github
/
metasploitable3
mirror of https://github.com/rapid7/metasploitable3
1
Fork 0
Code Releases Activity

Merge pull request #9 from rapid7/add_aws_builder 

Add AWS builder
This commit is contained in:
jbarnett-r7 2017-08-09 10:51:34 -05:00 committed by GitHub
parent be68ba5724 f77210b47d
commit ca7f6b2d31
27 changed files with 883 additions and 510 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,5 +1,6 @@
.vagrant/
packer_cache/
packer/builds/
*.exe
*.msi
*.msu

64
Vagrantfile vendored
View File

@ -2,10 +2,24 @@
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.define "ub1404" do |ub1404|
ub1404.vm.box = "metasploitable3-ub1404"
ub1404.vm.hostname = "metasploitable3-ub1404"
config.ssh.username = 'vagrant'
config.ssh.password = 'vagrant'
ub1404.vm.network "private_network", ip: '172.28.128.3'
ub1404.vm.provider "virtualbox" do |v|
v.name = "Metasploitable-ub1404"
v.memory = 2048
end
end
config.vm.define "win2k8" do |win2k8|
# Base configuration for the VM and provisioner
win2k8.vm.box = "metasploitable3"
win2k8.vm.hostname = "metasploitable3"
win2k8.vm.box = "metasploitable3-win2k8"
win2k8.vm.hostname = "metasploitable3-win2k8"
win2k8.vm.communicator = "winrm"
win2k8.winrm.retry_limit = 60
win2k8.winrm.retry_delay = 10
@ -27,50 +41,4 @@ Vagrant.configure("2") do |config|
win2k8.vm.provision :shell, path: "scripts/installs/setup_linux_share.bat"
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
end
config.vm.define "trusty" do |trusty|
trusty.vm.box = "rsginc/ubuntu64-14-04-1"
trusty.vm.hostname = "metasploitableUB"
trusty.vm.network "private_network", ip: '172.28.128.3'
trusty.vm.provider "virtualbox" do |v|
v.name = "MetasploitableUB"
v.memory = 2048
end
config.omnibus.chef_version = :latest
# Provision with Chef Solo
#
config.vm.provision :chef_solo do |chef|
chef.cookbooks_path = [ 'chef/cookbooks' ]
chef.json = { 'metasploitable' => {
# Customizations here
}
}
chef.add_recipe "metasploitable::mysql"
chef.add_recipe "metasploitable::apache_continuum"
chef.add_recipe "metasploitable::apache"
chef.add_recipe "metasploitable::php_545"
chef.add_recipe "metasploitable::phpmyadmin"
chef.add_recipe "metasploitable::proftpd"
chef.add_recipe "metasploitable::users"
chef.add_recipe "metasploitable::docker"
chef.add_recipe "metasploitable::samba"
chef.add_recipe "metasploitable::sinatra"
chef.add_recipe "metasploitable::unrealircd"
chef.add_recipe "metasploitable::chatbot"
chef.add_recipe "metasploitable::payroll_app"
chef.add_recipe "metasploitable::readme_app"
chef.add_recipe "metasploitable::cups"
chef.add_recipe "metasploitable::drupal"
chef.add_recipe "metasploitable::knockd"
chef.add_recipe "metasploitable::iptables"
chef.add_recipe "metasploitable::flags"
chef.add_recipe "metasploitable::clear_cache"
end
end
end

12
build_win2008.ps1
View File

@ -95,11 +95,11 @@ If (![string]::IsNullOrEmpty($vagrantPlugins)) {
Write-Host "All requirements found. Proceeding..."
If ($(Test-Path "windows_2008_r2_virtualbox.box") -eq $True) {
If ($(Test-Path "packer\templates\windows_2008_r2_virtualbox.box") -eq $True) {
Write-Host "It looks like the Vagrant box already exists. Skipping the Packer build."
} else {
Write-Host "Building the Vagrant box..."
cmd.exe /c packer build --only=virtualbox-iso windows_2008_r2.json
cmd.exe /c packer build --only=virtualbox-iso packer\templates\windows_2008_r2.json
if($?) {
Write-Host "Box successfully built by Packer."
@ -110,15 +110,15 @@ If ($(Test-Path "windows_2008_r2_virtualbox.box") -eq $True) {
echo "Attempting to add the box to Vagrant..."
$vagrant_box_list = cmd.exe /c "vagrant box list" | select-string -pattern "metasploitable3"
$vagrant_box_list = cmd.exe /c "vagrant box list" | select-string -pattern "metasploitable3-win2k8"
If ($vagrant_box_list) { $vagrant_box_list = $vagrant_box_list.ToString().Trim() }
If ($vagrant_box_list -eq "metasploitable3") {
Write-Host "metasploitable3 already found in Vagrant box repository. Skipping the addition to Vagrant."
If ($vagrant_box_list -eq "metasploitable3-win2k8") {
Write-Host "metasploitable3-win2k8 already found in Vagrant box repository. Skipping the addition to Vagrant."
} else {
cmd.exe /c vagrant box add metasploitable3 windows_2008_r2_virtualbox.box
cmd.exe /c vagrant box add metasploitable3-win2k8 packer\builds\windows_2008_r2_virtualbox.box
if($?) {
Write-Host "Box successfully added to Vagrant."

8
build_win2008.sh
View File

@ -97,11 +97,11 @@ fi
echo "All requirements found. Proceeding..."
if ls | grep -q 'windows_2008_r2_virtualbox.box'; then
if ls packer/builds/ | grep -q 'windows_2008_r2_virtualbox.box'; then
echo "It looks like the vagrant box already exists. Skipping the Packer build."
else
echo "Building the Vagrant box..."
if $packer_bin build --only=virtualbox-iso windows_2008_r2.json; then
if $packer_bin build --only=virtualbox-iso packer/templates/windows_2008_r2.json; then
echo "Box successfully built by Packer."
else
echo "Error building the Vagrant box using Packer. Please check the output above for any error messages."
@ -111,11 +111,11 @@ fi
echo "Attempting to add the box to Vagrant..."
if vagrant box list | grep -q 'metasploitable3'; then
if vagrant box list | grep -q 'metasploitable3-win2k8'; then
echo 'metasploitable3 already found in Vagrant box repository. Skipping the addition to Vagrant.'
echo "NOTE: If you are having issues, try starting over by doing 'vagrant destroy' and then 'vagrant up'."
else
if vagrant box add windows_2008_r2_virtualbox.box --name metasploitable3; then
if vagrant box add packer/builds/windows_2008_r2_virtualbox.box --name metasploitable3-win2k8; then
echo "Box successfully added to Vagrant."
else
echo "Error adding box to Vagrant. See the above output for any error messages."

