Merge remote-tracking branch 'upstream/master' into land-301-

2024-06-20 20:05:45 +02:00 · 2018-07-25 20:13:03 -05:00 · 2018-07-25 20:13:03 -05:00 · 4e27eda152
commit 4e27eda152
parent 4dbdc77cdc 80ae3e437c
4 changed files with 216 additions and 143 deletions
--- a/README.md
+++ b/README.md
@ -19,19 +19,22 @@ Requirements:
 * [VirtualBox](https://www.virtualbox.org/wiki/Downloads) or libvirt/qemu-kvm
 * Internet connection

-To build automatically:
+### To build automatically:

-1. On Linux/OSX run `./build.sh windows2008` to build the Windows box or `./build.sh ubuntu1404` to build the Linux box. If /tmp is small, use `TMPDIR=/var/tmp ./build.sh ...` to store temporary packer disk images under /var/tmp. On Windows, run `build_win2008.ps1` in a powershell terminal to build the Windows box.
-2. If the command completes successfully, run `vagrant up`.
+1. - On **Linux/OSX** run `./build.sh windows2008` to build the Windows box or `./build.sh ubuntu1404` to build the Linux box. If /tmp is small, use `TMPDIR=/var/tmp ./build.sh ...` to store temporary packer disk images under /var/tmp.
+   - On **Windows**, open powershell terminal and run `.\build.ps1 windows2008` to build the Windows box or `.\build.ps1 ubuntu1404` to build the Linux box. If no option is passed to the script i.e. `.\build.ps1`, then both the boxes are built.
+2. If both the boxes were successfully built, run `vagrant up` to start both. To start any one VM, you can use:
+    - `vagrant up ub1404` : to start the Linux box
+    - `vagrant up win2k8` : to start the Windows box
 3. When this process completes, you should be able to open the VM within VirtualBox and login. The default credentials are U: `vagrant` and P: `vagrant`.

-To build manually:
+### To build manually:

 1. Clone this repo and navigate to the main directory.
 2. Build the base VM image by running `packer build --only=<provider>-iso ./packer/templates/windows_2008_r2.json` where `<provider>` is your preferred virtualization platform. Currently `virtualbox` and `vmware` providers are supported. This will take a while the first time you run it since it has to download the OS installation ISO.
-3. After the base Vagrant box is created you need to add it to your Vagrant environment. This can be done with the command `vagrant box add windows_2008_r2_<provider>.box --name=metasploitable3`.
+3. After the base Vagrant box is created you need to add it to your Vagrant environment. This can be done with the command `vagrant box add packer/builds/windows_2008_r2_<provider>_0.1.0.box --name=metasploitable3-win2k8`.
 4. Use `vagrant plugin install vagrant-reload` to install the reload vagrant provisioner if you haven't already.
-5. To start the VM, run the command `vagrant up`. This will start up the VM and run all of the installation and configuration scripts necessary to set everything up. This takes about 10 minutes.
+5. To start the VM, run the command `vagrant up win2k8`. This will start up the VM and run all of the installation and configuration scripts necessary to set everything up. This takes about 10 minutes.
 6. Once this process completes, you can open up the VM within VirtualBox and login. The default credentials are U: vagrant and P: vagrant.

 Videos:
--- a/2
+++ b/2
@ -29,7 +29,7 @@ Vagrant.configure("2") do |config|
    # Configure Firewall to open up vulnerable services
    case ENV['MS3_DIFFICULTY']
      when 'easy'
-        config.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
+        win2k8.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
      else
        win2k8.vm.provision :shell, path: "scripts/configs/enable_firewall.bat"
        win2k8.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
--- a/build_win2008.ps1
+++ b/build_win2008.ps1
@ -1,132 +1,203 @@
-$ErrorActionPreference = "Stop"
-
-$virtualBoxMinVersion = "5.1.10"
-$packerMinVersion = "0.10.0"
-$vagrantMinVersion = "1.9.0"
-$vagrantreloadMinVersion = "0.0.1"
-$packer = "packer"
-
-function CompareVersions ($actualVersion, $expectedVersion, $exactMatch = $False) {
-    If ($exactMatch) {
-        If ($actualVersion -eq $expectedVersion) {
-            return $True
-        } else {
-            return $False
-        }
-    }
-
-    $actualVersion = $actualVersion.split(".")
-    $expectedVersion = $expectedVersion.split(".")
