Update recipes for better chef practices.

There were quite a few bugs in the chef recipes when building using other platforms.
These were mostly due to assuming the vagrant user would exist.
Things are now more generic and should be more reliable overall.

Vagrantfile

@@ -4,7 +4,7 @@
 Vagrant.configure("2") do |config|
   config.vm.define "ub1404" do |ub1404|
     ub1404.vm.box = "metasploitable3-ub1404"
-    ub1404.vm.hostname = "metasploitable3_ub1404"
+    ub1404.vm.hostname = "metasploitable3-ub1404"
     config.ssh.username = 'vagrant'
     config.ssh.password = 'vagrant'
 
@@ -19,7 +19,7 @@ Vagrant.configure("2") do |config|
   config.vm.define "win2k8" do |win2k8|
     # Base configuration for the VM and provisioner
     win2k8.vm.box = "metasploitable3-win2k8"
-    win2k8.vm.hostname = "metasploitable3_win2k8"
+    win2k8.vm.hostname = "metasploitable3-win2k8"
     win2k8.vm.communicator = "winrm"
     win2k8.winrm.retry_limit = 60
     win2k8.winrm.retry_delay = 10

chef/cookbooks/metasploitable/attributes/apache_continuum.rb

@@ -0,0 +1,3 @@
+default[:apache_continuum][:install_dir] = '/opt/apache_continuum'
+default[:apache_continuum][:download_url] = 'http://archive.apache.org/dist/continuum/binaries'
+default[:apache_continuum][:tar] = 'apache-continuum-1.4.2-bin.tar.gz'

chef/cookbooks/metasploitable/attributes/php545.rb

@@ -0,0 +1 @@
+default[:php545][:download_url] = 'http://museum.php.net/php5/'

chef/cookbooks/metasploitable/attributes/proftpd.rb

@@ -0,0 +1 @@
+default[:proftpd][:download_url] = 'ftp://ftp.proftpd.org/distrib/source'

chef/cookbooks/metasploitable/recipes/apache_continuum.rb

@@ -7,20 +7,45 @@
 execute "apt-get update" do
   command "apt-get update"
 end
+
 package 'openjdk-6-jre'
 package 'openjdk-6-jdk'
 
+directory node[:apache_continuum][:install_dir] do
+  owner 'root'
+  group 'root'
+  mode 0644
+end
+
+remote_file "#{Chef::Config[:file_cache_path]}/#{node[:apache_continuum][:tar]}" do
+  source "#{node[:apache_continuum][:download_url]}/#{node[:apache_continuum][:tar]}"
+  mode 0644
+end
+
+execute "extract apache continum" do
+  cwd Chef::Config[:file_cache_path]
+  command "tar -xvzf #{node[:apache_continuum][:tar]} -C #{node[:apache_continuum][:install_dir]}"
+
+  not_if { ::File.exists?(File.join(node[:apache_continuum][:install_dir], 'apache-continuum-1.4.2'))}
+end
+
 bash 'Download and extract Apache Continuum 1.4.2' do
+  cwd File.join(node[:apache_continuum][:install_dir],'apache-continuum-1.4.2')
   code <<-EOH
-    mkdir /opt/apache-continuum/
-    cd /opt/apache-continuum/
-    wget http://archive.apache.org/dist/continuum/binaries/apache-continuum-1.4.2-bin.tar.gz
-    tar xvf apache-continuum-1.4.2-bin.tar.gz
-    rm apache-continuum-1.4.2/bin/wrapper-linux-x86-32
-    rm -rf apache-continuum-1.4.2/data
-    tar -xvzf /vagrant/resources/apache_continuum/data.tar.gz -C /opt/apache-continuum/apache-continuum-1.4.2/
-    ln -s /opt/apache-continuum/apache-continuum-1.4.2/bin/continuum /etc/init.d/continuum
-    update-rc.d continuum defaults 80
-    service continuum start
+    rm bin/wrapper-linux-x86-32
+    rm -rf data
+    tar --warning=no-unknown-keyword -xvzf #{File.join(Chef::Config[:file_cache_path], 'cookbooks', 'metasploitable', 'files', 'apache_continuum', 'data.tar.gz')} -C #{File.join(node[:apache_continuum][:install_dir], 'apache-continuum-1.4.2')}
   EOH
+end
+
+link '/etc/init.d/continuum' do
+  to File.join(node[:apache_continuum][:install_dir], 'apache-continuum-1.4.2', 'bin', 'continuum')
+end
+
+execute "set port for apache continuum" do
+  command 'update-rc.d continuum defaults 80'
+end
+
+service 'continuum' do
+  action [:enable, :start]
 end

