Merge branch 'master' of github.com:rapid7/metasploitable3-ctf
This commit is contained in:
commit
54f4b66869
|
@ -3,7 +3,7 @@ packer_cache/
|
|||
*.exe
|
||||
*.msi
|
||||
*.msu
|
||||
|
||||
*.DS_Store
|
||||
resources/manageengine/setup.log
|
||||
windows_2008_r2_virtualbox.box
|
||||
windows_2008_r2_vmware.box
|
||||
|
|
|
@ -13,7 +13,7 @@ System Requirements:
|
|||
|
||||
Requirements:
|
||||
|
||||
* [Packer](https://www.packer.io/intro/getting-started/setup.html)
|
||||
* [Packer](https://www.packer.io/intro/getting-started/install.html)
|
||||
* [Vagrant](https://www.vagrantup.com/docs/installation/) NOTE: Currently 1.9.1 is recommended as there are build issues with newer versions.
|
||||
* [Vagrant Reload Plugin](https://github.com/aidanns/vagrant-reload#installation)
|
||||
* [VirtualBox](https://www.virtualbox.org/wiki/Downloads)
|
||||
|
@ -28,8 +28,8 @@ To build automatically:
|
|||
To build manually:
|
||||
|
||||
1. Clone this repo and navigate to the main directory.
|
||||
2. Build the base VM image by running `packer build windows_2008_r2.json`. This will take a while the first time you run it since it has to download the OS installation ISO.
|
||||
3. After the base Vagrant box is created you need to add it to your Vagrant environment. This can be done with the command `vagrant box add windows_2008_r2_virtualbox.box --name=metasploitable3`.
|
||||
2. Build the base VM image by running `packer build --only=<provider> windows_2008_r2.json` where `<provider>` is your preferred virtualization platform. Currently `virtualbox-iso` and `vmware-iso` are supported. This will take a while the first time you run it since it has to download the OS installation ISO.
|
||||
3. After the base Vagrant box is created you need to add it to your Vagrant environment. This can be done with the command `vagrant box add windows_2008_r2_<provider>.box --name=metasploitable3`.
|
||||
4. Use `vagrant plugin install vagrant-reload` to install the reload vagrant provisioner if you haven't already.
|
||||
5. To start the VM, run the command `vagrant up`. This will start up the VM and run all of the installation and configuration scripts necessary to set everything up. This takes about 10 minutes.
|
||||
6. Once this process completes, you can open up the VM within VirtualBox and login. The default credentials are U: vagrant and P: vagrant.
|
||||
|
|
|
@ -6,126 +6,17 @@ Vagrant.configure("2") do |config|
|
|||
config.vm.box = "metasploitable3"
|
||||
config.vm.hostname = "metasploitable3"
|
||||
config.vm.communicator = "winrm"
|
||||
config.winrm.retry_limit = 60
|
||||
config.winrm.retry_delay = 10
|
||||
|
||||
config.vm.network "private_network", type: "dhcp"
|
||||
|
||||
# Install Chocolatey
|
||||
config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd"
|
||||
config.vm.provision :reload # Hack to reset environment variables
|
||||
|
||||
# Install BoxStarter
|
||||
config.vm.provision :shell, path: "scripts/installs/install_boxstarter.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Install 7zip
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/7zip.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Adjust password policy
|
||||
config.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Add users and add to groups
|
||||
config.vm.provision :shell, path: "scripts/configs/create_users.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Unpatched IIS and FTP
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_iis.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_ftp_site.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Setup for Apache Struts
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :reload # Hack to reset environment variables
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Setup for Glassfish
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/start_glassfish_service.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Jenkins (1.8)
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Wordpress and phpMyAdmin
|
||||
# This must run after the WAMP setup.
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/vcredist2008.bat" # Visual Studio 2008 redistributable is a requirement for WAMP
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/install_wamp.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/start_wamp.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/install_wordpress.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - JMX
|
||||
config.vm.provision :shell, path: "scripts/installs/install_openjdk6.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_jmx.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Rails Server
|
||||
config.vm.provision :shell, path: "scripts/installs/install_ruby.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/install_devkit.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/install_rails_server.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/install_rails_service.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - WebDAV
|
||||
# This must run after the WAMP setup.
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_webdav.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - MySQL
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_mysql.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - ManageEngine Desktop Central
|
||||
config.vm.provision :shell, path: "scripts/installs/install_manageengine.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Axis2
|
||||
# This must run after the Apache Struts setup.
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_axis2.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Common backdoors
|
||||
config.vm.provision :shell, path: "scripts/installs/install_backdoors.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - SNMP
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_snmp.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Configure Firewall to open up vulnerable services
|
||||
case ENV['MS3_DIFFICULTY']
|
||||
when 'easy'
|
||||
config.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
|
||||
else
|
||||
config.vm.provision :shell, path: "scripts/configs/enable_firewall.bat"
