From ebfa4b71f23808cfed10eed5345a6d80ed586af9 Mon Sep 17 00:00:00 2001 From: Nicholas Charron Date: Sat, 19 Nov 2016 15:03:43 -0500 Subject: [PATCH 01/16] Will install dotnetfx4.0 and choco with packer. WARNING STILL WIP --- .DS_Store | Bin 0 -> 6148 bytes answer_files/2008_r2/Autounattend.xml | 10 +++ scripts/.DS_Store | Bin 0 -> 6148 bytes scripts/installs/install_netfx.ps1 | 14 ++++ windows_2008_r2.json | 93 ++++++++++++++++++++++++-- 5 files changed, 113 insertions(+), 4 deletions(-) create mode 100644 .DS_Store create mode 100644 scripts/.DS_Store create mode 100644 scripts/installs/install_netfx.ps1 diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..d5a99c9acab8fa54e494b4124de133a6cd377361 GIT binary patch literal 6148 zcmeHK%}&BV5S|5;5@YPa1dqLV;{ZtHWYQoWyqRG1paxnY(xkS87KzrHK8C)LZ{X`V zv%3%wJ$NyO%p|kl?ELIzzc%{=0HQVN*8ofaFi;6|C2YPCij%HLPJ0N29AgAAMD8>i zx&BHvJN_dB^zDie!7YrzgN5%Gx)^zPN4^)u)#``H6+yv zsW&QCqh3oZR?=)%(LOj#(~?o%uN|HC?jN6$=k(=OQ7iB-l(M6725)G5S>;1#9Qa{y zhml#;ESr%TUpa@lps7i%?VhB}^eoN=s8Z(8e9E6-1$I&wj{X!9PcJx~^9fYlrTV{Y6 zSY{xvx+b0fCqKXcmy5W^3@`(0#egWZJM9)ONuRANi=(sFLhYfFP+q2RUV?@^iZPdt d;yqL;=(or~v^8c5(SyPl0Z9Wl%)p;A@CkX|Qs@8x literal 0 HcmV?d00001 diff --git a/answer_files/2008_r2/Autounattend.xml b/answer_files/2008_r2/Autounattend.xml index 6a709bf..0eab7ad 100644 --- a/answer_files/2008_r2/Autounattend.xml +++ b/answer_files/2008_r2/Autounattend.xml @@ -249,6 +249,16 @@ 25 Disable password expiration for vagrant user + + cmd.exe /c mkdir -p C:\vagrant\scripts + Create directory for vagrant files to avoid provisioner bug with packer. + 26 + + + cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install_netfx.ps1 -AutoStart + Install dotNet 4.0 and Chocolatey. This allows the environment to be reloaded after reboot. + 27 + cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\openssh.ps1 -AutoStart diff --git a/scripts/.DS_Store b/scripts/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..091049ab599e422dfc695f4b43fa305a891ec1b4 GIT binary patch literal 6148 zcmeHK!AiqG5Z!I7rihq>P>*}@)yuZiwT;a!17*j!b;j|`N!@gs z*zV+7_5y$8Y5O9M!-eg7m%(T@F!xU4D0PEqG+7G2xe6jbp4ss<@)J4Fxtoq5w~jI} z8(G%rHbuA7&YL3Z^;%#b9_4x6XdJYU&xZF;&)G}<`liU`@EuCo)i{TDFiQJ;bS6<4 zM|Utb&zr{+5(C5lF|f`I=rhmQUgu5H-iQHW;8zUb`5-_MEscdjd2~R7zmGUxLqq`^ z?-GbYqouJ>2qPd|r2?u{uCEwerGsDSI7?%pP^B|2SB81?%3R-2xLh6lLWVPLDWsMd zAO=<$sH(1s_5bwe`~PYZ^@sstV67P7wZ7B0VN1HUmNtjAR)7vcQ82DhxJUs*mSTv- eQoIi;1^faHKucqx5Ii9CBOqy@h8Xx$2EG7SHd8eK literal 0 HcmV?d00001 diff --git a/scripts/installs/install_netfx.ps1 b/scripts/installs/install_netfx.ps1 new file mode 100644 index 0000000..8f0dd36 --- /dev/null +++ b/scripts/installs/install_netfx.ps1 @@ -0,0 +1,14 @@ +# setup dotnetfx4 +$netfx_url = "https://download.microsoft.com/download/9/5/A/95A9616B-7A37-4AF6-BC36-D6EA96C8DAAE/dotNetFx40_Full_x86_x64.exe" + + +Write-Output "Downloading $netfx_url" +(New-Object System.Net.WebClient).DownloadFile($netfx_url, "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe") +Write-Output "Starting Install of dotNetFx40_Full_x86_x64.exe" +Start-Process "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe" "/q /norestart" -Wait + +$ChocoInstallPath = "$env:SystemDrive\ProgramData\Chocolatey\bin" + +if (!(Test-Path $ChocoInstallPath)) { + iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1')) +} \ No newline at end of file diff --git a/windows_2008_r2.json b/windows_2008_r2.json index 7a05aea..2b999b0 100644 --- a/windows_2008_r2.json +++ b/windows_2008_r2.json @@ -1,5 +1,47 @@ { "builders": [ + { + "type": "vmware-iso", + "iso_url": "{{user `iso_url`}}", + "iso_checksum_type": "{{user `iso_checksum_type`}}", + "iso_checksum": "{{user `iso_checksum`}}", + "headless": false, + "boot_wait": "2m", + "ssh_username": "vagrant", + "ssh_password": "vagrant", + "ssh_wait_timeout": "2h", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "guest_os_type": "windows8srv-64", + "tools_upload_flavor": "windows", + "disk_size": 61440, + "floppy_files": [ + "{{user `autounattend`}}", + "./scripts/configs/microsoft-updates.bat", + "./scripts/configs/win-updates.ps1", + "./scripts/installs/openssh.ps1", + "./scripts/installs/install_netfx.ps1", + "./resources/certs/oracle-cert.cer", + "./resources/certs/gdig2.crt", + "./resources/certs/comodorsadomainvalidationsecureserverca.crt", + "./resources/certs/comodorsacertificationauthority.crt", + "./resources/certs/addtrust_external_ca.cer", + "./resources/certs/baltimore_ca.cer", + "./resources/certs/digicert.cer", + "./resources/certs/equifax.cer", + "./resources/certs/globalsign.cer", + "./resources/certs/gte_cybertrust.cer", + "./resources/certs/microsoft_root_2011.cer", + "./resources/certs/thawte_primary_root.cer", + "./resources/certs/utn-userfirst.cer" + ], + "vm_name": "metasploitable3", + "vmx_data": { + "cpuid.coresPerSocket": "2", + "memsize": "2048", + "numvcpus": "2", + "scsi0.virtualDev": "lsisas1068" + } + }, { "type": "virtualbox-iso", "iso_url": "{{user `iso_url`}}", @@ -18,6 +60,7 @@ "./scripts/configs/microsoft-updates.bat", "./scripts/configs/win-updates.ps1", "./scripts/installs/openssh.ps1", + "./scripts/installs/install_netfx.ps1", "./resources/certs/oracle-cert.cer", "./resources/certs/gdig2.crt", "./resources/certs/comodorsadomainvalidationsecureserverca.crt", @@ -48,24 +91,66 @@ ] } ], - "provisioners": [ +"provisioners": [ + { + "type": "file", + "source": "scripts", + "destination": "C:/vagrant" + }, + { + "type": "file", + "source": "resources", + "destination": "C:/vagrant" + }, { "type": "shell", - "remote_path": "/tmp/script.bat", + "remote_path": "C:/Windows/Temp/script.bat", "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", "scripts": [ "./scripts/installs/vm-guest-tools.bat", "./scripts/configs/vagrant-ssh.bat", "./scripts/configs/disable-auto-logon.bat", "./scripts/configs/enable-rdp.bat", - "./scripts/configs/update_root_certs.bat" + "./scripts/configs/update_root_certs.bat", + "scripts/installs/install_boxstarter.bat", + "scripts/chocolatey_installs/7zip.bat", + "scripts/configs/apply_password_settings.bat", + "scripts/configs/create_users.bat", + "scripts/installs/setup_iis.bat", + "scripts/installs/setup_ftp_site.bat", + "scripts/chocolatey_installs/java.bat", + "scripts/chocolatey_installs/tomcat.bat", + "scripts/installs/setup_apache_struts.bat", + "scripts/installs/setup_glassfish.bat", + "scripts/installs/start_glassfish_service.bat", + "scripts/installs/setup_jenkins.bat", + "scripts/chocolatey_installs/vcredist2008.bat", + "scripts/installs/install_wamp.bat", + "scripts/installs/start_wamp.bat", + "scripts/installs/install_wordpress.bat", + "scripts/installs/install_openjdk6.bat", + "scripts/installs/setup_jmx.bat", + "scripts/installs/install_ruby.bat", + "scripts/installs/install_devkit.bat", + "scripts/installs/install_rails_server.bat", + "scripts/installs/setup_rails_server.bat", + "scripts/installs/install_rails_service.bat", + "scripts/installs/setup_webdav.bat", + "scripts/installs/setup_mysql.bat", + "scripts/installs/install_manageengine.bat", + "scripts/installs/setup_axis2.bat", + "scripts/installs/install_backdoors.bat", + "scripts/installs/setup_snmp.bat", + "scripts/configs/configure_firewall.bat", + "scripts/installs/install_elasticsearch.bat", + "scripts/installs/install_flags.bat" ] } ], "post-processors": [ { "type": "vagrant", - "keep_input_artifact": false, + "keep_input_artifact": true, "output": "windows_2008_r2_{{.Provider}}.box", "vagrantfile_template": "vagrantfile-windows_2008_r2.template" } From 51bc6c09307c428a45ce33d8556990f19fb642d9 Mon Sep 17 00:00:00 2001 From: Nicholas Charron Date: Sat, 19 Nov 2016 15:04:52 -0500 Subject: [PATCH 02/16] Change to .gitignore --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 2122c0b..5460b33 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,6 @@ packer_cache/ *.exe *.msi *.msu - +*.DS_Store resources/manageengine/setup.log windows_2008_r2_virtualbox.box From e3423802b9efbce5e6cabadab2727907cfd41db3 Mon Sep 17 00:00:00 2001 From: Nicholas Charron Date: Sat, 19 Nov 2016 15:09:41 -0500 Subject: [PATCH 03/16] Removed .DS_Store --- .DS_Store | Bin 6148 -> 0 bytes scripts/.DS_Store | Bin 6148 -> 0 bytes 2 files changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .DS_Store delete mode 100644 scripts/.DS_Store diff --git a/.DS_Store b/.DS_Store deleted file mode 100644 index d5a99c9acab8fa54e494b4124de133a6cd377361..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6148 zcmeHK%}&BV5S|5;5@YPa1dqLV;{ZtHWYQoWyqRG1paxnY(xkS87KzrHK8C)LZ{X`V zv%3%wJ$NyO%p|kl?ELIzzc%{=0HQVN*8ofaFi;6|C2YPCij%HLPJ0N29AgAAMD8>i zx&BHvJN_dB^zDie!7YrzgN5%Gx)^zPN4^)u)#``H6+yv zsW&QCqh3oZR?=)%(LOj#(~?o%uN|HC?jN6$=k(=OQ7iB-l(M6725)G5S>;1#9Qa{y zhml#;ESr%TUpa@lps7i%?VhB}^eoN=s8Z(8e9E6-1$I&wj{X!9PcJx~^9fYlrTV{Y6 zSY{xvx+b0fCqKXcmy5W^3@`(0#egWZJM9)ONuRANi=(sFLhYfFP+q2RUV?@^iZPdt d;yqL;=(or~v^8c5(SyPl0Z9Wl%)p;A@CkX|Qs@8x diff --git a/scripts/.DS_Store b/scripts/.DS_Store deleted file mode 100644 index 091049ab599e422dfc695f4b43fa305a891ec1b4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6148 zcmeHK!AiqG5Z!I7rihq>P>*}@)yuZiwT;a!17*j!b;j|`N!@gs z*zV+7_5y$8Y5O9M!-eg7m%(T@F!xU4D0PEqG+7G2xe6jbp4ss<@)J4Fxtoq5w~jI} z8(G%rHbuA7&YL3Z^;%#b9_4x6XdJYU&xZF;&)G}<`liU`@EuCo)i{TDFiQJ;bS6<4 zM|Utb&zr{+5(C5lF|f`I=rhmQUgu5H-iQHW;8zUb`5-_MEscdjd2~R7zmGUxLqq`^ z?-GbYqouJ>2qPd|r2?u{uCEwerGsDSI7?%pP^B|2SB81?%3R-2xLh6lLWVPLDWsMd zAO=<$sH(1s_5bwe`~PYZ^@sstV67P7wZ7B0VN1HUmNtjAR)7vcQ82DhxJUs*mSTv- eQoIi;1^faHKucqx5Ii9CBOqy@h8Xx$2EG7SHd8eK From d9d622ed1c3024e9fe3b2ff2164ac10d2e410818 Mon Sep 17 00:00:00 2001 From: Nicholas Charron Date: Sat, 19 Nov 2016 15:12:05 -0500 Subject: [PATCH 04/16] Fixed Indent --- answer_files/2008_r2/Autounattend.xml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/answer_files/2008_r2/Autounattend.xml b/answer_files/2008_r2/Autounattend.xml index 0eab7ad..27b693d 100644 --- a/answer_files/2008_r2/Autounattend.xml +++ b/answer_files/2008_r2/Autounattend.xml @@ -261,11 +261,11 @@ - cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\openssh.ps1 -AutoStart - Install OpenSSH - 99 - true - + cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\openssh.ps1 -AutoStart + Install OpenSSH + 99 + true + From 060b3a66db210143ec17fd9b1c11c1cf83c7f597 Mon Sep 17 00:00:00 2001 From: ncharron Date: Sat, 19 Nov 2016 15:21:44 -0500 Subject: [PATCH 05/16] Update README.md --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 4d234dd..68fde49 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,10 @@ Metasploitable3 is a VM that is built from the ground up with a large amount of Metasploitable3 is released under a BSD-style license. See COPYING for more details. +## NOTE: This is a work in progress to move provisioning to packer and using vmware + +use: 'packer build -only=vmware-iso windows_2008_r2.json' + ## Building Metasploitable 3 Requirements: From 32751a648ae6464d996e38b7dce4261f403c7f95 Mon Sep 17 00:00:00 2001 From: ncharron Date: Sat, 19 Nov 2016 15:22:26 -0500 Subject: [PATCH 06/16] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 68fde49..910939c 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ Metasploitable3 is released under a BSD-style license. See COPYING for more deta ## NOTE: This is a work in progress to move provisioning to packer and using vmware -use: 'packer build -only=vmware-iso windows_2008_r2.json' +use: `packer build -only=vmware-iso windows_2008_r2.json` ## Building Metasploitable 3 From 1db87e68d0fb13fe6038c13f2de47522009b05c9 Mon Sep 17 00:00:00 2001 From: Nicholas Charron Date: Sun, 20 Nov 2016 11:20:14 -0500 Subject: [PATCH 07/16] Added windows-shell provisioning along with inline powershell for choco and some restarts --- answer_files/2008_r2/Autounattend.xml | 2 +- scripts/installs/install_netfx.ps1 | 9 +-------- scripts/installs/setup_snmp.bat | 2 +- windows_2008_r2.json | 23 +++++++++++++++++++++-- 4 files changed, 24 insertions(+), 12 deletions(-) diff --git a/answer_files/2008_r2/Autounattend.xml b/answer_files/2008_r2/Autounattend.xml index 27b693d..33d51a3 100644 --- a/answer_files/2008_r2/Autounattend.xml +++ b/answer_files/2008_r2/Autounattend.xml @@ -256,7 +256,7 @@ cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\install_netfx.ps1 -AutoStart - Install dotNet 4.0 and Chocolatey. This allows the environment to be reloaded after reboot. + Install .NET 4.0 27 diff --git a/scripts/installs/install_netfx.ps1 b/scripts/installs/install_netfx.ps1 index 8f0dd36..183e8dc 100644 --- a/scripts/installs/install_netfx.ps1 +++ b/scripts/installs/install_netfx.ps1 @@ -1,14 +1,7 @@ # setup dotnetfx4 $netfx_url = "https://download.microsoft.com/download/9/5/A/95A9616B-7A37-4AF6-BC36-D6EA96C8DAAE/dotNetFx40_Full_x86_x64.exe" - Write-Output "Downloading $netfx_url" (New-Object System.Net.WebClient).DownloadFile($netfx_url, "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe") Write-Output "Starting Install of dotNetFx40_Full_x86_x64.exe" -Start-Process "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe" "/q /norestart" -Wait - -$ChocoInstallPath = "$env:SystemDrive\ProgramData\Chocolatey\bin" - -if (!