Rapid Operation Deployment a framework for Red Team Deployments
Recently on our GitHub we released Rapid Operation Deployment for Linode - Link Here. We took some of our Red Team server deployment scripts and merged them into an extensible framework that makes use of Terraform and Ansible for deploying operational infrastructure on Linode.
The framework is really easy to use and all it takes is for you to install terraform, ansible, openssl, jq, the linode-cli on a linux machine and of course a Linode API key. In the default configuration as we have it on github the script will deploy 4 Ubuntu 24.04 nodes. These nodes consist of:
1 Redirector hosting NGINX
1 Cobalt Strike teamserver
1 Sliver C2 Server
1 PwnDrop fileshare
Now the elephant in the room here is the Cobalt Strike teamserver, in its default configuration the framework scripts will ask you for a Cobalt Strike license, you’ll also need to drop the cobaltstrike-dist.tgz from Fortra into ansible-project-templates/roles/cobaltstrike/files. If you don’t plan on using Cobalt or don’t have access to it, simply remove the references to it in the deploy script and the site.yaml file.
If you plan on using Cobalt Strike and have it placed in the location pictured above you just have to run the included deploy script.
When you initially run the deploy its going to perform a few actions to get things ready and then ask you for your Linode API token.
After you enter your Linode API key the Linode CLI will go through its configuration set up.
After completing the Linode-CLI configuration the next step is entering your Cobalt Strike license key.
After entering your license key you’ll be asked to select a region that will be used for a Linode VPC.
With the region selected the terraform code will now begin deploying. After terraform finishes, the script sleeps for 30 seconds to allow time for the servers to finish stand up.
With terraform done the ansible playbooks take over and start performing their setup actions on the servers.
The last step the script displays the root password that was generated for the servers, lists where ssh-keys that were generated are stored, the public IPs for the servers, and all the information you need for accessing the PwnDrop admin panel.
That’s all there is to it, we hope you enjoy and get as much use out of it as we do.