-
-    for($i=0; $i -le $expectedVersion.length; $i++) {
-        If([INT]$actualVersion[$i] -gt [INT]$expectedVersion[$i]) {
-            return $True
-        }
-
-        If([INT]$actualVersion[$i] -lt [INT]$expectedVersion[$i]) {
-            return $False
-        }
-    }
-    return $True
-}
-
-$expectedVBoxLocation = "C:\Program Files\Oracle\VirtualBox"
-If ($(Test-Path "$expectedVBoxLocation\VBoxManage.exe") -eq $True) {
-    $vboxVersion = cmd.exe /c "$expectedVBoxLocation\VBoxManage.exe" -v
-    $vboxVersion = $vboxVersion.split("r")[0]
-} else {
-    Write-Host "VirtualBox is not installed (or not in the expected location of $expectedVBoxLocation\)"
-    Write-Host "Please download and install it from https://www.virtualbox.org/"
-    exit
-}
-
-If (CompareVersions -actualVersion $vboxVersion -expectedVersion $virtualBoxMinVersion -exactMatch $False) {
-    Write-Host "Compatible version of VirtualBox found."
-} else {
-    Write-Host "A compatible version of VirtualBox was not found."
-    Write-Host "Current Version=[$vboxVersion], Minimum Version=[$virtualBoxMinVersion]"
-    Write-Host "Please download and install it from https://www.virtualbox.org/"
-    exit
-}
-
-$packerVersion = cmd.exe /c $packer -v
-
-If (CompareVersions -actualVersion $packerVersion -expectedVersion $packerMinVersion) {
-    Write-Host "Compatible version of packer found."
-} else {
-    Write-Host "Could not find a compatible version of packer. Please download it from https://www.packer.io/downloads.html and add it to your PATH."
-    exit
-}
-
-If ($(Test-Path "C:\HashiCorp\Vagrant\bin\vagrant.exe") -eq $True) {
-    $vagrantVersion = cmd.exe /c "vagrant" -v
-    $vagrantVersion = $vagrantVersion.split(" ")[1]
-}
-
-If (CompareVersions -actualVersion $vagrantVersion -expectedVersion $vagrantMinVersion) {
-    Write-Host "Compatible version of Vagrant found."
-} else {
-    Write-Host "Could not find a compatible version of Vagrant at C:\HashiCorp\Vagrant\bin\. Please download and install it from https://www.vagrantup.com/downloads.html."
-    exit
-}
-
-$vagrantPlugins = cmd.exe /c "vagrant plugin list" | select-string -pattern "vagrant-reload"
-
-If (![string]::IsNullOrEmpty($vagrantPlugins)) {
-    $vagrantPlugins = $vagrantPlugins.ToString().Trim()
-    $vagrantreloadVersion = $vagrantPlugins.Replace("(", "")
-    $vagrantreloadVersion = $vagrantreloadVersion.Replace(")", "")
-    $vagrantreloadVersion = $vagrantreloadVersion.split(" ")[1]
-
-    If (CompareVersions -actualVersion $vagrantreloadVersion -expectedVersion $vagrantreloadMinVersion) {
-        Write-Host "Compatible version of vagrant-reload plugin found."
-    }
-} else {
-    Write-Host "Could not find a compatible version of vagrant-reload plugin. Attempting to install..."
-    cmd.exe /c "vagrant plugin install vagrant-reload"
-
-    # Hacky version of Try-Catch for non-terminating errors.
-    # See http://stackoverflow.com/questions/1142211/try-catch-does-not-seem-to-have-an-effect
-    if($?) {
-        Write-Host "The vagrant-reload plugin was successfully installed."
-    } else {
-        throw "Error installing vagrant-reload plugin. Please check the output above for any error messages."
-    }
-}
-
-Write-Host "All requirements found. Proceeding..."
-
-If ($(Test-Path "packer\templates\windows_2008_r2_virtualbox.box") -eq $True) {
-    Write-Host "It looks like the Vagrant box already exists. Skipping the Packer build."
-} else {
-    Write-Host "Building the Vagrant box..."
-    cmd.exe /c $packer build --only=virtualbox-iso packer\templates\windows_2008_r2.json
-
-    if($?) {
-        Write-Host "Box successfully built by Packer."
-    } else {
-        throw "Error building the Vagrant box using Packer. Please check the output above for any error messages."
-    }
-}
-
-echo "Attempting to add the box to Vagrant..."
-
-$vagrant_box_list = cmd.exe /c "vagrant box list" | select-string -pattern "metasploitable3-win2k8"
-
-If ($vagrant_box_list) { $vagrant_box_list = $vagrant_box_list.ToString().Trim() }
-
-If ($vagrant_box_list -eq "metasploitable3-win2k8") {
-    Write-Host "metasploitable3-win2k8 already found in Vagrant box repository. Skipping the addition to Vagrant."
