Aria Cloud Overview
Aria Cloud Penetration Testing Tools Container. Aria Cloud is a Docker Container ideal for remote pentesting over SSH or RDP, with a primary emphasis on cloud security tools and secondary on Active Directory tools. Use it for an assumed breach pentest where remote access is necessary via RDP or SSH, or for simple AD lab testing. It is built for use cases where one needs to remote into a container using SSH or RDP, and then run their security workflows (i.e., Cloud environments). This repo also included an automated Terraform template + Ansible Playbook to deploy Aria Cloud as a container running on an Ubuntu Linux VM, with remote access over RDP.
Medium Blog: https://medium.com/bugbountywriteup/pentesting-in-the-clouds-introducing-ariacloud-58cb5cc1c50d
Summary of Tools (Image Built on Kali Linux Rolling)
- Metapackages: kali-linux-core, kali-linux-top10, kali-desktop-core
- xRDP and SSH (for remote access)
- socat, powershell 7, smbclient
- AWS cli tools (aws, s3cmd)
- Azure cli tools (az)
- Google Cloud Platform cli tool (gcloud, kubectl)
- ROADTools (https://github.com/dirkjanm/ROADtools)
- Stormspotter (https://github.com/Azure/Stormspotter)
- ScoutSuite (https://github.com/nccgroup/ScoutSuite)
- Cloud_Enum (https://github.com/initstring/cloud_enum)
- cloudmapper (https://github.com/duo-labs/cloudmapper)
- Bucket Stream (https://github.com/eth0izzle/bucket-stream)
- Pacu (https://github.com/RhinoSecurityLabs/pacu)
- WeirdAAL (https://github.com/carnal0wnage/weirdAAL)
- evil-winrm (https://github.com/Hackplayers/evil-winrm)
- Impacket Python library and tools (https://github.com/SecureAuthCorp/impacket)
- Neo4j (https://neo4j.com/)
- Bloodhound (https://github.com/BloodHoundAD/BloodHound)
- Plumhound (https://github.com/DefensiveOrigins/PlumHound)
- Fox-IT Bloodhound-python data ingestor (https://github.com/fox-it/BloodHound.py)
- gitleaks (https://github.com/zricethezav/gitleaks)
- shhgit (https://github.com/eth0izzle/shhgit)
- gitrob (https://github.com/michenriksen/gitrob)
- Trufflehog (https://github.com/dxa4481/truffleHog)
- detect-secrets (https://github.com/Yelp/detect-secrets)
- Rubeus (https://github.com/GhostPack/Rubeus)
- Mimikatz (https://github.com/gentilkiwi/mimikatz)
Terraform Automated Deployment
This repo now includes a Terraform template and Ansible Playbook that automatically deploys Aria Cloud into an Azure VM with remote access over RDP. For more information, navigate into the terraform-azure directory and see the README.
Default Credentials
Username: aria
Password: !aria123!
Default Tools Directory Most special tools are installed into /opt directory if they aren't in the default /usr/local/bin/ path
3 Docker Containers: 3 Potential Use Cases
Use Case #1: aria-base: Attach to /bin/bash local console, and do your thing.
Use Case #2: aria-rdp: Use an RDP client to remotely access the container. Best for running Bloodhound and other tools that require Neo4j GUI.
Use Case #3: aria-ssh: Use an SSH client to remotely access the container.
Base Image Use Case: Build or Pull, and then Run
Pre-requisite: Install docker for your system
Quickly run it with docker pull:
docker pull iknowjason/aria-base:latest
Run it!
docker run -ti iknowjason/aria-base:latest
You can get the IMAGE_ID with docker images command
Build & Run It
Clone this repo:
git clone https://github.com/iknowjason/AriaCloud.git
cd AriaCloud
Build:
docker build -f Dockerfile.base -t aria .
Run:
docker run -ti aria
RDP Container Use Case: Build or Pull, and then Run
Quickly run it with docker pull:
docker pull iknowjason/aria-rdp:latest
Bind the RDP ports from the docker container to expose them on the LAN interface of the host computer
docker run -d --name myname -p 3389:3389 iknowjason/aria-rdp:latest
You can get the IMAGE_ID with docker images command
Verify ports:
docker port myname
Now RDP to your Host computer's IP address on port 3389.
Build & Run It
Clone this repo:
git clone https://github.com/iknowjason/AriaCloud.git
cd AriaCloud
Build:
docker build -f Dockerfile.rdp -t aria .
Run:
docker run -d --name myname -p 3389:3389 aria
SSH Container Use Case: Build or Pull, and then Run
Quickly run it with docker pull:
docker pull iknowjason/aria-ssh:latest
Bind the SSH ports from the docker container to expose them on the LAN interface of the host computer
docker run -d --name myname -p 22:22 iknowjason/aria-ssh:latest
You can get the IMAGE_ID with docker images command
Verify ports:
docker port myname
Now SSH to your Host computer's IP address on port 22.
Build & Run It
Clone this repo:
git clone https://github.com/iknowjason/AriaCloud.git
cd AriaCloud
Build:
docker build -f Dockerfile.ssh -t aria .
Run:
docker run -d --name myname -p 22:22 aria
To Do
- Fix small errors after RDP connection and auth success
- Fix MacOS RDP client black screen
- Terraform template deployment for AWS
- K8s tools
Hat Tips
- Offensive Security team for Kali
- All the other tool authors listed above