github
/
metasploitable3
mirror of https://github.com/rapid7/metasploitable3
1
Fork 0
Code Releases Activity

Land #301, add qemu/kvm support with libvirt

This commit is contained in:
Brent Cook 2018-07-25 20:40:30 -05:00
parent 80ae3e437c 1f722aa0c3
commit 0099a009ee
No known key found for this signature in database
GPG Key ID: 1FFAA0B24B708F96
7 changed files with 199 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.gitignore vendored
View File

@ -1,10 +1,12 @@
.vagrant/
packer_cache/
packer/builds/
resources/drivers/
*.vfd
*.exe
*.msi
*.msu
*.DS_Store
resources/manageengine/setup.log
windows_2008_r2_virtualbox.box
windows_2008_r2_vmware.box
*.box
*.iso
*.vfd

4
README.md
View File

@ -16,12 +16,12 @@ Requirements:
* [Packer](https://www.packer.io/intro/getting-started/install.html)
* [Vagrant](https://www.vagrantup.com/docs/installation/)
* [Vagrant Reload Plugin](https://github.com/aidanns/vagrant-reload#installation)
* [VirtualBox](https://www.virtualbox.org/wiki/Downloads)
* [VirtualBox](https://www.virtualbox.org/wiki/Downloads) or libvirt/qemu-kvm
* Internet connection
### To build automatically:
1. - On **Linux/OSX** run `./build.sh windows2008` to build the Windows box or `./build.sh ubuntu1404` to build the Linux box.
1. - On **Linux/OSX** run `./build.sh windows2008` to build the Windows box or `./build.sh ubuntu1404` to build the Linux box. If /tmp is small, use `TMPDIR=/var/tmp ./build.sh ...` to store temporary packer disk images under /var/tmp.
- On **Windows**, open powershell terminal and run `.\build.ps1 windows2008` to build the Windows box or `.\build.ps1 ubuntu1404` to build the Linux box. If no option is passed to the script i.e. `.\build.ps1`, then both the boxes are built.
2. If both the boxes were successfully built, run `vagrant up` to start both. To start any one VM, you can use:
- `vagrant up ub1404` : to start the Linux box