|
||||
config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
|
||||
end
|
||||
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - ElasticSearch
|
||||
# This must run after the firewall rules, because it needs to make some HTTP requests in order to
|
||||
# set up the vulnerable state.
|
||||
config.vm.provision :shell, path: "scripts/installs/install_elasticsearch.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Configure flags
|
||||
config.vm.provision :shell, path: "scripts/installs/install_flags.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a
|
||||
end
|
||||
|
|
|
@ -36,6 +36,7 @@
|
|||
<!-- Do not uncomment the Key element if you are using trial ISOs -->
|
||||
<!-- You must uncomment the Key element (and optionally insert your own key) if you are using retail or volume license ISOs -->
|
||||
<!--<Key>YC6KT-GKW9T-YTKYR-T4X34-R7VHC</Key>-->
|
||||
|
||||
<WillShowUI>Never</WillShowUI>
|
||||
</ProductKey>
|
||||
</UserData>
|
||||
|
@ -249,13 +250,28 @@
|
|||
<Order>25</Order>
|
||||
<Description>Disable password expiration for vagrant user</Description>
|
||||
</SynchronousCommand>
|
||||
<!-- WITHOUT WINDOWS UPDATES -->
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\openssh.ps1 -AutoStart</CommandLine>
|
||||
<Description>Install OpenSSH</Description>
|
||||
<Order>99</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<CommandLine>cmd.exe /c mkdir -p C:\vagrant\scripts</CommandLine>
|
||||
<Description>Create directory for vagrant files to avoid provisioner bug with packer.</Description>
|
||||
<Order>26</Order>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install_dotnet45.ps1 -AutoStart</CommandLine>
|
||||
<Order>97</Order>
|
||||
<Description>Install .NET 4.5.1</Description>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install_wmf.ps1 -AutoStart</CommandLine>
|
||||
<Order>98</Order>
|
||||
<Description>Installing Windows Management Framework 5.0</Description>
|
||||
</SynchronousCommand>
|
||||
<!--WITHOUT WINDOWS UPDATES -->
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\openssh.ps1 -AutoStart</CommandLine>
|
||||
<Description>Install OpenSSH</Description>
|
||||
<Order>99</Order>
|
||||
<RequiresUserInput>true</RequiresUserInput>
|
||||
</SynchronousCommand>
|
||||
<!-- END WITHOUT WINDOWS UPDATES -->
|
||||
<!-- WITH WINDOWS UPDATES -->
|
||||
<!--<SynchronousCommand wcm:action="add">-->
|
||||
|
|
|
@ -99,7 +99,7 @@ If ($(Test-Path "windows_2008_r2_virtualbox.box") -eq $True) {
|
|||
Write-Host "It looks like the Vagrant box already exists. Skipping the Packer build."
|
||||
} else {
|
||||
Write-Host "Building the Vagrant box..."
|
||||
cmd.exe /c packer build windows_2008_r2.json
|
||||
cmd.exe /c packer build --only=virtualbox-iso windows_2008_r2.json
|
||||
|
||||
if($?) {
|
||||
Write-Host "Box successfully built by Packer."
|
||||
|
|
|
@ -101,7 +101,7 @@ if ls | grep -q 'windows_2008_r2_virtualbox.box'; then
|
|||
echo "It looks like the vagrant box already exists. Skipping the Packer build."
|
||||
else
|
||||
echo "Building the Vagrant box..."
|
||||
if $packer_bin build windows_2008_r2.json; then
|
||||
if $packer_bin build --only=virtualbox-iso windows_2008_r2.json; then
|
||||
echo "Box successfully built by Packer."
|
||||
else
|
||||
echo "Error building the Vagrant box using Packer. Please check the output above for any error messages."
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
control "7zip" do
|
||||
title "Check 7zip"
|
||||
desc "Check if choco installed 7zip. Installation script available at /scripts/chocolatey_installs/7zip.bat"
|
||||
|
||||
describe file('C:\\ProgramData\\chocolatey\\bin\\7z.exe') do
|
||||
it { should exist }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,21 @@
|
|||
control "apache-struts" do
|
||||
title "Check if apache struts is running"
|
||||
desc "Check if the service is running. Installation script available at /scripts/installs/setup_apache_struts.bat"
|
||||
|
||||
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\conf\\tomcat-users.xml') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\conf\\server.xml') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\webapps\\struts2-rest-showcase.war') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('8282') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "axis2" do
|
||||
title "Axis 2"
|
||||
desc "Check if Axis 2 webapp is installed. Installation script available at /scripts/installs/setup_axis2.bat"
|
||||
|
||||
describe file('C:\\axis2') do
|
||||
it { should_not exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\webapps\\axis2') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('8282') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "backdoors" do
|
||||
title "Backdoors"
|
||||
desc "Check if the backdoors are correctly placed. Installation script present at: /scripts/installs/install_backdoors.bat"
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\caidao.asp') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\wamp\\www\\mma.php') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\wamp\\www\\meterpreter.php') do
|
||||
it { should exist }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,12 @@
|
|||
control "boxstarter" do
|
||||
title "Check BoxStarter"
|
||||
desc "Check if BoxStarter is installed successfully"
|
||||
|
||||
describe file('C:\\Users\\vagrant\\AppData\\Roaming\\Boxstarter') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\vagrant\\AppData\\Roaming\\Boxstarter\\BoxstarterShell.ps1') do
|
||||
it { should exist }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,8 @@
|
|||
control "choco" do
|
||||
title "Check chocolatey"
|
||||
desc "Checks if chocolatey has been installed successfully"
|
||||
|
||||
describe command('choco --version') do
|
||||
its(:exit_status) { should eq 0 }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,117 @@
|
|||
control "check-accounts" do
|
||||
title "Check user accounts"
|
||||
desc "This test is to make sure that all the user accounts are created and are assigned to correct localgroups"
|
||||
|
||||
describe user('anakin_skywalker') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Network Configuration Operators", "Users"] }
|
||||
end
|
||||
|
||||
describe user('artoo_detoo') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Distributed COM Users", "Users"] }
|
||||
end
|
||||
|
||||
describe user('ben_kenobi') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Guests", "Users"] }
|
||||
end
|
||||
|
||||
describe user('boba_fett') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Power Users", "Users"] }
|
||||
end
|
||||
|
||||
