Vault7: CIA Hacking Tools Revealed
Navigation: » Latest version
Manually Add a Computer to Tyrant
The following procedures describe how to manually add a computer to Tyrant in an environment without JACAL.
Most of the Tyrant-managed computers on Devlan are imported from the low-side with no need to do anything manually, but these procedures describe what you can do to add a computer that already exists on Devlan. For instance, a VMVirtual Machine may have been cloned in vSphere, imported in some way, or created from scratch outside of the Tyrant system's involvement.
These procedures do not apply if you are running JACAL in your environment along with Tyrant.
Step-by-step guide
- Ensure the computer is configured to use DHCP.
- Connect the computer to one of Tyrant's VLANs.
- Find a free IP for your computer.
- To get an IP, you can either manually check Overview to find a free IP associated with the VLANVirtual Local Area Network to which your computer is connected or simply power on the computer and let it grab an IP address from Tyrant's DHCPDynamic Host Configuration Protocol server.
-
If you let the computer obtain the IP address from Tyrant's DHCPDynamic Host Configuration Protocol server, ensure it isn't already in use by another Tyrant-managed computer. You can use Overview to verify.
Even though the DHCPDynamic Host Configuration Protocol addresses assigned by Tyrant are fixed in Tyrant's dhcpd.conf file, it is possible to grab an IP already in-use if the computer associated with that IP has been disconnected from the network for a while and has lost its DHCPDynamic Host Configuration Protocol lease.
If you decide to obtain your IP automatically and then you find that it happens to be assigned to another Tyrant-managed computer, you will need to either power-up the computer that is using the IP in order to renew its lease and then attempt to obtain another address automatically for your new computer or just go ahead and manually pick an IP that's free in the VLANVirtual Local Area Network to which the new computer is connected. You can use Overview to see what's available.
-
Once you have a free IP address, add it to
/etc/dhcpd/dhcpd.conf
in the following format:host <computer_name> {
hardware ethernet <MAC>
fixed-address <IP>
}The host_name in the dhcpd.conf file should not contain spaces. While the computer_name in the dhcpd.conf file does not need to match the computer's actual hostname (or the VSphere display name if it's a VMVirtual Machine), it's probably a good idea to try to do so, but just ensure remove or replace the whitespace if any exists.
Power up the computer and renew the IP address to ensure it's what you expect.
- Perform any last-minute configuration changes you might need for testing. For instance, you might need to configure to the computer to auto-login.
If the computer is a VM, create a snapshot while it is powered-on and logged-in.
-
Add the computer to the Tyrant database using the
db_admin
utility.For more information about using db_admin, see the DARTTest-Software (commercial) User Manual and/or DARTTest-Software (commercial) Administrator Manual.
-
Navigate to tyworkflow on the Tyrant server. Note that the path to tyworkflow may differ depending on the Tyrant setup.
cd /proj/testing/tyworkflow
-
View the help if needed.
bin/db_admin -h
-
If the VLANVirtual Local Area Network associated with the new computer is not already in Tyrant's DB, add it.
-
Create a csv file in the following format:
<name>,<ip_min>,<ip_max>,<mac_min>,<mac_max>,<netmask>,<gateway>,<dns_server1>,<dns_server2>...
For example:
frontchannel,192.168.5.100,192.168.5.200,00:50:56:3e:00:00,00:50:56:3e:ff:ff,255.255.255.0,192.168.5.1,192.168.5.10;192.168.5.11
backchannel,XXX.X.X.XX (US),XXX.X.X.XX (US),00:50:56:00:00:00,00:50:56:00:00:ff,255.255.0.0,,
thumb,0.0.0.0,0.0.0.0,00:00:00:00:00:00,FF:FF:FF:FF:FF:FF,0.0.0.0,, -
Import the VLAN.
bin/db_admin import_vlans <vlan_csv_file>
- Check Overview to make sure the VLANVirtual Local Area Network appears as you expect.
-
You can delete a VLANVirtual Local Area Network if something isn't right.
bin/db_admin del_vlan <vlan_name>
-
- If the recipe associated with the new computer is not already in Tyrant's DB, add it.
-
Create a csv file in the following format (note that you would include the last comma if no there are no apps and note that the first field is the recipe name):
<family-os-ossp-lang-arch-apps>,<family>,<os>,<ossp>,<lang>,<arch>,<apps>
For example:
win-7ult-sp1-en-x86,win,7ult,sp0,en,x86,
win-7ult_pp-sp1-en-x64-pp,win,7ult_pp,sp1,en,x64,pp
win-8.1pro_pp-sp0-en-x64-pp,win,8.1pro_pp,sp0,en,x64,pp
thumbdrive-sandisk-cruser-td-4gb,thumbdrive,sandisk,cruzer,td,4gb, -
Import the recipe.
bin/db_admin import_recipes <recipe_csv_file>
Check Overview to make sure the recipe appears as you expect.
-
You can delete a recipe if something isn't right.
bin/db_admin del_recipe <recipe_name>
-
-
Finally, add the computer to Tyrant's database.
-
Create a csv file in the following format (note that the each computer entry is two lines: one containing the basic computer information and one containing the snapshot information):
<computer_name>,<ip>,<mac>,<hwtype>,<model>,<pool>,<vlan>,<state_type>,<reaper>,vm_host=<esxi_host_name>
@snapshot,<recipe_name>,<snapshot>For example:
win-7ult-en-x64-pp-base-vlan93,10.9.3.170,00:50:56:ab:1f:fc,vm,esxi8,pp,VLAN93,esxi,dart-esxi-b.devlan.net,vm_host=dart-esxi-b.devlan.net
@snapshot,win-7ult_pp-sp1-en-x64-pp,latest
PP Win8.1 x64 KaspIS2015,10.9.3.169,00:50:56:ab:0d:6b,vm,esxi8,pp,VLAN93,esxi,dart-esxi-b.devlan.net,vm_host=dart-esxi-b.devlan.net
@snapshot,win-8.1pro_pp-sp0-en-x64-pp,latest
dart-esxi-02-1.0.2-thumbdrive-sandisk,dart-esxi-02:1.0.2,00:16:3e:06:ef:4e,thumbdrive,sandisk,dart-esxi-02,thumb,nop,nop
@snapshot,thumbdrive-sandisk-td-4gb,latest -
Import the computer.
bin/db_admin import_computers <computer_csv_file>
- Check Overview to make sure the computer appears as you expect.
-
You can delete a computer if something isn't right.
bin/db_admin del_computer <computer_name>
More csv files are usually available for your viewing pleasure in the tyworkflow directory.
-
-
Related articles
Get database information about VM's (or fun with db_admin)
('contentbylabel' missing)
('details' missing)