My personal pwnbox vm base image. Based on vm-image-builder. The way I use this image is described in this post.
- ready to use X environment
- exposed via vnc (localhost:5900) and novnc (http, localhost:6901)
- access the services bound to lo with
ssh -t -L 5900:localhost:5900 -L 6901:localhost:6901 user@my-pwnbox-address - base distribution is kali
- plenty of tools pre-packaged and ready to be installed
-
take a look at the ansible playbook: if you do not want to rely on cloud-init, setting a public key might be a good idea. Fix the variable
myuser. -
run the builder script:
./build.sh -o test.qcow2 -s10
The runner script allows you to quickly run the image locally:
./run.sh -i test.qcow2you should be able to login locally:
ssh root@localhost -p50022
The qcow2 format is supported by many cloud providers as is. During boot, the image will use any cloud-init configuration available (ssh keys, network configuration, etc).
Personally, I like to shrink the image to the smallest possible size before uploading it:
$ virt-sparsify test.qcow2 test-sparse.qcow2 # you might need to run this as root
$ pigz test-sparse.qcow2
I use do-image-uploader to upload my images to DigitalOcean:
$ export DO_API_TOKEN=$(pass show do-tokens/personal)
$ do-image-uploader --image-file=test-sparse.qcow2.gz --region=fra1 --name=test-image --wait-until-available
I use another ansible playbook to create and configure the VM.
Once the base image is uploaded, you can easily create a new VM. I prefer to synchronize my dotfiles (because they change quite often) and my hackthebox.org openvpn configuration file at this stage.