describe user('c_three_pio') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Event Log Readers", "Users"] }
|
||||
end
|
||||
|
||||
describe user('chewbacca') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Replicator", "Users"] }
|
||||
end
|
||||
|
||||
describe user('darth_vader') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["IIS_IUSRS", "Users"] }
|
||||
end
|
||||
|
||||
describe user('greedo') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Remote Desktop Users", "Users"] }
|
||||
end
|
||||
|
||||
describe user('han_solo') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Cryptographic Operators", "Users"] }
|
||||
end
|
||||
|
||||
describe user('jabba_hutt') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Print Operators", "Users"] }
|
||||
end
|
||||
|
||||
describe user('jarjar_binks') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Performance Log Users", "Users"] }
|
||||
end
|
||||
|
||||
describe user('kylo_ren') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Users"] }
|
||||
end
|
||||
|
||||
describe user('lando_calrissian') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Performance Monitor Users", "Users"] }
|
||||
end
|
||||
|
||||
describe user('leia_organa') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Backup Operators", "Users"] }
|
||||
end
|
||||
|
||||
describe user('luke_skywalker') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Certificate Service DCOM Access", "Users"] }
|
||||
end
|
||||
|
||||
describe user('sshd') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Users"] }
|
||||
end
|
||||
|
||||
describe user('sshd_server') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Administrators", "Users"] }
|
||||
end
|
||||
|
||||
describe user('vagrant') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Administrators", "Users"] }
|
||||
end
|
||||
end
|
||||
|
||||
control "reg-user-add" do
|
||||
title "Check user registry entries"
|
||||
desc "Check if the registry was updated with the new users and their groups. Configuration script available at /scripts/configs/create_users.bat"
|
||||
|
||||
describe registry_key('HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList') do
|
||||
its('anakin_skywalker') { should eq 0 }
|
||||
its('artoo_detoo') { should eq 0 }
|
||||
its('ben_kenobi') { should eq 0 }
|
||||
its('boba_fett') { should eq 0 }
|
||||
its('c_three_pio') { should eq 0 }
|
||||
its('chewbacca') { should eq 0 }
|
||||
its('darth_vader') { should eq 0 }
|
||||
its('greedo') { should eq 0 }
|
||||
its('han_solo') { should eq 0 }
|
||||
its('jabba_hutt') { should eq 0 }
|
||||
its('jarjar_binks') { should eq 0 }
|
||||
its('kylo_ren') { should eq 0 }
|
||||
its('lando_calrissian') { should eq 0 }
|
||||
its('leia_organa') { should eq 0 }
|
||||
its('luke_skywalker') { should eq 0 }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "devkit" do
|
||||
title "Rails Server - DevKit"
|
||||
desc "Check if the rails server has installed along with devkit. Check the installation script at /scripts/installs/install_devkit.bat"
|
||||
|
||||
describe file('C:\\Program Files\\Rails_Server') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Rails_Server\\devkit') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('3000') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,8 @@
|
|||
control "disable-auto-logon" do
|
||||
title "Disable Auto Logon"
|
||||
desc "Check if the registry is updated to disable auto logon. Configuration script available at /scripts/configs/disable-auto-logon.bat"
|
||||
|
||||
describe command('reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon') do
|
||||
its('stdout') { should match ("AutoAdminLogon REG_SZ 0") }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,9 @@
|
|||
control "disable-firewall" do
|
||||
title "Diable firewall"
|
||||
desc "Disable firewall. Configuration script available at /scripts/configs/disable_firewall.bat"
|
||||
|
||||
# There are three profiles. None of them should be in 'on' state
|
||||
describe command('netsh advfirewall show allprofiles state') do
|
||||
its('stdout') { should_not match ("ON") }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,19 @@
|
|||
control "elasticsearch" do
|
||||
title "ElasticSearch"
|
||||
desc "Check if ElasticSearch was installed correctly. Installation script available at /scripts/installs/install_elasticsearch.bat"
|
||||
|
||||
describe file('C:\\Program Files\\elasticsearch-1.1.1') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('elasticsearch-service-x64') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
|
||||
describe port('9200') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "enable-rdp" do
|
||||
title "Enable RDP"
|
||||
desc "Enables RDP by modifying Registry and adding a Firewall rule. Configuration script available at /scripts/configs/enable-rdp.bat"
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 3389"') do
|
||||
its('stdout') { should match ("Enabled: Yes") }
|
||||
end
|
||||
|
||||
describe registry_key('HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server') do
|
||||
its('fDenyTSConnections') { should eq 0 }
|
||||
end
|
||||
|
||||
describe port('3389') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,77 @@
|
|||
control "firewall" do
|
||||
title "Configure Firewall"
|
||||
desc "Check if the firewall rules are applied. Configuration script available at /scripts/configs/configure_firewall.bat"
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8484 for Jenkins"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8282 for Apache Struts"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 80 for IIS"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 4848 for GlassFish"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8080 for GlassFish"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8585 for Wordpress and phpMyAdmin"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Java 1.6 java.exe"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 3000 for Rails Server"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8020 for ManageEngine Desktop Central"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8383 for ManageEngine Desktop Central"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8022 for ManageEngine Desktop Central"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 9200 for ElasticSearch"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 161 for SNMP"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Closed port 445 for SMB"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Closed port 139 for NetBIOS"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Closed port 135 for NetBIOS"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Closed Port 3389 for Remote Desktop"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Closed Port 3306 for MySQL"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,61 @@
