github
/
metasploitable3
mirror of https://github.com/rapid7/metasploitable3
1
Fork 0
Code Releases Activity

Merge branch 'master' into feature/linux_ctf

This commit is contained in:
James Barnett 2017-07-27 11:31:23 -05:00
parent e86ba5119b 21f5bb6219
commit b4b47b5e06
38 changed files with 833 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
answer_files/2008_r2/Autounattend.xml
View File

@ -256,9 +256,14 @@
<Order>26</Order>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install_netfx.ps1 -AutoStart</CommandLine>
<Description>Install .NET 4.0</Description>
<Order>27</Order>
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install_dotnet45.ps1 -AutoStart</CommandLine>
<Order>97</Order>
<Description>Install .NET 4.5.1</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install_wmf.ps1 -AutoStart</CommandLine>
<Order>98</Order>
<Description>Installing Windows Management Framework 5.0</Description>
</SynchronousCommand>
<!--WITHOUT WINDOWS UPDATES -->
<SynchronousCommand wcm:action="add">

8
chef/cookbooks/metasploitable/test/windows/7zip.rb Normal file
View File

@ -0,0 +1,8 @@
control "7zip" do
title "Check 7zip"
desc "Check if choco installed 7zip. Installation script available at /scripts/chocolatey_installs/7zip.bat"
describe file('C:\\ProgramData\\chocolatey\\bin\\7z.exe') do
it { should exist }
end
end

21
chef/cookbooks/metasploitable/test/windows/apache_struts.rb Normal file
View File

@ -0,0 +1,21 @@
control "apache-struts" do
title "Check if apache struts is running"
desc "Check if the service is running. Installation script available at /scripts/installs/setup_apache_struts.bat"
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\conf\\tomcat-users.xml') do
it { should exist }
end
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\conf\\server.xml') do
it { should exist }
end
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\webapps\\struts2-rest-showcase.war') do
it { should exist }
end
describe port('8282') do
it { should be_listening }
end
end

16
chef/cookbooks/metasploitable/test/windows/axis2.rb Normal file
View File

@ -0,0 +1,16 @@
control "axis2" do
title "Axis 2"
desc "Check if Axis 2 webapp is installed. Installation script available at /scripts/installs/setup_axis2.bat"
describe file('C:\\axis2') do
it { should_not exist }
end
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\webapps\\axis2') do
it { should exist }
end
describe port('8282') do
it { should be_listening }
end
end

16
chef/cookbooks/metasploitable/test/windows/backdoors.rb Normal file
View File

@ -0,0 +1,16 @@
control "backdoors" do
title "Backdoors"
desc "Check if the backdoors are correctly placed. Installation script present at: /scripts/installs/install_backdoors.bat"
describe file('C:\\inetpub\\wwwroot\\caidao.asp') do
it { should exist }
end
describe file('C:\\wamp\\www\\mma.php') do
it { should exist }
end
describe file('C:\\wamp\\www\\meterpreter.php') do
it { should exist }
end
end

12
chef/cookbooks/metasploitable/test/windows/boxstarter.rb Normal file
View File

@ -0,0 +1,12 @@
control "boxstarter" do
title "Check BoxStarter"
desc "Check if BoxStarter is installed successfully"
describe file('C:\\Users\\vagrant\\AppData\\Roaming\\Boxstarter') do
it { should exist }
end
describe file('C:\\Users\\vagrant\\AppData\\Roaming\\Boxstarter\\BoxstarterShell.ps1') do
it { should exist }
end
end

8
chef/cookbooks/metasploitable/test/windows/choco.rb Normal file
View File

@ -0,0 +1,8 @@
control "choco" do
title "Check chocolatey"
desc "Checks if chocolatey has been installed successfully"
describe command('choco --version') do
its(:exit_status) { should eq 0 }
end
end

117
chef/cookbooks/metasploitable/test/windows/create_users.rb Normal file
View File

