2017-06-30 21:47:30 +02:00
#
# Cookbook:: metasploitable
# Recipe:: flags
#
# Copyright:: 2017, Rapid7, All Rights Reserved.
2017-08-18 21:12:24 +02:00
# 10 of Clubs
2017-07-14 19:14:01 +02:00
directory '/home/artoo_detoo/music' do
2017-08-11 20:36:04 +02:00
owner 'artoo_detoo'
2017-08-22 17:50:00 +02:00
group 'users'
2017-08-29 20:41:38 +02:00
mode '0770'
2017-07-14 19:14:01 +02:00
end
2017-07-14 22:13:15 +02:00
cookbook_file '/home/artoo_detoo/music/10_of_clubs.wav' do
2017-07-14 19:14:01 +02:00
source 'flags/10_of_clubs.wav'
2017-08-11 20:36:04 +02:00
owner 'artoo_detoo'
2017-08-22 17:50:00 +02:00
group 'users'
2017-08-29 20:41:38 +02:00
mode '0410'
2017-07-14 19:14:01 +02:00
end
2017-08-18 21:12:24 +02:00
# 7 of Diamonds
include_recipe 'metasploitable::docker'
2017-07-14 22:13:15 +02:00
directory '/opt/docker' do
2017-08-29 20:41:38 +02:00
mode '0770'
2017-07-14 22:13:15 +02:00
end
cookbook_file '/opt/docker/Dockerfile' do
source '/flags/Dockerfile'
2017-08-23 18:19:18 +02:00
mode '0700'
2017-07-14 22:13:15 +02:00
end
cookbook_file '/opt/docker/7_of_diamonds.zip' do
source '/flags/7_of_diamonds.zip'
2017-08-23 18:19:18 +02:00
mode '0700'
2017-07-14 22:13:15 +02:00
end
bash 'build docker image for 7 of diamonds' do
code <<-EOH
cd / opt / docker
docker build - t " 7_of_diamonds " .
2017-08-11 20:36:04 +02:00
docker run - dit - - restart always - - name 7 _of_diamonds 7 _of_diamonds
2017-07-14 22:13:15 +02:00
EOH
end
file '/opt/docker/7_of_diamonds.zip' do
action :delete
2017-07-22 00:32:29 +02:00
end
2017-07-27 00:42:43 +02:00
2017-08-18 21:12:24 +02:00
if ENV [ 'MS3_LINUX_HARD' ]
# 5 of Diamonds
include_recipe 'metasploitable::knockd'
directory '/opt/knock_knock' do
2017-08-23 18:19:18 +02:00
mode '0700'
2017-08-18 21:12:24 +02:00
end
cookbook_file '/opt/knock_knock/five_of_diamonds' do
source 'flags/five_of_diamonds'
2017-08-23 18:19:18 +02:00
mode '0700'
2017-08-18 21:12:24 +02:00
end
cookbook_file '/etc/init/five_of_diamonds_srv.conf' do
source 'flags/five_of_diamonds_srv'
2017-08-23 18:19:18 +02:00
mode '0777'
2017-08-18 21:12:24 +02:00
end
service 'five_of_diamonds_srv' do
action [ :enable , :start ]
end
# 2 of Spades
cookbook_file '/home/leia_organa/2_of_spades.pcapng' do
2017-08-18 21:34:48 +02:00
source 'flags/2_of_spades.pcapng'
2017-08-18 21:12:24 +02:00
owner 'leia_organa'
2017-08-23 18:19:18 +02:00
mode '0600'
2017-08-18 21:12:24 +02:00
end
# 8 of Hearts
include_recipe 'metasploitable::mysql'
bash " load 8 of hearts into DB " do
code <<-EOH
mysql - h 127 . 0 . 0 . 1 - - user = " root " - - password = " sploitme " - - execute = " CREATE DATABASE super_secret_db; "
