Added support for building and running on qemu/kvm via libvirt

.gitignore

@@ -1,10 +1,12 @@
 .vagrant/
 packer_cache/
 packer/builds/
+resources/drivers/
+*.vfd
 *.exe
 *.msi
 *.msu
 *.DS_Store
-resources/manageengine/setup.log
-windows_2008_r2_virtualbox.box
-windows_2008_r2_vmware.box
+*.box
+*.iso
+*.vfd

build.sh

@@ -4,6 +4,7 @@ min_vbox_ver="5.1.10"
 min_vagrant_ver="1.9.0"
 min_packer_ver="0.10.0"
 min_vagrantreload_ver="0.0.1"
+min_vagrantlibvirt_ver="0.0.1"
 packer_bin="packer"
 packer_build_path="packer/builds"
 
@@ -70,16 +71,18 @@ if [ -x "$(which VBoxManage)" ] ; then
     current_vbox_ver=$(VBoxManage -v | sed -e 's/r.*//g' -e 's/_.*//g')
     if compare_versions $current_vbox_ver $min_vbox_ver false; then
         echo "Compatible version of VirtualBox found."
+        echo "Virtualbox images will be built."
+	build_vbox=true
     else
         echo "A compatible version of VirtualBox was not found."
         echo "Current Version=[$current_vbox_ver], Minimum Version=[$min_vbox_ver]"
         echo "Please download and install it from https://www.virtualbox.org/"
-        exit 1
+        echo "Virtualbox images will not be built."
     fi
 else
     echo "VirtualBox is not installed (or not added to the path)."
     echo "Please download and install it from https://www.virtualbox.org/"
-    exit 1
+    echo "Virtualbox images will not be built."
 fi
 
 if compare_versions $($packer_bin -v) $min_packer_ver false; then
@@ -101,6 +104,22 @@ else
     exit 1
 fi
 
+if compare_versions $(vagrant plugin list | grep 'vagrant-libvirt' | cut -d' ' -f2 | tr -d '(' | tr -d ')' | tr -d ',') $min_vagrantlibvirt_ver false; then
+    echo 'Compatible version of vagrant-libvirt plugin was found.'
+    echo 'KVM image will be built.'
+    build_qemu=true
+    echo 'Fetching virtio drivers required for build'
+    ./packer/scripts/virtio-win-drivers.sh
+else
+    echo "A compatible version of vagrant-libvirt plugin was not found."
+    echo "Attempting to install..."
+    if vagrant plugin install vagrant-libvirt; then
+        echo "Successfully installed the vagrant-libvirt plugin."
+    else
+        echo "There was an error installing the vagrant-libvirt plugin. Please see the above output for more information."
+    fi
+fi
+
 if compare_versions $(vagrant plugin list | grep 'vagrant-reload' | cut -d' ' -f2 | tr -d '(' | tr -d ')') $min_vagrantreload_ver false; then
     echo 'Compatible version of vagrant-reload plugin was found.'
 else
@@ -114,34 +133,52 @@ else
     fi
 fi
 
-echo "All requirements found. Proceeding..."
-
-search_string="$os_full"_virtualbox_"$box_version"
-if ls $packer_build_path | grep -q "$search_string"; then
-    echo "It looks like the vagrant box already exists. Skipping the Packer build."
-else
-    echo "Building the Vagrant box..."
-    if $packer_bin build --only=virtualbox-iso packer/templates/$os_full.json; then
-        echo "Box successfully built by Packer."
-    else
-        echo "Error building the Vagrant box using Packer. Please check the output above for any error messages."
-        exit 1
-    fi
+if [ "$build_vbox" != true ] && [ "$build_qemu" != true ]; then
+    echo "Neither VirtualBox or libvirt packer support is present. Aborting."
+    exit 1
 fi
 
+echo "Requirements found. Proceeding..."
+
+for provider in virtualbox-iso qemu; do
+    search_string="$os_full"_"$provider"_"$box_version"
+    mkdir -p "$packer_build_path"
+    if ls $packer_build_path | grep -q "$search_string"; then
+	echo "It looks like the $provider vagrant box already exists. Skipping the build." 
+    elif [ "$build_qemu" = true ] || [ "$build_virtualbox" = true ]; then
+	echo "Building the Vagrant boxes..."
+	if $packer_bin build packer/templates/$os_full.json; then
+	    echo "Boxes successfully built by Packer."
+	else
+	    echo "Error building the Vagrant boxes using Packer. Please check the output above for any error messages."
+	    exit 1
+	fi
+    else
+	echo "No available providers found to build box"
+	exit 1
+    fi
+done
+
 echo "Attempting to add the box to Vagrant..."
 
