IppSec · m4nt0de4 · Jul 22, 2024 · Jul 22, 2024 · Jul 23, 2024 · Jul 23, 2024
diff --git a/README.md b/README.md
@@ -1,12 +1,13 @@
 ** Make sure to pip install ansible, apt has an older copy **
 
-# Instructions
+Due to the newer versions of Ansible and Parrot OS, the Playbook couldn't run smoothly. I found two workarounds, one using pipx and the other installing Ansible system-wide. I think that the second workaround is more accurate with the end system that IppSec gets, so that's why I used the second approach instead of installing Ansible using pipx and isolating the app.
+
+# Instructions updated (Ansible 9 \[core 2.17.2\] + Parrot OS Version 6.1 Lorikeet)
 * Start with Parrot HTB Edition
-* Install Ansible (python3 -m pip install ansible)
+* Install Ansible (python3 -m pip install ansible --break-system-packages)
 * Clone and enter the repo (git clone)
 * ansible-galaxy install -r requirements.yml
-* Make sure we have a sudo token (sudo whoami)
-* ansible-playbook main.yml
+* ansible-playbook main.yml -K (-K for a prompt for the sudo password)
 
 # Off-Video Changes
 * Mate-Terminal Colors, I show how to configure it here (https://www.youtube.com/watch?v=2y68gluYTcc). I just did the steps in that video on my old VM to backup the color scheme, then copied it to this repo.

diff --git a/roles/configure-logging/tasks/main.yml b/roles/configure-logging/tasks/main.yml
@@ -1,3 +1,3 @@
 ---
-- include: "ufw.yml"
-- include: "auditd.yml"
+- include_tasks: "ufw.yml"
+- include_tasks: "auditd.yml"
diff --git a/roles/configure-system/tasks/aptsources-cleanup.yml b/roles/configure-system/tasks/aptsources-cleanup.yml
@@ -0,0 +1,9 @@
+- name: "Mark the PYZ bundle as executable"
+  shell: chmod a+x /tmp/aptsources-cleanup.pyz
+  become: true
+  become_method: sudo
+
+- name: "Cleanup the APT sources. This will erase all the duplicates."
+  shell: yes | python3 -OEs /tmp/aptsources-cleanup.pyz
+  become: true
+  become_method: sudo
diff --git a/roles/configure-system/tasks/main.yml b/roles/configure-system/tasks/main.yml
@@ -1,2 +1,3 @@
 ---
-- include: "configure-sudoers.yml"
+- include_tasks: "configure-sudoers.yml"
+- include_tasks: "aptsources-cleanup.yml"
diff --git a/roles/customize-browser/files/getburpcert.sh b/roles/customize-browser/files/getburpcert.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-/bin/bash -c "timeout 45 /usr/lib/jvm/java-17-openjdk-amd64/bin/java -Djava.awt.headless=true -jar /usr/share/burpsuite/burpsuite.jar < <(echo y) &" 
+/bin/bash -c "timeout 45 /usr/lib/jvm/jdk-22.0.2-oracle-x64/bin/java -Djava.awt.headless=true -jar /usr/share/burpsuite/burpsuite_community.jar < <(echo y) &" 
 sleep 30
 curl http://localhost:8080/cert -o /tmp/cacert.der
 exit
diff --git a/roles/customize-browser/tasks/main.yml b/roles/customize-browser/tasks/main.yml
@@ -1,3 +1,3 @@
 ---
-- include: "burp.yml"
-- include: "firefox.yml"
+- include_tasks: "burp.yml"
+- include_tasks: "firefox.yml"
diff --git a/roles/install-tools/tasks/apt-stuff.yml b/roles/install-tools/tasks/apt-stuff.yml
@@ -17,6 +17,7 @@
       - ntpdate
       - flameshot
       - exiftool
+      - rsyslog
     state: latest
   become: true
   become_method: sudo
diff --git a/roles/install-tools/tasks/github-repos.yml b/roles/install-tools/tasks/github-repos.yml
@@ -34,6 +34,7 @@
     - { repo: "carlospolop/PEASS-ng",  regex: "winPEASx64.exe", location: "/opt/peas" }
     - { repo: "WithSecureLabs/chainsaw",  regex: "chainsaw_all_", location: "/opt/" }
     - { repo: "BloodHoundAD/BloodHound", regex: "BloodHound-linux-x64.zip", location: "/opt/" }
+    - { repo: "davidfoerster/aptsources-cleanup", regex: "aptsources-cleanup.pyz", location: "/tmp/" }
   async: 45
   poll: 0
   become: true

diff --git a/roles/install-tools/tasks/jdk-latest.yml b/roles/install-tools/tasks/jdk-latest.yml
@@ -0,0 +1,13 @@
+---
+- name: "Downloading https://download.oracle.com/java/22/latest/jdk-22_linux-x64_bin.deb"
+  get_url:
+    url: https://download.oracle.com/java/22/latest/jdk-22_linux-x64_bin.deb
+    checksum: sha256:799f6219d3ed1bdbab474656fb9f34397b22c8a441c35f87a1a8e771b19b4baa
+    dest: /tmp/jdk-22_linux-x64_bin.deb
+    mode: 0640
+
+- name: "Install the /tmp/jdk-22_linux-x64_bin.deb package"
+  ansible.builtin.apt:
+    deb: /tmp/jdk-22_linux-x64_bin.deb
+  become: true
+  become_method: sudo
diff --git a/roles/install-tools/tasks/main.yml b/roles/install-tools/tasks/main.yml
@@ -1,6 +1,7 @@
 ---
-- include: apt-stuff.yml
-- include: kerbrute.yml
-- include: github-repos.yml
-- include: python-tools.yml
-- include: gem-tools.yml
+- include_tasks: apt-stuff.yml
+- include_tasks: kerbrute.yml
+- include_tasks: github-repos.yml
+- include_tasks: python-tools.yml
+- include_tasks: gem-tools.yml
+- include_tasks: jdk-latest.yml