mysql - h 127 . 0 . 0 . 1 - - user = " root " - - password = " sploitme " - - execute = " GRANT SELECT, INSERT, DELETE, CREATE, DROP, INDEX, ALTER ON drupal.* TO 'root'@'localhost' IDENTIFIED BY 'sploitme'; "
mysql - h 127 . 0 . 0 . 1 - - user = " root " - - password = " sploitme " super_secret_db < #{File.join(Chef::Config[:file_cache_path], 'cookbooks', 'metasploitable', 'files', 'flags', 'super_secret_db.sql')}
EOH
not_if " mysql -h 127.0.0.1 --user= \" root \" --password= \" sploitme \" --execute= \" SHOW DATABASES LIKE 'super_secret_db' \" | grep -c drupal "
end
# Joker - red
cookbook_file '/etc/joker.png' do
source 'flags/joker.png'
2017-08-23 18:19:18 +02:00
mode '0600'
2017-08-18 21:12:24 +02:00
end
2017-08-29 20:41:38 +02:00
2017-08-18 21:12:24 +02:00
else
# 10 of Spades
2017-08-18 21:49:57 +02:00
include_recipe 'metasploitable::readme_app'
cookbook_file '/opt/readme_app/public/images/10_of_spades.png' do
source 'flags/flag_images/10 of spades.png'
2017-08-23 18:19:18 +02:00
mode '0644'
2017-08-18 21:49:57 +02:00
end
2017-08-18 21:12:24 +02:00
# 8 of Clubs
2017-08-18 22:05:06 +02:00
random_directories = Array . new ( 20 ) { rand ( 1 .. 100 ) }
2017-08-19 02:00:54 +02:00
prev_dirs = [ ]
2017-08-18 22:05:06 +02:00
2017-08-19 02:00:54 +02:00
random_directories . each do | dir |
directory File . join ( 'home' , 'anakin_skywalker' , prev_dirs . join ( '/' ) , dir . to_s ) do
2017-08-29 20:41:38 +02:00
mode '0770'
2017-08-21 23:06:47 +02:00
owner 'anakin_skywalker'
group 'users'
2017-08-19 02:00:54 +02:00
end
prev_dirs << dir
end
cookbook_file File . join ( 'home' , 'anakin_skywalker' , random_directories . join ( '/' ) , '8_of_clubs.png' ) do
2017-08-18 22:05:06 +02:00
source 'flags/flag_images/8 of clubs.png'
2017-08-23 18:19:18 +02:00
mode '0644'
2017-08-22 17:50:00 +02:00
owner 'anakin_skywalker'
group 'users'
2017-08-18 22:05:06 +02:00
end
2017-08-18 21:12:24 +02:00
# 3 of Hearts
2017-08-18 21:34:48 +02:00
cookbook_file '/lost+found/3_of_hearts.png' do
source 'flags/flag_images/3 of hearts.png'
2017-08-23 18:19:18 +02:00
mode '0600'
2017-08-18 21:34:48 +02:00
end
2017-08-18 21:12:24 +02:00
# 9 of Diamonds
directory '/home/kylo_ren/.secret_files/' do
2017-08-24 17:47:43 +02:00
mode '0610'
2017-08-21 23:06:47 +02:00
owner 'kylo_ren'
group 'users'
2017-08-18 21:12:24 +02:00
end
cookbook_file '/home/kylo_ren/.secret_files/my_recordings_do_not_open.iso' do
2017-08-18 21:34:48 +02:00
source 'flags/my_recordings_do_not_open.iso'
2017-08-24 17:47:43 +02:00
mode '0610'
2017-08-21 23:06:47 +02:00
owner 'kylo_ren'
group 'users'
2017-08-18 21:12:24 +02:00
end
2017-08-29 20:41:38 +02:00
execute 'build locate database' do
command 'updatedb'
end
2017-07-27 00:42:43 +02:00
end
2017-08-18 21:12:24 +02:00
2017-08-29 20:41:38 +02:00