Vendor
Offsec/Kali Linux

Describe the issue/link to bug reported to vendor
Install error when installing one of these options:

Additional context
There is apparently something that happens when trying to install the options above that causes the installation to fail, I have not done the install manually yet to see if I run into the same error but I would image I will. The following are images and videos to help understand what exactly is wrong. This was discovered during my automated installation this weekend:

• kali linux bug tracker link:

  • original issue: https://bugs.kali.org/view.php?id=6839
    • wayback machine link
  • followup issue: https://bugs.kali.org/view.php?id=6843
    • wayback machine link

• CircleCI pipeline fails:

  • https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/314/workflows/d4e17546-e32b-402e-88aa-bf23f5a8fdbe
  • https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/314/workflows/8d316f58-a070-450b-aa16-251d50a318c1
  • https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/314/workflows/13b2ee2f-398b-4e77-a99d-8413459f6586
  • https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/314/workflows/24551c28-0594-4ed5-8235-1c7cdd700875

• Video of issue
  

• red picture
  

• error message
  

• url for download: https://cdimage.kali.org/current/kali-linux-2020.3-installer-netinst-amd64.iso?checksum=sha256%3A950e2ff20392f410778f9d44b4f5c27f6a8e59c00a6eeb2c650b3a15fafa5f13

• same options chosen, but through a manual install just to check:
  

For those that haven't seen this before
Just wanted to give you a little information as to what this is, if you are just viewing this for the first time.

I have created this issue because when you automate things there are sometimes you start noticing, or get affected by, things that other people screw up (because infrastructure is hard). That will then cause my automation to screw up, since I am relying on other peoples infrastructure to run this automation.

So below you will see links/pictures as to something that might be currently stopping this project from working, and as soon as it is closed (i.e. when I notice that is fixed by the individual) then the project should be fine and worked for me. At this point you should file a regular bug, if you are having issues, so I can help you debug why I am screwing up 😁

Vendor
Canonical

Describe the issue/link to bug reported to vendor
the snap version of docker appears to be having issues when it comes to searching for docker images. for some reason it isn't able to connect to the docker socket (from the text below).

Additional context

$ docker search elrey741
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

apparently iso_checksum_type is deprecated in packer version v1.6.4, according to this validate run for vmware-iso: https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/272/workflows/6ca0f9ce-2d9c-44c0-a20b-50a05b56fc03/jobs/1273

so, probably going to just remove it since the template doesn't appear to use it.

Deliverables

• make CI show as failed when ansible playbook truly fails to upload
• still run terraform destroy to ensure cost doesn't accrue when not necessary

Additional context
Currenly the ansible playbooks handle all errors and exit with a success, so need to force a fail, but I still want to proceed through the pipeline so the infra gets destroyed.

• Implement pushing all dev builds/everything besides master to a dev box in vagrant cloud. So that way when developing there are no increases to the box versioning that is stable.

most likely will involve adding environment variables in pipeline or some dynamic git checks for current branch.

shouldn't have to re-implement changes that the https://github.com/chef/bento/ makes when there are breakages. Since, I am already re-using their code just implement their project as a submodule, and pull all scripts they use from that submodule (unless it breaks things). Then generate a packer template based off of their already created templates.

similar to https://github.com/elreydetoda/samuraiwtf-base_box/blob/5.0-dev_packer/base/packer/scripts/util/template_alterations.py

• add submodule
• create python script to auto generate template
• use packerlicious for various needs inside of script

When going to provision servers in packet.com, you are only allowed two servers per project at a time. So when failing to provision the server it is most-likely because there are already two servers provisioned. When this happens giving a better debug message besides "Server failed provisioning" would probably be beneficial.

Vendor
HashiCorp

Describe the issue/link to bug reported to vendor
Vagrant is having an issue with installing from repositories.

Additional context
https://discuss.hashicorp.com/t/debian-packaging-for-vagrant/14550

feature
Enrich sms message

Currently there are simple text messages that get sent for the following:

• server gets deleted
• success
• fail

So expanding each of those messages depending on the circumstances to have more contextual information like below

• success
  • link to the successful build in CIrcleCI

fix these issues: https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/151/workflows/7470ff83-ee6e-4488-960d-5340f2e95d9b/jobs/211/parallel-runs/0/steps/0-108

Vendor
HashiCorp

Describe the issue/link to bug reported to vendor
Make terraform warnings more apparent, but not necessarily break the build.