-} else {
-
-    cmd.exe /c vagrant box add metasploitable3-win2k8 packer\builds\windows_2008_r2_virtualbox.box
-
-    if($?) {
-        Write-Host "Box successfully added to Vagrant."
-    } else {
-        throw "Error adding box to Vagrant. See the above output for any error messages."
-    }
-}
-
-Write-Host "SUCCESS: Run 'vagrant up' to provision and start metasploitable3."
-Write-Host "NOTE: The VM will need Internet access to provision properly."
+$ErrorActionPreference = "Stop"
+
+$virtualBoxMinVersion = "5.1.10"
+$packerMinVersion = "0.10.0"
+$vagrantMinVersion = "1.9.0"
+$vagrantreloadMinVersion = "0.0.1"
+$packer = "packer"
+
+
+function CompareVersions ($actualVersion, $expectedVersion, $exactMatch = $False) {
+    If ($exactMatch) {
+        If ($actualVersion -eq $expectedVersion) {
+            return $True
+        } else {
+            return $False
+        }
+    }
+
+    $actualVersion = $actualVersion.split(".")
+    $expectedVersion = $expectedVersion.split(".")
+
+    for($i=0; $i -le $expectedVersion.length; $i++) {
+        If([INT]$actualVersion[$i] -gt [INT]$expectedVersion[$i]) {
+            return $True
+        }
+
+        If([INT]$actualVersion[$i] -lt [INT]$expectedVersion[$i]) {
+            return $False
+        }
+    }
+    return $True
+}
+
+Write-Host "";
+$expectedVBoxLocation = "C:\Program Files\Oracle\VirtualBox"
+
+If ($(Test-Path "$expectedVBoxLocation\VBoxManage.exe") -eq $True) {
+
+    $vboxVersion = cmd.exe /c "$expectedVBoxLocation\VBoxManage.exe" -v
+    $vboxVersion = $vboxVersion.split("r")[0]
+
+} else {
+
+    Write-Host "VirtualBox is not installed (or not in the expected location of $expectedVBoxLocation\)"
+    Write-Host "Please download and install it from https://www.virtualbox.org/"
+    exit
+
+}
+
+
+If (CompareVersions -actualVersion $vboxVersion -expectedVersion $virtualBoxMinVersion -exactMatch $False) {
+
+    Write-Host "Compatible version of VirtualBox found."
+
+} else {
+
+    Write-Host "A compatible version of VirtualBox was not found."
+    Write-Host "Current Version=[$vboxVersion], Minimum Version=[$virtualBoxMinVersion]"
+    Write-Host "Please download and install it from https://www.virtualbox.org/"
+    exit
+
+}
+
+$packerVersion = cmd.exe /c $packer -v
+
+If (CompareVersions -actualVersion $packerVersion -expectedVersion $packerMinVersion) {
+
+    Write-Host "Compatible version of Packer found."
+
+} else {
+
+    Write-Host "Could not find a compatible version of packer. Please download it from https://www.packer.io/downloads.html and add it to your PATH."
+    exit
+
+}
+
+
+If ($(Test-Path "C:\HashiCorp\Vagrant\bin\vagrant.exe") -eq $True) {
+
+    $vagrantVersion = cmd.exe /c "vagrant" -v
+    $vagrantVersion = $vagrantVersion.split(" ")[1]
+
+}
+
+
+If (CompareVersions -actualVersion $vagrantVersion -expectedVersion $vagrantMinVersion) {
+
+    Write-Host "Compatible version of Vagrant found."
+
+} else {
+
+    Write-Host "Could not find a compatible version of Vagrant at C:\HashiCorp\Vagrant\bin\. Please download and install it from https://www.vagrantup.com/downloads.html."
+    exit
+
+}
+
+
+$vagrantPlugins = cmd.exe /c "vagrant plugin list" | select-string -pattern "vagrant-reload"
+
+
+If (![string]::IsNullOrEmpty($vagrantPlugins)) {
+
+    $vagrantPlugins = $vagrantPlugins.ToString().Trim()
+    $vagrantreloadVersion = $vagrantPlugins.Replace("(", "")
+    $vagrantreloadVersion = $vagrantreloadVersion.Replace(")", "")
+    $vagrantreloadVersion = $vagrantreloadVersion.split(" ")[1]
+
+
+    If (CompareVersions -actualVersion $vagrantreloadVersion -expectedVersion $vagrantreloadMinVersion) {
+
+        Write-Host "Compatible version of vagrant-reload plugin found."
