File tree Expand file tree Collapse file tree 9 files changed +549
-94
lines changed
tencentcloud/cvm/cvm_security_group_open_common_port Expand file tree Collapse file tree 9 files changed +549
-94
lines changed Load Diff Large diffs are not rendered by default.
Load Diff Large diffs are not rendered by default.
Original file line number Diff line number Diff line change 1+ # Tencent Cloud CVM security group open common port
2+
3+ English | [ 中文] ( ./README_CN.md )
4+
5+ ## Description
6+
7+ This is a scenario used to build the Tencent Cloud CVM security group open common port.
8+
9+ ## Deployment Environment
10+
11+ Execute the following command in the container
12+
13+ ``` shell
14+ cd /TerraformGoat/tencentcloud/cvm/cvm_security_group_open_common_port
15+ ```
16+
17+ Edit the ` terraform.tfvars ` file and write your ` tencentcloud_secret_id ` and ` tencentcloud_secret_key ` in the file
18+
19+ ``` shell
20+ vim terraform.tfvars
21+ ```
22+
23+ > You can create and view your SecretKey on the [ API Key Management] ( https://console.cloud.tencent.com/cam/capi ) of the Tencent Cloud console
24+
25+ Deploy Vulnerable Environment
26+
27+ ``` shell
28+ terraform init
29+ terraform apply
30+ ```
31+
32+ > When the terminal prompts ` Enter a value: ` , enter ` yes `
33+
34+ After the environment is set up, you can see the instance and security group IDs at Outputs
35+
36+ ## Steps
37+
38+ Use the Tencent Cloud command line tool to view the rules of the security group.
39+
40+ ``` bash
41+ > apt-get install jq -y
42+ > tccli vpc DescribeSecurityGroupPolicies --SecurityGroupId sg-o1alubhn | jq ' .SecurityGroupPolicySet.Ingress[] | select(.Protocol == "tcp") | select(.CidrBlock == "0.0.0.0/0") | select(.Action == "ACCEPT") | .Port'
43+
44+ " 5432"
45+ " 25"
46+ " 9200"
47+ " 4506"
48+ " 50070"
49+ " 2376"
50+ " 21"
51+ " 138"
52+ " 5500"
53+ " 5601"
54+ " 50470"
55+ " 3389"
56+ " 6379"
57+ " 4505"
58+ " 8020"
59+ " 1522"
60+ " 23"
61+ " 22"
62+ " 2375"
63+ " 3306"
64+ " 5900"
65+ " 137"
66+ " 1433"
67+ " 1521"
68+ " 445"
69+ " 27017"
70+ " 1434"
71+ ```
72+
73+ ## Destroy the environment
74+
75+ ``` shell
76+ terraform destroy
77+ ```
Original file line number Diff line number Diff line change 1+ # 腾讯云 CVM 安全组允许常见端口访问
2+
3+ [ English] ( ./README.md ) | 中文
4+
5+ ## 描述信息
6+
7+ 这是一个用于构建腾讯云 CVM 安全组允许常见端口访问的场景。
8+
9+ ## 环境搭建
10+
11+ 在容器中执行以下命令
12+
13+ ``` shell
14+ cd /TerraformGoat/tencentcloud/cvm/cvm_security_group_open_common_port
15+ ```
16+
17+ 编辑 ` terraform.tfvars ` 文件,在文件中填入你的 ` tencentcloud_secret_id ` 和 ` tencentcloud_secret_key `
18+
19+ ``` shell
20+ vim terraform.tfvars
21+ ```
22+
23+ > 在腾讯云控制台的 [ API 密钥管理] ( https://console.cloud.tencent.com/cam/capi ) 可以创建和查看您的 SecretKey
24+
25+ 部署靶场
26+
27+ ``` shell
28+ terraform init
29+ terraform apply
30+ ```
31+
32+ > 在终端提示 ` Enter a value: ` 时,输入 ` yes ` 即可
33+
34+ 环境搭建完后,在 Outputs 处可以看到实例和安全组的 ID
35+
36+ ## 步骤
37+
38+ 使用腾讯云命令行工具查看安全组的规则。
39+
40+ ``` bash
41+ > apt-get install jq -y
42+ > tccli vpc DescribeSecurityGroupPolicies --SecurityGroupId sg-o1alubhn | jq ' .SecurityGroupPolicySet.Ingress[] | select(.Protocol == "tcp") | select(.CidrBlock == "0.0.0.0/0") | select(.Action == "ACCEPT") | .Port'
43+
44+ " 5432"
45+ " 25"
46+ " 9200"
47+ " 4506"
48+ " 50070"
49+ " 2376"
50+ " 21"
51+ " 138"
52+ " 5500"
53+ " 5601"
54+ " 50470"
55+ " 3389"
56+ " 6379"
57+ " 4505"
58+ " 8020"
59+ " 1522"
60+ " 23"
61+ " 22"
62+ " 2375"
63+ " 3306"
64+ " 5900"
65+ " 137"
66+ " 1433"
67+ " 1521"
68+ " 445"
69+ " 27017"
70+ " 1434"
71+ ```
72+
73+ 通过返回的内容可以看到当前安全组允许访问的常见端口。
74+
75+ ## 销毁环境
76+
77+ ``` shell
78+ terraform destroy
79+ ```
You can’t perform that action at this time.
0 commit comments