(Test-Path $ChocoInstallPath)) { - iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1')) -} \ No newline at end of file +Start-Process "C:\Windows\Temp\dotNetFx40_Full_x86_x64.exe" "/q /norestart" -Wait \ No newline at end of file diff --git a/scripts/installs/setup_snmp.bat b/scripts/installs/setup_snmp.bat index 748e88a..2f3a2df 100644 --- a/scripts/installs/setup_snmp.bat +++ b/scripts/installs/setup_snmp.bat @@ -1,4 +1,4 @@ -start /w PKGMGR.EXE /iu:SNMP +start /w PKGMGR.EXE /quiet /norestart /iu:SNMP reg delete HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters\PermittedManagers /va /f reg add HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters /v EnableAuthenticationTraps /t REG_DWORD /d 0 /f reg add HKLM\SYSTEM\ControlSet001\services\SNMP\Parameters\ValidCommunities /v public /t REG_DWORD /d 4 /f diff --git a/windows_2008_r2.json b/windows_2008_r2.json index 2b999b0..64e6170 100644 --- a/windows_2008_r2.json +++ b/windows_2008_r2.json @@ -103,7 +103,16 @@ "destination": "C:/vagrant" }, { - "type": "shell", + "type":"powershell", + "inline": [ + "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" + ] + }, + { + "type": "windows-restart" + }, + { + "type": "windows-shell", "remote_path": "C:/Windows/Temp/script.bat", "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", "scripts": [ @@ -131,7 +140,17 @@ "scripts/installs/install_openjdk6.bat", "scripts/installs/setup_jmx.bat", "scripts/installs/install_ruby.bat", - "scripts/installs/install_devkit.bat", + "scripts/installs/install_devkit.bat" + ] + }, + { + "type": "windows-restart" + }, + { + "type": "windows-shell", + "remote_path": "C:/Windows/Temp/script.bat", + "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", + "scripts": [ "scripts/installs/install_rails_server.bat", "scripts/installs/setup_rails_server.bat", "scripts/installs/install_rails_service.bat", From b4f7eecd8517fa0d4b1bec3aa603b2e21f1d9812 Mon Sep 17 00:00:00 2001 From: Nicholas Charron Date: Sun, 20 Nov 2016 11:36:37 -0500 Subject: [PATCH 08/16] Forgot a file... --- scripts/installs/setup_iis.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/installs/setup_iis.bat b/scripts/installs/setup_iis.bat index 6cf51af..632ecfb 100644 --- a/scripts/installs/setup_iis.bat +++ b/scripts/installs/setup_iis.bat @@ -1 +1 @@ -start /w PKGMGR.EXE /iu:IIS-WebServerRole;IIS-WebServer;IIS-CommonHttpFeatures;IIS-ApplicationDevelopment;IIS-ASPNET;IIS-NetFxExtensibility;IIS-ASP;IIS-CGI;IIS-ISAPIExtensions;IIS-ISAPIFilter;IIS-ServerSideIncludes;IIS-FTPServer;IIS-FTPSvc;IIS-FTPExtensibility; \ No newline at end of file +start /w PKGMGR.EXE /quiet /norestart /iu:IIS-WebServerRole;IIS-WebServer;IIS-CommonHttpFeatures;IIS-ApplicationDevelopment;IIS-ASPNET;IIS-NetFxExtensibility;IIS-ASP;IIS-CGI;IIS-ISAPIExtensions;IIS-ISAPIFilter;IIS-ServerSideIncludes;IIS-FTPServer;IIS-FTPSvc;IIS-FTPExtensibility; \ No newline at end of file From 663016015fe76cb5473a12ca7f71281d7e35408f Mon Sep 17 00:00:00 2001 From: Nicholas Charron Date: Sun, 20 Nov 2016 12:16:25 -0500 Subject: [PATCH 09/16] Fix for FTP script copy --- scripts/installs/setup_ftp_site.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/installs/setup_ftp_site.bat b/scripts/installs/setup_ftp_site.bat index 8ca3a0c..ff80f74 100644 --- a/scripts/installs/setup_ftp_site.bat +++ b/scripts/installs/setup_ftp_site.bat @@ -1 +1 @@ -copy /Y C:\vagrant\resources\iis\applicationHost.config "%SystemRoot%\System32\inetsrv\config\applicationHost.config" \ No newline at end of file +xcopy /I /Y C:\vagrant\resources\iis\applicationHost.config %SystemRoot%\System32\inetsrv\config\ \ No newline at end of file From 394d47f60f57a866bb6f203dc04aeee17f37e952 Mon Sep 17 00:00:00 2001 From: Nicholas Charron Date: Wed, 25 Jan 2017 09:43:00 -0500 Subject: [PATCH 10/16] updating changes. still work in progress --- answer_files/2008_r2/Autounattend.xml | 7 +- scripts/installs/setup_glassfish.bat | 2 +- scripts/installs/start_glassfish_service.bat | 2 +- windows_2008_r2.json | 20 ++- windows_2008_r2_base.json | 147 +++++++++++++++++++ 5 files changed, 168 insertions(+), 10 deletions(-) create mode 100644 windows_2008_r2_base.json diff --git a/answer_files/2008_r2/Autounattend.xml b/answer_files/2008_r2/Autounattend.xml index 33d51a3..2d4ea95 100644 --- a/answer_files/2008_r2/Autounattend.xml +++ b/answer_files/2008_r2/Autounattend.xml @@ -35,7 +35,8 @@ - + YC6KT-GKW9T-YTKYR-T4X34-R7VHC + Never @@ -290,8 +291,8 @@ false - vagrant-2008R2 - Pacific Standard Time + metasploitable3-2008R2 + Eastern Standard Time diff --git a/scripts/installs/setup_glassfish.bat b/scripts/installs/setup_glassfish.bat index ff8b38e..05a9c13 100644 --- a/scripts/installs/setup_glassfish.bat +++ b/scripts/installs/setup_glassfish.bat @@ -8,4 +8,4 @@ net start domain1 powershell -Command "Start-Sleep -s 5" net stop domain1 icacls "C:\glassfish" /grant "NT Authority\LOCAL SERVICE:(OI)(CI)F" /T -sc config domain1 obj= "NT Authority\LOCAL SERVICE" +sc config "domain1" obj= "NT Authority\LOCAL SERVICE" diff --git a/scripts/installs/start_glassfish_service.bat b/scripts/installs/start_glassfish_service.bat index 1dbea1a..01cae72 100644 --- a/scripts/installs/start_glassfish_service.bat +++ b/scripts/installs/start_glassfish_service.bat @@ -1 +1 @@ -net start "domain1 GlassFish Server" \ No newline at end of file +net start "domain1 Glassfish Server" \ No newline at end of file diff --git a/windows_2008_r2.json b/windows_2008_r2.json index 64e6170..cf87382 100644 --- a/windows_2008_r2.json +++ b/windows_2008_r2.json @@ -11,7 +11,7 @@ "ssh_password": "vagrant", "ssh_wait_timeout": "2h", "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", - "guest_os_type": "windows8srv-64", + "guest_os_type": "winServer2008Standard-64", "tools_upload_flavor": "windows", "disk_size": 61440, "floppy_files": [ @@ -37,7 +37,7 @@ "vm_name": "metasploitable3", "vmx_data": { "cpuid.coresPerSocket": "2", - "memsize": "2048", + "memsize": "4096", "numvcpus": "2", "scsi0.virtualDev": "lsisas1068" } @@ -127,7 +127,17 @@ "scripts/configs/create_users.bat", "scripts/installs/setup_iis.bat", "scripts/installs/setup_ftp_site.bat", - "scripts/chocolatey_installs/java.bat", + "scripts/chocolatey_installs/java.bat" + ] + }, + { + "type": "windows-restart" + }, + { + "type": "windows-shell", + "remote_path": "C:/Windows/Temp/script.bat", + "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", + "scripts": [ "scripts/chocolatey_installs/tomcat.bat", "scripts/installs/setup_apache_struts.bat", "scripts/installs/setup_glassfish.bat", @@ -175,9 +185,9 @@ } ], "variables": { - "iso_url": "http://download.microsoft.com/download/7/5/E/75EC4E54-5B02-42D6-8879-D8D3A25FBEF7/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso", + "iso_url": "en_windows_server_2008_r2_x64_dvd_x15-50365.iso", "iso_checksum_type": "md5", - "iso_checksum": "4263be2cf3c59177c45085c0a7bc6ca5", + "iso_checksum": "0ffbae83327f0ad8c2ab4d5dfa754c09", "autounattend": "./answer_files/2008_r2/Autounattend.xml" } } diff --git a/windows_2008_r2_base.json b/windows_2008_r2_base.json new file mode 100644 index 0000000..94fbbdb --- /dev/null +++ b/windows_2008_r2_base.json @@ -0,0 +1,147 @@ + { + "builders": [ + { + "type": "vmware-iso", + "iso_url": "{{user `iso_url`}}", + "iso_checksum_type": "{{user `iso_checksum_type`}}", + "iso_checksum": "{{user `iso_checksum`}}", + "headless": false, + "boot_wait": "2m", + "ssh_username": "vagrant", + "ssh_password": "vagrant", + "ssh_wait_timeout": "2h", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "guest_os_type": "windows8srv-64", + "tools_upload_flavor": "windows", + "disk_size": 