Skip to content

Latest commit

 

History

History
64 lines (50 loc) · 2.15 KB

README.md

File metadata and controls

64 lines (50 loc) · 2.15 KB

OWASP WebGoat Ansible playbook(Vagrant, Azure)

To use this playbook you need to have installed Ansible.

Install OWASP WebGoat on the VirtualBox with Vagrant

You need to install vagrantand virtualbox

Then just go into project directory and run:

vagrant up

After everything is ready, you should be able to see WebGoat's webpage by the following link: http://192.168.1.100/webgoat

Install OWASP WebGoat on the Azure VM

In this guide we are assuming that you are already have valid Azure subscription.

In order to start launching and provision Azure VM you need to do next preparations:

  • Install sudo pip install azure==0.11.1 (newest azure version > 1.0 not compatible with ansible azure module yet. Here is relevant github issue ansible/ansible-modules-core#2114)

  • Install Azure Command Line tools

sudo yum install npm ## or apt-get install npm
sudo npm install -g azure-cli
  • Login into your azure subscription:

    • Generate link for Azure Subscription Key with: azure account download

    • Open link in Web Browser and download key

    • Import key via Azure cli with: azure account import <path to downloaded file>

  • Now we need to create valid Storage Account for our VM:

azure storage account create --location "East US 2" webgoatlab --type GRS

Location of storage account and VM should be the same.

  • Generate ssh key for VM
openssl req -x509 -key ~/.ssh/id_rsa -nodes -days 365 -newkey rsa:2048 -out ~/.ssh/webgoatlab.pem
  • Give owner-only permissions for generated key
chmod 600 ~/.ssh/webgoatlab.pem
  • End export managment cert for your subscribtion
azure account cert export -f ~/.ssh/manage.cer
  • Set environment variables with your Azure Subscription ID and Path to Management Certificate
export AZURE_SUBSCRIPTION_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
export AZURE_CERT_PATH=~/.ssh/manage.cer
export ANSIBLE_HOST_KEY_CHECKING=False
  • Run playbook with command:
ansible-playbook -i "localhost," azure_goat.yml