3
chef/cookbooks/metasploitable/attributes/apache_continuum.rb Normal file
View File

@ -0,0 +1,3 @@
default[:apache_continuum][:install_dir] = '/opt/apache_continuum'
default[:apache_continuum][:download_url] = 'http://archive.apache.org/dist/continuum/binaries'
default[:apache_continuum][:tar] = 'apache-continuum-1.4.2-bin.tar.gz'

1
chef/cookbooks/metasploitable/attributes/php545.rb Normal file
View File

@ -0,0 +1 @@
default[:php545][:download_url] = 'http://museum.php.net/php5/'

1
chef/cookbooks/metasploitable/attributes/proftpd.rb Normal file
View File

@ -0,0 +1 @@
default[:proftpd][:download_url] = 'ftp://ftp.proftpd.org/distrib/source'

0
resources/apache_continuum/data.tar.gz → chef/cookbooks/metasploitable/files/apache_continuum/data.tar.gz
View File

45
chef/cookbooks/metasploitable/recipes/apache_continuum.rb
View File

@ -7,20 +7,45 @@
execute "apt-get update" do
command "apt-get update"
end
package 'openjdk-6-jre'
package 'openjdk-6-jdk'
directory node[:apache_continuum][:install_dir] do
owner 'root'
group 'root'
mode 0644
end
remote_file "#{Chef::Config[:file_cache_path]}/#{node[:apache_continuum][:tar]}" do
source "#{node[:apache_continuum][:download_url]}/#{node[:apache_continuum][:tar]}"
mode 0644
end
execute "extract apache continum" do
cwd Chef::Config[:file_cache_path]
command "tar -xvzf #{node[:apache_continuum][:tar]} -C #{node[:apache_continuum][:install_dir]}"
not_if { ::File.exists?(File.join(node[:apache_continuum][:install_dir], 'apache-continuum-1.4.2'))}
end
bash 'Download and extract Apache Continuum 1.4.2' do
cwd File.join(node[:apache_continuum][:install_dir],'apache-continuum-1.4.2')
code <<-EOH
mkdir /opt/apache-continuum/
cd /opt/apache-continuum/
wget http://archive.apache.org/dist/continuum/binaries/apache-continuum-1.4.2-bin.tar.gz
tar xvf apache-continuum-1.4.2-bin.tar.gz
rm apache-continuum-1.4.2/bin/wrapper-linux-x86-32
rm -rf apache-continuum-1.4.2/data
tar -xvzf /vagrant/resources/apache_continuum/data.tar.gz -C /opt/apache-continuum/apache-continuum-1.4.2/
ln -s /opt/apache-continuum/apache-continuum-1.4.2/bin/continuum /etc/init.d/continuum
update-rc.d continuum defaults 80
service continuum start
rm bin/wrapper-linux-x86-32
rm -rf data
tar --warning=no-unknown-keyword -xvzf #{File.join(Chef::Config[:file_cache_path], 'cookbooks', 'metasploitable', 'files', 'apache_continuum', 'data.tar.gz')} -C #{File.join(node[:apache_continuum][:install_dir], 'apache-continuum-1.4.2')}
EOH
end
link '/etc/init.d/continuum' do
to File.join(node[:apache_continuum][:install_dir], 'apache-continuum-1.4.2', 'bin', 'continuum')
end
execute "set port for apache continuum" do
command 'update-rc.d continuum defaults 80'
end
service 'continuum' do
action [:enable, :start]
end

2
chef/cookbooks/metasploitable/recipes/chatbot.rb
View File

@ -28,7 +28,7 @@ execute 'unzip chatbot' do
end
execute 'chown chatbot' do
command 'chown -R vagrant:vagrant /opt/chatbot'
command "chown -R root:root /opt/chatbot"
end
execute 'chmod chatbot' do

5
chef/cookbooks/metasploitable/recipes/drupal.rb
View File

@ -10,6 +10,7 @@ include_recipe 'metasploitable::php_545'
drupal_tar = "drupal-#{node[:drupal][:version]}.tar.gz"
coder_tar = "coder-7.x-2.5.tar.gz"
files_path = File.join(Chef::Config[:file_cache_path], 'cookbooks', 'metasploitable', 'files', 'drupal')
remote_file "#{Chef::Config[:file_cache_path]}/#{drupal_tar}" do
source "#{node[:drupal][:download_url]}/#{drupal_tar}"
@ -42,7 +43,7 @@ end
execute 'untar default site' do
cwd node[:drupal][:sites_dir]
command "tar xvzf #{node[:drupal][:files_path]}/default_site.tar.gz"
command "tar xvzf #{File.join(files_path, 'default_site.tar.gz')}"
not_if { ::File.exists?(File.join(node[:drupal][:default_site_dir], 'settings.php')) }
not_if { ::File.directory?(File.join(node[:drupal][:default_site_dir], 'files')) }
end
@ -61,7 +62,7 @@ bash "create drupal database and inject data" do
code <<-EOH
mysql -h 127.0.0.1 --user="root" --password="sploitme" --execute="CREATE DATABASE drupal;"
mysql -h 127.0.0.1 --user="root" --password="sploitme" --execute="GRANT SELECT, INSERT, DELETE, CREATE, DROP, INDEX, ALTER ON drupal.* TO 'root'@'localhost' IDENTIFIED BY 'sploitme';"
mysql -h 127.0.0.1 --user="root" --password="sploitme" drupal < #{File.join(node[:drupal][:files_path], 'drupal.sql')}
mysql -h 127.0.0.1 --user="root" --password="sploitme" drupal < #{File.join(files_path, 'drupal.sql')}
EOH
not_if "mysql -h 127.0.0.1 --user=\"root\" --password=\"sploitme\" --execute=\"SHOW DATABASES LIKE 'drupal'\" | grep -c drupal"
end

2
chef/cookbooks/metasploitable/recipes/flags.rb
View File

@ -43,7 +43,7 @@ bash "load 8 of hearts into DB" do
code <<-EOH
mysql -h 127.0.0.1 --user="root" --password="sploitme" --execute="CREATE DATABASE super_secret_db;"
mysql -h 127.0.0.1 --user="root" --password="sploitme" --execute="GRANT SELECT, INSERT, DELETE, CREATE, DROP, INDEX, ALTER ON drupal.* TO 'root'@'localhost' IDENTIFIED BY 'sploitme';"
mysql -h 127.0.0.1 --user="root" --password="sploitme" super_secret_db < #{File.join(node[:metasploitable][:files_path], 'flags', 'super_secret_db.sql')}
mysql -h 127.0.0.1 --user="root" --password="sploitme" super_secret_db < #{File.join(Chef::Config[:file_cache_path], 'cookbooks', 'metasploitable', 'files', 'flags', 'super_secret_db.sql')}
EOH
not_if "mysql -h 127.0.0.1 --user=\"root\" --password=\"sploitme\" --execute=\"SHOW DATABASES LIKE 'super_secret_db'\" | grep -c drupal"
end

