synacktiv / mofos

• mofos • Concept • Installation • Configure the host • QEMU/KVM system session • Security considerations • Mofos configuration • Install a template • Configure the firewall • Install • Import • Create the upper layer empty disk • Create a virtual machine • Customization • Template - hook install • Virtual machine - hook new • Virtual machine - hook start • Features • Setup notification when starting or stopping VM • Clipboard • Setup routing between machines • Setup tunneling through pentest boxes • USB management • PCI devices management • Shared folders • Windows machines • Autocompletion • IP addresses overlap mofos Mofos is a tool designed to create, run, and manage virtual machines. It leverages Libvirt/QEMU/KVM, and Python, making it compatible with any Linux distribution. Heavily inspired by Qubes OS (https://www.qubes-os.org/), Mofos aims to replicate many of its features. The tool has been extensively tested on Debian with Debian-based virtual machines. While other Linux distributions are expected to work, some additional configuration may be necessary. More details to be added. Mofos provides a range of features focused on securely managing virtual machines, including: • Seamless window integration using Xpra. • A clipboard system that enables sending and receiving clipboard content between the host and virtual machines. • SSH communication with virtual machines. • Default network restrictions, with flexible options to route or tunnel traffic from one virtual machine through others or remote servers. Concept A mofos machine consists of two disks combined using overlayfs. The first disk, known as the lower layer, is a read-only template disk, while the second disk stores all the changes made by the virtual machine. This template disk is shared across multiple virtual machines. As a result, creating a new virtual machine only requires cloning an empty disk that’s already partitioned to hold the modified data. This approach ensures that new virtual machines can be created quickly, while allowing the template to be updated independently. Any updates to the template will take effect for dependent virtual machines upon their next reboot. Installation Depending on the Linux distribution, the Makefile can be utilized to either generate a package or install the files directly. During the installation, various settings will be prompted. The default options can generally be accepted. The only setting that requires attention is the subnet address used by the mofos libvirt network (default: ). OR Install the following dependancies: • guestfs-tools • libnotify-bin • libvirt • libvirt-clients • libvirt-daemon • make • python3-click • python3-click-completion • python3-colorama • python3-cryptography • python3-dbus • python3-jinja2 • python3-lxml • python3-prettytable • python3-pyroute2 • python3-tqdm • qemu-system-common • qemu-system-modules-spice • socat • spice-client-gtk • sudo • virtinst • virt-install • virtiofsd • virt-manager • virt-viewer Depending on the distribution, the Python files copied to may not be detected by the Python interpreter and should be placed elsewhere. For example, on Fedora, the Python files must be copied to . > [!WARNING] > Attention, since Debian trixie, is not packaged anymore, you have to install it manually from its custom repositories. See https://github.com/Xpra-org/xpra/wiki/Download#-for-debian-based-distributions for detailed instructions. Configure the host QEMU/KVM system session Mofos uses the QEMU/KVM system session, so to allow the virsh command to access virtual machines and related resources, set the environment variable to : Security considerations Using QEMU/KVM system sessions improves isolation between the host and guest virtual machines by running qemu instances under a dedicated user ( ) and applying specific security profiles to each instance. However, by default, regular users cannot interact with the system socket to manage machines, networks, and other resources. To gain access, users must either be members of the libvirt Unix group or use sudo. Historically, local privilege escalation vulnerabilities have exploited membership in the libvirt group to obtain root privileges. To mitigate these risks, this repository provides a strengthened AppArmor profile for the process on systems using AppArmor. This profile significantly restricts where can write files and which programs it can execute. Additionally, rules are included to further control the actions permitted for members of the group. Note that the AppArmor profiles are packaged in the package but are not installed by the Makefile’s target and therefore must be installed separately. Mofos configuration Mofos requires a configuration file located at with minimal settings to function correctly. A minimal example configuration can be found at , while a more comprehensive configuration is documented in . The following error indicates that the configuration file was not found: The following error indicates that the current user is not a member of the libvirt group: The key configuration settings to customize in the configuration files are as follows: • key (path): The SSH private key file used to access virtual machines. It is recommended to create a dedicated key for this purpose. • user (string): The username for SSH access to the virtual machines. • root_password (hashed value): The hashed root password to be set during the installation of a new template. • root_ssh_pubkey (string): The public SSH key to be installed in the root user’s directory during template installation. Additionally, the following parameters must be configured for template installation: • ntp • dns (optional if a proxy is provided) • proxy Install a template Configure the firewall Since the installation process relies on PXE netboot, an active internet connection is required. The following firewall rules should be configured: Or with nftables: When the parameter is set to 1, the F…