61440, + "floppy_files": [ + "{{user `autounattend`}}", + "./scripts/configs/microsoft-updates.bat", + "./scripts/configs/win-updates.ps1", + "./scripts/installs/openssh.ps1", + "./scripts/installs/install_netfx.ps1", + "./resources/certs/oracle-cert.cer", + "./resources/certs/gdig2.crt", + "./resources/certs/comodorsadomainvalidationsecureserverca.crt", + "./resources/certs/comodorsacertificationauthority.crt", + "./resources/certs/addtrust_external_ca.cer", + "./resources/certs/baltimore_ca.cer", + "./resources/certs/digicert.cer", + "./resources/certs/equifax.cer", + "./resources/certs/globalsign.cer", + "./resources/certs/gte_cybertrust.cer", + "./resources/certs/microsoft_root_2011.cer", + "./resources/certs/thawte_primary_root.cer", + "./resources/certs/utn-userfirst.cer" + ], + "vm_name": "metasploitable3", + "vmx_data": { + "cpuid.coresPerSocket": "2", + "memsize": "4096", + "numvcpus": "2", + "scsi0.virtualDev": "lsisas1068" + } + }, + { + "type": "virtualbox-iso", + "iso_url": "{{user `iso_url`}}", + "iso_checksum_type": "{{user `iso_checksum_type`}}", + "iso_checksum": "{{user `iso_checksum`}}", + "headless": true, + "boot_wait": "2m", + "ssh_username": "vagrant", + "ssh_password": "vagrant", + "ssh_wait_timeout": "2h", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "guest_os_type": "Windows2008_64", + "disk_size": 61440, + "floppy_files": [ + "{{user `autounattend`}}", + "./scripts/configs/microsoft-updates.bat", + "./scripts/configs/win-updates.ps1", + "./scripts/installs/openssh.ps1", + "./scripts/installs/install_netfx.ps1", + "./resources/certs/oracle-cert.cer", + "./resources/certs/gdig2.crt", + "./resources/certs/comodorsadomainvalidationsecureserverca.crt", + "./resources/certs/comodorsacertificationauthority.crt", + "./resources/certs/addtrust_external_ca.cer", + "./resources/certs/baltimore_ca.cer", + "./resources/certs/digicert.cer", + "./resources/certs/equifax.cer", + "./resources/certs/globalsign.cer", + "./resources/certs/gte_cybertrust.cer", + "./resources/certs/microsoft_root_2011.cer", + "./resources/certs/thawte_primary_root.cer", + "./resources/certs/utn-userfirst.cer" + ], + "vboxmanage": [ + [ + "modifyvm", + "{{.Name}}", + "--memory", + "2048" + ], + [ + "modifyvm", + "{{.Name}}", + "--cpus", + "2" + ] + ] + } + ], +"provisioners": [ + { + "type": "file", + "source": "scripts", + "destination": "C:/vagrant" + }, + { + "type": "file", + "source": "resources", + "destination": "C:/vagrant" + }, + { + "type":"powershell", + "inline": [ + "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" + ] + }, + { + "type": "windows-restart" + }, + { + "type": "windows-shell", + "remote_path": "C:/Windows/Temp/script.bat", + "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", + "scripts": [ + "./scripts/installs/vm-guest-tools.bat", + "./scripts/configs/vagrant-ssh.bat", + "./scripts/configs/disable-auto-logon.bat", + "./scripts/configs/enable-rdp.bat", + "./scripts/configs/update_root_certs.bat", + "scripts/installs/install_boxstarter.bat", + "scripts/chocolatey_installs/7zip.bat", + "scripts/configs/apply_password_settings.bat", + "scripts/configs/create_users.bat", + "scripts/installs/setup_iis.bat", + "scripts/installs/setup_ftp_site.bat" + ] + } + ], + "post-processors": [ + { + "type": "vagrant", + "keep_input_artifact": true, + "output": "windows_2008_r2_{{.Provider}}.box", + "vagrantfile_template": "vagrantfile-windows_2008_r2.template" + } + ], + "variables": { + "iso_url": "en_windows_server_2008_r2_x64_dvd_x15-50365.iso", + "iso_checksum_type": "md5", + "iso_checksum": "0ffbae83327f0ad8c2ab4d5dfa754c09", + "autounattend": "./answer_files/2008_r2/Autounattend.xml" + } +} From 85c9eea665abd291cdf8a2722a20326822ac758a Mon Sep 17 00:00:00 2001 From: James Barnett Date: Wed, 3 May 2017 11:57:25 -0500 Subject: [PATCH 11/16] WIP: AUTOUNATTEND updates to get it building. Still seeing issues when provisioning. --- answer_files/2008_r2/Autounattend.xml | 8 ++++---- windows_2008_r2.json | 16 +++++++++++++--- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/answer_files/2008_r2/Autounattend.xml b/answer_files/2008_r2/Autounattend.xml index 2d4ea95..0c0e1e8 100644 --- a/answer_files/2008_r2/Autounattend.xml +++ b/answer_files/2008_r2/Autounattend.xml @@ -35,7 +35,7 @@ - YC6KT-GKW9T-YTKYR-T4X34-R7VHC + Never @@ -260,7 +260,7 @@ Install .NET 4.0 27 - + cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\openssh.ps1 -AutoStart Install OpenSSH @@ -291,8 +291,8 @@ false - metasploitable3-2008R2 - Eastern Standard Time + vagrant-2008R2 + Pacific Standard Time diff --git a/windows_2008_r2.json b/windows_2008_r2.json index 5b206fb..a1ac5e0 100644 --- a/windows_2008_r2.json +++ b/windows_2008_r2.json @@ -102,6 +102,17 @@ "source": "resources", "destination": "C:/vagrant" }, + { + "type": "windows-shell", + "remote_path": "C:/Windows/Temp/script.bat", + "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", + "scripts": [ + "./scripts/installs/vm-guest-tools.bat" + ] + }, + { + "type": "windows-restart" + }, { "type":"powershell", "inline": [ @@ -116,7 +127,6 @@ "remote_path": "C:/Windows/Temp/script.bat", "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", "scripts": [ - "./scripts/installs/vm-guest-tools.bat", "./scripts/configs/vagrant-ssh.bat", "./scripts/configs/disable-auto-logon.bat", "./scripts/configs/enable-rdp.bat", @@ -185,9 +195,9 @@ } ], "variables": { - "iso_url": "en_windows_server_2008_r2_x64_dvd_x15-50365.iso", + "iso_url": "http://download.microsoft.com/download/7/5/E/75EC4E54-5B02-42D6-8879-D8D3A25FBEF7/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso", "iso_checksum_type": "md5", - "iso_checksum": "0ffbae83327f0ad8c2ab4d5dfa754c09", + "iso_checksum": "4263be2cf3c59177c45085c0a7bc6ca5", "autounattend": "./answer_files/2008_r2/Autounattend.xml" } } From 4ca2e7c2922fa90f0bf01e51d37785b054f14642 Mon Sep 17 00:00:00 2001 From: James Barnett Date: Mon, 8 May 2017 16:45:05 -0500 Subject: [PATCH 12/16] Install software during packer build instead of vagrant. --- windows_2008_r2.json | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/windows_2008_r2.json b/windows_2008_r2.json index a1ac5e0..fab3c8a 100644 --- a/windows_2008_r2.json +++ b/windows_2008_r2.json @@ -47,8 +47,9 @@ "iso_url": "{{user `iso_url`}}", "iso_checksum_type": "{{user `iso_checksum_type`}}", "iso_checksum": "{{user `iso_checksum`}}", - "headless": true, - "boot_wait": "2m", + "headless": false, + "boot_wait": "5m", + "communicator": "ssh", "ssh_username": "vagrant", "ssh_password": "vagrant", "ssh_wait_timeout": "2h", @@ -107,7 +108,8 @@ "remote_path": "C:/Windows/Temp/script.bat", "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", "scripts": [ - "./scripts/installs/vm-guest-tools.bat" + "./scripts/installs/vm-guest-tools.bat", + "./scripts/configs/disable_firewall.bat" ] }, { From 