mirror of
https://github.com/rapid7/metasploitable3.git
synced 2024-06-20 20:05:45 +02:00
Update recipes for better chef practices.
There were quite a few bugs in the chef recipes when building using other platforms. These were mostly due to assuming the vagrant user would exist. Things are now more generic and should be more reliable overall.
This commit is contained in:
parent
428ec322c9
commit
3fdaf996ae
4
Vagrantfile
vendored
4
Vagrantfile
vendored
|
@ -4,7 +4,7 @@
|
|||
Vagrant.configure("2") do |config|
|
||||
config.vm.define "ub1404" do |ub1404|
|
||||
ub1404.vm.box = "metasploitable3-ub1404"
|
||||
ub1404.vm.hostname = "metasploitable3_ub1404"
|
||||
ub1404.vm.hostname = "metasploitable3-ub1404"
|
||||
config.ssh.username = 'vagrant'
|
||||
config.ssh.password = 'vagrant'
|
||||
|
||||
|
@ -19,7 +19,7 @@ Vagrant.configure("2") do |config|
|
|||
config.vm.define "win2k8" do |win2k8|
|
||||
# Base configuration for the VM and provisioner
|
||||
win2k8.vm.box = "metasploitable3-win2k8"
|
||||
win2k8.vm.hostname = "metasploitable3_win2k8"
|
||||
win2k8.vm.hostname = "metasploitable3-win2k8"
|
||||
win2k8.vm.communicator = "winrm"
|
||||
win2k8.winrm.retry_limit = 60
|
||||
win2k8.winrm.retry_delay = 10
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
default[:apache_continuum][:install_dir] = '/opt/apache_continuum'
|
||||
default[:apache_continuum][:download_url] = 'http://archive.apache.org/dist/continuum/binaries'
|
||||
default[:apache_continuum][:tar] = 'apache-continuum-1.4.2-bin.tar.gz'
|
1
chef/cookbooks/metasploitable/attributes/php545.rb
Normal file
1
chef/cookbooks/metasploitable/attributes/php545.rb
Normal file
|
@ -0,0 +1 @@
|
|||
default[:php545][:download_url] = 'http://museum.php.net/php5/'
|
1
chef/cookbooks/metasploitable/attributes/proftpd.rb
Normal file
1
chef/cookbooks/metasploitable/attributes/proftpd.rb
Normal file
|
@ -0,0 +1 @@
|
|||
default[:proftpd][:download_url] = 'ftp://ftp.proftpd.org/distrib/source'
|
|
@ -7,20 +7,45 @@
|
|||
execute "apt-get update" do
|
||||
command "apt-get update"
|
||||
end
|
||||
|
||||
package 'openjdk-6-jre'
|
||||
package 'openjdk-6-jdk'
|
||||
|
||||
directory node[:apache_continuum][:install_dir] do
|
||||
owner 'root'
|
||||
group 'root'
|
||||
mode 0644
|
||||
end
|
||||
|
||||
remote_file "#{Chef::Config[:file_cache_path]}/#{node[:apache_continuum][:tar]}" do
|
||||
source "#{node[:apache_continuum][:download_url]}/#{node[:apache_continuum][:tar]}"
|
||||
mode 0644
|
||||
end
|
||||
|
||||
execute "extract apache continum" do
|
||||
cwd Chef::Config[:file_cache_path]
|
||||
command "tar -xvzf #{node[:apache_continuum][:tar]} -C #{node[:apache_continuum][:install_dir]}"
|
||||
|
||||
not_if { ::File.exists?(File.join(node[:apache_continuum][:install_dir], 'apache-continuum-1.4.2'))}
|
||||
end
|
||||
|
||||
bash 'Download and extract Apache Continuum 1.4.2' do
|
||||
cwd File.join(node[:apache_continuum][:install_dir],'apache-continuum-1.4.2')
|
||||
code <<-EOH
|
||||
mkdir /opt/apache-continuum/
|
||||
cd /opt/apache-continuum/
|
||||
wget http://archive.apache.org/dist/continuum/binaries/apache-continuum-1.4.2-bin.tar.gz
|
||||
tar xvf apache-continuum-1.4.2-bin.tar.gz
|
||||
rm apache-continuum-1.4.2/bin/wrapper-linux-x86-32
|
||||
rm -rf apache-continuum-1.4.2/data
|
||||
tar -xvzf /vagrant/resources/apache_continuum/data.tar.gz -C /opt/apache-continuum/apache-continuum-1.4.2/
|
||||
ln -s /opt/apache-continuum/apache-continuum-1.4.2/bin/continuum /etc/init.d/continuum
