba/0b03665cd842537128496f4401356151/raw/23edeb83cfa073d5ed9d65bac14d5d08ac0abbfa/customqueries.json -O /home/vagrant/.config/bloodhound/customqueries.json
  wget https://gist.githubusercontent.com/ricardojba/b567a7ea0d283148aa0f60cd8232fdf4/raw/c0baeda9ec568af80862aaf450604f94268c8722/tmux.conf -O /home/vagrant/.tmux.conf
  wget https://gist.githubusercontent.com/ricardojba/d56a6840eb57d1d591b4fc1501f9e9cd/raw/8b999443aad4be856fbf4795a0f50bb76aa879b8/vimrc -O /home/vagrant/.vimrc
  cp /root/.msf4/msfconsole.rc /home/vagrant/.msf4/msfconsole.rc
  cp /home/vagrant/.vimrc /root/.vimrc
  chown -R vagrant:vagrant /home/vagrant/.msf4/
  chown -R vagrant:vagrant /home/vagrant/.config/
  chown -R vagrant:vagrant /home/vagrant/.tmux.conf
  chown -R vagrant:vagrant /home/vagrant/.vimrc
  sed -i s/#dbms.security.auth_enabled=false/dbms.security.auth_enabled=false/ /etc/neo4j/neo4j.conf
  echo "sudo msfdb run" >> /home/vagrant/.bash_history
  echo "(sudo neo4j console&) && sleep 4 && bloodhound" >> /home/vagrant/.bash_history
  echo "eyewitness --web --prepend-https --proxy-ip 192.168.1.22 --proxy-port 9073 --proxy-type socks4 --max-retries 3 --timeout 120 --threads 10 -f subdomains_urls.txt --no-prompt -d screenshots_subdomains" >> /home/vagrant/.bash_history
  echo "nmap --script-updatedb" >> /home/vagrant/.bash_history
  echo "nmap -sTVC --allports --version-all --version-intensity 9 -p- -v --open -Pn -n -T4 192.168.1.1" >> /home/vagrant/.bash_history
  echo "nmap -nsL -i subnet_ips.txt | awk '/Nmap scan report/{print $NF}' > subnet_ips_expanded.txt" >> /home/vagrant/.bash_history
  echo "sed -i '/\.0$/d' subnet_ips_expanded.txt" >> /home/vagrant/.bash_history
  echo "sed -i '/\.255$/d' subnet_ips_expanded.txt" >> /home/vagrant/.bash_history
  echo "sudo parallel -j 15 "nmap -sTCV --min-rate 1000 --allports --version-all --version-intensity 9 -p- -v --open {1} -oA {1}" :::: subnet_ips_expanded.txt" >> /home/vagrant/.bash_history
  echo "sudo parallel -j 15 "nmap -sUCV --min-rate 1000 --allports --version-all --version-intensity 9 --top-ports 10 -v --open {1} -oA {1}" :::: subnet_ips_expanded.txt" >> /home/vagrant/.bash_history
  echo "sudo parallel -j 15 "nmap -sSVC --min-rate 1000 --allports --version-all --version-intensity 9 -p {2} -v --open -Pn -n -T4 {1} -oA {1}" :::: tcp-scan-me-hosts.txt :::: tcp-scan-me-ports.txt" >> /home/vagrant/.bash_history
  echo "sudo rush -i subnet_ips_expanded.txt --verbose -j 15 "nmap -sTCV --min-rate 1000 --allports --version-all --version-intensity 9 -p- -v --open -Pn -n -T4 {1} -oA {1}"" >> /home/vagrant/.bash_history
  echo "dirsearch --random-agent -e java,php,txt,zip,tar,config,sh,mdb,pl,bak,old,bak1,sql,sql~,java~,html,tar.gz,tar.bz2,~,inc,php~,pub,key,asp,aspx,jsp,json,env,xml,rb,py,cfm,conf -r -F -b --http-method=GET -t 50 -w db/dicc.txt -u https://target" >> /home/vagrant/.bash_history
  echo "sudo apt update && sudo apt -y upgrade && sudo apt -y dist-upgrade && sudo apt -y full-upgrade && sudo apt -y autoremove && sudo apt -y clean && sudo apt -y autoclean" >> /home/vagrant/.bash_history
  echo "dpkg-reconfigure locales" >> /home/vagrant/.bash_history
  echo "dpkg-reconfigure keyboard-configuration" >> /home/vagrant/.bash_history
  chown vagrant:vagrant /home/vagrant/.bash_history
  go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
  go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
  go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
  go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest
  go install -v github.com/projectdiscovery/mapcidr/cmd/mapcidr@latest
  go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
  go install -v github.com/shenwei356/rush@latest
  go install -v github.com/owasp-amass/amass/v4/...@master
  go install -v github.com/xm1k3/cent@latest
SCRIPT

$script_swap = <<-SCRIPT
  echo "Creating 2GB swap space in /swapfile..."
  if [ -f "/swapfile" ]; then
      echo "Swap file already created. exiting..."
  else
    fallocate -l 2G /swapfile
    chown root:root /swapfile
    chmod 0600 /swapfile
    mkswap /swapfile
    swapon /swapfile
    cp /etc/fstab /etc/fstab.bak
    echo '/swapfile none swap sw 0 0' | tee -a /etc/fstab
  fi
SCRIPT