Merge branch 'master' into feature/linux_ctf
This commit is contained in:
commit
b4b47b5e06
|
@ -256,9 +256,14 @@
|
|||
<Order>26</Order>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install_netfx.ps1 -AutoStart</CommandLine>
|
||||
<Description>Install .NET 4.0</Description>
|
||||
<Order>27</Order>
|
||||
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install_dotnet45.ps1 -AutoStart</CommandLine>
|
||||
<Order>97</Order>
|
||||
<Description>Install .NET 4.5.1</Description>
|
||||
</SynchronousCommand>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install_wmf.ps1 -AutoStart</CommandLine>
|
||||
<Order>98</Order>
|
||||
<Description>Installing Windows Management Framework 5.0</Description>
|
||||
</SynchronousCommand>
|
||||
<!--WITHOUT WINDOWS UPDATES -->
|
||||
<SynchronousCommand wcm:action="add">
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
control "7zip" do
|
||||
title "Check 7zip"
|
||||
desc "Check if choco installed 7zip. Installation script available at /scripts/chocolatey_installs/7zip.bat"
|
||||
|
||||
describe file('C:\\ProgramData\\chocolatey\\bin\\7z.exe') do
|
||||
it { should exist }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,21 @@
|
|||
control "apache-struts" do
|
||||
title "Check if apache struts is running"
|
||||
desc "Check if the service is running. Installation script available at /scripts/installs/setup_apache_struts.bat"
|
||||
|
||||
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\conf\\tomcat-users.xml') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\conf\\server.xml') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\webapps\\struts2-rest-showcase.war') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('8282') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "axis2" do
|
||||
title "Axis 2"
|
||||
desc "Check if Axis 2 webapp is installed. Installation script available at /scripts/installs/setup_axis2.bat"
|
||||
|
||||
describe file('C:\\axis2') do
|
||||
it { should_not exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat\\apache-tomcat-8.5.12\\webapps\\axis2') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('8282') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "backdoors" do
|
||||
title "Backdoors"
|
||||
desc "Check if the backdoors are correctly placed. Installation script present at: /scripts/installs/install_backdoors.bat"
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\caidao.asp') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\wamp\\www\\mma.php') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\wamp\\www\\meterpreter.php') do
|
||||
it { should exist }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,12 @@
|
|||
control "boxstarter" do
|
||||
title "Check BoxStarter"
|
||||
desc "Check if BoxStarter is installed successfully"
|
||||
|
||||
describe file('C:\\Users\\vagrant\\AppData\\Roaming\\Boxstarter') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\vagrant\\AppData\\Roaming\\Boxstarter\\BoxstarterShell.ps1') do
|
||||
it { should exist }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,8 @@
|
|||
control "choco" do
|
||||
title "Check chocolatey"
|
||||
desc "Checks if chocolatey has been installed successfully"
|
||||
|
||||
describe command('choco --version') do
|
||||
its(:exit_status) { should eq 0 }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,117 @@
|
|||
control "check-accounts" do
|
||||
title "Check user accounts"
|
||||
desc "This test is to make sure that all the user accounts are created and are assigned to correct localgroups"
|
||||
|
||||
describe user('anakin_skywalker') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Network Configuration Operators", "Users"] }
|
||||
end
|
||||
|
||||
describe user('artoo_detoo') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Distributed COM Users", "Users"] }
|
||||
end
|
||||
|
||||
describe user('ben_kenobi') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Guests", "Users"] }
|
||||
end
|
||||
|
||||
describe user('boba_fett') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Power Users", "Users"] }
|
||||
end
|
||||
|
||||
describe user('c_three_pio') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Event Log Readers", "Users"] }
|
||||
end
|
||||
|
||||
describe user('chewbacca') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Replicator", "Users"] }
|
||||
end
|
||||
|
||||
describe user('darth_vader') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["IIS_IUSRS", "Users"] }
|
||||
end
|
||||
|
||||
describe user('greedo') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Remote Desktop Users", "Users"] }
|
||||
end
|
||||
|
||||
describe user('han_solo') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Cryptographic Operators", "Users"] }
|
||||
end
|
||||
|
||||
describe user('jabba_hutt') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Print Operators", "Users"] }
|
||||
end
|
||||
|
||||
describe user('jarjar_binks') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Performance Log Users", "Users"] }
|
||||
end
|
||||
|
||||
describe user('kylo_ren') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Users"] }
|
||||
end
|
||||
|
||||
describe user('lando_calrissian') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Performance Monitor Users", "Users"] }
|
||||
end
|
||||
|
||||
describe user('leia_organa') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Backup Operators", "Users"] }
|
||||
end
|
||||
|
||||
describe user('luke_skywalker') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Certificate Service DCOM Access", "Users"] }
|
||||
end
|
||||
|
||||
describe user('sshd') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Users"] }
|
||||
end
|
||||
|
||||