Additional context
https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/332/workflows/3dea2e6a-29ec-48a6-9c0e-a819d3333e25/jobs/1996/parallel-runs/0/steps/0-105

Anyone else seeing this? After the script errored out and stopped, I re-ran vagrant up and I got a GUI login, but samurai:samurai did not work to login.

At this point, I ssh in with vagrant:vagrant, do a manual apt-get update, and try to add the packages with "sudo apt-get install linux-compiler-gcc-6-x86 linux-headers-4.9.0-9-amd64
linux-headers-4.9.0-9-common linux-kbuild-4.9" but get the same errors as the script.

PS D:\samuraiwtf> vagrant up
Bringing machine 'samuraiwtf' up with 'virtualbox' provider...
==> samuraiwtf: Importing base box 'bento/debian-9'...
==> samuraiwtf: Matching MAC address for NAT networking...
==> samuraiwtf: Checking if box 'bento/debian-9' version '201907.07.0' is up to date...
==> samuraiwtf: Setting the name of the VM: SamuraiWTF-4.2.0
==> samuraiwtf: Clearing any previously set network interfaces...
==> samuraiwtf: Preparing network interfaces based on configuration...
samuraiwtf: Adapter 1: nat
==> samuraiwtf: Forwarding ports...
samuraiwtf: 22 (guest) => 2222 (host) (adapter 1)
==> samuraiwtf: Running 'pre-boot' VM customizations...
==> samuraiwtf: Booting VM...
==> samuraiwtf: Waiting for machine to boot. This may take a few minutes...
samuraiwtf: SSH address: 127.0.0.1:2222
samuraiwtf: SSH username: vagrant
samuraiwtf: SSH auth method: private key
samuraiwtf:
samuraiwtf: Vagrant insecure key detected. Vagrant will automatically replace
samuraiwtf: this with a newly generated keypair for better security.
samuraiwtf:
samuraiwtf: Inserting generated public key within guest...
samuraiwtf: Removing insecure key from the guest if it's present...
samuraiwtf: Key inserted! Disconnecting and reconnecting using new SSH key...
==> samuraiwtf: Machine booted and ready!
[samuraiwtf] GuestAdditions versions on your host (6.0.12) and guest (6.0.8) do not match.
Reading package lists...
Building dependency tree...
Reading state information...
dkms is already the newest version (2.3-2).
The following additional packages will be installed:
linux-compiler-gcc-6-x86 linux-headers-4.9.0-9-common linux-kbuild-4.9
The following NEW packages will be installed:
linux-compiler-gcc-6-x86 linux-headers-4.9.0-9-amd64
linux-headers-4.9.0-9-common linux-kbuild-4.9
0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
Need to get 9,592 kB of archives.
After this operation, 52.1 MB of additional disk space will be used.
Err:1 http://security.debian.org/debian-security stretch/updates/main amd64 linux-compiler-gcc-6-x86 amd64 4.9.168-1+deb
9u3
404 Not Found [IP: 151.101.24.204 80]
Err:2 http://security.debian.org/debian-security stretch/updates/main amd64 linux-headers-4.9.0-9-common all 4.9.168-1+d
eb9u3
404 Not Found [IP: 151.101.24.204 80]
Err:3 http://security.debian.org/debian-security stretch/updates/main amd64 linux-kbuild-4.9 amd64 4.9.168-1+deb9u3
404 Not Found [IP: 151.101.24.204 80]
Err:4 http://security.debian.org/debian-security stretch/updates/main amd64 linux-headers-4.9.0-9-amd64 amd64 4.9.168-1+
deb9u3
404 Not Found [IP: 151.101.24.204 80]
E: Failed to fetch http://security.debian.org/debian-security/pool/updates/main/l/linux/linux-compiler-gcc-6-x86_4.9.168
-1+deb9u3_amd64.deb 404 Not Found [IP: 151.101.24.204 80]
E: Failed to fetch http://security.debian.org/debian-security/pool/updates/main/l/linux/linux-headers-4.9.0-9-common_4.9
.168-1+deb9u3_all.deb 404 Not Found [IP: 151.101.24.204 80]
