0xPThree.gitbook.io
  • Network Services
    • Ports
      • 21 - FTP
      • 22 - SSH
      • 23 - Telnet
      • 25, 465, 587 - SMTP(S)
      • 53 - DNS
      • 80, 443 - HTTP(S)
        • Frameworks
          • Drupal
          • Flask
          • Laravel
          • Tomcat
          • Werkzeug
        • Fuzzing
        • Grafana
        • Languages
          • PHP
        • WebDAV
        • Web Vulnerabilities
          • CloudFlare Bypass
          • Command Injection
          • CSTI
          • File Inclusion/Path Traversal
          • SQL Injection
          • SSI
          • SSTI
          • Upload bypass
          • XLST
          • XML Injection
      • 88 - Kerberos
      • 135, 593 - MSRPC
      • 139, 445 - SMB
      • 161, 162, 10161, 10162 - SNMP
      • 1433, 3306 - SQL
      • 2049 - NFS
      • 2375 - Docker
  • Active Directory
    • ADCS
    • DACL Abuse
      • AddMember
      • ForceChangePassword
      • Kerberoasting
      • ReadLAPSPassword
      • ReadGMSAPassword
      • Grant Ownership
      • Grant Rights
      • Logon Script
      • Rights on RODC object
    • Security groups
    • Misc
  • Coding Languages
    • Python
  • Exploits / PoC's
    • Ansible
      • Ansible AWX
    • Apache
      • HTTP Server - CVE-2021-41773
      • Struts - CVE-2024-53677 / S2-067
      • Tomcat - CVE-2020-1938 / CVE-2020-10487
      • Tomcat - CVE-2025-24813
    • Confluence - CVE-2023-22527
    • CUPS - CVE-2024-47***
    • D-Link
      • CVE-2020-29322
      • Decrypt firmware: DIR-X1560
    • Dmidecode - CVE-2023-30630
    • EternalBlue - MS17-010
    • Gitlab - CVE-2023-7028
    • Ivanti - CVE-2024-21893 / 21887
    • Jenkins - CVE-2024-23897
    • LXD group - N/A
    • nf_tables - CVE-2024-1086
    • NFS - N/A
    • Oracle
      • WebLogic - CVE-2018-2628
      • WebLogic - CVE-2019-2729
      • WebLogic - CVE-2023-21839
      • WebLogic - CVE-2024-20931
      • WebLogic - CVE-2024-21006
    • PHP
      • CVE-2024-4577
    • RunC
      • CVE-2024-21626
      • CVE-2022-0811
    • Snap - CVE-2019-7304
    • TP-Link - CVE-2024-5035
  • Hardware
    • Firmware
    • JTAG
    • SPI
    • UART
    • USB
  • Post Exploit
    • Compile payload
    • Obfuscation
    • Read VMDK files
    • Saved Credentials
      • Linux - Ansible AWX / Tower
      • Linux - Dell Networker
      • Windows - Mozilla Firefox
      • Windows - Notepad++
      • Windows - WinSCP
    • Session Hijack
    • Sniffing Passwords
    • Upgrade shell
    • VMware
      • Disk Encryption
      • LDAP Connection (SSO)
      • Restore VCSA Postgres Database
      • vCenter Forge SAML
      • Waiter Account Information
  • Development
    • Dnsmasq DHCP
    • Docker
      • Ansible AWX
      • Docker Compose
      • FirmAE - Emulate Firmware
      • Oracle WebLogic
      • Rocket.Chat
      • Tomcat
      • Vaultwarden
    • Harden Windows Host
    • HTTPS Proxy
    • Netplan + Networkd
    • SSL/TLS Certificates
  • TODO
Powered by GitBook
On this page
  • Setup Ansible AWX on fresh Kali Host
  • Troubleshooting:
  • 1. Unknown shorthand flag: 'f' in -f
  • 2. Connection refused to web interface
  • Container management:

Was this helpful?

  1. Development
  2. Docker

Ansible AWX

Last updated 11 months ago

Was this helpful?