describe user('sshd_server') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Administrators", "Users"] }
|
||||
end
|
||||
|
||||
describe user('vagrant') do
|
||||
it { should exist }
|
||||
its('groups') { should eq ["Administrators", "Users"] }
|
||||
end
|
||||
end
|
||||
|
||||
control "reg-user-add" do
|
||||
title "Check user registry entries"
|
||||
desc "Check if the registry was updated with the new users and their groups. Configuration script available at /scripts/configs/create_users.bat"
|
||||
|
||||
describe registry_key('HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList') do
|
||||
its('anakin_skywalker') { should eq 0 }
|
||||
its('artoo_detoo') { should eq 0 }
|
||||
its('ben_kenobi') { should eq 0 }
|
||||
its('boba_fett') { should eq 0 }
|
||||
its('c_three_pio') { should eq 0 }
|
||||
its('chewbacca') { should eq 0 }
|
||||
its('darth_vader') { should eq 0 }
|
||||
its('greedo') { should eq 0 }
|
||||
its('han_solo') { should eq 0 }
|
||||
its('jabba_hutt') { should eq 0 }
|
||||
its('jarjar_binks') { should eq 0 }
|
||||
its('kylo_ren') { should eq 0 }
|
||||
its('lando_calrissian') { should eq 0 }
|
||||
its('leia_organa') { should eq 0 }
|
||||
its('luke_skywalker') { should eq 0 }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "devkit" do
|
||||
title "Rails Server - DevKit"
|
||||
desc "Check if the rails server has installed along with devkit. Check the installation script at /scripts/installs/install_devkit.bat"
|
||||
|
||||
describe file('C:\\Program Files\\Rails_Server') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Rails_Server\\devkit') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('3000') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,8 @@
|
|||
control "disable-auto-logon" do
|
||||
title "Disable Auto Logon"
|
||||
desc "Check if the registry is updated to disable auto logon. Configuration script available at /scripts/configs/disable-auto-logon.bat"
|
||||
|
||||
describe command('reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon') do
|
||||
its('stdout') { should match ("AutoAdminLogon REG_SZ 0") }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,9 @@
|
|||
control "disable-firewall" do
|
||||
title "Diable firewall"
|
||||
desc "Disable firewall. Configuration script available at /scripts/configs/disable_firewall.bat"
|
||||
|
||||
# There are three profiles. None of them should be in 'on' state
|
||||
describe command('netsh advfirewall show allprofiles state') do
|
||||
its('stdout') { should_not match ("ON") }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,19 @@
|
|||
control "elasticsearch" do
|
||||
title "ElasticSearch"
|
||||
desc "Check if ElasticSearch was installed correctly. Installation script available at /scripts/installs/install_elasticsearch.bat"
|
||||
|
||||
describe file('C:\\Program Files\\elasticsearch-1.1.1') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('elasticsearch-service-x64') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
|
||||
describe port('9200') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "enable-rdp" do
|
||||
title "Enable RDP"
|
||||
desc "Enables RDP by modifying Registry and adding a Firewall rule. Configuration script available at /scripts/configs/enable-rdp.bat"
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 3389"') do
|
||||
its('stdout') { should match ("Enabled: Yes") }
|
||||
end
|
||||
|
||||
describe registry_key('HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server') do
|
||||
its('fDenyTSConnections') { should eq 0 }
|
||||
end
|
||||
|
||||
describe port('3389') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,77 @@
|
|||
control "firewall" do
|
||||
title "Configure Firewall"
|
||||
desc "Check if the firewall rules are applied. Configuration script available at /scripts/configs/configure_firewall.bat"
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8484 for Jenkins"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8282 for Apache Struts"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 80 for IIS"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 4848 for GlassFish"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8080 for GlassFish"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8585 for Wordpress and phpMyAdmin"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Java 1.6 java.exe"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 3000 for Rails Server"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8020 for ManageEngine Desktop Central"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8383 for ManageEngine Desktop Central"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 8022 for ManageEngine Desktop Central"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 9200 for ElasticSearch"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Open Port 161 for SNMP"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Closed port 445 for SMB"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Closed port 139 for NetBIOS"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Closed port 135 for NetBIOS"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Closed Port 3389 for Remote Desktop"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
describe command('netsh advfirewall firewall show rule name="Closed Port 3306 for MySQL"') do
|
||||
its('stdout') { should match "Enabled: Yes" }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,61 @@
|
|||
control "flags-check" do
|
||||
title "Check flag locations"
|
||||
desc "Check if the flags are correctly placed"