E: Failed to fetch http://security.debian.org/debian-security/pool/updates/main/l/linux/linux-kbuild-4.9_4.9.168-1+deb9u
3_amd64.deb 404 Not Found [IP: 151.101.24.204 80]
E: Failed to fetch http://security.debian.org/debian-security/pool/updates/main/l/linux/linux-headers-4.9.0-9-amd64_4.9.
168-1+deb9u3_amd64.deb 404 Not Found [IP: 151.101.24.204 80]
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [94.3 kB]
Ign:2 http://cdn-fastly.deb.debian.org/debian stretch InRelease
Get:5 http://security.debian.org/debian-security stretch/updates/main Sources [189 kB]
Get:3 http://cdn-fastly.deb.debian.org/debian stretch-updates InRelease [91.0 kB]
Get:6 http://security.debian.org/debian-security stretch/updates/main amd64 Packages [499 kB]
Get:4 http://cdn-fastly.deb.debian.org/debian stretch Release [118 kB]
Get:7 http://security.debian.org/debian-security stretch/updates/main Translation-en [220 kB]
Get:8 http://cdn-fastly.deb.debian.org/debian stretch-updates/main Sources.diff/Index [11.6 kB]
Get:9 http://cdn-fastly.deb.debian.org/debian stretch-updates/main amd64 Packages.diff/Index [11.6 kB]
Get:10 http://cdn-fastly.deb.debian.org/debian stretch-updates/main Translation-en.diff/Index [6,148 B]
Get:11 http://cdn-fastly.deb.debian.org/debian stretch Release.gpg [2,365 B]
Get:12 http://cdn-fastly.deb.debian.org/debian stretch-updates/main Sources 2019-07-08-0821.07.pdiff [534 B]
Get:13 http://cdn-fastly.deb.debian.org/debian stretch-updates/main Sources 2019-08-14-2019.27.pdiff [554 B]
Get:14 http://cdn-fastly.deb.debian.org/debian stretch-updates/main Sources 2019-09-18-2012.01.pdiff [552 B]
Get:14 http://cdn-fastly.deb.debian.org/debian stretch-updates/main Sources 2019-09-18-2012.01.pdiff [552 B]
Get:15 http://cdn-fastly.deb.debian.org/debian stretch-updates/main amd64 Packages 2019-07-08-0821.07.pdiff [445 B]
Get:16 http://cdn-fastly.deb.debian.org/debian stretch-updates/main amd64 Packages 2019-08-14-2019.27.pdiff [339 B]
Get:17 http://cdn-fastly.deb.debian.org/debian stretch-updates/main amd64 Packages 2019-09-18-2012.01.pdiff [337 B]
Get:17 http://cdn-fastly.deb.debian.org/debian stretch-updates/main amd64 Packages 2019-09-18-2012.01.pdiff [337 B]
Get:18 http://cdn-fastly.deb.debian.org/debian stretch-updates/main Translation-en 2019-07-08-0821.07.pdiff [196 B]
Get:18 http://cdn-fastly.deb.debian.org/debian stretch-updates/main Translation-en 2019-07-08-0821.07.pdiff [196 B]
Get:19 http://cdn-fastly.deb.debian.org/debian stretch/main Sources [6,747 kB]
Get:20 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 Packages [7,086 kB]
Get:21 http://cdn-fastly.deb.debian.org/debian stretch/main Translation-en [5,385 kB]
Fetched 20.5 MB in 24s (826 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
E: Unable to locate package linux-headers-4.9.0-9-amd64
E: Couldn't find any package by glob 'linux-headers-4.9.0-9-amd64'
E: Couldn't find any package by regex 'linux-headers-4.9.0-9-amd64'
==> samuraiwtf: Checking for guest additions in VM...
The following SSH command responded with a non-zero exit status.
Vagrant assumes that this means the command failed!

apt-get install -y linux-headers-uname -r dkms

Stdout from the command:

Reading package lists...
Building dependency tree...
Reading state information...

Stderr from the command:

E: Unable to locate package linux-headers-4.9.0-9-amd64
E: Couldn't find any package by glob 'linux-headers-4.9.0-9-amd64'
E: Couldn't find any package by regex 'linux-headers-4.9.0-9-amd64'

Vendor
What vendor caused the screw up?