96c3e950e14c441d0960235c1eeb2001dbf568fb Mon Sep 17 00:00:00 2001 From: James Barnett Date: Thu, 11 May 2017 15:21:54 -0500 Subject: [PATCH 13/16] Building from packer working. All of the software installation and configuration is occurring on packer now. Vagrant just brings the box up and adjusts the firewall. We probably want to do more configuration on the vagrant side to make it more flexible, but this code is working so I wanted to commit it. --- Vagrantfile | 113 +-------------------- scripts/configs/enable_firewall.bat | 1 + scripts/configs/packer_cleanup.bat | 1 + windows_2008_r2.json | 22 +++-- windows_2008_r2_base.json | 147 ---------------------------- 5 files changed, 18 insertions(+), 266 deletions(-) create mode 100644 scripts/configs/enable_firewall.bat create mode 100644 scripts/configs/packer_cleanup.bat delete mode 100644 windows_2008_r2_base.json diff --git a/Vagrantfile b/Vagrantfile index fc66e97..152015e 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -9,123 +9,12 @@ Vagrant.configure("2") do |config| config.vm.network "private_network", type: "dhcp" - # Install Chocolatey - config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd" - config.vm.provision :reload # Hack to reset environment variables - - # Install BoxStarter - config.vm.provision :shell, path: "scripts/installs/install_boxstarter.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Install 7zip - config.vm.provision :shell, path: "scripts/chocolatey_installs/7zip.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Adjust password policy - config.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Add users and add to groups - config.vm.provision :shell, path: "scripts/configs/create_users.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - Unpatched IIS and FTP - config.vm.provision :shell, path: "scripts/installs/setup_iis.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/installs/setup_ftp_site.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - Setup for Apache Struts - config.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :reload # Hack to reset environment variables - config.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - Setup for Glassfish - config.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/installs/start_glassfish_service.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - Jenkins (1.8) - config.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - Wordpress and phpMyAdmin - # This must run after the WAMP setup. - config.vm.provision :shell, path: "scripts/chocolatey_installs/vcredist2008.bat" # Visual Studio 2008 redistributable is a requirement for WAMP - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/installs/install_wamp.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/installs/start_wamp.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/installs/install_wordpress.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - JMX - config.vm.provision :shell, path: "scripts/installs/install_openjdk6.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/installs/setup_jmx.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - Rails Server - config.vm.provision :shell, path: "scripts/installs/install_ruby.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/installs/install_devkit.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/installs/install_rails_server.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - config.vm.provision :shell, path: "scripts/installs/install_rails_service.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - WebDAV - # This must run after the WAMP setup. - config.vm.provision :shell, path: "scripts/installs/setup_webdav.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - MySQL - config.vm.provision :shell, path: "scripts/installs/setup_mysql.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - ManageEngine Desktop Central - config.vm.provision :shell, path: "scripts/installs/install_manageengine.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - Axis2 - # This must run after the Apache Struts setup. - config.vm.provision :shell, path: "scripts/installs/setup_axis2.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - Common backdoors - config.vm.provision :shell, path: "scripts/installs/install_backdoors.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - SNMP - config.vm.provision :shell, path: "scripts/installs/setup_snmp.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - # Configure Firewall to open up vulnerable services case ENV['MS3_DIFFICULTY'] when 'easy' config.vm.provision :shell, path: "scripts/configs/disable_firewall.bat" else + config.vm.provision :shell, path: "scripts/configs/enable_firewall.bat" config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat" end - - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Vulnerability - ElasticSearch - # This must run after the firewall rules, because it needs to make some HTTP requests in order to - # set up the vulnerable state. - config.vm.provision :shell, path: "scripts/installs/install_elasticsearch.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 - - # Configure flags - config.vm.provision :shell, path: "scripts/installs/install_flags.bat" - config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a end diff --git a/scripts/configs/enable_firewall.bat b/scripts/configs/enable_firewall.bat new file mode 100644 index 0000000..8aac532 --- /dev/null +++ b/scripts/configs/enable_firewall.bat @@ -0,0 +1 @@ +netsh advfirewall set allprofiles state on \ No newline at end of file diff --git a/scripts/configs/packer_cleanup.bat b/scripts/configs/packer_cleanup.bat new file mode 100644 index 0000000..36efd9b --- /dev/null +++ b/scripts/configs/packer_cleanup.bat @@ -0,0 +1 @@ +rmdir /S /Q C:\vagrant \ No newline at end of file diff --git a/windows_2008_r2.json b/windows_2008_r2.json index fab3c8a..f271d8b 100644 --- a/windows_2008_r2.json +++ b/windows_2008_r2.json @@ -103,12 +103,23 @@ "source": "resources", "destination": "C:/vagrant" }, + { + "type": "shell", + "remote_path": "/tmp/script.bat", + "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", + "scripts": [ + "./scripts/configs/update_root_certs.bat", + "./scripts/installs/vm-guest-tools.bat", + "./scripts/configs/vagrant-ssh.bat", + "./scripts/configs/disable-auto-logon.bat", + "./scripts/configs/enable-rdp.bat" + ] + }, { "type": "windows-shell", "remote_path": "C:/Windows/Temp/script.bat", "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", "scripts": [ - "./scripts/installs/vm-guest-tools.bat", "./scripts/configs/disable_firewall.bat" ] }, @@ -129,10 +140,6 @@ "remote_path": "C:/Windows/Temp/script.bat", "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", "scripts": [ - "./scripts/configs/vagrant-ssh.bat", - "./scripts/configs/disable-auto-logon.bat", - "./scripts/configs/enable-rdp.bat", - "./scripts/configs/update_root_certs.bat", "scripts/installs/install_boxstarter.bat", "scripts/chocolatey_installs/7zip.bat", "scripts/configs/apply_password_settings.bat", @@ -184,14 +191,15 @@ "scripts/installs/setup_snmp.bat", "scripts/configs/configure_firewall.bat", "scripts/installs/install_elasticsearch.bat", - "scripts/installs/install_flags.bat" + "scripts/installs/install_flags.bat", + "scripts/configs/packer_cleanup.bat" ] } ], "post-processors": [ { "type": "vagrant", - "keep_input_artifact": true, + "keep_input_artifact": false, "output": "windows_2008_r2_{{.Provider}}.box", "vagrantfile_template": "vagrantfile-windows_2008_r2.template" } diff --git a/windows_2008_r2_base.json b/windows_2008_r2_base.json deleted file mode 100644 index 94fbbdb..0000000 --- a/windows_2008_r2_base.json +++ /dev/null @@ -1,147 +0,0 @@ - { - "builders": [ - { - "type": "vmware-iso", - "iso_url": "{{user `iso_url`}}", - "iso_checksum_type": "{{user `iso_checksum_type`}}", - "iso_checksum": "{{user `iso_checksum`}}", - "headless": false, - "boot_wait": "2m", - "ssh_username": "vagrant", - "ssh_password": "vagrant", - "ssh_wait_timeout": "2h", - "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", - "guest_os_type": "windows8srv-64", - "tools_upload_flavor": "windows", - "disk_size": 61440, - "floppy_files": [ - "{{user `autounattend`}}", - "./scripts/configs/microsoft-updates.bat", - "./scripts/configs/win-updates.ps1", - "./scripts/installs/openssh.ps1", - "./scripts/installs/install_netfx.ps1", - "./resources/certs/oracle-cert.cer", - "./resources/certs/gdig2.crt", - "./resources/certs/comodorsadomainvalidationsecureserverca.crt", - "./resources/certs/comodorsacertificationauthority.crt", - "./resources/certs/addtrust_external_ca.cer", - "./resources/certs/baltimore_ca.cer", - "./resources/certs/digicert.cer", - "./resources/certs/equifax.cer", - "./resources/certs/globalsign.cer", - "./resources/certs/gte_cybertrust.cer", - "./resources/certs/microsoft_root_2011.cer", - "./resources/certs/thawte_primary_root.cer", - "./resources/certs/utn-userfirst.cer" - ], - "vm_name": "metasploitable3", - "vmx_data": { - "cpuid.coresPerSocket": "2", - "memsize": "4096", - "numvcpus": "2", - "scsi0.virtualDev": "lsisas1068" - } - }, - { - "type": "virtualbox-iso", - "iso_url": "{{user `iso_url`}}", - "iso_checksum_type": "{{user `iso_checksum_type`}}", - "iso_checksum": "{{user `iso_checksum`}}", - "headless": true, - "boot_wait": "2m", - "ssh_username": "vagrant", - "ssh_password": "vagrant", - "ssh_wait_timeout": "2h", - "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", - "guest_os_type": "Windows2008_64", - "disk_size": 61440, - "floppy_files": [ - "{{user `autounattend`}}", - "./scripts/configs/microsoft-updates.bat", - "./scripts/configs/win-updates.ps1", - "./scripts/installs/openssh.ps1", - "./scripts/installs/install_netfx.ps1", - "./resources/certs/oracle-cert.cer", - "./resources/certs/gdig2.crt", - "./resources/certs/comodorsadomainvalidationsecureserverca.crt", - "./resources/certs/comodorsacertificationauthority.crt", - "./resources/certs/addtrust_external_ca.cer", - "./resources/certs/baltimore_ca.cer", - "./resources/certs/digicert.cer", - "./resources/certs/equifax.cer", - "./resources/certs/globalsign.cer", - "./resources/certs/gte_cybertrust.cer", - "./resources/certs/microsoft_root_2011.cer", - "./resources/certs/thawte_primary_root.cer", - "./resources/certs/utn-userfirst.cer" - ], - "vboxmanage": [ - [ - "modifyvm", - "{{.Name}}", - "--memory", - "2048" - ], - [ - "modifyvm", - "{{.Name}}", - "--cpus", - "2" - ] - ] - } - ], -"provisioners": [ - { - "type": "file", - "source": "scripts", - "destination": "C:/vagrant" - }, - { - "type": "file", - "source": "resources", - "destination": "C:/vagrant" - }, - { - "type":"powershell", - "inline": [ - "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" - ] - }, - { - "type": "windows-restart" - }, - { - "type": "windows-shell", - "remote_path": "C:/Windows/Temp/script.bat", - "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", - "scripts": [ - "./scripts/installs/vm-guest-tools.bat", - "./scripts/configs/vagrant-ssh.bat", - "./scripts/configs/disable-auto-logon.bat", - "./scripts/configs/enable-rdp.bat", - "./scripts/configs/update_root_certs.bat", - "scripts/installs/install_boxstarter.bat", - "scripts/chocolatey_installs/7zip.bat", - "scripts/configs/apply_password_settings.bat", - "scripts/configs/create_users.bat", - "scripts/installs/setup_iis.bat", - "scripts/installs/setup_ftp_site.bat" - ] - } - ], - "post-processors": [ - { - "type": "vagrant", - "keep_input_artifact": true, - "output": "windows_2008_r2_{{.Provider}}.box", - "vagrantfile_template": "vagrantfile-windows_2008_r2.template" - } - ], - "variables": { - "iso_url": "en_windows_server_2008_r2_x64_dvd_x15-50365.iso", - "iso_checksum_type": "md5", - "iso_checksum": "0ffbae83327f0ad8c2ab4d5dfa754c09", - "autounattend": "./answer_files/2008_r2/Autounattend.xml" - } -} From f8e3e4a7ff0fbda74dba387e169384585b1cb6c2 Mon Sep 17 00:00:00 2001 From: James Barnett Date: Mon, 15 May 2017 17:07:36 -0500 Subject: [PATCH 14/16] Update resources for packer build Only use one packer build file with both virtualbox and vmware defined. Having multiple build files will make it difficult to keep things consistent. Also update references in the build scripts to only build for virtualbox by default. --- README.md | 8 ++--- build_win2008.ps1 | 2 +- build_win2008.sh | 2 +- windows_2008_r2.json | 5 +-- windows_2008_r2_vmware.json | 65 ------------------------------------- 5 files changed, 7 insertions(+), 75 deletions(-) delete mode 100644 windows_2008_r2_vmware.json diff --git a/README.md b/README.md index 25f870c..76cdc6f 100644 --- a/README.md +++ b/README.md @@ -4,10 +4,6 @@ Metasploitable3 is a VM that is built from the ground up with a large amount of Metasploitable3 is released under a BSD-style license. See COPYING for more details. -## NOTE: This is a work in progress to move provisioning to packer and using vmware - -use: `packer build -only=vmware-iso windows_2008_r2.json` - ## Building Metasploitable 3 System Requirements: * OS capable of running all of the required applications listed below @@ -32,8 +28,8 @@ To build automatically: To build manually: 1. Clone this repo and navigate to the main directory. -2. Build the base VM image by running `packer build windows_2008_r2.json`. This will take a while the first time you run it since it has to download the OS installation ISO. -3. After the base Vagrant box is created you need to add it to your Vagrant environment. This can be done with the command `vagrant box add windows_2008_r2_virtualbox.box --name=metasploitable3`. +2. Build the base VM image by running `packer build --only= windows_2008_r2.json` where `` is your preferred virtualization platform. Currently `virtualbox-iso` and `vmware-iso` are supported. This will take a while the first time you run it since it has to download the OS installation ISO. +3. After the base Vagrant box is created you need to add it to your Vagrant environment. This can be done with the command `vagrant box add windows_2008_r2_.box --name=metasploitable3`. 