2017-04-11 19:53:34 +02:00
|
|
|
#
|
|
|
|
# Cookbook:: metasploitable
|
|
|
|
# Recipe:: payroll_app
|
|
|
|
# Copyright:: 2017, Rapid7, All Rights Reserved.
|
|
|
|
|
2017-06-22 00:15:42 +02:00
|
|
|
include_recipe 'metasploitable::mysql'
|
|
|
|
include_recipe 'metasploitable::apache'
|
|
|
|
include_recipe 'metasploitable::php_545'
|
|
|
|
|
2017-08-04 18:18:57 +02:00
|
|
|
poc_dir = "/home/#{node[:users][node[:users].keys.last][:username]}/poc/payroll_app/"
|
|
|
|
|
2017-04-11 19:53:34 +02:00
|
|
|
cookbook_file '/var/www/html/payroll_app.php' do
|
|
|
|
source 'payroll_app/payroll_app.php'
|
|
|
|
mode '0755'
|
|
|
|
end
|
|
|
|
|
2017-06-22 00:15:42 +02:00
|
|
|
template '/tmp/payroll.sql' do
|
|
|
|
source 'payroll_app/payroll.sql.erb'
|
2017-04-11 19:53:34 +02:00
|
|
|
mode '0755'
|
|
|
|
end
|
|
|
|
|
2017-08-04 18:18:57 +02:00
|
|
|
directory poc_dir do
|
2017-04-11 23:12:46 +02:00
|
|
|
mode '0755'
|
2017-08-04 18:18:57 +02:00
|
|
|
owner node[:users][node[:users].keys.last][:username]
|
2017-04-11 23:12:46 +02:00
|
|
|
recursive true
|
|
|
|
end
|
|
|
|
|
2017-08-04 18:18:57 +02:00
|
|
|
cookbook_file "#{poc_dir}/poc.rb" do
|
2017-04-11 23:12:46 +02:00
|
|
|
source 'payroll_app/poc.rb'
|
|
|
|
mode '0755'
|
|
|
|
end
|
|
|
|
|
2017-04-11 19:53:34 +02:00
|
|
|
bash 'create payroll database and import data' do
|
|
|
|
code <<-EOH
|
|
|
|
mysql -S /var/run/mysql-default/mysqld.sock --user="root" --password="sploitme" --execute="CREATE DATABASE payroll;"
|
|
|
|
mysql -S /var/run/mysql-default/mysqld.sock --user="root" --password="sploitme" payroll < /tmp/payroll.sql
|
|
|
|
EOH
|
|
|
|
end
|