Packet/Equinix metal

Describe the issue/link to bug reported to vendor

• https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/340/workflows/06015ae0-62e2-4715-ba10-3db5190eab31/jobs/2104/parallel-runs/0/steps/0-105
• https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/343/workflows/3b3eaaa6-c0fa-4fdd-82c0-e22e236cff3e/jobs/2138
• https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/346/workflows/fa85bd46-2284-47a1-9f30-4e02f38b6a90/jobs/2172/parallel-runs/0/steps/0-105

Additional context
Add any other context or screenshots about the request here.

Apparently on new equinix metal accounts they have ( I am guessing ) retired a bunch of older instance sizes

Endpoint queried was: https://api.equinix.com/metal/v1/operating-systems
Docs here: https://metal.equinix.com/developers/api/operatingsystems/#retrieve-all-operating-systems

adding vmware provider back, because I had to remove it temporarily for the #38 revamp.

deliverables

• a location for holding long term copies of the generated files (listed below) from the CI build, which also isn't publicly accessible (might contain secrets).
  • variables.json - variables used in the build process
  • kali-template.json - template used by packer to build images
  • packer_build.log - debug information from packer

question
Currently I am using CircleCI artifacts to store the template that gets generated, but I just found out that apparently that goes away after 30 days. So, what should be a viable solution for cold storage (with the occasional access during debugging) to hold this, which isn't super expensive?

additional context
My mind initially goes to AWS s3, just because CircleCI has an orb to help with ease of use.

add linting to circle ci process

• shell scripts:
  • shellcheck -- High
  • shfmt -- Low
• terraform:
  • terraform validate -- High
  • terraform fmt -- Low
• markdown:
  • markdownlint -- High
• ansible
  • ansible-lint -- High
  • ansible-playbook --syntax-check -- Medium
  • yamllint -- Low
• packer
  • packer validate -- High
• python
  • pylint -- High
  • black -- Low

Need to update scripting practices to include a few things:

• bash's "main"
• Modified script "hardening"
• functionalize (turn things into function) for bash scripts as best as possible

scripts to be modified:

• prov_packer/vmware.sh ➡️ prov_packer/bento/packer_templates/_common/vmware.sh
• prov_packer/virtualbox.sh ➡️ prov_packer/bento/packer_templates/_common/virtualbox.sh
• prov_packer/vagrant.sh ➡️ prov_packer/bento/packer_templates/_common/vagrant.sh
• prov_packer/sudoers.sh ➡️ prov_packer/bento/packer_templates/_common/vmware.sh
• prov_packer/minimize.sh ➡️ prov_packer/bento/packer_templates/debian/scripts/sudoers.sh
• prov_packer/sshd.sh ➡️ prov_packer/bento/packer_templates/_common/sshd.sh
• prov_packer/update.sh
• prov_packer/docker.sh
• prov_packer/networking.sh
• prov_packer/customization.sh
• prov_vagrant/prov.sh
• scripts/terraform-helper.sh
• scripts/new-kali.sh
• scripts/circleci-shellcheck-command.sh
• build.sh_not-working
• ci/bootstrap.sh ➡️ ci/bootstrap.yml
• ci/packer_build.sh ➡️ ci/packer_build.yml

NOTE: the above ones that aren't check, but are crossed out are going to get removed when the new arch design

command run to identify scripts:

$ find . -not -path "./.git/*" -type f -print0 | xargs -0 file | grep 'shell script'         
./prov_packer/vmware.sh:                                              POSIX shell script, ASCII text executable
./prov_packer/virtualbox.sh:                                          POSIX shell script, ASCII text executable
./prov_packer/vagrant.sh:                                             POSIX shell script, ASCII text executable
./prov_packer/sudoers.sh:                                             POSIX shell script, ASCII text executable
./prov_packer/minimize.sh:                                            POSIX shell script, ASCII text executable
./prov_packer/sshd.sh:                                                POSIX shell script, ASCII text executable
./prov_packer/update.sh:                                              Bourne-Again shell script, ASCII text executable
./prov_packer/docker.sh:                                              Bourne-Again shell script, ASCII text executable
./prov_packer/networking.sh:                                          Bourne-Again shell script, ASCII text executable
./prov_packer/customization.sh:                                       Bourne-Again shell script, ASCII text executable
./prov_vagrant/prov.sh:                                               Bourne-Again shell script, ASCII text executable
./scripts/terraform-helper.sh:                                        Bourne-Again shell script, ASCII text executable
./scripts/new-kali.sh:                                                Bourne-Again shell script, ASCII text executable
./scripts/circleci-shellcheck-command.sh:                             Bourne-Again shell script, ASCII text executable
./build.sh_not-working:                                               Bourne-Again shell script, ASCII text executable
./ci/bootstrap.sh:                                                    Bourne-Again shell script, ASCII text executable
./ci/packer_build.sh:                                                 Bourne-Again shell script, ASCII text executable

