KASM sandbox
KASM is one of my goto sandboxes, since its easy to install and offers isolation between my machine/ infrastructure. I have installed KASM in a Hetzner server (CX43), this setup is perfect both in price and performance, and you can share with more users (approx 4-6 people). It offers alot of programs you can install along with operating systems. It runs in docker containers in the browser. This odders that you can work with malicious files and dangerous links isolated in a environment, that is isolated from your system.
THe software is opensource and freely avalible for noncomercial use. You can therefore install it your self on a local host, VM or in the cloud. Its easy to set up and works really good.
Preparation of the DNS
Login to you DNS if you want to use a domain, and point the DNS to you server and you are set to go. This is important if you want to use SSL.
Installation of KASM
Source: Kasmweb docs
cd /tmp
curl -O https://kasm-static-content.s3.amazonaws.com/kasm_release_1.18.0.09f70a.tar.gz
tar -xf kasm_release_1.18.0.09f70a.tar.gz
sudo bash kasm_release/install.shIf you run above installation on a system, you get the whole installation setup for KASM. Be aware that after the installation is finished, you get a output you need to save somewhere safe.
Kasm UI Login Credentials
------------------------------------
username: admin@kasm.local
password: <AUTOGENERATED PASSWORD>
------------------------------------
username: user@kasm.local
password: <AUTOGENERATED PASSWORD>
------------------------------------
Kasm Database Credentials
------------------------------------
username: kasmapp
password: <AUTOGENERATED PASSWORD>
------------------------------------
Kasm Redis Credentials
------------------------------------
password: <AUTOGENERATED PASSWORD>
------------------------------------
Kasm Manager Token
------------------------------------
password: <AUTOGENERATED TOKEN>
------------------------------------
Service Registration Token
------------------------------------
password: <AUTOGENERATED TOKEN>
------------------------------------Then the server is setup, the installation takes aprox between 10-15 mins, depending on your hardware.
Installation of SSL
If you want to use SSL (reccomended), then you need a e-mail for setting up the SSL with letsencrypt. You will be asked for an E-mail and to accept the EULA and if they may contact you.
Install certbot
sudo apt update
sudo apt install certbotGet the certs and copy them to the right folder
sudo certbot certonly --standalone -d kasm.YOURDOMAIN.dk
sudo cp /etc/letsencrypt/live/kasm.YOURDOMAIN.dk/fullchain.pem /opt/kasm/current/certs/kasm_nginx.crt
sudo cp /etc/letsencrypt/live/kasm.YOURDOMAIN.dk/privkey.pem /opt/kasm/current/certs/kasm_nginx.key
sudo chmod 600 /opt/kasm/current/certs/kasm_nginx.keyIf you like to automate the renew of the cert
sudo crontab -e
0 3 * * * certbot renew --quiet --post-hook "cp /etc/letsencrypt/live/kasm.YOURDOMAIN.com/fullchain.pem /opt/kasm/current/certs/kasm_nginx.crt && cp /etc/letsencrypt/live/kasm.YOURDOMAIN.com/privkey.pem /opt/kasm/current/certs/kasm_nginx.key && /opt/kasm/bin/restart"Stop and start the server
sudo /opt/kasm/bin/stop
sudo /opt/kasm/bin/startInstallation process from the developer.
Then you are ready for KASM. It takes some time to install the images, dependin on the size of the image or operating system. Please look below for guidenace to install the registries.
Kali in a browserwindow, how cool is that ? :)