1
chef/cookbooks/metasploitable/recipes/iptables.rb
View File

@ -15,6 +15,7 @@ bash 'setup for knockd, used for flag' do
node[:metasploitable][:ports].keys.each do |service|
code_to_execute << "iptables -A INPUT -p tcp --dport #{node[:metasploitable][:ports][service.to_sym]} -j ACCEPT\n"
end
code_to_execute << "iptables -A INPUT -p tcp --dport 22 -j ACCEPT\n"
code_to_execute << "iptables -A INPUT -j DROP\n"
code code_to_execute
end

8
chef/cookbooks/metasploitable/recipes/payroll_app.rb
View File

@ -7,6 +7,8 @@ include_recipe 'metasploitable::mysql'
include_recipe 'metasploitable::apache'
include_recipe 'metasploitable::php_545'
poc_dir = "/home/#{node[:users][node[:users].keys.last][:username]}/poc/payroll_app/"
cookbook_file '/var/www/html/payroll_app.php' do
source 'payroll_app/payroll_app.php'
mode '0755'
@ -17,13 +19,13 @@ template '/tmp/payroll.sql' do
mode '0755'
end
directory '/home/vagrant/poc/payroll_app/' do
directory poc_dir do
mode '0755'
owner 'vagrant'
owner node[:users][node[:users].keys.last][:username]
recursive true
end
cookbook_file '/home/vagrant/poc/payroll_app/poc.rb' do
cookbook_file "#{poc_dir}/poc.rb" do
source 'payroll_app/poc.rb'
mode '0755'
end

35
chef/cookbooks/metasploitable/recipes/php_545.rb
View File

@ -6,6 +6,10 @@
# General steps pulled from here: http://askubuntu.com/questions/597462/how-to-install-php-5-2-x-on-ubuntu-14-04
include_recipe 'metasploitable::apache'
php_tar = "php-5.4.5.tar.gz"
execute "apt-get update" do
command "apt-get update"
end
@ -22,19 +26,29 @@ execute "fix freetype bug" do
command "mkdir -pv /usr/include/freetype2/freetype && ln -sf /usr/include/freetype2/freetype.h /usr/include/freetype2/freetype/freetype.h"
end
bash "download, extract, and patch php source" do
code <<-EOH
wget -c -t 3 -O /home/vagrant/php-5.4.5.tar.gz http://museum.php.net/php5/php-5.4.5.tar.gz
tar xvfz /home/vagrant/php-5.4.5.tar.gz -C /home/vagrant/
cd /home/vagrant/php-5.4.5
wget -c -t 3 -O ./libxml29_compat.patch https://mail.gnome.org/archives/xml/2012-August/txtbgxGXAvz4N.txt
patch -p0 -b < libxml29_compat.patch
EOH
remote_file "#{Chef::Config[:file_cache_path]}/#{php_tar}" do
source "#{node[:php545][:download_url]}/#{php_tar}"
mode 0644
end
remote_file "#{Chef::Config[:file_cache_path]}/libxml29_compat.patch" do
source "https://mail.gnome.org/archives/xml/2012-August/txtbgxGXAvz4N.txt"
mode 0644
end
execute "extract php" do
cwd Chef::Config[:file_cache_path]
command "tar xvzf #{Chef::Config[:file_cache_path]}/#{php_tar} -C #{Chef::Config[:file_cache_path]}"
end
execute "patch php" do
cwd "#{Chef::Config[:file_cache_path]}/php-5.4.5"
command "patch -p0 -b < ../libxml29_compat.patch"
end
bash "compile and install php" do
cwd "#{Chef::Config[:file_cache_path]}/php-5.4.5"
code <<-EOH
cd /home/vagrant/php-5.4.5
./configure --with-apxs2=/usr/bin/apxs --with-mysqli --enable-embedded-mysqli --with-gd --with-mcrypt --enable-mbstring --with-pdo-mysql
make
make install
@ -58,9 +72,6 @@ bash "enable php modules" do
EOH
end
# ln -s ../mods-available/php5.conf
# ln -s ../mods-available/php5.load
service 'apache2' do
action [:restart]
end

21
chef/cookbooks/metasploitable/recipes/proftpd.rb
View File

@ -8,12 +8,23 @@
include_recipe 'metasploitable::apache'
bash "download, extract, and compile proftpd" do
proftpd_tar = 'proftpd-1.3.5.tar.gz'
remote_file "#{Chef::Config[:file_cache_path]}/#{proftpd_tar}" do
source "#{node[:proftpd][:download_url]}/#{proftpd_tar}"
mode 0644
end
execute "extract proftpd" do
cwd Chef::Config[:file_cache_path]
command 'tar zxfv proftpd-1.3.5.tar.gz'
not_if { ::File.exists?(File.join(Chef::Config[:file_cache_path], 'proftpd-1.3.5'))}
end
bash 'compile and install proftpd' do
cwd "#{Chef::Config[:file_cache_path]}/proftpd-1.3.5"
code <<-EOH
cd /home/vagrant
wget "ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.5.tar.gz"
tar zxfv proftpd-1.3.5.tar.gz
cd proftpd-1.3.5
./configure --prefix=/opt/proftpd --with-modules=mod_copy
make
make install

0
answer_files/2008_r2/Autounattend.xml → packer/answer_files/2008_r2/Autounattend.xml
View File

43
packer/http/preseed.cfg Normal file
View File

@ -0,0 +1,43 @@
choose-mirror-bin mirror/http/proxy string
d-i base-installer/kernel/override-image string linux-server
d-i clock-setup/utc boolean true
d-i clock-setup/utc-auto boolean true
d-i finish-install/reboot_in_progress note
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i partman-auto-lvm/guided_size string max
d-i partman-auto/choose_recipe select atomic
d-i partman-auto/method string lvm
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-lvm/device_remove_lvm boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/confirm_write_new_label boolean true
d-i pkgsel/include string openssh-server cryptsetup build-essential libssl-dev libreadline-dev zlib1g-dev linux-source dkms nfs-common curl wget ca-certificates libwww-perl python open-vm-tools-lts-trusty
d-i pkgsel/install-language-support boolean false
d-i pkgsel/update-policy select unattended-upgrades
d-i pkgsel/upgrade select full-upgrade
d-i time/zone string UTC
tasksel tasksel/first multiselect standard, ubuntu-server
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/modelcode string pc105
d-i debian-installer/locale string en_US
# Create vagrant user account.
d-i passwd/user-fullname string vagrant
d-i passwd/username string vagrant
d-i passwd/user-password password vagrant
d-i passwd/user-password-again password vagrant
d-i user-setup/allow-password-weak boolean true
d-i user-setup/encrypt-home boolean false
d-i passwd/user-default-groups vagrant sudo
d-i passwd/user-uid string 900
d-i preseed/late_command string \
echo "vagrant ALL=(ALL:ALL) NOPASSWD:ALL" > /target/etc/sudoers.d/vagrant ; \
chmod 0440 /target/etc/sudoers.d/vagrant ;