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\six_of_diamonds.zip') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\WINDOWS\\System32\\jack_of_clubs.png') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Windows\\three_of_spades.png') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Windows\\System32\\kingofclubs.exe') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\Public\\Music\\four_of_clubs.wav') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\index.html') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\hahaha.jpg') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\iisstart.htm') do
|
||||
it { should_not exist }
|
||||
end
|
||||
|
||||
describe file('C:\\inetpub\\wwwroot\\seven_of_hearts.html') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\Public\\Documents\\jack_of_hearts.docx') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\Public\\Documents\\seven_of_spades.pdf') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\Public\\Pictures\\ace_of_hearts.jpg') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Users\\Public\\Pictures\\ten_of_diamonds.png') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\jack_of_diamonds.png') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,13 @@
|
|||
control "setup-ftp-site" do
|
||||
title "Setup FTP Site"
|
||||
desc "Check if the FTP site is correctly configured"
|
||||
|
||||
describe file('C:\\Windows\\System32\\inetsrv\\config\\applicationHost.config') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('21') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,39 @@
|
|||
control "glassfish" do
|
||||
title "Check GlassFish"
|
||||
desc "Check if the GlassFish service is correctly installed. Installation script available at /scripts/installs/setup_g"
|
||||
|
||||
describe file("C:\\glassfish") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file("C:\\glassfish\\glassfish4\\glassfish\\domains\\domain1\\config\\admin-keyfile") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file("C:\\glassfish\\glassfish4\\glassfish\\domains\\domain1\\config\\domain.xml") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('domain1') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
# describe command('icacls "C:\glassfish"') do
|
||||
# its('stdout') { should match "NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(F)" }
|
||||
# end
|
||||
|
||||
describe port('4848') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
describe port('8080') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
describe port('8181') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,8 @@
|
|||
control "iis" do
|
||||
title "IIS HTTP"
|
||||
desc "Checks if the IIS server has started and listening on port 80. Setup script available at /scripts/installs/setup_iis.bat"
|
||||
|
||||
describe port('3389') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "java" do
|
||||
title "Check Java installation"
|
||||
desc "Check if java is installed. Checkout the installation script at /scripts/chocolatey_installs/java.bat"
|
||||
|
||||
describe file('C:\\Program Files\\Java\\jre1.8.0_131\\bin\\java.exe') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Java\\jdk1.8.0_131\\bin\\java.exe') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe command('java -showversion') do
|
||||
its(:exit_status) { should eq 1 }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,26 @@
|
|||
control "jenkins" do
|
||||
title "Check jenkins"
|
||||
desc "Check if jenkins is installed correctly. The setup script is available at /scripts/installs/setup_jenkins.bat"
|
||||
|
||||
describe file("C:\\Program Files\\jenkins") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file("C:\\Program Files\\jenkins\\jenkins.war") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file("C:\\Program Files\\jenkins\\jenkins.exe") do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('jenkins') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('8484') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,38 @@
|
|||
control "jmx" do
|
||||
title "Check JMX installation"
|
||||
desc "Check if the JMX service is correctly installed. Setup script available at /scripts/installs/setup_jmx.bat"
|
||||
|
||||
describe file('C:\\Program Files\\jmx') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\jmx\\Hello.class') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\jmx\\HelloMBean.class') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\jmx\\SimpleAgent.class') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\jmx\\jmx.exe') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\jmx\\start_jmx.bat') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('jmx') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('1617') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,26 @@
|
|||
control "manageengine" do
|
||||
title "ManageEngine"
|
||||
desc "Check if ManageEngine is running. Installation script is available at /scripts/installs/install_manageengine.bat"
|
||||
|
||||
describe service('MEDCServerComponent-Apache') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe service('MEDC Server Component - Notification Server') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe service('DesktopCentralServer') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('8020') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,14 @@
|
|||
control "mysql" do
|
||||
title "MySQL"
|
||||
desc "Check if MySQL is running properly. Installation script available at /scripts/installs/setup_mysql.bat"
|
||||
|
||||
describe service('wampmysqld') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('3306') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,12 @@
|
|||
control "openjdk6" do
|
||||
title "Check OpenJDK 6"
|
||||
desc "Checks for the installation of OpenJDK 6. Setup file available at /scripts/installs/setup_openjdk6.bat"
|
||||
|
||||