Setup Ansible AWX on fresh Kali Host

  1. Install prerequisites. If you're unable to install docker-compose-plugin, please see "" for installation help.

sudo apt install docker.io docker-compose docker-compose-plugin ansible npm -y

  1. Create a new user, or add current user to the Docker group. You might need to reload your shell or even restart the host in order to make the changes take effect.

utv-kali :: ~/ ‹24.3.1*› » sudo usermod -aG docker $USER
or
utv-kali :: ~/ ‹24.3.1*› » sudo useradd awx && sudo passwd awx && sudo usermod -aG docker awx && id awx

  1. Find latest version and clone it.

utv-kali :: ~/ » curl -s https://api.github.com/repos/ansible/awx/releases/latest | grep "zipball_url"
utv-kali :: ~/ » git clone -b 24.3.1 https://github.com/ansible/awx.git

  1. Generate keys for pg_password, broadcast_websocket_secret and secret_key. This is optional, if blank it will be generated upon install.

utv-kali :: ~/awx » openssl rand -base64 30
NOfNJdZ+Qg04CQmTfJzXrT0gHdDHj5MTALGtRi5H
utv-kali :: ~/awx ‹24.3.1*› » vim tools/docker-compose/inventory

  1. Build the AWX base image.

utv-kali :: ~/awx ‹24.3.1*› » make docker-compose-build
utv-kali :: ~/awx ‹24.3.1*› » docker images                                                                                                      1 ↵
REPOSITORY                  TAG       IMAGE ID       CREATED              SIZE
ghcr.io/ansible/awx_devel   HEAD      a70774a6fa8d   About a minute ago   1.95GB
utv-kali :: ~/awx ‹24.3.1*› » make docker-compose COMPOSE_UP_OPTS=-d
utv-kali :: ~/awx » docker container ls

  1. Clean and build the UI. This may freeze the host for a few minutes depending on your hardware. If you have 4GB RAM or below OOM Killer will surely kill your process.

utv-kali :: ~/awx ‹24.3.1*› » docker exec tools_awx_1 make clean-ui ui-devel

Wait a few minutes and you should be able to reach the AWX web UI on https://localhost:8043/#/home.

  1. Lastly create a new superuser, or use the default admin account, to login to the application.

utv-kali :: ~ » docker container logs 0e2c2dd78493 | grep -i "admin password"
Admin password: eOHr................

utv-kali :: ~/awx ‹24.3.1*› » docker exec -ti tools_awx_1 awx-manage createsuperuser
Username (leave blank to use 'awx'): 
Email address: 
Password: 
Password (again): 
Superuser created successfully.

Troubleshooting:

1. Unknown shorthand flag: 'f' in -f

If you get the error unknown shorthand flag: 'f' in -f it's probably because you've only installed docker-compose (version 1) and not docker-compose-plugin (version 2). Verify this by running docker compose version and docker-compose version.

utv-kali :: ~/awx ‹24.3.1*› » docker compose version
docker: 'compose' is not a docker command.
utv-kali :: ~/awx ‹24.3.1*› » docker-compose version
docker-compose version 1.29.2, build unknown
utv-kali :: ~/awx ‹24.3.1*› » echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian bookworm stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list 

utv-kali :: ~/awx ‹24.3.1*› » curl -fsSL https://download.docker.com/linux/debian/gpg |
  sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

utv-kali :: ~/awx ‹24.3.1*› » sudo apt update
utv-kali :: ~/awx ‹24.3.1*› » sudo apt install docker-compose-plugin
utv-kali :: ~/awx ‹24.3.1*› » docker compose version
Docker Compose version v2.27.0

2. Connection refused to web interface

'Connection refused' from host machine to the AWX web interface, even though all containers are up and running, and being able to reach the web interface from the container itself. Restarting the containers did not solve the issue, however doing a full reboot of the host system and then start the containers solved the issue for me.

utv-kali :: ~/awx ‹24.3.1*› » reboot
utv-kali :: ~/awx ‹24.3.1*› » docker compose -f tools/docker-compose/_sources/docker-

Container management:

Start / Stop / Restart all AWX containers:

utv-kali :: ~/awx ‹24.3.1*› » docker compose -f tools/docker-compose/_sources/docker-compose.yml start
utv-kali :: ~/awx ‹24.3.1*› » docker compose -f tools/docker-compose/_sources/docker-compose.yml stop
utv-kali :: ~/awx ‹24.3.1*› » docker compose -f tools/docker-compose/_sources/docker-compose.yml restart

Start the containers (COMPOSE_UP_OPTS=-d to detach). If you encounter error "" please see below troubleshooting tips.

According to , to install docker-compose-plugin we need to update sources.list, import gpg key and run apt update.

Kali Documentation
Unknown shorthand flag..
Unknown shorthand flag: 'f' in -f