|
||||
update-rc.d continuum defaults 80
|
||||
service continuum start
|
||||
rm bin/wrapper-linux-x86-32
|
||||
rm -rf data
|
||||
tar --warning=no-unknown-keyword -xvzf #{File.join(Chef::Config[:file_cache_path], 'cookbooks', 'metasploitable', 'files', 'apache_continuum', 'data.tar.gz')} -C #{File.join(node[:apache_continuum][:install_dir], 'apache-continuum-1.4.2')}
|
||||
EOH
|
||||
end
|
||||
|
||||
link '/etc/init.d/continuum' do
|
||||
to File.join(node[:apache_continuum][:install_dir], 'apache-continuum-1.4.2', 'bin', 'continuum')
|
||||
end
|
||||
|
||||
execute "set port for apache continuum" do
|
||||
command 'update-rc.d continuum defaults 80'
|
||||
end
|
||||
|
||||
service 'continuum' do
|
||||
action [:enable, :start]
|
||||
end
|
|
@ -28,7 +28,7 @@ execute 'unzip chatbot' do
|
|||
end
|
||||
|
||||
execute 'chown chatbot' do
|
||||
command 'chown -R vagrant:vagrant /opt/chatbot'
|
||||
command "chown -R root:root /opt/chatbot"
|
||||
end
|
||||
|
||||
execute 'chmod chatbot' do
|
||||
|
|
|
@ -7,6 +7,8 @@ include_recipe 'metasploitable::mysql'
|
|||
include_recipe 'metasploitable::apache'
|
||||
include_recipe 'metasploitable::php_545'
|
||||
|
||||
poc_dir = "/home/#{node[:users][node[:users].keys.last][:username]}/poc/payroll_app/"
|
||||
|
||||
cookbook_file '/var/www/html/payroll_app.php' do
|
||||
source 'payroll_app/payroll_app.php'
|
||||
mode '0755'
|
||||
|
@ -17,13 +19,13 @@ template '/tmp/payroll.sql' do
|
|||
mode '0755'
|
||||
end
|
||||
|
||||
directory '/home/vagrant/poc/payroll_app/' do
|
||||
directory poc_dir do
|
||||
mode '0755'
|
||||
owner 'vagrant'
|
||||
owner node[:users][node[:users].keys.last][:username]
|
||||
recursive true
|
||||
end
|
||||
|
||||
cookbook_file '/home/vagrant/poc/payroll_app/poc.rb' do
|
||||
cookbook_file "#{poc_dir}/poc.rb" do
|
||||
source 'payroll_app/poc.rb'
|
||||
mode '0755'
|
||||
end
|
||||
|
|
|
@ -6,6 +6,10 @@
|
|||
|
||||
# General steps pulled from here: http://askubuntu.com/questions/597462/how-to-install-php-5-2-x-on-ubuntu-14-04
|
||||
|
||||
include_recipe 'metasploitable::apache'
|
||||
|
||||
php_tar = "php-5.4.5.tar.gz"
|
||||
|
||||
execute "apt-get update" do
|
||||
command "apt-get update"
|
||||
end
|
||||
|
@ -22,19 +26,29 @@ execute "fix freetype bug" do
|
|||
command "mkdir -pv /usr/include/freetype2/freetype && ln -sf /usr/include/freetype2/freetype.h /usr/include/freetype2/freetype/freetype.h"
|
||||
end
|
||||
|
||||
bash "download, extract, and patch php source" do
|
||||
code <<-EOH
|
||||
wget -c -t 3 -O /home/vagrant/php-5.4.5.tar.gz http://museum.php.net/php5/php-5.4.5.tar.gz
|
||||
tar xvfz /home/vagrant/php-5.4.5.tar.gz -C /home/vagrant/
|
||||
cd /home/vagrant/php-5.4.5
|
||||
wget -c -t 3 -O ./libxml29_compat.patch https://mail.gnome.org/archives/xml/2012-August/txtbgxGXAvz4N.txt
|
||||
patch -p0 -b < libxml29_compat.patch
|
||||
EOH
|
||||
remote_file "#{Chef::Config[:file_cache_path]}/#{php_tar}" do
|
||||
source "#{node[:php545][:download_url]}/#{php_tar}"
|
||||
mode 0644
|
||||
end
|
||||
|
||||
remote_file "#{Chef::Config[:file_cache_path]}/libxml29_compat.patch" do
|
||||
source "https://mail.gnome.org/archives/xml/2012-August/txtbgxGXAvz4N.txt"
|
||||
mode 0644
|
||||
end
|
||||
|
||||
execute "extract php" do
|
||||
cwd Chef::Config[:file_cache_path]
|
||||
command "tar xvzf #{Chef::Config[:file_cache_path]}/#{php_tar} -C #{Chef::Config[:file_cache_path]}"
|
||||
end
|
||||
|