85
build.sh
View File

@ -4,6 +4,7 @@ min_vbox_ver="5.1.10"
min_vagrant_ver="1.9.0"
min_packer_ver="0.10.0"
min_vagrantreload_ver="0.0.1"
min_vagrantlibvirt_ver="0.0.1"
packer_bin="packer"
packer_build_path="packer/builds"
@ -70,16 +71,18 @@ if [ -x "$(which VBoxManage)" ] ; then
current_vbox_ver=$(VBoxManage -v | sed -e 's/r.*//g' -e 's/_.*//g')
if compare_versions $current_vbox_ver $min_vbox_ver false; then
echo "Compatible version of VirtualBox found."
echo "Virtualbox images will be built."
build_vbox=true
else
echo "A compatible version of VirtualBox was not found."
echo "Current Version=[$current_vbox_ver], Minimum Version=[$min_vbox_ver]"
echo "Please download and install it from https://www.virtualbox.org/"
exit 1
echo "Virtualbox images will not be built."
fi
else
echo "VirtualBox is not installed (or not added to the path)."
echo "Please download and install it from https://www.virtualbox.org/"
exit 1
echo "Virtualbox images will not be built."
fi
if compare_versions $($packer_bin -v) $min_packer_ver false; then
@ -101,6 +104,22 @@ else
exit 1
fi
if compare_versions $(vagrant plugin list | grep 'vagrant-libvirt' | cut -d' ' -f2 | tr -d '(' | tr -d ')' | tr -d ',') $min_vagrantlibvirt_ver false; then
echo 'Compatible version of vagrant-libvirt plugin was found.'
echo 'KVM image will be built.'
build_qemu=true
echo 'Fetching virtio drivers required for build'
./packer/scripts/virtio-win-drivers.sh
else
echo "A compatible version of vagrant-libvirt plugin was not found."
echo "Attempting to install..."
if vagrant plugin install vagrant-libvirt; then
echo "Successfully installed the vagrant-libvirt plugin."
else
echo "There was an error installing the vagrant-libvirt plugin. Please see the above output for more information."
fi
fi
if compare_versions $(vagrant plugin list | grep 'vagrant-reload' | cut -d' ' -f2 | tr -d '(' | tr -d ')') $min_vagrantreload_ver false; then
echo 'Compatible version of vagrant-reload plugin was found.'
else
@ -114,34 +133,52 @@ else
fi
fi
echo "All requirements found. Proceeding..."
search_string="$os_full"_virtualbox_"$box_version"
if ls $packer_build_path | grep -q "$search_string"; then
echo "It looks like the vagrant box already exists. Skipping the Packer build."
else
echo "Building the Vagrant box..."
if $packer_bin build --only=virtualbox-iso packer/templates/$os_full.json; then
echo "Box successfully built by Packer."
else
echo "Error building the Vagrant box using Packer. Please check the output above for any error messages."
exit 1
fi
if [ "$build_vbox" != true ] && [ "$build_qemu" != true ]; then
echo "Neither VirtualBox or libvirt packer support is present. Aborting."
exit 1
fi
echo "Requirements found. Proceeding..."
for provider in virtualbox-iso qemu; do
search_string="$os_full"_"$provider"_"$box_version"
mkdir -p "$packer_build_path"
if ls $packer_build_path | grep -q "$search_string"; then
echo "It looks like the $provider vagrant box already exists. Skipping the build."
elif [ "$build_qemu" = true ] || [ "$build_virtualbox" = true ]; then
echo "Building the Vagrant boxes..."
if $packer_bin build packer/templates/$os_full.json; then
echo "Boxes successfully built by Packer."
else
echo "Error building the Vagrant boxes using Packer. Please check the output above for any error messages."
exit 1
fi
else
echo "No available providers found to build box"
exit 1
fi
done
echo "Attempting to add the box to Vagrant..."
if vagrant box list | grep -q metasploitable3-"$os_short"; then
echo "metasploitable3-$os_short already found in Vagrant box repository. Skipping the addition to Vagrant."
echo "NOTE: If you are having issues, try starting over by doing 'vagrant destroy' and then 'vagrant up'."
else
if vagrant box add $packer_build_path/"$os_full"_virtualbox_"$box_version".box --name metasploitable3-$os_short; then
echo "Box successfully added to Vagrant."
for provider in virtualbox-iso qemu; do
if vagrant box list | grep -q metasploitable3-"$os_short"-"$provider"; then
echo "metasploitable3-$os_short-$provider already found in Vagrant box repository. Skipping the addition to Vagrant."
echo "NOTE: If you are having issues, try starting over by doing 'vagrant destroy' and then 'vagrant up'."
else
echo "Error adding box to Vagrant. See the above output for any error messages."
exit 1
if [ -z $box_import ]; then
if vagrant box add $packer_build_path/"$os_full"_"$provider"_"$box_version".box --name metasploitable3-$os_short; then
echo "Box successfully added to Vagrant."
else
echo "Error adding box to Vagrant. See the above output for any error messages."
fi
else
echo "No builders produced a working box."
echo "Check you have build dependencies installed."
echo "Useful diagnostic information could be above. Aborting!"
fi
fi
fi
done
echo "---------------------------------------------------------------------"
echo "SUCCESS: Run 'vagrant up' to provision and start metasploitable3."