48
packer/templates/aws/ubuntu_1404_ctf_2017.json Normal file
View File

@ -0,0 +1,48 @@
{
"builders": [
{
"type": "amazon-ebs",
"region": "us-east-1",
"source_ami": "ami-86562dee",
"instance_type": "t2.small",
"ssh_username": "ubuntu",
"ami_name": "metasploitable3-ub1404-{{user `box_version`}}"
}
],
"provisioners": [
{
"type": "chef-solo",
"cookbook_paths": [
"{{template_dir}}/../../../chef/cookbooks"
],
"run_list": [
"metasploitable::vm_tools",
"metasploitable::users",
"metasploitable::mysql",
"metasploitable::apache_continuum",
"metasploitable::apache",
"metasploitable::php_545",
"metasploitable::phpmyadmin",
"metasploitable::proftpd",
"metasploitable::docker",
"metasploitable::samba",
"metasploitable::sinatra",
"metasploitable::unrealircd",
"metasploitable::chatbot",
"metasploitable::payroll_app",
"metasploitable::readme_app",
"metasploitable::cups",
"metasploitable::drupal",
"metasploitable::knockd",
"metasploitable::iptables",
"metasploitable::flags"
]
}
],
"variables": {
"iso_url": "http://old-releases.ubuntu.com/releases/14.04.1/ubuntu-14.04.1-server-amd64.iso",
"iso_checksum_type": "md5",
"iso_checksum": "ca2531b8cd79ea5b778ede3a524779b9",
"box_version": "0.1.2"
}
}

111
packer/templates/pro/ubuntu_1404_pro.json Normal file
View File

@ -0,0 +1,111 @@
{
"builders": [
{
"type": "vmware-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"http_directory" : "{{template_dir}}/../../http",
"http_port_min" : 9001,
"http_port_max" : 9001,
"boot_command": [
"<esc><wait>",
"<esc><wait>",
"<enter><wait>",
"/install/vmlinuz",
" auto=true",
" priority=critical",
" initrd=/install/initrd.gz",
" preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
" -- ",
"<enter>"
],
"boot_wait": "20s",
"communicator": "ssh",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "echo 'packer' | sudo -S shutdown -P now",
"guest_os_type": "Ubuntu_64",
"tools_upload_flavor": "linux",
"disk_size": 40000,
"vm_name": "metasploitable3-ub1404",
"vmx_data": {
"cpuid.coresPerSocket": "2",
"memsize": "4096",
"numvcpus": "2",
"scsi0.virtualDev": "lsisas1068"
}
},
{
"type": "virtualbox-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"http_directory" : "{{template_dir}}/../../http",
"http_port_min" : 9001,
"http_port_max" : 9001,
"boot_command": [
"<esc><wait>",
"<esc><wait>",
"<enter><wait>",
"/install/vmlinuz",
" auto=true",
" priority=critical",
" initrd=/install/initrd.gz",
" preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
" -- ",
"<enter>"
],
"boot_wait": "20s",
"communicator": "ssh",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "echo 'packer' | sudo -S shutdown -P now",
"guest_os_type": "Ubuntu_64",
"disk_size": 40000,
"vm_name": "metasploitable3-ub1404",
"vboxmanage": [
[
"modifyvm",
"{{.Name}}",
"--memory",
"4096"
],
[
"modifyvm",
"{{.Name}}",
"--cpus",
"2"
]
]
}
],
"provisioners": [
{
"type": "chef-solo",
"cookbook_paths": [
"{{template_dir}}/../../../chef/cookbooks"
],
"run_list": [
"metasploitable::vm_tools"
]
}
],
"post-processors": [
{
"type": "vagrant",
"keep_input_artifact": false,
"output": "{{template_dir}}/../../builds/ubuntu_1404_{{.Provider}}_{{user `box_version`}}_pro.box"
}
],
"variables": {
"iso_url": "http://old-releases.ubuntu.com/releases/14.04.1/ubuntu-14.04.1-server-amd64.iso",
"iso_checksum_type": "md5",
"iso_checksum": "ca2531b8cd79ea5b778ede3a524779b9",
"box_version": "0.1.0"
}
}