chef/cookbooks/metasploitable/recipes/chatbot.rb

@@ -28,7 +28,7 @@ execute 'unzip chatbot' do
 end
 
 execute 'chown chatbot' do
-  command 'chown -R vagrant:vagrant /opt/chatbot'
+  command "chown -R root:root /opt/chatbot"
 end
 
 execute 'chmod chatbot' do

chef/cookbooks/metasploitable/recipes/payroll_app.rb

@@ -7,6 +7,8 @@ include_recipe 'metasploitable::mysql'
 include_recipe 'metasploitable::apache'
 include_recipe 'metasploitable::php_545'
 
+poc_dir = "/home/#{node[:users][node[:users].keys.last][:username]}/poc/payroll_app/"
+
 cookbook_file '/var/www/html/payroll_app.php' do
   source 'payroll_app/payroll_app.php'
   mode '0755'
@@ -17,13 +19,13 @@ template '/tmp/payroll.sql' do
   mode '0755'
 end
 
-directory '/home/vagrant/poc/payroll_app/' do
+directory poc_dir do
   mode '0755'
-  owner 'vagrant'
+  owner node[:users][node[:users].keys.last][:username]
   recursive true
 end
 
-cookbook_file '/home/vagrant/poc/payroll_app/poc.rb' do
+cookbook_file "#{poc_dir}/poc.rb" do
   source 'payroll_app/poc.rb'
   mode '0755'
 end

chef/cookbooks/metasploitable/recipes/php_545.rb

@@ -6,6 +6,10 @@
 
 # General steps pulled from here: http://askubuntu.com/questions/597462/how-to-install-php-5-2-x-on-ubuntu-14-04
 
+include_recipe 'metasploitable::apache'
+
+php_tar = "php-5.4.5.tar.gz"
+
 execute "apt-get update" do
   command "apt-get update"
 end
@@ -22,19 +26,29 @@ execute "fix freetype bug" do
   command "mkdir -pv /usr/include/freetype2/freetype && ln -sf /usr/include/freetype2/freetype.h /usr/include/freetype2/freetype/freetype.h"
 end
 
-bash "download, extract, and patch php source" do
-  code <<-EOH
-    wget -c -t 3 -O /home/vagrant/php-5.4.5.tar.gz http://museum.php.net/php5/php-5.4.5.tar.gz
-    tar xvfz /home/vagrant/php-5.4.5.tar.gz -C /home/vagrant/
-    cd /home/vagrant/php-5.4.5
-    wget -c -t 3 -O ./libxml29_compat.patch https://mail.gnome.org/archives/xml/2012-August/txtbgxGXAvz4N.txt
-    patch -p0 -b < libxml29_compat.patch
-  EOH
+remote_file "#{Chef::Config[:file_cache_path]}/#{php_tar}" do
+  source "#{node[:php545][:download_url]}/#{php_tar}"
+  mode 0644
+end
+
+remote_file "#{Chef::Config[:file_cache_path]}/libxml29_compat.patch" do
+  source "https://mail.gnome.org/archives/xml/2012-August/txtbgxGXAvz4N.txt"
+  mode 0644
+end
+
+execute "extract php" do
+  cwd Chef::Config[:file_cache_path]
+  command "tar xvzf #{Chef::Config[:file_cache_path]}/#{php_tar} -C #{Chef::Config[:file_cache_path]}"
+end
+
+execute "patch php" do
+  cwd "#{Chef::Config[:file_cache_path]}/php-5.4.5"
+  command "patch -p0 -b < ../libxml29_compat.patch"
 end
 