@ -0,0 +1,117 @@
control "check-accounts" do
title "Check user accounts"
desc "This test is to make sure that all the user accounts are created and are assigned to correct localgroups"
describe user('anakin_skywalker') do
it { should exist }
its('groups') { should eq ["Network Configuration Operators", "Users"] }
end
describe user('artoo_detoo') do
it { should exist }
its('groups') { should eq ["Distributed COM Users", "Users"] }
end
describe user('ben_kenobi') do
it { should exist }
its('groups') { should eq ["Guests", "Users"] }
end
describe user('boba_fett') do
it { should exist }
its('groups') { should eq ["Power Users", "Users"] }
end
describe user('c_three_pio') do
it { should exist }
its('groups') { should eq ["Event Log Readers", "Users"] }
end
describe user('chewbacca') do
it { should exist }
its('groups') { should eq ["Replicator", "Users"] }
end
describe user('darth_vader') do
it { should exist }
its('groups') { should eq ["IIS_IUSRS", "Users"] }
end
describe user('greedo') do
it { should exist }
its('groups') { should eq ["Remote Desktop Users", "Users"] }
end
describe user('han_solo') do
it { should exist }
its('groups') { should eq ["Cryptographic Operators", "Users"] }
end
describe user('jabba_hutt') do
it { should exist }
its('groups') { should eq ["Print Operators", "Users"] }
end
describe user('jarjar_binks') do
it { should exist }
its('groups') { should eq ["Performance Log Users", "Users"] }
end
describe user('kylo_ren') do
it { should exist }
its('groups') { should eq ["Users"] }
end
describe user('lando_calrissian') do
it { should exist }
its('groups') { should eq ["Performance Monitor Users", "Users"] }
end
describe user('leia_organa') do
it { should exist }
its('groups') { should eq ["Backup Operators", "Users"] }
end
describe user('luke_skywalker') do
it { should exist }
its('groups') { should eq ["Certificate Service DCOM Access", "Users"] }
end
describe user('sshd') do
it { should exist }
its('groups') { should eq ["Users"] }
end
describe user('sshd_server') do
it { should exist }
its('groups') { should eq ["Administrators", "Users"] }
end
describe user('vagrant') do
it { should exist }
its('groups') { should eq ["Administrators", "Users"] }
end
end
control "reg-user-add" do
title "Check user registry entries"
desc "Check if the registry was updated with the new users and their groups. Configuration script available at /scripts/configs/create_users.bat"
describe registry_key('HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList') do
its('anakin_skywalker') { should eq 0 }
its('artoo_detoo') { should eq 0 }
its('ben_kenobi') { should eq 0 }
its('boba_fett') { should eq 0 }
its('c_three_pio') { should eq 0 }
its('chewbacca') { should eq 0 }
its('darth_vader') { should eq 0 }
its('greedo') { should eq 0 }
its('han_solo') { should eq 0 }
its('jabba_hutt') { should eq 0 }
its('jarjar_binks') { should eq 0 }
its('kylo_ren') { should eq 0 }
its('lando_calrissian') { should eq 0 }
its('leia_organa') { should eq 0 }
its('luke_skywalker') { should eq 0 }
end
end

16
chef/cookbooks/metasploitable/test/windows/devkit.rb Normal file
View File

@ -0,0 +1,16 @@
control "devkit" do
title "Rails Server - DevKit"
desc "Check if the rails server has installed along with devkit. Check the installation script at /scripts/installs/install_devkit.bat"
describe file('C:\\Program Files\\Rails_Server') do
it { should exist }
end
describe file('C:\\Program Files\\Rails_Server\\devkit') do
it { should exist }
end
describe port('3000') do
it { should be_listening }
end
end

8
chef/cookbooks/metasploitable/test/windows/disable_auto_logon.rb Normal file
View File

@ -0,0 +1,8 @@
control "disable-auto-logon" do
title "Disable Auto Logon"
desc "Check if the registry is updated to disable auto logon. Configuration script available at /scripts/configs/disable-auto-logon.bat"
describe command('reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon') do
its('stdout') { should match ("AutoAdminLogon REG_SZ 0") }
end
end

9
chef/cookbooks/metasploitable/test/windows/disable_firewall.rb Normal file
View File

@ -0,0 +1,9 @@
control "disable-firewall" do
title "Diable firewall"
desc "Disable firewall. Configuration script available at /scripts/configs/disable_firewall.bat"
# There are three profiles. None of them should be in 'on' state
describe command('netsh advfirewall show allprofiles state') do
its('stdout') { should_not match ("ON") }
end
end

19
chef/cookbooks/metasploitable/test/windows/elasticsearch.rb Normal file
View File

@ -0,0 +1,19 @@
control "elasticsearch" do
title "ElasticSearch"
desc "Check if ElasticSearch was installed correctly. Installation script available at /scripts/installs/install_elasticsearch.bat"
describe file('C:\\Program Files\\elasticsearch-1.1.1') do
it { should exist }
end
describe service('elasticsearch-service-x64') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe port('9200') do
it { should be_listening }
end
end