|
|||
control "flags-check" do
|
||||
title "Check flag locations"
|
||||
desc "Check if the flags are correctly placed"
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\six_of_diamonds.zip') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\WINDOWS\\System32\\jack_of_clubs.png') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Windows\\three_of_spades.png') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Windows\\System32\\kingofclubs.exe') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\Public\\Music\\four_of_clubs.wav') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\index.html') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\hahaha.jpg') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\iisstart.htm') do
|
||||
it { should_not exist }
|
||||
end
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\seven_of_hearts.html') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\Public\\Documents\\jack_of_hearts.docx') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\Public\\Documents\\seven_of_spades.pdf') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\Public\\Pictures\\ace_of_hearts.jpg') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\Public\\Pictures\\ten_of_diamonds.png') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\jack_of_diamonds.png') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,13 @@
|
|||
control "setup-ftp-site" do
|
||||
title "Setup FTP Site"
|
||||
desc "Check if the FTP site is correctly configured"
|
||||
|
||||
describe file('C:\\Windows\\System32\\inetsrv\\config\\applicationHost.config') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('21') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,39 @@
|
|||
control "glassfish" do
|
||||
title "Check GlassFish"
|
||||
desc "Check if the GlassFish service is correctly installed. Installation script available at /scripts/installs/setup_g"
|
||||
|
||||
describe file("C:\\glassfish") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file("C:\\glassfish\\glassfish4\\glassfish\\domains\\domain1\\config\\admin-keyfile") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file("C:\\glassfish\\glassfish4\\glassfish\\domains\\domain1\\config\\domain.xml") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('domain1') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
# describe command('icacls "C:\glassfish"') do
|
||||
# its('stdout') { should match "NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(F)" }
|
||||
# end
|
||||
|
||||
describe port('4848') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
describe port('8080') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
describe port('8181') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,8 @@
|
|||
control "iis" do
|
||||
title "IIS HTTP"
|
||||
desc "Checks if the IIS server has started and listening on port 80. Setup script available at /scripts/installs/setup_iis.bat"
|
||||
|
||||
describe port('3389') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "java" do
|
||||
title "Check Java installation"
|
||||
desc "Check if java is installed. Checkout the installation script at /scripts/chocolatey_installs/java.bat"
|
||||
|
||||
describe file('C:\\Program Files\\Java\\jre1.8.0_131\\bin\\java.exe') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Java\\jdk1.8.0_131\\bin\\java.exe') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe command('java -showversion') do
|
||||
its(:exit_status) { should eq 1 }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,26 @@
|
|||
control "jenkins" do
|
||||
title "Check jenkins"
|
||||
desc "Check if jenkins is installed correctly. The setup script is available at /scripts/installs/setup_jenkins.bat"
|
||||
|
||||
describe file("C:\\Program Files\\jenkins") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file("C:\\Program Files\\jenkins\\jenkins.war") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file("C:\\Program Files\\jenkins\\jenkins.exe") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('jenkins') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('8484') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,38 @@
|
|||
control "jmx" do
|
||||
title "Check JMX installation"
|
||||
desc "Check if the JMX service is correctly installed. Setup script available at /scripts/installs/setup_jmx.bat"
|
||||
|
||||
describe file('C:\\Program Files\\jmx') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\jmx\\Hello.class') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\jmx\\HelloMBean.class') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\jmx\\SimpleAgent.class') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\jmx\\jmx.exe') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\jmx\\start_jmx.bat') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('jmx') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('1617') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,26 @@
|
|||
control "manageengine" do
|
||||
title "ManageEngine"
|
||||
desc "Check if ManageEngine is running. Installation script is available at /scripts/installs/install_manageengine.bat"
|
||||
|
||||
describe service('MEDCServerComponent-Apache') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe service('MEDC Server Component - Notification Server') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe service('DesktopCentralServer') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('8020') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,14 @@
|
|||
control "mysql" do
|
||||
title "MySQL"
|
||||
desc "Check if MySQL is running properly. Installation script available at /scripts/installs/setup_mysql.bat"
|
||||
|
||||
describe service('wampmysqld') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('3306') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,12 @@
|
|||
control "openjdk6" do
|
||||
title "Check OpenJDK 6"
|
||||
desc "Checks for the installation of OpenJDK 6. Setup file available at /scripts/installs/setup_openjdk6.bat"
|
||||
|
||||
describe file('C:\\openjdk6\\openjdk-1.6.0-unofficial-b27-windows-amd64') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe command('C:\openjdk6\openjdk-1.6.0-unofficial-b27-windows-amd64\jre\bin\java.exe -version') do
|
||||
its('stdout') { should match "openjdk version \"1.6.0-unofficial\"" }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,8 @@
|
|||
control "password-settings" do
|
||||
title "Password settings"
|
||||
desc "Check if the password settings are correctly configured. Configuration script available at /scripts/configs/apply_password_settings.bat"