148
packer/templates/pro/windows_2008_r2_pro.json Normal file
View File

@ -0,0 +1,148 @@
{
"builders": [
{
"type": "vmware-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"boot_wait": "10m",
"communicator": "ssh",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "winServer2008Standard-64",
"tools_upload_flavor": "windows",
"disk_size": 61440,
"floppy_files": [
"{{user `autounattend`}}",
"{{user `scripts_dir`}}/configs/microsoft-updates.bat",
"{{user `scripts_dir`}}/configs/win-updates.ps1",
"{{user `scripts_dir`}}/installs/openssh.ps1",
"{{user `scripts_dir`}}/installs/install_dotnet45.ps1",
"{{user `scripts_dir`}}/installs/install_wmf.ps1",
"{{user `resources_dir`}}/certs/oracle-cert.cer",
"{{user `resources_dir`}}/certs/gdig2.crt",
"{{user `resources_dir`}}/certs/comodorsadomainvalidationsecureserverca.crt",
"{{user `resources_dir`}}/certs/comodorsacertificationauthority.crt",
"{{user `resources_dir`}}/certs/addtrust_external_ca.cer",
"{{user `resources_dir`}}/certs/baltimore_ca.cer",
"{{user `resources_dir`}}/certs/digicert.cer",
"{{user `resources_dir`}}/certs/equifax.cer",
"{{user `resources_dir`}}/certs/globalsign.cer",
"{{user `resources_dir`}}/certs/gte_cybertrust.cer",
"{{user `resources_dir`}}/certs/microsoft_root_2011.cer",
"{{user `resources_dir`}}/certs/thawte_primary_root.cer",
"{{user `resources_dir`}}/certs/utn-userfirst.cer"
],
"vm_name": "metasploitable3-win2k8",
"vmx_data": {
"cpuid.coresPerSocket": "2",
"memsize": "4096",
"numvcpus": "2",
"scsi0.virtualDev": "lsisas1068"
}
},
{
"type": "virtualbox-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"boot_wait": "10m",
"communicator": "ssh",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "Windows2008_64",
"disk_size": 61440,
"vm_name": "metasploitable3-win2k8",
"floppy_files": [
"{{user `autounattend`}}",
"{{user `scripts_dir`}}/configs/microsoft-updates.bat",
"{{user `scripts_dir`}}/configs/win-updates.ps1",
"{{user `scripts_dir`}}/installs/openssh.ps1",
"{{user `scripts_dir`}}/installs/install_dotnet45.ps1",
"{{user `scripts_dir`}}/installs/install_wmf.ps1",
"{{user `resources_dir`}}/certs/oracle-cert.cer",
"{{user `resources_dir`}}/certs/gdig2.crt",
"{{user `resources_dir`}}/certs/comodorsadomainvalidationsecureserverca.crt",
"{{user `resources_dir`}}/certs/comodorsacertificationauthority.crt",
"{{user `resources_dir`}}/certs/addtrust_external_ca.cer",
"{{user `resources_dir`}}/certs/baltimore_ca.cer",
"{{user `resources_dir`}}/certs/digicert.cer",
"{{user `resources_dir`}}/certs/equifax.cer",
"{{user `resources_dir`}}/certs/globalsign.cer",
"{{user `resources_dir`}}/certs/gte_cybertrust.cer",
"{{user `resources_dir`}}/certs/microsoft_root_2011.cer",
"{{user `resources_dir`}}/certs/thawte_primary_root.cer",
"{{user `resources_dir`}}/certs/utn-userfirst.cer"
],
"vboxmanage": [
[
"modifyvm",
"{{.Name}}",
"--memory",
"4096"
],
[
"modifyvm",
"{{.Name}}",
"--cpus",
"2"
]
]
}
],
"provisioners": [
{
"type": "file",
"source": "{{user `scripts_dir`}}",
"destination": "C:/vagrant"
},
{
"type": "file",
"source": "{{user `resources_dir`}}",
"destination": "C:/vagrant"
},
{
"type": "shell",
"remote_path": "/tmp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"{{user `scripts_dir`}}/configs/update_root_certs.bat",
"{{user `scripts_dir`}}/installs/vm-guest-tools.bat",
"{{user `scripts_dir`}}/configs/vagrant-ssh.bat",
"{{user `scripts_dir`}}/configs/disable-auto-logon.bat",
"{{user `scripts_dir`}}/configs/enable-rdp.bat"
]
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"{{user `scripts_dir`}}/configs/disable_firewall.bat"
]
}
],
"post-processors": [
{
"type": "vagrant",
"keep_input_artifact": false,
"output": "{{template_dir}}/../builds/windows_2008_r2_{{.Provider}}_{{user `box_version`}}_pro.box",
"vagrantfile_template": "{{template_dir}}/vagrantfile-windows_2008_r2.template"
}
],
"variables": {
"iso_url": "http://download.microsoft.com/download/7/5/E/75EC4E54-5B02-42D6-8879-D8D3A25FBEF7/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso",
"iso_checksum_type": "md5",
"iso_checksum": "4263be2cf3c59177c45085c0a7bc6ca5",
"autounattend": "{{template_dir}}/../../answer_files/2008_r2/Autounattend.xml",
"scripts_dir": "{{template_dir}}/../../../scripts",
"resources_dir": "{{template_dir}}/../../..resources",
"box_version": "0.1.0"
}
}

130
packer/templates/ubuntu_1404.json Normal file
View File

@ -0,0 +1,130 @@
{
"builders": [
{
"type": "vmware-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"http_directory" : "{{template_dir}}/../http",
"http_port_min" : 9001,
"http_port_max" : 9001,
"boot_command": [
"<esc><wait>",
"<esc><wait>",
"<enter><wait>",
"/install/vmlinuz",
" auto=true",
" priority=critical",
" initrd=/install/initrd.gz",
" preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
" -- ",
"<enter>"
],
"boot_wait": "20s",
"communicator": "ssh",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "echo 'packer' | sudo -S shutdown -P now",
"guest_os_type": "Ubuntu_64",
"tools_upload_flavor": "linux",
"disk_size": 40000,
"vm_name": "metasploitable3-ub1404",
"vmx_data": {
"cpuid.coresPerSocket": "2",
"memsize": "4096",
"numvcpus": "2",
"scsi0.virtualDev": "lsisas1068"
}
},
{
"type": "virtualbox-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"http_directory" : "{{template_dir}}/../http",
"http_port_min" : 9001,
"http_port_max" : 9001,
"boot_command": [
"<esc><wait>",
"<esc><wait>",
"<enter><wait>",
"/install/vmlinuz",
" auto=true",
" priority=critical",
" initrd=/install/initrd.gz",
" preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
" -- ",
"<enter>"
],
"boot_wait": "20s",
"communicator": "ssh",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "echo 'packer' | sudo -S shutdown -P now",
"guest_os_type": "Ubuntu_64",
"disk_size": 40000,
"vm_name": "metasploitable3-ub1404",
"vboxmanage": [
[
"modifyvm",
"{{.Name}}",
"--memory",
"4096"
],
[
"modifyvm",
"{{.Name}}",
"--cpus",
"2"
]
]
}
],
"provisioners": [
{
"type": "chef-solo",
"cookbook_paths": [
"{{template_dir}}/../../chef/cookbooks"
],
"run_list": [
"metasploitable::vm_tools",
"metasploitable::users",
"metasploitable::mysql",
"metasploitable::apache_continuum",
"metasploitable::apache",
"metasploitable::php_545",
"metasploitable::phpmyadmin",
"metasploitable::proftpd",
"metasploitable::docker",
"metasploitable::samba",
"metasploitable::sinatra",
"metasploitable::unrealircd",
"metasploitable::chatbot",
"metasploitable::payroll_app",
"metasploitable::readme_app",
"metasploitable::cups",
"metasploitable::drupal",
"metasploitable::knockd",
"metasploitable::iptables",
"metasploitable::flags"
]
}
],
"post-processors": [
{
"type": "vagrant",
"keep_input_artifact": false,
"output": "{{template_dir}}/../builds/ubuntu_1404_{{.Provider}}_{{user `box_version`}}.box"
}
],
"variables": {
"iso_url": "http://old-releases.ubuntu.com/releases/14.04.1/ubuntu-14.04.1-server-amd64.iso",
"iso_checksum_type": "md5",
"iso_checksum": "ca2531b8cd79ea5b778ede3a524779b9",
"box_version": "0.1.2"
}
}

0
vagrantfile-windows_2008_r2.template → packer/templates/vagrantfile-windows_2008_r2.template
View File