16
chef/cookbooks/metasploitable/test/windows/enable_rdp.rb Normal file
View File

@ -0,0 +1,16 @@
control "enable-rdp" do
title "Enable RDP"
desc "Enables RDP by modifying Registry and adding a Firewall rule. Configuration script available at /scripts/configs/enable-rdp.bat"
describe command('netsh advfirewall firewall show rule name="Open Port 3389"') do
its('stdout') { should match ("Enabled: Yes") }
end
describe registry_key('HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server') do
its('fDenyTSConnections') { should eq 0 }
end
describe port('3389') do
it { should be_listening }
end
end

77
chef/cookbooks/metasploitable/test/windows/firewall.rb Normal file
View File

@ -0,0 +1,77 @@
control "firewall" do
title "Configure Firewall"
desc "Check if the firewall rules are applied. Configuration script available at /scripts/configs/configure_firewall.bat"
describe command('netsh advfirewall firewall show rule name="Open Port 8484 for Jenkins"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 8282 for Apache Struts"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 80 for IIS"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 4848 for GlassFish"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 8080 for GlassFish"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 8585 for Wordpress and phpMyAdmin"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Java 1.6 java.exe"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 3000 for Rails Server"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 8020 for ManageEngine Desktop Central"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 8383 for ManageEngine Desktop Central"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 8022 for ManageEngine Desktop Central"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 9200 for ElasticSearch"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Open Port 161 for SNMP"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Closed port 445 for SMB"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Closed port 139 for NetBIOS"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Closed port 135 for NetBIOS"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Closed Port 3389 for Remote Desktop"') do
its('stdout') { should match "Enabled: Yes" }
end
describe command('netsh advfirewall firewall show rule name="Closed Port 3306 for MySQL"') do
its('stdout') { should match "Enabled: Yes" }
end
end

61
chef/cookbooks/metasploitable/test/windows/flag_check.rb Normal file
View File

@ -0,0 +1,61 @@
control "flags-check" do
title "Check flag locations"
desc "Check if the flags are correctly placed"
describe file('C:\\inetpub\\wwwroot\\six_of_diamonds.zip') do
it { should exist }
end
describe file('C:\\WINDOWS\\System32\\jack_of_clubs.png') do
it { should exist }
end
describe file('C:\\Windows\\three_of_spades.png') do
it { should exist }
end
describe file('C:\\Windows\\System32\\kingofclubs.exe') do
it { should exist }
end
describe file('C:\\Users\\Public\\Music\\four_of_clubs.wav') do
it { should exist }
end
describe file('C:\\inetpub\\wwwroot\\index.html') do
it { should exist }
end
describe file('C:\\inetpub\\wwwroot\\hahaha.jpg') do
it { should exist }
end
describe file('C:\\inetpub\\wwwroot\\iisstart.htm') do
it { should_not exist }
end
describe file('C:\\inetpub\\wwwroot\\seven_of_hearts.html') do
it { should exist }
end
describe file('C:\\Users\\Public\\Documents\\jack_of_hearts.docx') do
it { should exist }
end
describe file('C:\\Users\\Public\\Documents\\seven_of_spades.pdf') do
it { should exist }
end
describe file('C:\\Users\\Public\\Pictures\\ace_of_hearts.jpg') do
it { should exist }
end
describe file('C:\\Users\\Public\\Pictures\\ten_of_diamonds.png') do
it { should exist }
end
describe file('C:\\jack_of_diamonds.png') do
it { should exist }
end
end

13
chef/cookbooks/metasploitable/test/windows/ftp_site.rb Normal file
View File

@ -0,0 +1,13 @@
control "setup-ftp-site" do
title "Setup FTP Site"
desc "Check if the FTP site is correctly configured"
describe file('C:\\Windows\\System32\\inetsrv\\config\\applicationHost.config') do
it { should exist }
end
describe port('21') do
it { should be_listening }
end
end