|
||||
|
||||
describe command('secedit /analyze /db %windir%\securitynew.sdb /cfg C:\vagrant\resources\security_settings\secconfig.cfg /areas SECURITYPOLICY') do
|
||||
its(:exit_status) { should eq 1 }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,13 @@
|
|||
control "psexec" do
|
||||
title "PxExec"
|
||||
desc "Checks if the ports 139 - NetBIOS and 445 - SMB are listening"
|
||||
|
||||
describe port('139') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
describe port('445') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
||||
|
|
@ -0,0 +1,21 @@
|
|||
control "rails_service" do
|
||||
title "Rails Service"
|
||||
desc "Check if Rails service is correctly installed. Setup script available at /scripts/installs/install_rails_service.bat"
|
||||
|
||||
describe file('C:\\Program Files\\Rails_Server\\Gemfile') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Rails_Server\\start_rails_server.bat') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('3000') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
describe windows_task('rails') do
|
||||
it { should exist }
|
||||
it { should be_enabled }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,12 @@
|
|||
control "ruby" do
|
||||
title "Ruby"
|
||||
desc "Check if ruby is installed. Installation script found at /scripts/installs/install_ruby.bat"
|
||||
|
||||
describe file('C:\\tools\\ruby23') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe command('ruby -v') do
|
||||
its(:exit_status) { should eq 0 }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "snmp" do
|
||||
title "Setup SNMP"
|
||||
desc "Check if SNMP has been set up correctly. Setup script available at /scripts/installs/setup_snmp.bat"
|
||||
|
||||
describe registry_key('HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters') do
|
||||
its('EnableAuthenticationTraps') { should eq 0 }
|
||||
end
|
||||
|
||||
describe registry_key('HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters\ValidCommunities') do
|
||||
its('public') { should eq 4 }
|
||||
end
|
||||
|
||||
describe port('161') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,19 @@
|
|||
control "tomcat" do
|
||||
title "Check tomcat installation"
|
||||
desc "Check if tomcat is installed. Installation script available at /scripts/chocolatey_installs/tomcat.bat"
|
||||
|
||||
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('Tomcat8') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('8282') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,35 @@
|
|||
control "wamp" do
|
||||
title "Check WAMP installation"
|
||||
desc "Check WAMP installation. The setup script available at /scripts/installs/install_wamp.bat"
|
||||
|
||||
describe file('C:\\wamp\\bin\\apache\\Apache2.2.21\\conf\\httpd.conf') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\wamp\\alias\\phpmyadmin.conf') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('wampapache') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe service('wampmysqld') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
#TODO: Add icacls verification
|
||||
|
||||
describe port('8585') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
describe port('3306') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
||||
|
|
@ -0,0 +1,22 @@
|
|||
control "webdav" do
|
||||
title "WebDAV"
|
||||
desc "Check if WebDAV is correctly installed. Installation script available at /scripts/installs/setup_webdav.bat"
|
||||
|
||||
describe file('C:\\wamp\\www\\uploads') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\wamp\\alias\\httpd-dav.conf') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('wampapache') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('8585') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,9 @@
|
|||
control "winrm" do
|
||||
title "WinRM"
|
||||
desc "Checks if the port 5985 is listening"
|
||||
|
||||
describe port('5985') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,21 @@
|
|||
control "wordpress" do
|
||||
title "Check WordPress Installation"
|
||||
desc "Checks the wordpress installation. Setup script available in /scripts/installs/install_wordpress.bat"
|
||||
|
||||
describe file('C:\\Program Files\\wordpress') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\wordpress\\update_ip.ps1') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\wamp\\www\\wordpress') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('8585') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1 @@
|
|||
netsh advfirewall set allprofiles state on
|
|
@ -0,0 +1 @@
|
|||
rmdir /S /Q C:\vagrant
|
|
@ -0,0 +1,23 @@
|
|||
$Logfile = "C:\Windows\Temp\dotnet-install.log"
|
||||
function LogWrite {
|
||||
Param ([string]$logstring)
|
||||
$now = Get-Date -format s
|
||||
Add-Content $Logfile -value "$now $logstring"
|
||||
Write-Host $logstring
|
||||
}
|
||||
|
||||
LogWrite "Downloading dotNet 4.5.1"
|
||||
try {
|
||||
(New-Object System.Net.WebClient).DownloadFile('http://download.microsoft.com/download/1/6/7/167F0D79-9317-48AE-AEDB-17120579F8E2/NDP451-KB2858728-x86-x64-AllOS-ENU.exe', 'C:\Windows\Temp\dotnet.exe')
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Failed to download file."
|
||||
}
|
||||
|
||||
LogWrite "Starting installation process..."
|
||||
try {
|
||||
Start-Process -FilePath "C:\Windows\Temp\dotnet.exe" -ArgumentList "/I /q /norestart" -Wait -PassThru
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Exception during install process."
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
# setup dotnetfx4
|
||||
$netfx_url = "https://download.microsoft.com/download/9/5/A/95A9616B-7A37-4AF6-BC36-D6EA96C8DAAE/dotNetFx40_Full_x86_x64.exe"
|
||||
|
||||
Write-Output "Downloading $netfx_url"
|
||||
(New-Object System.Net.WebClient).DownloadFile($netfx_url, "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe")
|
||||
Write-Output "Starting Install of dotNetFx40_Full_x86_x64.exe"
|
||||
Start-Process "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe" "/q /norestart" -Wait
|
|
@ -0,0 +1,23 @@
|
|||
$Logfile = "C:\Windows\Temp\wmf-install.log"
|
||||
function LogWrite {
|
||||
Param ([string]$logstring)
|
||||
$now = Get-Date -format s
|
||||
Add-Content $Logfile -value "$now $logstring"
|
||||
Write-Host $logstring
|
||||
}
|
||||
|
||||
LogWrite "Downloading Windows Management Framework 5.0"
|
||||
try {
|
||||
(New-Object System.Net.WebClient).DownloadFile('https://download.microsoft.com/download/2/C/6/2C6E1B4A-EBE5-48A6-B225-2D2058A9CEFB/Win7AndW2K8R2-KB3134760-x64.msu', 'C:\Windows\Temp\wmf.msu')
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Failed to download file."