describe file('C:\\openjdk6\\openjdk-1.6.0-unofficial-b27-windows-amd64') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe command('C:\openjdk6\openjdk-1.6.0-unofficial-b27-windows-amd64\jre\bin\java.exe -version') do
|
||||
its('stdout') { should match "openjdk version \"1.6.0-unofficial\"" }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,8 @@
|
|||
control "password-settings" do
|
||||
title "Password settings"
|
||||
desc "Check if the password settings are correctly configured. Configuration script available at /scripts/configs/apply_password_settings.bat"
|
||||
|
||||
describe command('secedit /analyze /db %windir%\securitynew.sdb /cfg C:\vagrant\resources\security_settings\secconfig.cfg /areas SECURITYPOLICY') do
|
||||
its(:exit_status) { should eq 1 }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,13 @@
|
|||
control "psexec" do
|
||||
title "PxExec"
|
||||
desc "Checks if the ports 139 - NetBIOS and 445 - SMB are listening"
|
||||
|
||||
describe port('139') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
describe port('445') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
||||
|
|
@ -0,0 +1,21 @@
|
|||
control "rails_service" do
|
||||
title "Rails Service"
|
||||
desc "Check if Rails service is correctly installed. Setup script available at /scripts/installs/install_rails_service.bat"
|
||||
|
||||
describe file('C:\\Program Files\\Rails_Server\\Gemfile') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\Rails_Server\\start_rails_server.bat') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('3000') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
describe windows_task('rails') do
|
||||
it { should exist }
|
||||
it { should be_enabled }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,12 @@
|
|||
control "ruby" do
|
||||
title "Ruby"
|
||||
desc "Check if ruby is installed. Installation script found at /scripts/installs/install_ruby.bat"
|
||||
|
||||
describe file('C:\\tools\\ruby23') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe command('ruby -v') do
|
||||
its(:exit_status) { should eq 0 }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
control "snmp" do
|
||||
title "Setup SNMP"
|
||||
desc "Check if SNMP has been set up correctly. Setup script available at /scripts/installs/setup_snmp.bat"
|
||||
|
||||
describe registry_key('HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters') do
|
||||
its('EnableAuthenticationTraps') { should eq 0 }
|
||||
end
|
||||
|
||||
describe registry_key('HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters\ValidCommunities') do
|
||||
its('public') { should eq 4 }
|
||||
end
|
||||
|
||||
describe port('161') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,19 @@
|
|||
control "tomcat" do
|
||||
title "Check tomcat installation"
|
||||
desc "Check if tomcat is installed. Installation script available at /scripts/chocolatey_installs/tomcat.bat"
|
||||
|
||||
describe file('C:\\Program Files\\Apache Software Foundation\\tomcat') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('Tomcat8') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('8282') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,35 @@
|
|||
control "wamp" do
|
||||
title "Check WAMP installation"
|
||||
desc "Check WAMP installation. The setup script available at /scripts/installs/install_wamp.bat"
|
||||
|
||||
describe file('C:\\wamp\\bin\\apache\\Apache2.2.21\\conf\\httpd.conf') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\wamp\\alias\\phpmyadmin.conf') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('wampapache') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe service('wampmysqld') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
#TODO: Add icacls verification
|
||||
|
||||
describe port('8585') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
describe port('3306') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
||||
|
|
@ -0,0 +1,22 @@
|
|||
control "webdav" do
|
||||
title "WebDAV"
|
||||
desc "Check if WebDAV is correctly installed. Installation script available at /scripts/installs/setup_webdav.bat"
|
||||
|
||||
describe file('C:\\wamp\\www\\uploads') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\wamp\\alias\\httpd-dav.conf') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe service('wampapache') do
|
||||
it { should be_installed }
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port('8585') do
|
||||
it { should be_listening }
|
||||
end
|
||||
end
|
|
@ -0,0 +1,9 @@
|
|||
control "winrm" do
|
||||
title "WinRM"
|
||||
desc "Checks if the port 5985 is listening"
|
||||
|
||||
describe port('5985') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,21 @@
|
|||
control "wordpress" do
|
||||
title "Check WordPress Installation"
|
||||
desc "Checks the wordpress installation. Setup script available in /scripts/installs/install_wordpress.bat"
|
||||
|
||||
describe file('C:\\Program Files\\wordpress') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\Program Files\\wordpress\\update_ip.ps1') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe file('C:\\wamp\\www\\wordpress') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe port('8585') do
|
||||
it { should be_listening }
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,23 @@
|
|||
$Logfile = "C:\Windows\Temp\dotnet-install.log"
|
||||
function LogWrite {
|
||||
Param ([string]$logstring)
|
||||
$now = Get-Date -format s
|
||||
Add-Content $Logfile -value "$now $logstring"
|
||||
Write-Host $logstring
|
||||
}
|
||||
|
||||
LogWrite "Downloading dotNet 4.5.1"
|
||||
try {
|
||||
(New-Object System.Net.WebClient).DownloadFile('http://download.microsoft.com/download/1/6/7/167F0D79-9317-48AE-AEDB-17120579F8E2/NDP451-KB2858728-x86-x64-AllOS-ENU.exe', 'C:\Windows\Temp\dotnet.exe')
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Failed to download file."