39
chef/cookbooks/metasploitable/test/windows/glassfish.rb Normal file
View File

@ -0,0 +1,39 @@
control "glassfish" do
title "Check GlassFish"
desc "Check if the GlassFish service is correctly installed. Installation script available at /scripts/installs/setup_g"
describe file("C:\\glassfish") do
it { should exist }
end
describe file("C:\\glassfish\\glassfish4\\glassfish\\domains\\domain1\\config\\admin-keyfile") do
it { should exist }
end
describe file("C:\\glassfish\\glassfish4\\glassfish\\domains\\domain1\\config\\domain.xml") do
it { should exist }
end
describe service('domain1') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
# describe command('icacls "C:\glassfish"') do
# its('stdout') { should match "NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(F)" }
# end
describe port('4848') do
it { should be_listening }
end
describe port('8080') do
it { should be_listening }
end
describe port('8181') do
it { should be_listening }
end
end

8
chef/cookbooks/metasploitable/test/windows/iis.rb Normal file
View File

@ -0,0 +1,8 @@
control "iis" do
title "IIS HTTP"
desc "Checks if the IIS server has started and listening on port 80. Setup script available at /scripts/installs/setup_iis.bat"
describe port('3389') do
it { should be_listening }
end
end

16
chef/cookbooks/metasploitable/test/windows/java.rb Normal file
View File

@ -0,0 +1,16 @@
control "java" do
title "Check Java installation"
desc "Check if java is installed. Checkout the installation script at /scripts/chocolatey_installs/java.bat"
describe file('C:\\Program Files\\Java\\jre1.8.0_131\\bin\\java.exe') do
it { should exist }
end
describe file('C:\\Program Files\\Java\\jdk1.8.0_131\\bin\\java.exe') do
it { should exist }
end
describe command('java -showversion') do
its(:exit_status) { should eq 1 }
end
end

26
chef/cookbooks/metasploitable/test/windows/jenkins.rb Normal file
View File

@ -0,0 +1,26 @@
control "jenkins" do
title "Check jenkins"
desc "Check if jenkins is installed correctly. The setup script is available at /scripts/installs/setup_jenkins.bat"
describe file("C:\\Program Files\\jenkins") do
it { should exist }
end
describe file("C:\\Program Files\\jenkins\\jenkins.war") do
it { should exist }
end
describe file("C:\\Program Files\\jenkins\\jenkins.exe") do
it { should exist }
end
describe service('jenkins') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe port('8484') do
it { should be_listening }
end
end

38
chef/cookbooks/metasploitable/test/windows/jmx.rb Normal file
View File

@ -0,0 +1,38 @@
control "jmx" do
title "Check JMX installation"
desc "Check if the JMX service is correctly installed. Setup script available at /scripts/installs/setup_jmx.bat"
describe file('C:\\Program Files\\jmx') do
it { should exist }
end
describe file('C:\\Program Files\\jmx\\Hello.class') do
it { should exist }
end
describe file('C:\\Program Files\\jmx\\HelloMBean.class') do
it { should exist }
end
describe file('C:\\Program Files\\jmx\\SimpleAgent.class') do
it { should exist }
end
describe file('C:\\Program Files\\jmx\\jmx.exe') do
it { should exist }
end
describe file('C:\\Program Files\\jmx\\start_jmx.bat') do
it { should exist }
end
describe service('jmx') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe port('1617') do
it { should be_listening }
end
end

26
chef/cookbooks/metasploitable/test/windows/manageengine.rb Normal file
View File

@ -0,0 +1,26 @@
control "manageengine" do
title "ManageEngine"
desc "Check if ManageEngine is running. Installation script is available at /scripts/installs/install_manageengine.bat"
describe service('MEDCServerComponent-Apache') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe service('MEDC Server Component - Notification Server') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe service('DesktopCentralServer') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe port('8020') do
it { should be_listening }
end
end

14
chef/cookbooks/metasploitable/test/windows/mysql.rb Normal file
View File

@ -0,0 +1,14 @@
control "mysql" do
title "MySQL"
desc "Check if MySQL is running properly. Installation script available at /scripts/installs/setup_mysql.bat"
describe service('wampmysqld') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe port('3306') do
it { should be_listening }
end
end

12
chef/cookbooks/metasploitable/test/windows/openjdk6.rb Normal file
View File

@ -0,0 +1,12 @@
control "openjdk6" do
title "Check OpenJDK 6"
desc "Checks for the installation of OpenJDK 6. Setup file available at /scripts/installs/setup_openjdk6.bat"
describe file('C:\\openjdk6\\openjdk-1.6.0-unofficial-b27-windows-amd64') do
it { should exist }
end
describe command('C:\openjdk6\openjdk-1.6.0-unofficial-b27-windows-amd64\jre\bin\java.exe -version') do
its('stdout') { should match "openjdk version \"1.6.0-unofficial\"" }
end
end