|
||||
}
|
||||
|
||||
LogWrite "Starting installation process..."
|
||||
try {
|
||||
Start-Process -FilePath "wusa.exe" -ArgumentList "C:\Windows\Temp\wmf.msu /quiet /norestart" -Wait -PassThru
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Exception during install process."
|
||||
}
|
|
@ -1,8 +1,8 @@
|
|||
rm "%CATALINA_HOME%\conf\tomcat-users.xml"
|
||||
del "%CATALINA_HOME%\conf\tomcat-users.xml"
|
||||
copy C:\vagrant\resources\apache_struts\tomcat-users.xml "%CATALINA_HOME%\conf\tomcat-users.xml"
|
||||
copy C:\vagrant\resources\apache_struts\server.xml "%CATALINA_HOME%\conf"
|
||||
|
||||
sc config Tomcat8 start= auto
|
||||
net start "Apache Tomcat 8.0 Tomcat8"
|
||||
|
||||
copy C:\vagrant\resources\apache_struts\struts2-rest-showcase.war "%CATALINA_HOME%\webapps"
|
||||
copy C:\vagrant\resources\apache_struts\struts2-rest-showcase.war "%CATALINA_HOME%\webapps"
|
||||
|
|
|
@ -1 +1 @@
|
|||
copy /Y C:\vagrant\resources\iis\applicationHost.config "%SystemRoot%\System32\inetsrv\config\applicationHost.config"
|
||||
xcopy /I /Y C:\vagrant\resources\iis\applicationHost.config %SystemRoot%\System32\inetsrv\config\
|
|
@ -8,4 +8,4 @@ net start domain1
|
|||
powershell -Command "Start-Sleep -s 10"
|
||||
net stop domain1
|
||||
icacls "C:\glassfish" /grant "NT Authority\LOCAL SERVICE:(OI)(CI)F" /T
|
||||
sc config domain1 obj= "NT Authority\LOCAL SERVICE"
|
||||
sc config "domain1" obj= "NT Authority\LOCAL SERVICE"
|
||||
|
|
|
@ -1 +1 @@
|
|||
start /w PKGMGR.EXE /iu:IIS-WebServerRole;IIS-WebServer;IIS-CommonHttpFeatures;IIS-ApplicationDevelopment;IIS-ASPNET;IIS-NetFxExtensibility;IIS-ASP;IIS-CGI;IIS-ISAPIExtensions;IIS-ISAPIFilter;IIS-ServerSideIncludes;IIS-FTPServer;IIS-FTPSvc;IIS-FTPExtensibility;
|
||||
start /w PKGMGR.EXE /quiet /norestart /iu:IIS-WebServerRole;IIS-WebServer;IIS-CommonHttpFeatures;IIS-ApplicationDevelopment;IIS-ASPNET;IIS-NetFxExtensibility;IIS-ASP;IIS-CGI;IIS-ISAPIExtensions;IIS-ISAPIFilter;IIS-ServerSideIncludes;IIS-FTPServer;IIS-FTPSvc;IIS-FTPExtensibility;
|
|
@ -1,4 +1,4 @@
|
|||
start /w PKGMGR.EXE /iu:SNMP
|
||||
start /w PKGMGR.EXE /quiet /norestart /iu:SNMP
|
||||
reg delete HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters\PermittedManagers /va /f
|
||||
reg add HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters /v EnableAuthenticationTraps /t REG_DWORD /d 0 /f
|
||||
reg add HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters\ValidCommunities /v public /t REG_DWORD /d 4 /f
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
powershell -command "Start-Sleep -s 5"
|
||||
powershell -command "Start-Sleep -s 15"
|
||||
net start "domain1"
|
||||
|
|
|
@ -0,0 +1,132 @@
|
|||
# -*- mode: ruby -*-
|
||||
# vi: set ft=ruby :
|
||||
|
||||
Vagrant.configure("2") do |config|
|
||||
# Base configuration for the VM and provisioner
|
||||
config.vm.box = "metasploitable3"
|
||||
config.vm.hostname = "metasploitable3"
|
||||
config.vm.communicator = "winrm"
|
||||
|
||||
config.vm.network "private_network", type: "dhcp"
|
||||
|
||||
# Install Chocolatey
|
||||
config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd"
|
||||
config.vm.provision :reload # Hack to reset environment variables
|
||||
|
||||
# Install BoxStarter
|
||||
config.vm.provision :shell, path: "scripts/installs/install_boxstarter.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Install 7zip
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/7zip.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Adjust password policy
|
||||
config.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Add users and add to groups
|
||||
config.vm.provision :shell, path: "scripts/configs/create_users.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Unpatched IIS and FTP
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_iis.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_ftp_site.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Setup for Apache Struts
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :reload # Hack to reset environment variables
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Setup for Glassfish
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/start_glassfish_service.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Jenkins (1.8)
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Wordpress and phpMyAdmin
|
||||
# This must run after the WAMP setup.
|
||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/vcredist2008.bat" # Visual Studio 2008 redistributable is a requirement for WAMP
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/install_wamp.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/start_wamp.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/install_wordpress.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - JMX
|
||||
config.vm.provision :shell, path: "scripts/installs/install_openjdk6.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_jmx.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Rails Server
|
||||
config.vm.provision :shell, path: "scripts/installs/install_ruby.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/install_devkit.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/install_rails_server.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
config.vm.provision :shell, path: "scripts/installs/install_rails_service.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - WebDAV
