2016-08-30 17:53:02 +02:00
|
|
|
# -*- mode: ruby -*-
|
|
|
|
# vi: set ft=ruby :
|
|
|
|
|
|
|
|
Vagrant.configure("2") do |config|
|
2017-02-13 22:53:51 +01:00
|
|
|
config.vm.define "win2k8" do |win2k8|
|
|
|
|
# Base configuration for the VM and provisioner
|
|
|
|
win2k8.vm.box = "metasploitable3"
|
|
|
|
win2k8.vm.hostname = "metasploitable3"
|
|
|
|
win2k8.vm.communicator = "winrm"
|
|
|
|
|
|
|
|
win2k8.vm.network "private_network", type: "dhcp"
|
|
|
|
|
|
|
|
# Install Chocolatey
|
|
|
|
config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd"
|
|
|
|
config.vm.provision :reload # Hack to reset environment variables
|
|
|
|
|
|
|
|
# Install BoxStarter
|
|
|
|
config.vm.provision :shell, path: "scripts/installs/install_boxstarter.bat"
|
|
|
|
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Install 7zip
|
|
|
|
config.vm.provision :shell, path: "scripts/chocolatey_installs/7zip.bat"
|
|
|
|
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Adjust password policy
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Add users and add to groups
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/configs/create_users.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - Unpatched IIS and FTP
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_iis.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_ftp_site.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - Setup for Apache Struts
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :reload # Hack to reset environment variables
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - Setup for Glassfish
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/start_glassfish_service.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - Jenkins (1.8)
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - Wordpress and phpMyAdmin
|
|
|
|
# This must run after the WAMP setup.
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/chocolatey_installs/vcredist2008.bat" # Visual Studio 2008 redistributable is a requirement for WAMP
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_wamp.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/start_wamp.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_wordpress.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - JMX
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_openjdk6.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_jmx.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - Rails Server
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_ruby.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_devkit.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_rails_server.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_rails_service.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - WebDAV
|
|
|
|
# This must run after the WAMP setup.
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_webdav.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - MySQL
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_mysql.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - ManageEngine Desktop Central
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_manageengine.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - Axis2
|
|
|
|
# This must run after the Apache Struts setup.
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_axis2.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - Common backdoors
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_backdoors.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - SNMP
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_snmp.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Configure Firewall to open up vulnerable services
|
|
|
|
case ENV['MS3_DIFFICULTY']
|
|
|
|
when 'easy'
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
|
|
|
|
else
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
|
|
|
|
end
|
|
|
|
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
|
|
|
# Vulnerability - ElasticSearch
|
|
|
|
# This must run after the firewall rules, because it needs to make some HTTP requests in order to
|
|
|
|
# set up the vulnerable state.
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_elasticsearch.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
2017-04-07 21:33:30 +02:00
|
|
|
# Insecure share from the Linux machine
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_linux_share.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
|
|
|
|
2017-02-13 22:53:51 +01:00
|
|
|
# Configure flags
|
|
|
|
win2k8.vm.provision :shell, path: "scripts/installs/install_flags.bat"
|
|
|
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a
|
2016-10-28 23:04:22 +02:00
|
|
|
end
|
|
|
|
|
2017-02-13 22:53:51 +01:00
|
|
|
config.vm.define "trusty" do |trusty|
|
2017-03-13 23:34:45 +01:00
|
|
|
trusty.vm.box = "rsginc/ubuntu64-14-04-1"
|
2017-02-13 22:53:51 +01:00
|
|
|
trusty.vm.hostname = "metasploitableUB"
|
2016-08-30 17:53:02 +02:00
|
|
|
|
2017-04-07 21:33:30 +02:00
|
|
|
trusty.vm.network "private_network", ip: '172.28.128.3'
|
2016-10-26 20:33:56 +02:00
|
|
|
|
2017-02-13 22:53:51 +01:00
|
|
|
trusty.vm.provider "virtualbox" do |v|
|
|
|
|
v.name = "MetasploitableUB"
|
|
|
|
v.memory = 1024
|
|
|
|
end
|
|
|
|
|
|
|
|
config.omnibus.chef_version = :latest
|
|
|
|
|
|
|
|
# Provision with Chef Solo
|
|
|
|
#
|
|
|
|
config.vm.provision :chef_solo do |chef|
|
|
|
|
chef.cookbooks_path = [ 'chef/cookbooks' ]
|
|
|
|
|
2017-03-15 23:59:51 +01:00
|
|
|
chef.json = { 'metasploitable' => {
|
|
|
|
# Customizations here
|
|
|
|
}
|
|
|
|
}
|
2017-02-13 22:53:51 +01:00
|
|
|
|
|
|
|
chef.add_recipe "metasploitable::mysql"
|
2017-02-17 23:25:13 +01:00
|
|
|
chef.add_recipe "metasploitable::apache_continuum"
|
2017-03-13 23:34:45 +01:00
|
|
|
chef.add_recipe "metasploitable::apache"
|
2017-03-21 19:50:39 +01:00
|
|
|
chef.add_recipe "metasploitable::php_545"
|
|
|
|
chef.add_recipe "metasploitable::phpmyadmin"
|
2017-03-23 19:06:48 +01:00
|
|
|
chef.add_recipe "metasploitable::proftpd"
|
2017-02-13 22:53:51 +01:00
|
|
|
chef.add_recipe "metasploitable::users"
|
2017-04-01 00:15:04 +02:00
|
|
|
chef.add_recipe "metasploitable::sinatra"
|
2017-03-15 23:59:51 +01:00
|
|
|
chef.add_recipe "metasploitable::docker"
|
2017-04-04 00:06:40 +02:00
|
|
|
chef.add_recipe "metasploitable::samba"
|
2017-04-06 20:19:21 +02:00
|
|
|
chef.add_recipe "metasploitable::unrealircd"
|
2017-04-17 21:54:43 +02:00
|
|
|
chef.add_recipe "metasploitable::cups"
|
2017-04-11 19:53:34 +02:00
|
|
|
chef.add_recipe "metasploitable::payroll_app"
|
2017-02-13 22:53:51 +01:00
|
|
|
end
|
|
|
|
end
|
2016-10-08 08:12:11 +02:00
|
|
|
end
|