221
packer/templates/windows_2008_r2.json Normal file
View File

@ -0,0 +1,221 @@
{
"builders": [
{
"type": "vmware-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"boot_wait": "10m",
"communicator": "ssh",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "winServer2008Standard-64",
"tools_upload_flavor": "windows",
"disk_size": 61440,
"floppy_files": [
"{{user `autounattend`}}",
"{{user `scripts_dir`}}/configs/microsoft-updates.bat",
"{{user `scripts_dir`}}/configs/win-updates.ps1",
"{{user `scripts_dir`}}/installs/openssh.ps1",
"{{user `scripts_dir`}}/installs/install_dotnet45.ps1",
"{{user `scripts_dir`}}/installs/install_wmf.ps1",
"{{user `resources_dir`}}/certs/oracle-cert.cer",
"{{user `resources_dir`}}/certs/gdig2.crt",
"{{user `resources_dir`}}/certs/comodorsadomainvalidationsecureserverca.crt",
"{{user `resources_dir`}}/certs/comodorsacertificationauthority.crt",
"{{user `resources_dir`}}/certs/addtrust_external_ca.cer",
"{{user `resources_dir`}}/certs/baltimore_ca.cer",
"{{user `resources_dir`}}/certs/digicert.cer",
"{{user `resources_dir`}}/certs/equifax.cer",
"{{user `resources_dir`}}/certs/globalsign.cer",
"{{user `resources_dir`}}/certs/gte_cybertrust.cer",
"{{user `resources_dir`}}/certs/microsoft_root_2011.cer",
"{{user `resources_dir`}}/certs/thawte_primary_root.cer",
"{{user `resources_dir`}}/certs/utn-userfirst.cer"
],
"vm_name": "metasploitable3-win2k8",
"vmx_data": {
"cpuid.coresPerSocket": "2",
"memsize": "4096",
"numvcpus": "2",
"scsi0.virtualDev": "lsisas1068"
}
},
{
"type": "virtualbox-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"boot_wait": "10m",
"communicator": "ssh",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "Windows2008_64",
"disk_size": 61440,
"vm_name": "metasploitable3-win2k8",
"floppy_files": [
"{{user `autounattend`}}",
"{{user `scripts_dir`}}/configs/microsoft-updates.bat",
"{{user `scripts_dir`}}/configs/win-updates.ps1",
"{{user `scripts_dir`}}/installs/openssh.ps1",
"{{user `scripts_dir`}}/installs/install_dotnet45.ps1",
"{{user `scripts_dir`}}/installs/install_wmf.ps1",
"{{user `resources_dir`}}/certs/oracle-cert.cer",
"{{user `resources_dir`}}/certs/gdig2.crt",
"{{user `resources_dir`}}/certs/comodorsadomainvalidationsecureserverca.crt",
"{{user `resources_dir`}}/certs/comodorsacertificationauthority.crt",
"{{user `resources_dir`}}/certs/addtrust_external_ca.cer",
"{{user `resources_dir`}}/certs/baltimore_ca.cer",
"{{user `resources_dir`}}/certs/digicert.cer",
"{{user `resources_dir`}}/certs/equifax.cer",
"{{user `resources_dir`}}/certs/globalsign.cer",
"{{user `resources_dir`}}/certs/gte_cybertrust.cer",
"{{user `resources_dir`}}/certs/microsoft_root_2011.cer",
"{{user `resources_dir`}}/certs/thawte_primary_root.cer",
"{{user `resources_dir`}}/certs/utn-userfirst.cer"
],
"vboxmanage": [
[
"modifyvm",
"{{.Name}}",
"--memory",
"4096"
],
[
"modifyvm",
"{{.Name}}",
"--cpus",
"2"
]
]
}
],
"provisioners": [
{
"type": "file",
"source": "{{user `scripts_dir`}}",
"destination": "C:/vagrant"
},
{
"type": "file",
"source": "{{user `resources_dir`}}",
"destination": "C:/vagrant"
},
{
"type": "shell",
"remote_path": "/tmp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"{{user `scripts_dir`}}/configs/update_root_certs.bat",
"{{user `scripts_dir`}}/installs/vm-guest-tools.bat",
"{{user `scripts_dir`}}/configs/vagrant-ssh.bat",
"{{user `scripts_dir`}}/configs/disable-auto-logon.bat",
"{{user `scripts_dir`}}/configs/enable-rdp.bat"
]
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"{{user `scripts_dir`}}/configs/disable_firewall.bat"
]
},
{
"type": "windows-restart"
},
{
"type":"powershell",
"inline": [
"iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))"
],
"pause_before": "60s"
},
{
"type": "windows-restart"
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"{{user `scripts_dir`}}/installs/install_boxstarter.bat",
"{{user `scripts_dir`}}/chocolatey_installs/7zip.bat",
"{{user `scripts_dir`}}/configs/apply_password_settings.bat",
"{{user `scripts_dir`}}/configs/create_users.bat",
"{{user `scripts_dir`}}/installs/setup_iis.bat",
"{{user `scripts_dir`}}/installs/setup_ftp_site.bat",
"{{user `scripts_dir`}}/chocolatey_installs/java.bat"
]
},
{
"type": "windows-restart"
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"{{user `scripts_dir`}}/chocolatey_installs/tomcat.bat",
"{{user `scripts_dir`}}/installs/setup_apache_struts.bat",
"{{user `scripts_dir`}}/installs/setup_glassfish.bat",
"{{user `scripts_dir`}}/installs/start_glassfish_service.bat",
"{{user `scripts_dir`}}/installs/setup_jenkins.bat",
"{{user `scripts_dir`}}/chocolatey_installs/vcredist2008.bat",
"{{user `scripts_dir`}}/installs/install_wamp.bat",
"{{user `scripts_dir`}}/installs/start_wamp.bat",
"{{user `scripts_dir`}}/installs/install_wordpress.bat",
"{{user `scripts_dir`}}/installs/install_openjdk6.bat",
"{{user `scripts_dir`}}/installs/setup_jmx.bat",
"{{user `scripts_dir`}}/installs/install_ruby.bat",
"{{user `scripts_dir`}}/installs/install_devkit.bat"
]
},
{
"type": "windows-restart"
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"{{user `scripts_dir`}}/installs/install_rails_server.bat",
"{{user `scripts_dir`}}/installs/setup_rails_server.bat",
"{{user `scripts_dir`}}/installs/install_rails_service.bat",
"{{user `scripts_dir`}}/installs/setup_webdav.bat",
"{{user `scripts_dir`}}/installs/setup_mysql.bat",
"{{user `scripts_dir`}}/installs/install_manageengine.bat",
"{{user `scripts_dir`}}/installs/setup_axis2.bat",
"{{user `scripts_dir`}}/installs/install_backdoors.bat",
"{{user `scripts_dir`}}/installs/setup_snmp.bat",
"{{user `scripts_dir`}}/configs/configure_firewall.bat",
"{{user `scripts_dir`}}/installs/install_elasticsearch.bat",
"{{user `scripts_dir`}}/installs/install_flags.bat",
"{{user `scripts_dir`}}/configs/packer_cleanup.bat"
]
}
],
"post-processors": [
{
"type": "vagrant",
"keep_input_artifact": false,
"output": "{{template_dir}}/../builds/windows_2008_r2_{{.Provider}}_{{user `box_version`}}.box",
"vagrantfile_template": "{{template_dir}}/vagrantfile-windows_2008_r2.template"
}
],
"variables": {
"iso_url": "http://download.microsoft.com/download/7/5/E/75EC4E54-5B02-42D6-8879-D8D3A25FBEF7/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso",
"iso_checksum_type": "md5",
"iso_checksum": "4263be2cf3c59177c45085c0a7bc6ca5",
"autounattend": "{{template_dir}}/../answer_files/2008_r2/Autounattend.xml",
"scripts_dir": "{{template_dir}}/../../scripts",
"resources_dir": "{{template_dir}}/../../resources",
"box_version": "0.1.0"
}
}