7
packer/answer_files/2008_r2/Autounattend.xml
View File

@ -2,6 +2,13 @@
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<servicing/>
<settings pass="windowsPE">
<component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DriverPaths>
<PathAndCredentials wcm:keyValue="1" wcm:action="add">
<Path>A:\</Path>
</PathAndCredentials>
</DriverPaths>
</component>
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DiskConfiguration>
<Disk wcm:action="add">

44
packer/scripts/virtio-win-drivers.sh Executable file
View File

@ -0,0 +1,44 @@
#!/usr/bin/env bash
# URI for downloading the latest WHQL'd Virtio drivers
virtio_uri="https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win_amd64.vfd"
# le flag
have_tools=true
# Tools messages
need_wget () {
echo "Could not find wget, which is needed to download the virtio disk."
echo "To install -"
echo ""
echo "Fedora: sudo dnf install wget"
echo "Debian/Ubuntu: sudo apt install wget"
}
need_7z () {
echo "Could not find 7z, which is required for extracting the virtio driver disk."
echo "To install -"
echo ""
echo "Fedora: sudo dnf install p7zip p7zip-plugins"
echo "Debian/Ubuntu: sudo apt install p7zip-full"
}
# Check for needed tools
if [ ! -x /usr/bin/wget ]; then
need_wget
have_tools=false
fi
if [ ! -x /usr/bin/7z ]; then
need_7z
have_tools=false
fi
if [ "$have_tools" = true ]; then
if [ -f ".virtio-stable.vfd" ]; then
echo ".virtio-stable.vfd already exists, skipping download."
else
echo "Downloading and extracting virtio stable drivers."
wget -c "${virtio_uri}" -O .virtio-stable.vfd && 7z x -oresources/drivers/virtio .virtio-stable.vfd txtsetup.oem disk1 amd64/Win2008
fi
fi

36
packer/templates/ubuntu_1404.json
View File

@ -82,6 +82,42 @@
"2"
]
]
},
{
"type": "qemu",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"http_directory" : "{{template_dir}}/../http",
"http_port_min" : 9001,
"http_port_max" : 9001,
"boot_command": [
"<esc><wait>",
"<esc><wait>",
"<enter><wait>",
"/install/vmlinuz",
" auto=true",
" priority=critical",
" initrd=/install/initrd.gz",
" preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
" -- ",
"<enter>"
],
"boot_wait": "20s",
"communicator": "ssh",
"accelerator": "kvm",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "echo 'packer' | sudo -S shutdown -P now",
"disk_size": 40000,
"vm_name": "metasploitable3-ub1404",
"qemuargs": [
["-m", "4096"],
["-smp", "2"],
["-display", "gtk"]
]
}
],
"provisioners": [

44
packer/templates/windows_2008_r2.json
View File

@ -94,6 +94,50 @@
"2"
]
]
},
{
"type": "qemu",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"boot_wait": "10m",
"communicator": "ssh",
"accelerator": "kvm",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"disk_size": 61440,
"format": "qcow2",
"vm_name": "metasploitable3-win2k8",
"floppy_files": [
"{{user `autounattend`}}",
"{{user `scripts_dir`}}/configs/microsoft-updates.bat",
"{{user `scripts_dir`}}/configs/win-updates.ps1",
"{{user `scripts_dir`}}/installs/openssh.ps1",
"{{user `scripts_dir`}}/installs/install_dotnet45.ps1",
"{{user `scripts_dir`}}/installs/install_wmf.ps1",
"{{user `resources_dir`}}/certs/oracle-cert.cer",
"{{user `resources_dir`}}/certs/gdig2.crt",
"{{user `resources_dir`}}/certs/comodorsadomainvalidationsecureserverca.crt",
"{{user `resources_dir`}}/certs/comodorsacertificationauthority.crt",
"{{user `resources_dir`}}/certs/addtrust_external_ca.cer",
"{{user `resources_dir`}}/certs/baltimore_ca.cer",
"{{user `resources_dir`}}/certs/digicert.cer",
"{{user `resources_dir`}}/certs/equifax.cer",
"{{user `resources_dir`}}/certs/globalsign.cer",
"{{user `resources_dir`}}/certs/gte_cybertrust.cer",
"{{user `resources_dir`}}/certs/microsoft_root_2011.cer",
"{{user `resources_dir`}}/certs/thawte_primary_root.cer",
"{{user `resources_dir`}}/certs/utn-userfirst.cer",
"./resources/drivers/virtio/*"
],
"qemuargs": [
["-m", "4096"],
["-smp", "2"],
["-display", "gtk"]
]
}
],
"provisioners": [