 bash "compile and install php" do
+  cwd "#{Chef::Config[:file_cache_path]}/php-5.4.5"
   code <<-EOH
-    cd /home/vagrant/php-5.4.5
     ./configure --with-apxs2=/usr/bin/apxs --with-mysqli --enable-embedded-mysqli --with-gd --with-mcrypt --enable-mbstring --with-pdo-mysql
     make
     make install
@@ -58,9 +72,6 @@ bash "enable php modules" do
   EOH
 end
 
-# ln -s ../mods-available/php5.conf
-# ln -s ../mods-available/php5.load
-
 service 'apache2' do
   action [:restart]
 end

chef/cookbooks/metasploitable/recipes/proftpd.rb

@@ -8,12 +8,23 @@
 
 include_recipe 'metasploitable::apache'
 
-bash "download, extract, and compile proftpd" do
+proftpd_tar = 'proftpd-1.3.5.tar.gz'
+
+remote_file "#{Chef::Config[:file_cache_path]}/#{proftpd_tar}" do
+  source "#{node[:proftpd][:download_url]}/#{proftpd_tar}"
+  mode 0644
+end
+
+execute "extract proftpd" do
+  cwd Chef::Config[:file_cache_path]
+  command 'tar zxfv proftpd-1.3.5.tar.gz'
+
+  not_if { ::File.exists?(File.join(Chef::Config[:file_cache_path], 'proftpd-1.3.5'))}
+end
+
+bash 'compile and install proftpd' do
+  cwd "#{Chef::Config[:file_cache_path]}/proftpd-1.3.5"
   code <<-EOH
-    cd /home/vagrant
-    wget "ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.5.tar.gz"
-    tar zxfv proftpd-1.3.5.tar.gz
-    cd proftpd-1.3.5
     ./configure --prefix=/opt/proftpd --with-modules=mod_copy
     make
     make install

packer/templates/ubuntu_1404.json

@@ -1,5 +1,13 @@
 {
   "builders": [
+    {
+      "type": "amazon-ebs",
+      "region": "us-east-2",
+      "source_ami": "ami-69a1800c",
+      "instance_type": "t2.small",
+      "ssh_username": "ubuntu",
+      "ami_name": "metasploitable3-ub1404-{{user `box_version`}}"
+    },
     {
       "type": "vmware-iso",
       "iso_url": "{{user `iso_url`}}",
@@ -92,13 +100,13 @@
       ],
       "run_list": [
         "metasploitable::vm_tools",
+        "metasploitable::users",
         "metasploitable::mysql",
         "metasploitable::apache_continuum",
         "metasploitable::apache",
         "metasploitable::php_545",
         "metasploitable::phpmyadmin",
         "metasploitable::proftpd",
-        "metasploitable::users",
         "metasploitable::docker",
         "metasploitable::samba",
         "metasploitable::sinatra",
@@ -115,9 +123,18 @@
     }
   ],
   "post-processors": [
+    {
+      "type": "amazon-import",
+      "region": "us-east-2",
+      "keep_input_artifact": true,
+      "s3_bucket_name": "metasploitable3",
+      "tags": {
+        "Description": "packer amazon-import {{user `box_version`}}"
+      }
+    },
     {
       "type": "vagrant",
-      "keep_input_artifact": false,
+      "keep_input_artifact": true,
       "output": "{{template_dir}}/../builds/ubuntu_1404_{{.Provider}}_{{user `box_version`}}.box"
     }
   ],
@@ -125,6 +142,6 @@
     "iso_url": "http://old-releases.ubuntu.com/releases/14.04.1/ubuntu-14.04.1-server-amd64.iso",
     "iso_checksum_type": "md5",
     "iso_checksum": "ca2531b8cd79ea5b778ede3a524779b9",
-    "box_version": "0.1.0"
+    "box_version": "0.1.2"
   }
 }