Self Repairing Server

Automated Self Repairing server for Offensive Security Training Environment

The original project was designed around the idea of having a training enviroment for new employees to the Red Team, the idea was to give them a safe place to practice skills in a variety of challenges like a Capture The Flag Platform.

What came from the original design and build went in a completely different direction, to build a Platform that could nto be destroyed and if it was, that it could repair itself. This project was designed and built using VMware virtualization Technologies and specifically the vSphere application, a PHP web application for the website and scripts and a Java application called Jenkins webUI that facilitates full server automation. the platform design allows the system to be 100% self-sufficient at any time without the need of the systems designer to control it, thus the platform may continue its usage within the company after the student had returned to education, or if there is softwar realted issues that may cause the system to go offline

For the simplistic sake I wont be discusing the Website, mainly because this post is about the server reapiring. Even tho this was done on a paid platform "vSphere" it could be easily replicated with the use of Proxmox and plugins. I will also be assuming that you understand the uses of vSphere and Jenkins if not check out these two locations

Jekins - https://www.jenkins.io/

VMware vSphere - https://docs.vmware.com/en/VMware-vSphere/

The WebServer

 

This is a simple windows 7 box on the VMware ESXI server as a VM running the following software. Why windows 7, we had multiple lisences for windows 7 so it was not a concern at the time

 

  • XAMPP "Apache, for the Web application"

  • Xlight FTP "to copy files over... lazy mode activated there"

  •  

 

Auto-Start Scripts

These scripts where put in the startup folder to allow for the to run on startup. It was a simple Batch file that start each service as needed for usage on the system
The Training Enviroment

just shown to let you know what the user sees
http://webhook:81344db918ad501349bea979029b088e@192.168.1.9:9999/job/mrrobot/build?token=81344db918ad501349bea979029b088e

http://[USER]:[API TOKEN]@[SERVER IP]/job/[BUILD NAME]/build?token=[API TOKEN]
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Integer nec odio. Praesent libero. Sed cursus ante dapibus diam. Sed nisi. Nulla quis sem at nibh elementum imperdiet. Duis sagittis ipsum. Praesent mauris. Fusce nec tellus sed augue semper porta. Mauris massa. Vestibulum lacinia arcu eget nulla. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Curabitur sodales ligula in libero.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Integer nec odio. Praesent libero. Sed cursus ante dapibus diam. Sed nisi. Nulla quis sem at nibh elementum imperdiet. Duis sagittis ipsum. Praesent mauris. Fusce nec tellus sed augue semper porta. Mauris massa. Vestibulum lacinia arcu eget nulla. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Curabitur sodales ligula in libero.