|
||||
# This must run after the WAMP setup.
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_webdav.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - MySQL
|
||||
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_mysql.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - ManageEngine Desktop Central
|
||||
config.vm.provision :shell, path: "scripts/installs/install_manageengine.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Axis2
|
||||
# This must run after the Apache Struts setup.
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_axis2.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - Common backdoors
|
||||
config.vm.provision :shell, path: "scripts/installs/install_backdoors.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - SNMP
|
||||
config.vm.provision :shell, path: "scripts/installs/setup_snmp.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Configure Firewall to open up vulnerable services
|
||||
case ENV['MS3_DIFFICULTY']
|
||||
when 'easy'
|
||||
config.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
|
||||
else
|
||||
config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
|
||||
end
|
||||
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Vulnerability - ElasticSearch
|
||||
# This must run after the firewall rules, because it needs to make some HTTP requests in order to
|
||||
# set up the vulnerable state.
|
||||
config.vm.provision :shell, path: "scripts/installs/install_elasticsearch.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||
|
||||
# Configure flags
|
||||
config.vm.provision :shell, path: "scripts/installs/install_flags.bat"
|
||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a
|
||||
end
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"builders": [
|
||||
{
|
||||
"type": "vmware-iso",
|
||||
"type": "virtualbox-iso",
|
||||
"iso_url": "{{user `iso_url`}}",
|
||||
"iso_checksum_type": "{{user `iso_checksum_type`}}",
|
||||
"iso_checksum": "{{user `iso_checksum`}}",
|
||||
|
@ -11,7 +11,7 @@
|
|||
"ssh_password": "vagrant",
|
||||
"ssh_wait_timeout": "2h",
|
||||
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
|
||||
"guest_os_type": "winServer2008Standard-64",
|
||||
"guest_os_type": "Windows2008_64",
|
||||
"disk_size": 61440,
|
||||
"floppy_files": [
|
||||
"{{user `autounattend`}}",
|
||||
|
@ -31,6 +31,20 @@
|
|||
"./resources/certs/microsoft_root_2011.cer",
|
||||
"./resources/certs/thawte_primary_root.cer",
|
||||
"./resources/certs/utn-userfirst.cer"
|
||||
],
|
||||
"vboxmanage": [
|
||||
[
|
||||
"modifyvm",
|
||||
"{{.Name}}",
|
||||
"--memory",
|
||||
"4096"
|
||||
],
|
||||
[
|
||||
"modifyvm",
|
||||
"{{.Name}}",
|
||||
"--cpus",
|
||||
"2"
|
||||
]
|
||||
]
|
||||
}
|
||||
],
|
||||
|
@ -52,7 +66,7 @@
|
|||
{
|
||||
"type": "vagrant",
|
||||
"keep_input_artifact": false,
|
||||
"output": "windows_2008_r2_{{.Provider}}.box",
|
||||
"output": "windows_2008_r2_{{.Provider}}_pro.box",
|
||||
"vagrantfile_template": "vagrantfile-windows_2008_r2.template"
|
||||
}
|
||||
],
|
|
@ -1,23 +1,71 @@
|
|||
{
|
||||
"builders": [
|
||||
{
|
||||
"type": "virtualbox-iso",
|
||||
"type": "vmware-iso",
|
||||
"iso_url": "{{user `iso_url`}}",
|
||||
"iso_checksum_type": "{{user `iso_checksum_type`}}",
|
||||
"iso_checksum": "{{user `iso_checksum`}}",
|
||||
"headless": true,
|
||||
"boot_wait": "2m",
|
||||
"headless": false,
|
||||
"boot_wait": "10m",
|
||||
"communicator": "ssh",
|
||||
"ssh_username": "vagrant",
|
||||
"ssh_password": "vagrant",
|
||||
"ssh_wait_timeout": "2h",
|
||||
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
|
||||
"guest_os_type": "Windows2008_64",
|
||||
"guest_os_type": "winServer2008Standard-64",
|
||||
"tools_upload_flavor": "windows",
|
||||
"disk_size": 61440,
|
||||
"floppy_files": [
|
||||
"{{user `autounattend`}}",
|
||||
"./scripts/configs/microsoft-updates.bat",
|
||||
"./scripts/configs/win-updates.ps1",
|
||||
"./scripts/installs/openssh.ps1",
|
||||
"./scripts/installs/install_dotnet45.ps1",
|
||||
"./scripts/installs/install_wmf.ps1",
|
||||
"./resources/certs/oracle-cert.cer",
|
||||
"./resources/certs/gdig2.crt",
|
||||
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
|
||||
"./resources/certs/comodorsacertificationauthority.crt",
|
||||
"./resources/certs/addtrust_external_ca.cer",
|
||||
"./resources/certs/baltimore_ca.cer",
|
||||
"./resources/certs/digicert.cer",
|
||||
"./resources/certs/equifax.cer",
|
||||
"./resources/certs/globalsign.cer",
|
||||
"./resources/certs/gte_cybertrust.cer",
|
||||
"./resources/certs/microsoft_root_2011.cer",
|
||||
"./resources/certs/thawte_primary_root.cer",
|
||||
"./resources/certs/utn-userfirst.cer"
|
||||
],
|
||||
"vm_name": "metasploitable3-win2k8",
|
||||
"vmx_data": {
|
||||
"cpuid.coresPerSocket": "2",