186
versions/pro/Vagrantfile vendored
View File

@ -2,131 +2,75 @@
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
# Base configuration for the VM and provisioner
config.vm.box = "metasploitable3"
config.vm.hostname = "metasploitable3"
config.vm.communicator = "winrm"
config.vm.define "win2k8" do |win2k8|
# Base configuration for the VM and provisioner
win2k8.vm.box = "metasploitable3-win2k8-pro"
win2k8.vm.hostname = "metasploitable3-win2k8"
win2k8.vm.communicator = "winrm"
win2k8.winrm.retry_limit = 60
win2k8.winrm.retry_delay = 10
config.vm.network "private_network", type: "dhcp"
win2k8.vm.network "private_network", type: "dhcp"
# Install Chocolatey
config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd"
config.vm.provision :reload # Hack to reset environment variables
# Configure Firewall to open up vulnerable services
case ENV['MS3_DIFFICULTY']
when 'easy'
config.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
else
win2k8.vm.provision :shell, path: "scripts/configs/enable_firewall.bat"
win2k8.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
end
# Install BoxStarter
config.vm.provision :shell, path: "scripts/installs/install_boxstarter.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Install 7zip
config.vm.provision :shell, path: "scripts/chocolatey_installs/7zip.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Adjust password policy
config.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Add users and add to groups
config.vm.provision :shell, path: "scripts/configs/create_users.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Unpatched IIS and FTP
config.vm.provision :shell, path: "scripts/installs/setup_iis.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/setup_ftp_site.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Setup for Apache Struts
config.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :reload # Hack to reset environment variables
config.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Setup for Glassfish
config.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/start_glassfish_service.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Jenkins (1.8)
config.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Wordpress and phpMyAdmin
# This must run after the WAMP setup.
config.vm.provision :shell, path: "scripts/chocolatey_installs/vcredist2008.bat" # Visual Studio 2008 redistributable is a requirement for WAMP
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_wamp.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/start_wamp.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_wordpress.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - JMX
config.vm.provision :shell, path: "scripts/installs/install_openjdk6.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/setup_jmx.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Rails Server
config.vm.provision :shell, path: "scripts/installs/install_ruby.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_devkit.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_rails_server.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_rails_service.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - WebDAV
# This must run after the WAMP setup.
config.vm.provision :shell, path: "scripts/installs/setup_webdav.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - MySQL
config.vm.provision :shell, path: "scripts/installs/setup_mysql.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - ManageEngine Desktop Central
config.vm.provision :shell, path: "scripts/installs/install_manageengine.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Axis2
# This must run after the Apache Struts setup.
config.vm.provision :shell, path: "scripts/installs/setup_axis2.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Common backdoors
config.vm.provision :shell, path: "scripts/installs/install_backdoors.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - SNMP
config.vm.provision :shell, path: "scripts/installs/setup_snmp.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Configure Firewall to open up vulnerable services
case ENV['MS3_DIFFICULTY']
when 'easy'
config.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
else
config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
# Insecure share from the Linux machine
win2k8.vm.provision :shell, path: "scripts/installs/install_share_autorun.bat"
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
win2k8.vm.provision :shell, path: "scripts/installs/setup_linux_share.bat"
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
end
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.define "ub1404" do |ub1404|
ub1404.vm.box = "metasploitable-ub1404-pro"
ub1404.vm.hostname = "metasploitable-ub1404"
# Vulnerability - ElasticSearch
# This must run after the firewall rules, because it needs to make some HTTP requests in order to
# set up the vulnerable state.
config.vm.provision :shell, path: "scripts/installs/install_elasticsearch.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
ub1404.vm.network "private_network", ip: '172.28.128.3'
# Configure flags
config.vm.provision :shell, path: "scripts/installs/install_flags.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a
end
ub1404.vm.provider "virtualbox" do |v|
v.name = "Metasploitable-ub1404"
v.memory = 2048
end
config.omnibus.chef_version = :latest
# Provision with Chef Solo
#
config.vm.provision :chef_solo do |chef|
chef.cookbooks_path = [ 'chef/cookbooks' ]
chef.json = { 'metasploitable' => {
# Customizations here
}
}
chef.add_recipe "metasploitable::mysql"
chef.add_recipe "metasploitable::apache_continuum"
chef.add_recipe "metasploitable::apache"
chef.add_recipe "metasploitable::php_545"
chef.add_recipe "metasploitable::phpmyadmin"
chef.add_recipe "metasploitable::proftpd"
chef.add_recipe "metasploitable::users"
chef.add_recipe "metasploitable::docker"
chef.add_recipe "metasploitable::samba"
chef.add_recipe "metasploitable::sinatra"
chef.add_recipe "metasploitable::unrealircd"
chef.add_recipe "metasploitable::chatbot"
chef.add_recipe "metasploitable::payroll_app"
chef.add_recipe "metasploitable::readme_app"
chef.add_recipe "metasploitable::cups"
chef.add_recipe "metasploitable::drupal"
chef.add_recipe "metasploitable::knockd"
chef.add_recipe "metasploitable::iptables"
chef.add_recipe "metasploitable::flags"
chef.add_recipe "metasploitable::clear_cache"
end
end
end

79
versions/pro/windows_2008_r2_pro.json
View File

@ -1,79 +0,0 @@
{
"builders": [
{
"type": "virtualbox-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": true,
"boot_wait": "2m",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "Windows2008_64",
"disk_size": 61440,
"floppy_files": [
"{{user `autounattend`}}",
"./scripts/configs/microsoft-updates.bat",
"./scripts/configs/win-updates.ps1",
"./scripts/installs/openssh.ps1",
"./resources/certs/oracle-cert.cer",
"./resources/certs/gdig2.crt",
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
"./resources/certs/comodorsacertificationauthority.crt",
"./resources/certs/addtrust_external_ca.cer",
"./resources/certs/baltimore_ca.cer",
"./resources/certs/digicert.cer",
"./resources/certs/equifax.cer",
"./resources/certs/globalsign.cer",
"./resources/certs/gte_cybertrust.cer",
"./resources/certs/microsoft_root_2011.cer",
"./resources/certs/thawte_primary_root.cer",
"./resources/certs/utn-userfirst.cer"
],
"vboxmanage": [
[
"modifyvm",
"{{.Name}}",
"--memory",
"4096"
],
[
"modifyvm",
"{{.Name}}",
"--cpus",
"2"
]
]
}
],
"provisioners": [
{
"type": "shell",
"remote_path": "/tmp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"./scripts/installs/vm-guest-tools.bat",
"./scripts/configs/vagrant-ssh.bat",
"./scripts/configs/disable-auto-logon.bat",
"./scripts/configs/enable-rdp.bat",
"./scripts/configs/update_root_certs.bat"
]
}
],
"post-processors": [
{
"type": "vagrant",
"keep_input_artifact": false,
"output": "windows_2008_r2_{{.Provider}}_pro.box",
"vagrantfile_template": "vagrantfile-windows_2008_r2.template"
}
],
"variables": {
"iso_url": "http://download.microsoft.com/download/7/5/E/75EC4E54-5B02-42D6-8879-D8D3A25FBEF7/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso",
"iso_checksum_type": "md5",
"iso_checksum": "4263be2cf3c59177c45085c0a7bc6ca5",
"autounattend": "./answer_files/2008_r2/Autounattend.xml"
}
}