4. Use `vagrant plugin install vagrant-reload` to install the reload vagrant provisioner if you haven't already. 5. To start the VM, run the command `vagrant up`. This will start up the VM and run all of the installation and configuration scripts necessary to set everything up. This takes about 10 minutes. 6. Once this process completes, you can open up the VM within VirtualBox and login. The default credentials are U: vagrant and P: vagrant. diff --git a/build_win2008.ps1 b/build_win2008.ps1 index 7ae2a53..bc4547b 100644 --- a/build_win2008.ps1 +++ b/build_win2008.ps1 @@ -99,7 +99,7 @@ If ($(Test-Path "windows_2008_r2_virtualbox.box") -eq $True) { Write-Host "It looks like the Vagrant box already exists. Skipping the Packer build." } else { Write-Host "Building the Vagrant box..." - cmd.exe /c packer build windows_2008_r2.json + cmd.exe /c packer build --only=virtualbox-iso windows_2008_r2.json if($?) { Write-Host "Box successfully built by Packer." diff --git a/build_win2008.sh b/build_win2008.sh index f29308a..8d3bd69 100755 --- a/build_win2008.sh +++ b/build_win2008.sh @@ -101,7 +101,7 @@ if ls | grep -q 'windows_2008_r2_virtualbox.box'; then echo "It looks like the vagrant box already exists. Skipping the Packer build." else echo "Building the Vagrant box..." - if $packer_bin build windows_2008_r2.json; then + if $packer_bin build --only=virtualbox-iso windows_2008_r2.json; then echo "Box successfully built by Packer." else echo "Error building the Vagrant box using Packer. Please check the output above for any error messages." diff --git a/windows_2008_r2.json b/windows_2008_r2.json index f271d8b..b25a13a 100644 --- a/windows_2008_r2.json +++ b/windows_2008_r2.json @@ -6,7 +6,8 @@ "iso_checksum_type": "{{user `iso_checksum_type`}}", "iso_checksum": "{{user `iso_checksum`}}", "headless": false, - "boot_wait": "2m", + "boot_wait": "10m", + "communicator": "ssh", "ssh_username": "vagrant", "ssh_password": "vagrant", "ssh_wait_timeout": "2h", @@ -48,7 +49,7 @@ "iso_checksum_type": "{{user `iso_checksum_type`}}", "iso_checksum": "{{user `iso_checksum`}}", "headless": false, - "boot_wait": "5m", + "boot_wait": "10m", "communicator": "ssh", "ssh_username": "vagrant", "ssh_password": "vagrant", diff --git a/windows_2008_r2_vmware.json b/windows_2008_r2_vmware.json deleted file mode 100644 index e2e9807..0000000 --- a/windows_2008_r2_vmware.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "builders": [ - { - "type": "vmware-iso", - "iso_url": "{{user `iso_url`}}", - "iso_checksum_type": "{{user `iso_checksum_type`}}", - "iso_checksum": "{{user `iso_checksum`}}", - "headless": true, - "boot_wait": "2m", - "ssh_username": "vagrant", - "ssh_password": "vagrant", - "ssh_wait_timeout": "2h", - "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", - "guest_os_type": "winServer2008Standard-64", - "disk_size": 61440, - "floppy_files": [ - "{{user `autounattend`}}", - "./scripts/configs/microsoft-updates.bat", - "./scripts/configs/win-updates.ps1", - "./scripts/installs/openssh.ps1", - "./resources/certs/oracle-cert.cer", - "./resources/certs/gdig2.crt", - "./resources/certs/comodorsadomainvalidationsecureserverca.crt", - "./resources/certs/comodorsacertificationauthority.crt", - "./resources/certs/addtrust_external_ca.cer", - "./resources/certs/baltimore_ca.cer", - "./resources/certs/digicert.cer", - "./resources/certs/equifax.cer", - "./resources/certs/globalsign.cer", - "./resources/certs/gte_cybertrust.cer", - "./resources/certs/microsoft_root_2011.cer", - "./resources/certs/thawte_primary_root.cer", - "./resources/certs/utn-userfirst.cer" - ] - } - ], - "provisioners": [ - { - "type": "shell", - "remote_path": "/tmp/script.bat", - "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", - "scripts": [ - "./scripts/installs/vm-guest-tools.bat", - "./scripts/configs/vagrant-ssh.bat", - "./scripts/configs/disable-auto-logon.bat", - "./scripts/configs/enable-rdp.bat", - "./scripts/configs/update_root_certs.bat" - ] - } - ], - "post-processors": [ - { - "type": "vagrant", - "keep_input_artifact": false, - "output": "windows_2008_r2_{{.Provider}}.box", - "vagrantfile_template": "vagrantfile-windows_2008_r2.template" - } - ], - "variables": { - "iso_url": "http://download.microsoft.com/download/7/5/E/75EC4E54-5B02-42D6-8879-D8D3A25FBEF7/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso", - "iso_checksum_type": "md5", - "iso_checksum": "4263be2cf3c59177c45085c0a7bc6ca5", - "autounattend": "./answer_files/2008_r2/Autounattend.xml" - } -} From c4977eea3b31146454ca486cdff7ef403f07503c Mon Sep 17 00:00:00 2001 From: James Barnett Date: Thu, 25 May 2017 14:31:39 -0500 Subject: [PATCH 15/16] Add "pro" version. This separates out a "pro" version that builds almost everything in Vagrant. This version will be used for customizability so you can build with only specific services. The mainline files will continue to be used to bring the system up with as little friction as possible. --- versions/pro/Vagrantfile | 132 ++++++++++++++++++++++++++ versions/pro/windows_2008_r2_pro.json | 79 +++++++++++++++ windows_2008_r2.json | 3 +- 3 files changed, 213 insertions(+), 1 deletion(-) create mode 100644 versions/pro/Vagrantfile create mode 100644 versions/pro/windows_2008_r2_pro.json diff --git a/versions/pro/Vagrantfile b/versions/pro/Vagrantfile new file mode 100644 index 0000000..a251b83 --- /dev/null +++ b/versions/pro/Vagrantfile @@ -0,0 +1,132 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + # Base configuration for the VM and provisioner + config.vm.box = "metasploitable3" + config.vm.hostname = "metasploitable3" + config.vm.communicator = "winrm" + + config.vm.network "private_network", type: "dhcp" + + # Install Chocolatey + config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd" + config.vm.provision :reload # Hack to reset environment variables + + # Install BoxStarter + config.vm.provision :shell, path: "scripts/installs/install_boxstarter.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Install 7zip + config.vm.provision :shell, path: "scripts/chocolatey_installs/7zip.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Adjust password policy + config.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Add users and add to groups + config.vm.provision :shell, path: "scripts/configs/create_users.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - Unpatched IIS and FTP + config.vm.provision :shell, path: "scripts/installs/setup_iis.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/setup_ftp_site.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - Setup for Apache Struts + config.