Mme Michu is a malware analysis lab in Proxmox to launch malware in a secure place.
- Windows 10 machine
- Logger LXC
- Pfsense
-
Proxmox VE 8.1 or higher (can work with lower version).
-
LXC with can communicate with Proxmox node with
- Terraform
- Packer
- Ansible
- Linux Bridge vmbr99
Create a variables.json file to connect your packer config to Proxmox
{
"proxmox_host": "192.168.0.1",
"proxmox_node": "pve",
"proxmox_username": "infra_as_code@pve",
"proxmox_password": "password",
"proxmox_network_with_dhcp_and_internet": "vmbr0",
"proxmox_network_lan" : "vmbr99",
"proxmox_vm_pool": "MmeMichu", #Optionnal
"proxmox_skip_tls_verify": "true",
"proxmox_disk_storage_pool": "disk1",
"proxmox_disk_storage_type": "disk1",
"proxmox_iso_storage_pool": "big2to"
}
Create Windows 10 and Pfsense template with packer command line
packer build -var-file variables.json windows_10_proxmox.json
packer build -var-file variables.json pfsense.json
Create a terraform.tfstate like
proxmox_api_url= "https://192.168.0.40:8006/api2/json"
proxmox_node="pve"
proxmox_api_user="infra_as_code@pve"
proxmox_api_password="password"
vm_disk= "disk"
vm_disk_discard= "on"
vm_network= "vmbr0"
hostonly_network= "vmbr1"
Create Windows 10 VM, Pfsense VM, Logger LXC
terraform init
terraform apply
export LC_ALL=C.UTF-8
ansible-playbook -i inventory mmeMichuAnalyse.yml
Detection Lab : doc
GOAD : doc