|
||||
"memsize": "4096",
|
||||
"numvcpus": "2",
|
||||
"scsi0.virtualDev": "lsisas1068"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "virtualbox-iso",
|
||||
"iso_url": "{{user `iso_url`}}",
|
||||
"iso_checksum_type": "{{user `iso_checksum_type`}}",
|
||||
"iso_checksum": "{{user `iso_checksum`}}",
|
||||
"headless": false,
|
||||
"boot_wait": "10m",
|
||||
"communicator": "ssh",
|
||||
"ssh_username": "vagrant",
|
||||
"ssh_password": "vagrant",
|
||||
"ssh_wait_timeout": "2h",
|
||||
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
|
||||
"guest_os_type": "Windows2008_64",
|
||||
"disk_size": 61440,
|
||||
"vm_name": "metasploitable3-win2k8",
|
||||
"floppy_files": [
|
||||
"{{user `autounattend`}}",
|
||||
"./scripts/configs/microsoft-updates.bat",
|
||||
"./scripts/configs/win-updates.ps1",
|
||||
"./scripts/installs/openssh.ps1",
|
||||
"./scripts/installs/install_dotnet45.ps1",
|
||||
"./scripts/installs/install_wmf.ps1",
|
||||
"./resources/certs/oracle-cert.cer",
|
||||
"./resources/certs/gdig2.crt",
|
||||
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
|
||||
|
@ -48,17 +96,108 @@
|
|||
]
|
||||
}
|
||||
],
|
||||
"provisioners": [
|
||||
"provisioners": [
|
||||
{
|
||||
"type": "file",
|
||||
"source": "scripts",
|
||||
"destination": "C:/vagrant"
|
||||
},
|
||||
{
|
||||
"type": "file",
|
||||
"source": "resources",
|
||||
"destination": "C:/vagrant"
|
||||
},
|
||||
{
|
||||
"type": "shell",
|
||||
"remote_path": "/tmp/script.bat",
|
||||
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
|
||||
"scripts": [
|
||||
"./scripts/configs/update_root_certs.bat",
|
||||
"./scripts/installs/vm-guest-tools.bat",
|
||||
"./scripts/configs/vagrant-ssh.bat",
|
||||
"./scripts/configs/disable-auto-logon.bat",
|
||||
"./scripts/configs/enable-rdp.bat",
|
||||
"./scripts/configs/update_root_certs.bat"
|
||||
"./scripts/configs/enable-rdp.bat"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "windows-shell",
|
||||
"remote_path": "C:/Windows/Temp/script.bat",
|
||||
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
|
||||
"scripts": [
|
||||
"./scripts/configs/disable_firewall.bat"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "windows-restart"
|
||||
},
|
||||
{
|
||||
"type":"powershell",
|
||||
"inline": [
|
||||
"iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))"
|
||||
],
|
||||
"pause_before": "60s"
|
||||
},
|
||||
{
|
||||
"type": "windows-restart"
|
||||
},
|
||||
{
|
||||
"type": "windows-shell",
|
||||
"remote_path": "C:/Windows/Temp/script.bat",
|
||||
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
|
||||
"scripts": [
|
||||
"scripts/installs/install_boxstarter.bat",
|
||||
"scripts/chocolatey_installs/7zip.bat",
|
||||
"scripts/configs/apply_password_settings.bat",
|
||||
"scripts/configs/create_users.bat",
|
||||
"scripts/installs/setup_iis.bat",
|
||||
"scripts/installs/setup_ftp_site.bat",
|
||||
"scripts/chocolatey_installs/java.bat"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "windows-restart"
|
||||
},
|
||||
{
|
||||
"type": "windows-shell",
|
||||
"remote_path": "C:/Windows/Temp/script.bat",
|
||||
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
|
||||
"scripts": [
|
||||
"scripts/chocolatey_installs/tomcat.bat",
|
||||
"scripts/installs/setup_apache_struts.bat",
|
||||
"scripts/installs/setup_glassfish.bat",
|
||||
"scripts/installs/start_glassfish_service.bat",
|
||||
"scripts/installs/setup_jenkins.bat",
|
||||
"scripts/chocolatey_installs/vcredist2008.bat",
|
||||
"scripts/installs/install_wamp.bat",
|
||||
"scripts/installs/start_wamp.bat",
|
||||
"scripts/installs/install_wordpress.bat",
|
||||
"scripts/installs/install_openjdk6.bat",
|
||||
"scripts/installs/setup_jmx.bat",
|
||||
"scripts/installs/install_ruby.bat",
|
||||
"scripts/installs/install_devkit.bat"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "windows-restart"
|
||||
},
|
||||
{
|
||||
"type": "windows-shell",
|
||||
"remote_path": "C:/Windows/Temp/script.bat",
|
||||
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
|
||||
"scripts": [
|
||||
"scripts/installs/install_rails_server.bat",
|
||||
"scripts/installs/setup_rails_server.bat",
|
||||
"scripts/installs/install_rails_service.bat",
|
||||
"scripts/installs/setup_webdav.bat",
|
||||
"scripts/installs/setup_mysql.bat",
|
||||
"scripts/installs/install_manageengine.bat",
|
||||
"scripts/installs/setup_axis2.bat",
|
||||
"scripts/installs/install_backdoors.bat",
|
||||
"scripts/installs/setup_snmp.bat",
|
||||
"scripts/configs/configure_firewall.bat",
|
||||
"scripts/installs/install_elasticsearch.bat",
|
||||
"scripts/installs/install_flags.bat",
|
||||
"scripts/configs/packer_cleanup.bat"
|
||||
]
|
||||
}
|
||||
],
|
||||
|
|
Loading…
Reference in New Issue