Vendor
CircleCI

Describe the issue/link to bug reported to vendor
ansible-lint container is failing: https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/229/workflows/9fde52f2-d0e6-4538-b9ae-a10791c24dba/jobs/852

Additional context
apparently the ansible-lint container isn't finding python....

Output: 
Failed to load paths: /bin/sh: 1: /home/circleci/.local/share/virtualenvs/project-zxI9dQ-Q/bin/python: not found

• all build paths listed below
  1. Local + Remote ( Local kickoff + CircleCI Build + Vagrant Cloud ) - Intermediate
     1. Imitate linting that CircleCI would do with circleci cli inside of vagrant vm
     2. Generate packer template inside vagrant vm
     3. Use container to deploy packet server remotely
     4. Provision packet server from vagrant vm
     5. Imitate waiting for build to finish like CircleCI would, but from inside the vagrant vm
     6. Destroy packet server from inside vagrant vm
  2. Local ( Local variable gen + script starting local host packer build ) - Advanced
     • NOTE: You will be responsible for having all the necessary dependencies for the build on your machine that will be building the image with packer.
     1. Imitate linting
     2. Generate packer template to shared folder
     3. exit vagrant and packer validate
     4. kick off packer buid on local machine & the command is in the build script
     5. boxes are built locall
  3. Local ( Local Variable Gen + manual packer)
     • NOTE: You will be responsible for having all the necessary dependencies for the build on your machine that will be building the image with packer.
     1. Imitate linting
     2. Generate packer template to shared folder
     3. exit vagrant and packer validate
     4. manually kick off packer command
• # 2 (from from above) + pull down packer images to local shared folder
• # 3 (from from above) , but inside vm (with Nested Pageing)
• add AWS provider integration
• add libvirt provider integration ⬅️ added in release 0.0.6
• add vmware provider integration ⬅️ added in release v0.0.5
• add Hyper-V provider integration

I have noticed that the box will build perfectly fine, but it will continuously fail to upload to vagrant cloud. It has uploaded once successfully since I have noticed the behaviour about 2 weeks ago.

You can observe this behavior just by checking the Circle CI log, and previously with debug turned on: https://circleci.com/gh/elreydetoda/packer-kali_linux/80#artifacts/containers/0

Things to do:

• test script for upload: hashicorp/packer#6615 (comment)
• save vagrant boxes into artifacts for build (#11)

if the above script works

• implement in conjunction with post-processor when it fails, for packer to upload to vagrant cloud

Extra info

when having slower connection upload completes successfully. I successfully uploaded version 0.0.28 of the vagrant box from my laptop on a slower connection and it successfully uploaded the vagrant box on the first attempt.
uploaded with following info

• vagrant version: 2.2.4
• packer version: 1.4.0

A github issue I am following possibly related to this hashicorp/packer#6615

deliverables

• be able to build against multiple versions of installation types
  • normal - currently what gets built
  • light (current branch) - top10 tools
  • minimal - no tools installed

Additional context
Not everyone needs all the tools that come with kali, so when people want to have different versions of kali readily available they should have that option with different vagrant boxes.
The only changes that should need to be modified is the preseed file installation type that is chosen.

use these xml files

• /etc/xdg/menus/gnome-applications.menu
• /etc/xdg/menus/applications-merged/kali-applications.menu

to construct a cli menu for using kali through the cli and know what tools are in which category

Redo vagrant cloud notes to be more informative:

• link to CircleCI artifacts + CI build in general
• link to hash signatures
• extra tools that where installed
• other examples:
  • https://app.vagrantup.com/scotch/boxes/box
  • https://app.vagrantup.com/centos/boxes/7