-if vagrant box list | grep -q metasploitable3-"$os_short"; then
-    echo "metasploitable3-$os_short already found in Vagrant box repository. Skipping the addition to Vagrant."
-    echo "NOTE: If you are having issues, try starting over by doing 'vagrant destroy' and then 'vagrant up'."
-else
-    if vagrant box add $packer_build_path/"$os_full"_virtualbox_"$box_version".box --name metasploitable3-$os_short; then
-        echo "Box successfully added to Vagrant."
+for provider in virtualbox-iso qemu; do
+    if vagrant box list | grep -q metasploitable3-"$os_short"-"$provider"; then
+	echo "metasploitable3-$os_short-$provider already found in Vagrant box repository. Skipping the addition to Vagrant."
+	echo "NOTE: If you are having issues, try starting over by doing 'vagrant destroy' and then 'vagrant up'."
     else
-        echo "Error adding box to Vagrant. See the above output for any error messages."
-        exit 1
+	if [ -z $box_import ]; then
+	    if vagrant box add $packer_build_path/"$os_full"_"$provider"_"$box_version".box --name metasploitable3-$os_short; then
+		echo "Box successfully added to Vagrant."
+	    else
+		echo "Error adding box to Vagrant. See the above output for any error messages."
+	    fi
+	else
+	    echo "No builders produced a working box."
+	    echo "Check you have build dependencies installed."
+	    echo "Useful diagnostic information could be above. Aborting!"
+	fi
     fi
-fi
+done
 
 echo "---------------------------------------------------------------------"
 echo "SUCCESS: Run 'vagrant up' to provision and start metasploitable3."

packer/answer_files/2008_r2/Autounattend.xml

@@ -2,6 +2,13 @@
 <unattend xmlns="urn:schemas-microsoft-com:unattend">
     <servicing/>
     <settings pass="windowsPE">
+        <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+            <DriverPaths>
+                <PathAndCredentials wcm:keyValue="1" wcm:action="add">
+                    <Path>A:\</Path>
+                </PathAndCredentials>
+	    </DriverPaths>
+	</component>
         <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
             <DiskConfiguration>
                 <Disk wcm:action="add">

packer/scripts/virtio-win-drivers.sh

@@ -0,0 +1,44 @@
+#!/usr/bin/env bash
+
+# URI for downloading the latest WHQL'd Virtio drivers
+virtio_uri="https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win_amd64.vfd"
+
+# le flag
+have_tools=true
+
+# Tools messages
+need_wget () {
+    echo "Could not find wget, which is needed to download the virtio disk."
+    echo "To install -"
+    echo ""
+    echo "Fedora: sudo dnf install wget"
+    echo "Debian/Ubuntu: sudo apt install wget"
+}
+
+need_7z () {
+    echo "Could not find 7z, which is required for extracting the virtio driver disk."
+    echo "To install -"
+    echo ""
+    echo "Fedora: sudo dnf install p7zip p7zip-plugins"
+    echo "Debian/Ubuntu: sudo apt install p7zip-full"
+}
+
+# Check for needed tools
+if [ ! -x /usr/bin/wget ]; then
+    need_wget
+    have_tools=false
+fi
+
+if [ ! -x /usr/bin/7z ]; then
+    need_7z
+    have_tools=false
+fi
+
+if [ "$have_tools" = true ]; then
+    if [ -f ".virtio-stable.vfd" ]; then
+	echo ".virtio-stable.vfd already exists, skipping download."
+    else
+	echo "Downloading and extracting virtio stable drivers."
+	wget -c "${virtio_uri}" -O .virtio-stable.vfd && 7z x -oresources/drivers/virtio .virtio-stable.vfd txtsetup.oem disk1 amd64/Win2008
+    fi 
+fi