+
+    }
+
+} else {
+
+    Write-Host "Could not find a compatible version of vagrant-reload plugin. Attempting to install..."
+    cmd.exe /c "vagrant plugin install vagrant-reload"
+
+
+    # Hacky version of Try-Catch for non-terminating errors.
+    # See http://stackoverflow.com/questions/1142211/try-catch-does-not-seem-to-have-an-effect
+
+    if($?) {
+        Write-Host "The vagrant-reload plugin was successfully installed."
+    } else {
+        throw "Error installing vagrant-reload plugin. Please check the output above for any error messages."
+    }
+
+}
+
+function InstallBox($os_full, $os_short)
+{
+    $boxversion = Get-Content .\packer\templates\$os_full.json | Select-String -Pattern "box_version" | Select-String -Pattern "[0-9]\.[0-9]\.[0-9]+"
+    $boxversion = $boxversion.toString().trim().split('"')[3]
+
+    Write-Host "Building metasploitable3-$os_short Vagrant box..."
+
+    If ($(Test-Path "packer\builds\$($os_full)_virtualbox_$boxversion.box") -eq $True) {
+
+        Write-Host "It looks like the Vagrant box already exists. Skipping the Packer build."
+    
+    } else {
+
+        cmd.exe /c $packer build --only=virtualbox-iso packer\templates\$os_full.json
+
+        if($?) {
+          Write-Host "Box successfully built by Packer."
+        } else {
+         throw "Error building the Vagrant box using Packer. Please check the output above for any error messages."
+        }
+    }
+
+    echo "Attempting to add metasploitable3-$os_short box to Vagrant..."
+    $vagrant_box_list = cmd.exe /c "vagrant box list"
+
+    If ($vagrant_box_list -match "metasploitable3-$os_short") {
+        Write-Host "metasploitable3-$os_short already found in Vagrant box repository. Skipping the addition to Vagrant."
+    } else {
+
+        cmd.exe /c vagrant box add metasploitable3-$os_short packer\builds\$($os_full)_virtualbox_$boxversion.box
+    
+        if($?) {
+            Write-Host "metasploitable3-$os_short box successfully added to Vagrant."
+        } else {
+            throw "Error adding metasploitable3-$os_short box to Vagrant. See the above output for any error messages."
+        }
+    }
+}
+
+
+
+Write-Host "All requirements found. Proceeding..."
+
+if($args.Length -eq 0)
+{
+  $option = Read-Host -Prompt 'No box name passed as input. Build both the boxes ? (y/n)';
+  if ($option -eq 'y')
+  {
+    InstallBox -os_full "windows_2008_r2" -os_short "win2k8";
+    InstallBox -os_full "ubuntu_1404" -os_short "ub1404";
+  } else {
+    Write-Host "To build metasploitable boxes separately, use the following commands:";
+    Write-Host "- .\build.ps1 windows2008";
+    Write-Host "- .\build.ps1 ubuntu1404";
+  }
+}
+ElseIf ($args.Length -eq 1)
+{
+  if ($args -eq "windows2008")
+  {
+    InstallBox -os_full "windows_2008_r2" -os_short "win2k8";
+  }
+  ElseIf ($args -eq "ubuntu1404")
+  {
+    InstallBox -os_full "ubuntu_1404" -os_short "ub1404";
+  }
+  Else
+  {
+    Write-Host "Invalid OS. Valid options are 'ubuntu1404' and 'windows2008'";
+  }
+}
+Write-Host "";
--- a/packer/templates/ubuntu_1404.json
+++ b/packer/templates/ubuntu_1404.json
@ -127,7 +127,6 @@
        "{{template_dir}}/../../chef/cookbooks"
      ],
      "run_list": [
-        "metasploitable::vm_tools",
        "metasploitable::users",
        "metasploitable::mysql",
        "metasploitable::apache_continuum",
@ -158,9 +157,9 @@
    }
  ],
  "variables": {
-    "iso_url": "http://old-releases.ubuntu.com/releases/14.04.1/ubuntu-14.04.1-server-amd64.iso",
-    "iso_checksum_type": "md5",
-    "iso_checksum": "ca2531b8cd79ea5b778ede3a524779b9",
+    "iso_url": "http://old-releases.ubuntu.com/releases/14.04.0/ubuntu-14.04-server-amd64.iso",
+    "iso_checksum_type": "sha256",
+    "iso_checksum": "ababb88a492e08759fddcf4f05e5ccc58ec9d47fa37550d63931d0a5fa4f7388",
    "box_version": "0.1.12"
  }
 }