GH notes:

• link to vagrant cloud notes for related version
  • probably need to use this: https://app.vagrantup.com/api/v1/box/elrey741/kali-linux_amd64
• CI build link

Need to document v0.0 1 release, and in all future releases don't release till there are docs

Add CircleCi Check to syntax

• packer validate - simple test to make sure file validates
• https://circleci.com/orbs/registry/orb/circleci/shellcheck
• include serverspec tests ( or alternative: https://www.reddit.com/r/sysadmin/comments/4v2k7n/infrastructure_tests_and_beyond/
  • thinking about goss, but doesn't support windows...yet? (goss-org/goss#448)
  • bats is also another option

These tests can most likely happen asynchronously and will be requirements of the main build step so all checks have to pass in order for the build of the box to be started.

deliverables
be able to build based off the weekly versions of kali

Additional context
Being able to test out the weekly version of kali will allow people to have an easier approach to testing the new version of kali that should be released.

The only changes that should need to be modified is the KALIVERSION environment variable

For those that haven't seen this before
Just wanted to give you a little information as to what this is, if you are just viewing this for the first time.

I have created this issue because when you automate things there are sometimes you start noticing, or get affected by, things that other people screw up (because infrastructure is hard). That will then cause my automation to screw up, since I am relying on other peoples infrastructure to run this automation.

So below you will see links/pictures as to something that might be currently stopping this project from working, and as soon as it is closed (i.e. when I notice that is fixed by the individual) then the project should be fine and worked for me. At this point you should file a regular bug, if you are having issues, so I can help you debug why I am screwing up 😁

Vendor
What vendor caused the screw up?
clipboard

Describe the issue/link to bug reported to vendor
apparently during the upgrade from Virtualbox 6.0 ➡️ 6.1 it changed the clipboard options flag from --clipboard ➡️ --clipboard-mode. So, I am going to remove this option and force clients to configure it in their Vagrantfile they create. The sub-vbox config option was vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"] ➡️ vb.customize ["modifyvm", :id, "--clipboard-mode", "bidirectional"].

Additional context
Add any other context or screenshots about the request here.

To-Do

• add locks to all terraform directories
  • have process for upgrading lock files
• mark packet project as sensitive

Vendor (Optional)
HashiCorp

link
https://www.hashicorp.com/blog/announcing-hashicorp-terraform-0-14-general-availability

Additional context
With the release of terraform 0.14, they introduced locking so you can have a more reproducible run for applying terraform infra. Also, they now allow you to mark variables as sensitive, and I have always wanted to do that for the packet project ID.

For those that haven't seen this before
Just wanted to give you a little information as to what this is, if you are just viewing this for the first time.

I have created this issue because when you automate things there are sometimes you start noticing, or get affected by, things that other people screw up (because infrastructure is hard). That will then cause my automation to screw up, since I am relying on other peoples infrastructure to run this automation.

So below you will see links/pictures as to something that might be currently stopping this project from working, and as soon as it is closed (i.e. when I notice that is fixed by the individual) then the project should be fine and worked for me. At this point you should file a regular bug, if you are having issues, so I can help you debug why I am screwing up 😁

Vendor
Kali

Describe the issue/link to bug reported to vendor
https://web.archive.org/web/20190514060100/https://bugs.kali.org/view.php?id=5435

Additional context

Vendor
Debian/Kali

Describe the issue/link to bug reported to vendor
Package prompts and ignores noninteractive in command typed during net install: https://github.com/chef/bento/blob/74eddf49e19d5fed74963151d14656efb5b66353/packer_templates/debian/debian-10.6-amd64.json#L16

Additional context

For those that haven't seen this before
Just wanted to give you a little information as to what this is, if you are just viewing this for the first time.

I have created this issue because when you automate things there are sometimes you start noticing, or get affected by, things that other people screw up (because infrastructure is hard). That will then cause my automation to screw up, since I am relying on other peoples infrastructure to run this automation.

