Merge pull request RhinoSecurityLabs#21 from LukaszMrozowski/master

Removed #cloud-boothook to execute UserData on instance start
mohit614 · Apr 28, 2019 · 3ab8f49 · 3ab8f49
2 parents d8d8cf1 + 41d52ad
commit 3ab8f49
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/terraform/ec2.tf b/terraform/ec2.tf
@@ -12,7 +12,7 @@ resource "aws_instance" "cloudgoat_instance" {
   iam_instance_profile = "${aws_iam_instance_profile.cloudgoat_instance_profile.id}"
   key_name = "cloudgoat_key"
 
-  user_data = "#cloud-boothook\n#!/bin/bash\nyum update -y\nyum install php -y\nyum install httpd -y\nmkdir -p /var/www/html\ncd /var/www/html\nrm -rf ./*\nprintf \"<?php\\nif(isset(\\$_POST['url'])) {\\n  if(strcmp(\\$_POST['password'], '${var.ec2_web_app_password}') != 0) {\\n    echo 'Wrong password. You just need to find it!';\\n    die;\\n  }\\n  echo '<pre>';\\n  echo(file_get_contents(\\$_POST['url']));\\n  echo '</pre>';\\n  die;\\n}\\n?>\\n<html><head><title>URL Fetcher</title></head><body><form method='POST'><label for='url'>Enter the password and a URL that you want to make a request to (ex: https://google.com/)</label><br /><input type='text' name='password' placeholder='Password' /><input type='text' name='url' placeholder='URL' /><br /><input type='submit' value='Retrieve Contents' /></form></body></html>\" > index.php\n/usr/sbin/apachectl start"
+  user_data = "#!/bin/bash\nyum update -y\nyum install php -y\nyum install httpd -y\nmkdir -p /var/www/html\ncd /var/www/html\nrm -rf ./*\nprintf \"<?php\\nif(isset(\\$_POST['url'])) {\\n  if(strcmp(\\$_POST['password'], '${var.ec2_web_app_password}') != 0) {\\n    echo 'Wrong password. You just need to find it!';\\n    die;\\n  }\\n  echo '<pre>';\\n  echo(file_get_contents(\\$_POST['url']));\\n  echo '</pre>';\\n  die;\\n}\\n?>\\n<html><head><title>URL Fetcher</title></head><body><form method='POST'><label for='url'>Enter the password and a URL that you want to make a request to (ex: https://google.com/)</label><br /><input type='text' name='password' placeholder='Password' /><input type='text' name='url' placeholder='URL' /><br /><input type='submit' value='Retrieve Contents' /></form></body></html>\" > index.php\n/usr/sbin/apachectl start"
 }
 
 resource "aws_security_group" "cloudgoat_ec2_sg" {