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :reload # Hack to reset environment variables + config.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - Setup for Glassfish + config.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/start_glassfish_service.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - Jenkins (1.8) + config.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - Wordpress and phpMyAdmin + # This must run after the WAMP setup. + config.vm.provision :shell, path: "scripts/chocolatey_installs/vcredist2008.bat" # Visual Studio 2008 redistributable is a requirement for WAMP + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/install_wamp.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/start_wamp.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/install_wordpress.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - JMX + config.vm.provision :shell, path: "scripts/installs/install_openjdk6.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/setup_jmx.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - Rails Server + config.vm.provision :shell, path: "scripts/installs/install_ruby.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/install_devkit.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/install_rails_server.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + config.vm.provision :shell, path: "scripts/installs/install_rails_service.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - WebDAV + # This must run after the WAMP setup. + config.vm.provision :shell, path: "scripts/installs/setup_webdav.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - MySQL + + config.vm.provision :shell, path: "scripts/installs/setup_mysql.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - ManageEngine Desktop Central + config.vm.provision :shell, path: "scripts/installs/install_manageengine.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - Axis2 + # This must run after the Apache Struts setup. + config.vm.provision :shell, path: "scripts/installs/setup_axis2.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - Common backdoors + config.vm.provision :shell, path: "scripts/installs/install_backdoors.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - SNMP + config.vm.provision :shell, path: "scripts/installs/setup_snmp.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Configure Firewall to open up vulnerable services + case ENV['MS3_DIFFICULTY'] + when 'easy' + config.vm.provision :shell, path: "scripts/configs/disable_firewall.bat" + else + config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat" + end + + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Vulnerability - ElasticSearch + # This must run after the firewall rules, because it needs to make some HTTP requests in order to + # set up the vulnerable state. + config.vm.provision :shell, path: "scripts/installs/install_elasticsearch.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614 + + # Configure flags + config.vm.provision :shell, path: "scripts/installs/install_flags.bat" + config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a +end \ No newline at end of file diff --git a/versions/pro/windows_2008_r2_pro.json b/versions/pro/windows_2008_r2_pro.json new file mode 100644 index 0000000..f00ec74 --- /dev/null +++ b/versions/pro/windows_2008_r2_pro.json @@ -0,0 +1,79 @@ +{ + "builders": [ + { + "type": "virtualbox-iso", + "iso_url": "{{user `iso_url`}}", + "iso_checksum_type": "{{user `iso_checksum_type`}}", + "iso_checksum": "{{user `iso_checksum`}}", + "headless": true, + "boot_wait": "2m", + "ssh_username": "vagrant", + "ssh_password": "vagrant", + "ssh_wait_timeout": "2h", + "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", + "guest_os_type": "Windows2008_64", + "disk_size": 61440, + "floppy_files": [ + "{{user `autounattend`}}", + "./scripts/configs/microsoft-updates.bat", + "./scripts/configs/win-updates.ps1", + "./scripts/installs/openssh.ps1", + "./resources/certs/oracle-cert.cer", + "./resources/certs/gdig2.crt", + "./resources/certs/comodorsadomainvalidationsecureserverca.crt", + "./resources/certs/comodorsacertificationauthority.crt", + "./resources/certs/addtrust_external_ca.cer", + "./resources/certs/baltimore_ca.cer", + "./resources/certs/digicert.cer", + "./resources/certs/equifax.cer", + "./resources/certs/globalsign.cer", + "./resources/certs/gte_cybertrust.cer", + "./resources/certs/microsoft_root_2011.cer", + "./resources/certs/thawte_primary_root.cer", + "./resources/certs/utn-userfirst.cer" + ], + "vboxmanage": [ + [ + "modifyvm", + "{{.Name}}", + "--memory", + "4096" + ], + [ + "modifyvm", + "{{.Name}}", + "--cpus", + "2" + ] + ] + } + ], + "provisioners": [ + { + "type": "shell", + "remote_path": "/tmp/script.bat", + "execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat", + "scripts": [ + "./scripts/installs/vm-guest-tools.bat", + "./scripts/configs/vagrant-ssh.bat", + "./scripts/configs/disable-auto-logon.bat", + "./scripts/configs/enable-rdp.bat", + "./scripts/configs/update_root_certs.bat" + ] + } + ], + "post-processors": [ + { + "type": "vagrant", + "keep_input_artifact": false, + "output": "windows_2008_r2_{{.Provider}}_pro.box", + "vagrantfile_template": "vagrantfile-windows_2008_r2.template" + } + ], + "variables": { + "iso_url": "http://download.microsoft.com/download/7/5/E/75EC4E54-5B02-42D6-8879-D8D3A25FBEF7/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso", + "iso_checksum_type": "md5", + "iso_checksum": "4263be2cf3c59177c45085c0a7bc6ca5", + "autounattend": "./answer_files/2008_r2/Autounattend.xml" + } +} diff --git a/windows_2008_r2.json b/windows_2008_r2.json index b25a13a..d957f73 100644 --- a/windows_2008_r2.json +++ b/windows_2008_r2.json @@ -35,7 +35,7 @@ "./resources/certs/thawte_primary_root.cer", "./resources/certs/utn-userfirst.cer" ], - "vm_name": "metasploitable3", + "vm_name": "metasploitable3-win2k8", "vmx_data": { "cpuid.coresPerSocket": "2", "memsize": "4096", @@ -57,6 +57,7 @@ "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"", "guest_os_type": "Windows2008_64", "disk_size": 61440, + "vm_name": "metasploitable3-win2k8", "floppy_files": [ "{{user `autounattend`}}", "./scripts/configs/microsoft-updates.bat", From 3ff1bc8b45b0102f23589eb62ceae56b57d2baca Mon Sep 17 00:00:00 2001 From: Chan9390 Date: Thu, 22 Jun 2017 06:12:30 +0530 Subject: [PATCH 16/16] Added winrm retry_limit and retry_delay --- Vagrantfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Vagrantfile b/Vagrantfile index 152015e..59bc641 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -6,6 +6,8 @@ Vagrant.configure("2") do |config| config.vm.box = "metasploitable3" config.vm.hostname = "metasploitable3" config.vm.communicator = "winrm" + config.winrm.retry_limit = 60 + config.winrm.retry_delay = 10 config.vm.network "private_network", type: "dhcp"