||||
execute "patch php" do
|
||||
cwd "#{Chef::Config[:file_cache_path]}/php-5.4.5"
|
||||
command "patch -p0 -b < ../libxml29_compat.patch"
|
||||
end
|
||||
|
||||
bash "compile and install php" do
|
||||
cwd "#{Chef::Config[:file_cache_path]}/php-5.4.5"
|
||||
code <<-EOH
|
||||
cd /home/vagrant/php-5.4.5
|
||||
./configure --with-apxs2=/usr/bin/apxs --with-mysqli --enable-embedded-mysqli --with-gd --with-mcrypt --enable-mbstring --with-pdo-mysql
|
||||
make
|
||||
make install
|
||||
|
@ -58,9 +72,6 @@ bash "enable php modules" do
|
|||
EOH
|
||||
end
|
||||
|
||||
# ln -s ../mods-available/php5.conf
|
||||
# ln -s ../mods-available/php5.load
|
||||
|
||||
service 'apache2' do
|
||||
action [:restart]
|
||||
end
|
||||
|
|
|
@ -8,12 +8,23 @@
|
|||
|
||||
include_recipe 'metasploitable::apache'
|
||||
|
||||
bash "download, extract, and compile proftpd" do
|
||||
proftpd_tar = 'proftpd-1.3.5.tar.gz'
|
||||
|
||||
remote_file "#{Chef::Config[:file_cache_path]}/#{proftpd_tar}" do
|
||||
source "#{node[:proftpd][:download_url]}/#{proftpd_tar}"
|
||||
mode 0644
|
||||
end
|
||||
|
||||
execute "extract proftpd" do
|
||||
cwd Chef::Config[:file_cache_path]
|
||||
command 'tar zxfv proftpd-1.3.5.tar.gz'
|
||||
|
||||
not_if { ::File.exists?(File.join(Chef::Config[:file_cache_path], 'proftpd-1.3.5'))}
|
||||
end
|
||||
|
||||
bash 'compile and install proftpd' do
|
||||
cwd "#{Chef::Config[:file_cache_path]}/proftpd-1.3.5"
|
||||
code <<-EOH
|
||||
cd /home/vagrant
|
||||
wget "ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.5.tar.gz"
|
||||
tar zxfv proftpd-1.3.5.tar.gz
|
||||
cd proftpd-1.3.5
|
||||
./configure --prefix=/opt/proftpd --with-modules=mod_copy
|
||||
make
|
||||
make install
|
||||
|
|
|
@ -1,5 +1,13 @@
|
|||
{
|
||||
"builders": [
|
||||
{
|
||||
"type": "amazon-ebs",
|
||||
"region": "us-east-2",
|
||||
"source_ami": "ami-69a1800c",
|
||||
"instance_type": "t2.small",
|
||||
"ssh_username": "ubuntu",
|
||||
"ami_name": "metasploitable3-ub1404-{{user `box_version`}}"
|
||||
},
|
||||
{
|
||||
"type": "vmware-iso",
|
||||
"iso_url": "{{user `iso_url`}}",
|
||||
|
@ -92,13 +100,13 @@
|
|||
],
|
||||
"run_list": [
|
||||
"metasploitable::vm_tools",
|
||||
"metasploitable::users",
|
||||
"metasploitable::mysql",
|
||||
"metasploitable::apache_continuum",
|
||||
"metasploitable::apache",
|
||||
"metasploitable::php_545",
|
||||
"metasploitable::phpmyadmin",
|
||||
"metasploitable::proftpd",
|
||||
"metasploitable::users",
|
||||
"metasploitable::docker",
|
||||
"metasploitable::samba",
|
||||
"metasploitable::sinatra",
|
||||
|
@ -115,9 +123,18 @@
|
|||
}
|
||||
],
|
||||
"post-processors": [
|
||||
{
|
||||
"type": "amazon-import",
|
||||
"region": "us-east-2",
|
||||
"keep_input_artifact": true,
|
||||
"s3_bucket_name": "metasploitable3",
|
||||
"tags": {
|
||||
"Description": "packer amazon-import {{user `box_version`}}"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "vagrant",
|
||||
"keep_input_artifact": false,
|
||||
"keep_input_artifact": true,
|
||||
"output": "{{template_dir}}/../builds/ubuntu_1404_{{.Provider}}_{{user `box_version`}}.box"
|
||||
}
|
||||
],
|
||||
|
@ -125,6 +142,6 @@
|
|||
"iso_url": "http://old-releases.ubuntu.com/releases/14.04.1/ubuntu-14.04.1-server-amd64.iso",
|
||||
"iso_checksum_type": "md5",
|
||||
"iso_checksum": "ca2531b8cd79ea5b778ede3a524779b9",
|
||||
"box_version": "0.1.0"
|
||||
"box_version": "0.1.2"
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user