├── .travis.yml ├── .yamllint ├── README.md ├── defaults └── main.yml ├── handlers └── main.yml ├── meta └── main.yml ├── molecule └── default │ ├── converge.yml │ ├── molecule.yml │ └── verify.yml ├── tasks ├── install_agents.yml └── main.yml ├── tests ├── inventory └── test.yml └── vars └── main.yml /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | --- 2 | # Based on ansible-lint config 3 | extends: default 4 | 5 | rules: 6 | braces: 7 | max-spaces-inside: 1 8 | level: error 9 | brackets: 10 | max-spaces-inside: 1 11 | level: error 12 | colons: 13 | max-spaces-after: -1 14 | level: error 15 | commas: 16 | max-spaces-after: -1 17 | level: error 18 | comments: disable 19 | comments-indentation: disable 20 | document-start: disable 21 | empty-lines: 22 | max: 3 23 | level: error 24 | hyphens: 25 | level: error 26 | indentation: disable 27 | key-duplicates: enable 28 | line-length: disable 29 | new-line-at-end-of-file: disable 30 | new-lines: 31 | type: unix 32 | trailing-spaces: disable 33 | truthy: disable 34 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Mythic 2 | ========= 3 | 4 | [![t94j0.mythic](https://img.shields.io/ansible/role/55834)](https://galaxy.ansible.com/t94j0/mythic) 5 | 6 | 7 | Install Mythic 8 | 9 | Role Variables 10 | -------------- 11 | 12 | A list of all the variables can be found in ./defaults/main.yml. 13 | 14 | ## Base Configs 15 | `mythic_repo` - Path to the repo you'd like to install. Useful if using a fork of Mythic 16 | 17 | `mythic_version` - Branch to pull from repo 18 | 19 | `installation_path` - Path to install Mythic 20 | 21 | ## Service Configs 22 | `server_header` - Mythic HTTP server header 23 | 24 | `admin_username` - Admin username for Mythic 25 | 26 | `default_password` - Admin password for Mythic 27 | 28 | `operation_name` - Default operation name 29 | 30 | ## Agents 31 | `agents[].repo` - Git repository to pull agent 32 | 33 | `agents[].branch` - Branch to pull from repository 34 | 35 | Dependencies 36 | ------------ 37 | 38 | ansible-galaxy install geerlingguy.docker 39 | ansible-galaxy install geerlingguy.pip 40 | 41 | Example Playbook 42 | ---------------- 43 | 44 | ```yaml 45 | - hosts: servers 46 | roles: 47 | - { role: t94j0.mythic } 48 | ``` 49 | 50 | License 51 | ------- 52 | 53 | BSD 54 | 55 | Author Information 56 | ------------------ 57 | 58 | Max Harley 59 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mythic_repo: https://github.com/its-a-feature/Mythic 3 | mythic_version: master 4 | installation_path: /opt/mythic 5 | server_header: nginx 1.2 6 | admin_username: admin_username 7 | default_password: default_password 8 | operation_name: operation_name 9 | agents: 10 | - repo: https://github.com/MythicAgents/Apollo 11 | branch: master -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for ansible-role-mythic 3 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | role_name: mythic 3 | namespace: t94j0 4 | author: Max Harley 5 | description: Installs Mythic teamserver 6 | company: SpecterOps 7 | 8 | issue_tracker_url: https://github.com/t94j0/ansible-role-mythic/issues 9 | 10 | license: BSD-3-Clause 11 | 12 | min_ansible_version: 2.1 13 | 14 | platforms: 15 | - name: Debian 16 | versions: 17 | - buster 18 | 19 | galaxy_tags: 20 | - security 21 | - mythic 22 | - c2 23 | - hacking 24 | 25 | dependencies: 26 | - geerlingguy.docker 27 | - geerlingguy.pip 28 | -------------------------------------------------------------------------------- /molecule/default/converge.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Converge 3 | hosts: all 4 | tasks: 5 | - name: "Include ansible-role-mythic" 6 | include_role: 7 | name: "ansible-role-mythic" 8 | -------------------------------------------------------------------------------- /molecule/default/molecule.