218
windows_2008_r2.json
View File

@ -1,218 +0,0 @@
{
"builders": [
{
"type": "vmware-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"boot_wait": "10m",
"communicator": "ssh",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "winServer2008Standard-64",
"tools_upload_flavor": "windows",
"disk_size": 61440,
"floppy_files": [
"{{user `autounattend`}}",
"./scripts/configs/microsoft-updates.bat",
"./scripts/configs/win-updates.ps1",
"./scripts/installs/openssh.ps1",
"./scripts/installs/install_dotnet45.ps1",
"./scripts/installs/install_wmf.ps1",
"./resources/certs/oracle-cert.cer",
"./resources/certs/gdig2.crt",
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
"./resources/certs/comodorsacertificationauthority.crt",
"./resources/certs/addtrust_external_ca.cer",
"./resources/certs/baltimore_ca.cer",
"./resources/certs/digicert.cer",
"./resources/certs/equifax.cer",
"./resources/certs/globalsign.cer",
"./resources/certs/gte_cybertrust.cer",
"./resources/certs/microsoft_root_2011.cer",
"./resources/certs/thawte_primary_root.cer",
"./resources/certs/utn-userfirst.cer"
],
"vm_name": "metasploitable3-win2k8",
"vmx_data": {
"cpuid.coresPerSocket": "2",
"memsize": "4096",
"numvcpus": "2",
"scsi0.virtualDev": "lsisas1068"
}
},
{
"type": "virtualbox-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"boot_wait": "10m",
"communicator": "ssh",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "Windows2008_64",
"disk_size": 61440,
"vm_name": "metasploitable3-win2k8",
"floppy_files": [
"{{user `autounattend`}}",
"./scripts/configs/microsoft-updates.bat",
"./scripts/configs/win-updates.ps1",
"./scripts/installs/openssh.ps1",
"./scripts/installs/install_dotnet45.ps1",
"./scripts/installs/install_wmf.ps1",
"./resources/certs/oracle-cert.cer",
"./resources/certs/gdig2.crt",
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
"./resources/certs/comodorsacertificationauthority.crt",
"./resources/certs/addtrust_external_ca.cer",
"./resources/certs/baltimore_ca.cer",
"./resources/certs/digicert.cer",
"./resources/certs/equifax.cer",
"./resources/certs/globalsign.cer",
"./resources/certs/gte_cybertrust.cer",
"./resources/certs/microsoft_root_2011.cer",
"./resources/certs/thawte_primary_root.cer",
"./resources/certs/utn-userfirst.cer"
],
"vboxmanage": [
[
"modifyvm",
"{{.Name}}",
"--memory",
"4096"
],
[
"modifyvm",
"{{.Name}}",
"--cpus",
"2"
]
]
}
],
"provisioners": [
{
"type": "file",
"source": "scripts",
"destination": "C:/vagrant"
},
{
"type": "file",
"source": "resources",
"destination": "C:/vagrant"
},
{
"type": "shell",
"remote_path": "/tmp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"./scripts/configs/update_root_certs.bat",
"./scripts/installs/vm-guest-tools.bat",
"./scripts/configs/vagrant-ssh.bat",
"./scripts/configs/disable-auto-logon.bat",
"./scripts/configs/enable-rdp.bat"
]
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"./scripts/configs/disable_firewall.bat"
]
},
{
"type": "windows-restart"
},
{
"type":"powershell",
"inline": [
"iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))"
],
"pause_before": "60s"
},
{
"type": "windows-restart"
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"scripts/installs/install_boxstarter.bat",
"scripts/chocolatey_installs/7zip.bat",
"scripts/configs/apply_password_settings.bat",
"scripts/configs/create_users.bat",
"scripts/installs/setup_iis.bat",
"scripts/installs/setup_ftp_site.bat",
"scripts/chocolatey_installs/java.bat"
]
},
{
"type": "windows-restart"
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"scripts/chocolatey_installs/tomcat.bat",
"scripts/installs/setup_apache_struts.bat",
"scripts/installs/setup_glassfish.bat",
"scripts/installs/start_glassfish_service.bat",
"scripts/installs/setup_jenkins.bat",
"scripts/chocolatey_installs/vcredist2008.bat",
"scripts/installs/install_wamp.bat",
"scripts/installs/start_wamp.bat",
"scripts/installs/install_wordpress.bat",
"scripts/installs/install_openjdk6.bat",
"scripts/installs/setup_jmx.bat",
"scripts/installs/install_ruby.bat",
"scripts/installs/install_devkit.bat"
]
},
{
"type": "windows-restart"
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"scripts/installs/install_rails_server.bat",
"scripts/installs/setup_rails_server.bat",
"scripts/installs/install_rails_service.bat",
"scripts/installs/setup_webdav.bat",
"scripts/installs/setup_mysql.bat",
"scripts/installs/install_manageengine.bat",
"scripts/installs/setup_axis2.bat",
"scripts/installs/install_backdoors.bat",
"scripts/installs/setup_snmp.bat",
"scripts/configs/configure_firewall.bat",
"scripts/installs/install_elasticsearch.bat",
"scripts/installs/install_flags.bat",
"scripts/configs/packer_cleanup.bat"
]
}
],
"post-processors": [
{
"type": "vagrant",
"keep_input_artifact": false,
"output": "windows_2008_r2_{{.Provider}}.box",
"vagrantfile_template": "vagrantfile-windows_2008_r2.template"
}
],
"variables": {
"iso_url": "http://download.microsoft.com/download/7/5/E/75EC4E54-5B02-42D6-8879-D8D3A25FBEF7/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso",
"iso_checksum_type": "md5",
"iso_checksum": "4263be2cf3c59177c45085c0a7bc6ca5",
"autounattend": "./answer_files/2008_r2/Autounattend.xml"
}
}