8
chef/cookbooks/metasploitable/test/windows/password_settings.rb Normal file
View File

@ -0,0 +1,8 @@
control "password-settings" do
title "Password settings"
desc "Check if the password settings are correctly configured. Configuration script available at /scripts/configs/apply_password_settings.bat"
describe command('secedit /analyze /db %windir%\securitynew.sdb /cfg C:\vagrant\resources\security_settings\secconfig.cfg /areas SECURITYPOLICY') do
its(:exit_status) { should eq 1 }
end
end

13
chef/cookbooks/metasploitable/test/windows/psexec.rb Normal file
View File

@ -0,0 +1,13 @@
control "psexec" do
title "PxExec"
desc "Checks if the ports 139 - NetBIOS and 445 - SMB are listening"
describe port('139') do
it { should be_listening }
end
describe port('445') do
it { should be_listening }
end
end

21
chef/cookbooks/metasploitable/test/windows/rails_service.rb Normal file
View File

@ -0,0 +1,21 @@
control "rails_service" do
title "Rails Service"
desc "Check if Rails service is correctly installed. Setup script available at /scripts/installs/install_rails_service.bat"
describe file('C:\\Program Files\\Rails_Server\\Gemfile') do
it { should exist }
end
describe file('C:\\Program Files\\Rails_Server\\start_rails_server.bat') do
it { should exist }
end
describe port('3000') do
it { should be_listening }
end
describe windows_task('rails') do
it { should exist }
it { should be_enabled }
end
end

12
chef/cookbooks/metasploitable/test/windows/ruby.rb Normal file
View File

@ -0,0 +1,12 @@
control "ruby" do
title "Ruby"
desc "Check if ruby is installed. Installation script found at /scripts/installs/install_ruby.bat"
describe file('C:\\tools\\ruby23') do
it { should exist }
end
describe command('ruby -v') do
its(:exit_status) { should eq 0 }
end
end

16
chef/cookbooks/metasploitable/test/windows/snmp.rb Normal file
View File

@ -0,0 +1,16 @@
control "snmp" do
title "Setup SNMP"
desc "Check if SNMP has been set up correctly. Setup script available at /scripts/installs/setup_snmp.bat"
describe registry_key('HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters') do
its('EnableAuthenticationTraps') { should eq 0 }
end
describe registry_key('HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters\ValidCommunities') do
its('public') { should eq 4 }
end
describe port('161') do
it { should be_listening }
end
end

19
chef/cookbooks/metasploitable/test/windows/tomcat.rb Normal file
View File

@ -0,0 +1,19 @@
control "tomcat" do
title "Check tomcat installation"
desc "Check if tomcat is installed. Installation script available at /scripts/chocolatey_installs/tomcat.bat"
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat') do
it { should exist }
end
describe service('Tomcat8') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe port('8282') do
it { should be_listening }
end
end

35
chef/cookbooks/metasploitable/test/windows/wamp.rb Normal file
View File

@ -0,0 +1,35 @@
control "wamp" do
title "Check WAMP installation"
desc "Check WAMP installation. The setup script available at /scripts/installs/install_wamp.bat"
describe file('C:\\wamp\\bin\\apache\\Apache2.2.21\\conf\\httpd.conf') do
it { should exist }
end
describe file('C:\\wamp\\alias\\phpmyadmin.conf') do
it { should exist }
end
describe service('wampapache') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe service('wampmysqld') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
#TODO: Add icacls verification
describe port('8585') do
it { should be_listening }
end
describe port('3306') do
it { should be_listening }
end
end

22
chef/cookbooks/metasploitable/test/windows/webdav.rb Normal file
View File

@ -0,0 +1,22 @@
control "webdav" do
title "WebDAV"
desc "Check if WebDAV is correctly installed. Installation script available at /scripts/installs/setup_webdav.bat"
describe file('C:\\wamp\\www\\uploads') do
it { should exist }
end
describe file('C:\\wamp\\alias\\httpd-dav.conf') do
it { should exist }
end
describe service('wampapache') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe port('8585') do
it { should be_listening }
end
end

9
chef/cookbooks/metasploitable/test/windows/winrm.rb Normal file
View File

@ -0,0 +1,9 @@
control "winrm" do
title "WinRM"
desc "Checks if the port 5985 is listening"
describe port('5985') do
it { should be_listening }
end
end