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependency: 3 | name: galaxy 4 | driver: 5 | name: docker 6 | platforms: 7 | - name: instance 8 | image: docker.io/pycontribs/debian:latest 9 | pre_build_image: true 10 | provisioner: 11 | name: ansible 12 | verifier: 13 | name: ansible 14 | -------------------------------------------------------------------------------- /molecule/default/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | gather_facts: false 7 | tasks: 8 | - name: Example assertion 9 | assert: 10 | that: true 11 | -------------------------------------------------------------------------------- /tasks/install_agents.yml: -------------------------------------------------------------------------------- 1 | - name: Assert mandatory variables 2 | assert: 3 | that: 4 | - agent is defined 5 | - installation_path 6 | 7 | - name: Install Agent 8 | command: "./mythic-cli install github {{ agent.repo }} {{ agent.branch }} -f" 9 | args: 10 | chdir: "{{ installation_path }}" 11 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Update apt 3 | apt: 4 | update_cache: yes 5 | 6 | - name: Install Docker 7 | include_role: 8 | name: geerlingguy.docker 9 | 10 | - name: Install Pip role and vars for pip 11 | include_role: 12 | name: geerlingguy.pip 13 | vars: 14 | pip_install_packages: 15 | - docker 16 | - botocore 17 | - boto3 18 | - requests 19 | pip_executable: pip3 20 | pip_package: python3-pip 21 | 22 | 23 | - name: Install pydocker 24 | pip: 25 | name: docker 26 | 27 | - name: Install golang 28 | include_role: 29 | name: gantsign.golang 30 | 31 | 32 | - name: Download Mythic 33 | ansible.builtin.git: 34 | repo: "{{ mythic_repo }}" 35 | dest: "{{ installation_path }}" 36 | version: "{{ mythic_version }}" 37 | 38 | - name: Make Go binaries 39 | command: sudo make 40 | args: 41 | chdir: "{{ installation_path }}" 42 | 43 | 44 | - name: Check and move file if present 45 | stat: 46 | path: "{{ installation_path }}/mythic-cli" 47 | register: mythic_cli_stat 48 | 49 | - name: Move file to /bin/ if it exists 50 | command: cp "{{ installation_path }}/mythic-cli" /bin/ 51 | when: mythic_cli_stat.stat.exists 52 | 53 | - name: Continue with other tasks 54 | debug: 55 | msg: "File has been moved to /bin/, continuing with other tasks" 56 | when: mythic_cli_stat.stat.exists 57 | 58 | 59 | - name: Check for mythic config 60 | stat: 61 | path: "{{ installation_path }}/.env" 62 | register: env_stat 63 | 64 | - name: Create mythic config 65 | shell: ./mythic-cli config 66 | args: 67 | chdir: "{{ installation_path }}" 68 | when: not env_stat.stat.exists 69 | 70 | - name: Configure Mythic | Set variables 71 | lineinfile: 72 | path: "{{ installation_path }}/.env" 73 | regexp: "^{{ item.key }}" 74 | line: "{{ item.key }}={{ item.value }}" 75 | with_dict: 76 | SERVER_HEADER: "{{ server_header }}" 77 | MYTHIC_ADMIN_USER: "{{ admin_username }}" 78 | MYTHIC_ADMIN_PASSWORD: "{{ default_password }}" 79 | DEFAULT_OPERATION_NAME: "{{ operation_name }}" 80 | no_log: true 81 | 82 | - name: Get Mythic container info 83 | docker_container_info: 84 | name: mythic_server 85 | register: mythic_result 86 | 87 | 88 | - name: Install Agents 89 | include_tasks: install_agents.yml 90 | vars: 91 | agent: "{{ item }}" 92 | loop: "{{ agents }}" 93 | 94 | 95 | - name: Start mythic 96 | command: "./mythic-cli start" 97 | args: 98 | chdir: "{{ installation_path }}" 99 | -------------------------------------------------------------------------------- /tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - ansible-role-mythic 6 | -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for ansible-role-mythic 3 | --------------------------------------------------------------------------------