So below you will see links/pictures as to something that might be currently stopping this project from working, and as soon as it is closed (i.e. when I notice that is fixed by the individual) then the project should be fine and worked for me. At this point you should file a regular bug, if you are having issues, so I can help you debug why I am screwing up 😁

Vendor
Offsec

Describe the issue/link to bug reported to vendor
Ever since offsec released their 2020.1 release, their build has been breaking this project's automation. Below in the action items will be descriptive issues as to what has been broken, and what has to be fixed.

action items

• switched to XFCE desktop
  • power saving settings have been broken (need to figure out translated commands from Gnome to XFCE (used to prevent vm from going to sleep))
• preseed file for automated install process
  • now create non-root user during the pxe install process.
    
  • add non-root user to sudoers file
• ISO install options
  • now have to choose options toward end of installation for desktop env and
    

Additional context
Add any other context or screenshots about the request here.

Deliverable(s)

• set instance to small, doesn't cost as much
• document reasoning as to why not changing instance size

Additional context
Possible instances sizes:

• baremetal_0

link for figuring out all instances: https://www.packet.com/developers/api/plans/#retrieve-all-plans

current plans:

        "c1.large.arm",
        "baremetal_2a",
        "c1.xlarge.x86",
        "baremetal_3",
        "c2.large.arm",
        "c2.medium.x86",
        "c3.medium.x86",
        "c3.small.x86",
        "g2.large.x86",
        "m1.xlarge.x86",
        "baremetal_2",
        "m2.xlarge.x86",
        "m3.large.x86",
        "n2.xlarge.x86",
        "s1.large.x86",
        "baremetal_s",
        "s3.xlarge.x86",
        "t1.small.x86",
        "baremetal_0",
        "x1.small.x86",
        "baremetal_1e",
        "x2.xlarge.x86",
        "x.large.arm"

I want to leave the ova boxes in the CircleCI artifcats in case I want to do anything with them/ there is a problem with the upload.

Architecture Design

Main build path diagram

Overview

Improvements

• parallel linting
• python script to generate packer template
• terraform to ensure server deployment and destruction
• ansible to provision packer building node
  • easier to add hypervisor installation through this collection: https://galaxy.ansible.com/elreydetoda/virtualization
  • idempotentcy during installation process
• almost all containers to help with future scalability

Details

Build Paths

These are the different build paths that someone will be able to walk through, when trying to build the project and their corresponding level of difficulty (especially for troubleshooting).

1. CircleCI ( Remote - GH ) - Beginner
   1. Click run build from CircleCI (CI) or push code change which triggers build
   2. Kicks off linters in containers on CI
   3. Deploys to packet from CI
   4. Builds on packet server from CI
   5. Everything runs remotely on CI

Corresponding issues

All issues in milestone v0.0.4

Ansiblefest just happened and they talked a lot about how they plan to change the architecture for how ansible works. These include the following changes that will need to happen in order for this project to use the new architecture:

• all ansible playbooks will need to be built by ansible-builders
• all execution of ansible playbooks will need to use the ansible-runners
• possibly use receptor for making connections
• hosting my own galaxy-ng ( new automation hub ) to make sure my roles don't go away
• refactor how my collection is built to use only the specific modules it needs ( same with playbooks ) i.e.: ansible.posix.synchronize

Currently I am handling all the API calls with bash scripts, because I was not aware of the terraform provider for the VPS server I am using (packet.net). I have found out that there is now a terraform providor for packet, and so I would like to migrate all my api call to use terraform instead of bash scripts.

• https://github.com/terraform-providers/terraform-provider-packet

• use AWS provider to get most current kali ami release

scrape this url: https://cdimage.kali.org/ for possible kali version to build off of ( weekly, current, -1 version of current (in case of instability in current release) )
corresponding script would be new-kali.sh

Disclaimer

Please only provide info for tools/packages that are official or version control that are the official repo. If it isn't not the official repo, then I will take significantly longer, because I want to read through your code and make sure the alterations you did to it aren't malicious. I don't want the people who use this project to install malicious code (that isn't used for pentesting, but to affect the actual user of the OS), so I won't merge it in the offical branch till I feel comfortable with what I am adding.

Name
pupy

Vendor (Optional)
https://github.com/n1nj4sec/

link
https://github.com/n1nj4sec/pupy

Additional context
Really awesome post exploitation tool that doesn't come default in kali.

Deliverables

• build all desktop versions of kali
  • XFCE
  • KDE
  • Gnome
  • ... (need to figure out other installation options)

Additional context
Allowing people to use different desktop versions will enable more people to be attacked to use this project.