|
||||
}
|
||||
|
||||
LogWrite "Starting installation process..."
|
||||
try {
|
||||
Start-Process -FilePath "C:\Windows\Temp\dotnet.exe" -ArgumentList "/I /q /norestart" -Wait -PassThru
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Exception during install process."
|
||||
}
|
|
@ -4,4 +4,4 @@ $netfx_url = "https://download.microsoft.com/download/9/5/A/95A9616B-7A37-4AF6-B
|
|||
Write-Output "Downloading $netfx_url"
|
||||
(New-Object System.Net.WebClient).DownloadFile($netfx_url, "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe")
|
||||
Write-Output "Starting Install of dotNetFx40_Full_x86_x64.exe"
|
||||
Start-Process "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe" "/q /norestart" -Wait
|
||||
Start-Process "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe" "/q /norestart" -Wait
|
|
@ -0,0 +1,23 @@
|
|||
$Logfile = "C:\Windows\Temp\wmf-install.log"
|
||||
function LogWrite {
|
||||
Param ([string]$logstring)
|
||||
$now = Get-Date -format s
|
||||
Add-Content $Logfile -value "$now $logstring"
|
||||
Write-Host $logstring
|
||||
}
|
||||
|
||||
LogWrite "Downloading Windows Management Framework 5.0"
|
||||
try {
|
||||
(New-Object System.Net.WebClient).DownloadFile('https://download.microsoft.com/download/2/C/6/2C6E1B4A-EBE5-48A6-B225-2D2058A9CEFB/Win7AndW2K8R2-KB3134760-x64.msu', 'C:\Windows\Temp\wmf.msu')
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Failed to download file."
|
||||
}
|
||||
|
||||
LogWrite "Starting installation process..."
|
||||
try {
|
||||
Start-Process -FilePath "wusa.exe" -ArgumentList "C:\Windows\Temp\wmf.msu /quiet /norestart" -Wait -PassThru
|
||||
} catch {
|
||||
LogWrite $_.Exception | Format-List -force
|
||||
LogWrite "Exception during install process."
|
||||
}
|
|
@ -20,7 +20,8 @@
|
|||
"./scripts/configs/microsoft-updates.bat",
|
||||
"./scripts/configs/win-updates.ps1",
|
||||
"./scripts/installs/openssh.ps1",
|
||||
"./scripts/installs/install_netfx.ps1",
|
||||
"./scripts/installs/install_dotnet45.ps1",
|
||||
"./scripts/installs/install_wmf.ps1",
|
||||
"./resources/certs/oracle-cert.cer",
|
||||
"./resources/certs/gdig2.crt",
|
||||
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
|
||||
|
@ -63,7 +64,8 @@
|
|||
"./scripts/configs/microsoft-updates.bat",
|
||||
"./scripts/configs/win-updates.ps1",
|
||||
"./scripts/installs/openssh.ps1",
|
||||
"./scripts/installs/install_netfx.ps1",
|
||||
"./scripts/installs/install_dotnet45.ps1",
|
||||
"./scripts/installs/install_wmf.ps1",
|
||||
"./resources/certs/oracle-cert.cer",
|
||||
"./resources/certs/gdig2.crt",
|
||||
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
|
||||
|
@ -132,7 +134,8 @@
|
|||
"type":"powershell",
|
||||
"inline": [
|
||||
"iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))"
|
||||
]
|
||||
],
|
||||
"pause_before": "60s"
|
||||
},
|
||||
{
|
||||
"type": "windows-restart"
|
||||
|
|
Loading…
Reference in New Issue