packer/templates/ubuntu_1404.json

@@ -82,6 +82,41 @@
           "2"
         ]
       ]
+    },
+    {
+      "type": "qemu",
+      "iso_url": "{{user `iso_url`}}",
+      "iso_checksum_type": "{{user `iso_checksum_type`}}",
+      "iso_checksum": "{{user `iso_checksum`}}",
+      "headless": false,
+      "http_directory" : "{{template_dir}}/../http",
+      "http_port_min" : 9001,
+      "http_port_max" : 9001,
+      "boot_command": [
+        "<esc><wait>",
+        "<esc><wait>",
+        "<enter><wait>",
+        "/install/vmlinuz",
+        " auto=true",
+        " priority=critical",
+        " initrd=/install/initrd.gz",
+        " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
+        " -- ",
+        "<enter>"
+      ],
+      "boot_wait": "20s",
+      "communicator": "ssh",
+      "accelerator": "kvm",
+      "ssh_username": "vagrant",
+      "ssh_password": "vagrant",
+      "ssh_wait_timeout": "2h",
+      "shutdown_command": "echo 'packer' | sudo -S shutdown -P now",
+      "disk_size": 40000,
+      "vm_name": "metasploitable3-ub1404",
+      "qemuargs": [
+        ["-m", "4096"],
+        ["-smp", "2"]
+      ]
     }
   ],
   "provisioners": [
@@ -119,6 +154,7 @@
     {
       "type": "vagrant",
       "keep_input_artifact": false,
+	    exit 1
       "output": "{{template_dir}}/../builds/ubuntu_1404_{{.Provider}}_{{user `box_version`}}.box"
     }
   ],

packer/templates/windows_2008_r2.json

@@ -94,6 +94,49 @@
           "2"
         ]
       ]
+    },                                                          
+    {                                                        
+      "type": "qemu",                             
+      "iso_url": "{{user `iso_url`}}",                 
+      "iso_checksum_type": "{{user `iso_checksum_type`}}",                       
+      "iso_checksum": "{{user `iso_checksum`}}",                        
+      "headless": false,
+      "boot_wait": "10m",
+      "communicator": "ssh",
+      "accelerator": "kvm",
+      "ssh_username": "vagrant",
+      "ssh_password": "vagrant",
+      "ssh_wait_timeout": "2h",
+      "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
+      "disk_size": 61440,
+      "format": "qcow2",
+      "vm_name": "metasploitable3-win2k8",
+      "floppy_files": [
+        "{{user `autounattend`}}",
+        "{{user `scripts_dir`}}/configs/microsoft-updates.bat",
+        "{{user `scripts_dir`}}/configs/win-updates.ps1",
+        "{{user `scripts_dir`}}/installs/openssh.ps1",
+        "{{user `scripts_dir`}}/installs/install_dotnet45.ps1",
+        "{{user `scripts_dir`}}/installs/install_wmf.ps1",
+        "{{user `resources_dir`}}/certs/oracle-cert.cer",
+        "{{user `resources_dir`}}/certs/gdig2.crt",
+        "{{user `resources_dir`}}/certs/comodorsadomainvalidationsecureserverca.crt",
+        "{{user `resources_dir`}}/certs/comodorsacertificationauthority.crt",
+        "{{user `resources_dir`}}/certs/addtrust_external_ca.cer",
+        "{{user `resources_dir`}}/certs/baltimore_ca.cer",
+        "{{user `resources_dir`}}/certs/digicert.cer",
+        "{{user `resources_dir`}}/certs/equifax.cer",
+        "{{user `resources_dir`}}/certs/globalsign.cer",
+        "{{user `resources_dir`}}/certs/gte_cybertrust.cer",
+        "{{user `resources_dir`}}/certs/microsoft_root_2011.cer",
+        "{{user `resources_dir`}}/certs/thawte_primary_root.cer",
+        "{{user `resources_dir`}}/certs/utn-userfirst.cer",
+        "./resources/drivers/virtio/*"
+      ],
+      "qemuargs": [
+        ["-m", "4096"],
+        ["-smp", "2"]
+      ]
     }
   ],
 "provisioners": [