Should be a modification to the preseed file during the ISO installation.

• keep tags up to date with pushes to vagrant cloud
• keep major & minor versions in https://app.vagrantup.com/elrey741/boxes/kali-linux_amd64 up to date with tags in github

For those that haven't seen this before
Just wanted to give you a little information as to what this is, if you are just viewing this for the first time.

I have created this issue because when you automate things there are sometimes you start noticing, or get affected by, things that other people screw up (because infrastructure is hard). That will then cause my automation to screw up, since I am relying on other peoples infrastructure to run this automation.

So below you will see links/pictures as to something that might be currently stopping this project from working, and as soon as it is closed (i.e. when I notice that is fixed by the individual) then the project should be fine and worked for me. At this point you should file a regular bug, if you are having issues, so I can help you debug why I am screwing up 😁

Vendor
Kali

Describe the issue/link to bug reported to vendor
https://web.archive.org/web/20190507201708/https://bugs.kali.org/view.php?id=5428

There is some weird networking issue, that because dhcp is declared in the /etc/network/interfaces file that network manager isn't saying it is connected. I have tested the following

• can successfully browse the internet
• nmap is returning accurate results
• ping something

On freebsd the vbguest plugin is failing when it tries to setup the proper guest additions

Going on, assuming VBoxService is correct...                                          
bash: line 4: setup: command not found                                                
==> default: Checking for guest additions in VM...                                    
The following SSH command responded with a non-zero exit status.                      
Vagrant assumes that this means the command failed!                                   
                                                                                      
 setup                                                                                
                                                                                      
Stdout from the command:                                                              
                                                                 
Stderr from the command:                                                              
                                                                                      
bash: line 4: setup: command not found            

Name
N/A

Vendor (Optional)
N/A

link
https://github.com/corysabol/samuraiwtf/blob/master/options.yaml

Additional context
Add support for an options.yaml file like the one in my fork of SamuraiWTF. This would possibly take some modification to the project structure, though. It may be worth it in the long run though. Allowing for more easily configurable builds.

Deliverables

• change CI to process things as follows
  • have descriptive names for workflows (i.e. all checks, master build, dev-stage_build, etc..)
  • not have same steps re-do work that is the same in another workflow (i.e. don't repeat linting checks when two workflows are going ( example: build # 218 in CircleCI ) )

Additional context
CI isn't as streamlined as I would like.

Add another bash function to use as a delivery mechanism, so there is no payment for delivery of SMS. Instead it is just posted to a gitter.im channel. All the info is public anyways, so it won't matter if message is sent there.

• create gitter.im channel
• add gitter development api token to circleci environment variable
• https://developer.gitter.im/docs/messages-resource#send-a-message

figure out how to identify when there is a new preseed file or there were modifications to the old preseed file

I had to focus on building the automation with github and CircleCI. While doing that I broke the local build, but it should be easy to fix based on already getting the automation taken care of.

https://github.com/github/super-linter/
extra info about running in circleci: https://github.com/github/super-linter/issues/491
extra info about running outside of GH actions: https://github.com/github/super-linter#run-super-linter-outside-github-actions

Question(s)

• What are possible issue templates that would be needed?

Deliverables

• have discussion as to what possible templates should be created
• create a Bug template not for only "Others", but have an internal bug template
• have a "Feature Request" template for non-tool features
• for current templates make context information commented out with <!-- --> (markdown comment)

Additional context
Possibly a questions template, and all issues should probably have the following as well:

**deliverable(s)**

- [ ] example
- [ ] issue dep(s):   <!-- optional, but list out other GH issues required to complete -->

**description/discussion**

<!--
Please do either one or both of the following:
1) Describe the issue/task in as great of detail as you possible can. Provide steps for replication if needed. This is important for not only you to make sure you know what you need to do, but if someone has to come behind you and pick up this task they need to know as well.
2) Give a link to the discussion so you don't have to duplicate work. Just make sure you detail it out as much as possible in the discussion if you do this, and the conclusion/context about the discussion is clear.
-->

**visual information**

<!-- i.e. include a picture of the error or something -->

**possible solutions/links to helpful information from research**

- context about link: https://stackoverfilow.com

**Additional context**

<!-- Please detail why you submitted this issue/task or give extra info about it. -->