21
chef/cookbooks/metasploitable/test/windows/wordpress.rb Normal file
View File

@ -0,0 +1,21 @@
control "wordpress" do
title "Check WordPress Installation"
desc "Checks the wordpress installation. Setup script available in /scripts/installs/install_wordpress.bat"
describe file('C:\\Program Files\\wordpress') do
it { should exist }
end
describe file('C:\\Program Files\\wordpress\\update_ip.ps1') do
it { should exist }
end
describe file('C:\\wamp\\www\\wordpress') do
it { should exist }
end
describe port('8585') do
it { should be_listening }
end
end

23
scripts/installs/install_dotnet45.ps1 Normal file
View File

@ -0,0 +1,23 @@
$Logfile = "C:\Windows\Temp\dotnet-install.log"
function LogWrite {
Param ([string]$logstring)
$now = Get-Date -format s
Add-Content $Logfile -value "$now $logstring"
Write-Host $logstring
}
LogWrite "Downloading dotNet 4.5.1"
try {
(New-Object System.Net.WebClient).DownloadFile('http://download.microsoft.com/download/1/6/7/167F0D79-9317-48AE-AEDB-17120579F8E2/NDP451-KB2858728-x86-x64-AllOS-ENU.exe', 'C:\Windows\Temp\dotnet.exe')
} catch {
LogWrite $_.Exception | Format-List -force
LogWrite "Failed to download file."
}
LogWrite "Starting installation process..."
try {
Start-Process -FilePath "C:\Windows\Temp\dotnet.exe" -ArgumentList "/I /q /norestart" -Wait -PassThru
} catch {
LogWrite $_.Exception | Format-List -force
LogWrite "Exception during install process."
}

2
scripts/installs/install_netfx.ps1 → scripts/installs/install_netfx40.ps1
View File

@ -4,4 +4,4 @@ $netfx_url = "https://download.microsoft.com/download/9/5/A/95A9616B-7A37-4AF6-B
Write-Output "Downloading $netfx_url"
(New-Object System.Net.WebClient).DownloadFile($netfx_url, "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe")
Write-Output "Starting Install of dotNetFx40_Full_x86_x64.exe"
Start-Process "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe" "/q /norestart" -Wait
Start-Process "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe" "/q /norestart" -Wait

23
scripts/installs/install_wmf.ps1 Normal file
View File

@ -0,0 +1,23 @@
$Logfile = "C:\Windows\Temp\wmf-install.log"
function LogWrite {
Param ([string]$logstring)
$now = Get-Date -format s
Add-Content $Logfile -value "$now $logstring"
Write-Host $logstring
}
LogWrite "Downloading Windows Management Framework 5.0"
try {
(New-Object System.Net.WebClient).DownloadFile('https://download.microsoft.com/download/2/C/6/2C6E1B4A-EBE5-48A6-B225-2D2058A9CEFB/Win7AndW2K8R2-KB3134760-x64.msu', 'C:\Windows\Temp\wmf.msu')
} catch {
LogWrite $_.Exception | Format-List -force
LogWrite "Failed to download file."
}
LogWrite "Starting installation process..."
try {
Start-Process -FilePath "wusa.exe" -ArgumentList "C:\Windows\Temp\wmf.msu /quiet /norestart" -Wait -PassThru
} catch {
LogWrite $_.Exception | Format-List -force
LogWrite "Exception during install process."
}

9
windows_2008_r2.json
View File

@ -20,7 +20,8 @@
"./scripts/configs/microsoft-updates.bat",
"./scripts/configs/win-updates.ps1",
"./scripts/installs/openssh.ps1",
"./scripts/installs/install_netfx.ps1",
"./scripts/installs/install_dotnet45.ps1",
"./scripts/installs/install_wmf.ps1",
"./resources/certs/oracle-cert.cer",
"./resources/certs/gdig2.crt",
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
@ -63,7 +64,8 @@
"./scripts/configs/microsoft-updates.bat",
"./scripts/configs/win-updates.ps1",
"./scripts/installs/openssh.ps1",
"./scripts/installs/install_netfx.ps1",
"./scripts/installs/install_dotnet45.ps1",
"./scripts/installs/install_wmf.ps1",
"./resources/certs/oracle-cert.cer",
"./resources/certs/gdig2.crt",
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
@ -132,7 +134,8 @@
"type":"powershell",
"inline": [
"iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))"
]
],
"pause_before": "60s"
},
{
"type": "windows-restart"