TeamCity Setup

Module Objectives

• Setup TeamCity

• Install Languages

  • C#

  • Go

• Create Users

• Configure GitLab to work with TeamCity

Prerequisites

Minimum:
- 4GB RAM
- 64GB Disk Space
- Virtualisation Software (VMWare or VirtualBox)
- Windows 10 Pro
- Git
- Java JDK 17 / 22

Installing TeamCity

Compiling .NET Framework projects is easier on a Windows machine, hence we will be installing TeamCity on a Windows virtual machine. You can download TeamCity Professional from here.

Configure your install directory (or leave it as the default), and copy the path down. Since we will be compiling malicious projects, we must add a Defender exclusion to this path. You can leave everything as default.

TeamCity supports multiple build agents, which can be used in conjunction with GitLab's build agents as part of a CI/CD cycle (GitLab Repo -> TeamCity Compilation -> File Sharing Server)

Once installation is complete, you should see the build agent properties pop up. Note down the server address.

Save the properties, then you can select whether you'd like it to run as a domain/local user, or as SYSTEM. We will run the server and the build agent as the SYSTEM account for simplicity's sake.

Once done, open the UI at http://<TEAM_CITY_ADDRESS>:8111. Select the internal database (or set up an external one for long-term storage - see migration steps here if you are following along), proceed, then accept the license agreement, and deselect the anonymous stats submission.

Once this is done, create an admin account then move on to the next section.

Defender Settings

As mentioned before, we need to add an exclusion to Defender to prevent it from deleting our artifacts. Open Defender, then click on Manage settings

Turn off automatic sample submission to stop our artifacts from getting burned, then scroll down, click on add or remove exclusions, and add the TeamCity directory. The default location is C:\Teamcity

Install Programming Languages

Git

Since we will clone GitHub repositories, Git is required on the TeamCity server.

C#

To compile most of the C#-based tools that we will be using in this blog, we need the .NET 4.0 and 4.5 targeting packs, as well as the 3.5 development tools. Since these are considered deprecated, they were removed from dotnet.microsoft.com. A workaround is installing Visual Studio 2019, then downloading the .NET Desktop Workload and targeting packs.

Golang

Installing Golang is pretty simple, you can get it from their website, download the installer, and then hit next for everything

Configuring GitLab (Optional)

Integration

If you would like to use TeamCity as part of your CI/CD pipeline, you can add it from the integrations section on GitLab at Admin -> Integrations -> JetBrains TeamCity

You will need to change the http://localhost:8111 default server URL to one that is accessible to GitLab (NAT/Host-Only for example)

SSH Key(s)

Since we might have a mixture of private and public repositories on GitLab, we need to create an SSH key on our Windows server, then copy the public key to our GitLab server -> Deployment Keys -> New deploy keys

1. Windows Server

> ssh-keygen
> cat ~/.ssh/ssh_key_name.pub

1. GitLab Server

Create a new key and add one on the user you want to access repositories from

Personal Access Token(s)

Another way of doing this is by using Personal Access Tokens. These are unique random characters that allows for authentication through the GUI, as well as through REST APIs - which will come in handy if you make a builder tool later on for individual operators.

To add them, go to Edit Profile -> Access Tokens -> Add new token

Give the token a name, and check the permissions that you want it to have, then create the token.

Save the token in a secure location (Such as Bitwarden's Secrets Manager) so you can re-use it later on.