Marown/metasploitable3
1
0
Fork 0
mirror of https://github.com/rapid7/metasploitable3.git synced 2024-06-20 20:05:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Building from packer working.

Browse Source 
All of the software installation and configuration is occurring
on packer now. Vagrant just brings the box up and adjusts the firewall.
We probably want to do more configuration on the vagrant side to
make it more flexible, but this code is working so I wanted to
commit it.
This commit is contained in:
James Barnett 2017-05-11 15:21:54 -05:00
parent 4ca2e7c292
commit 96c3e950e1
No known key found for this signature in database
GPG Key ID: 647983861A4EC5EA
5 changed files with 18 additions and 266 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
Vagrantfile vendored
View File

@ -9,123 +9,12 @@ Vagrant.configure("2") do |config|
config.vm.network "private_network", type: "dhcp"
# Install Chocolatey
config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd"
config.vm.provision :reload # Hack to reset environment variables
# Install BoxStarter
config.vm.provision :shell, path: "scripts/installs/install_boxstarter.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Install 7zip
config.vm.provision :shell, path: "scripts/chocolatey_installs/7zip.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Adjust password policy
config.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Add users and add to groups
config.vm.provision :shell, path: "scripts/configs/create_users.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Unpatched IIS and FTP
config.vm.provision :shell, path: "scripts/installs/setup_iis.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/setup_ftp_site.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Setup for Apache Struts
config.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :reload # Hack to reset environment variables
config.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Setup for Glassfish
config.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/start_glassfish_service.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Jenkins (1.8)
config.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Wordpress and phpMyAdmin
# This must run after the WAMP setup.
config.vm.provision :shell, path: "scripts/chocolatey_installs/vcredist2008.bat" # Visual Studio 2008 redistributable is a requirement for WAMP
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_wamp.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/start_wamp.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_wordpress.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - JMX
config.vm.provision :shell, path: "scripts/installs/install_openjdk6.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/setup_jmx.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Rails Server
config.vm.provision :shell, path: "scripts/installs/install_ruby.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_devkit.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_rails_server.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_rails_service.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - WebDAV
# This must run after the WAMP setup.
config.vm.provision :shell, path: "scripts/installs/setup_webdav.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - MySQL
config.vm.provision :shell, path: "scripts/installs/setup_mysql.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - ManageEngine Desktop Central
config.vm.provision :shell, path: "scripts/installs/install_manageengine.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Axis2
# This must run after the Apache Struts setup.
config.vm.provision :shell, path: "scripts/installs/setup_axis2.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Common backdoors
config.vm.provision :shell, path: "scripts/installs/install_backdoors.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - SNMP
config.vm.provision :shell, path: "scripts/installs/setup_snmp.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Configure Firewall to open up vulnerable services
case ENV['MS3_DIFFICULTY']
when 'easy'
config.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
else
config.vm.provision :shell, path: "scripts/configs/enable_firewall.bat"
config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
end
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - ElasticSearch
# This must run after the firewall rules, because it needs to make some HTTP requests in order to
# set up the vulnerable state.
config.vm.provision :shell, path: "scripts/installs/install_elasticsearch.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Configure flags
config.vm.provision :shell, path: "scripts/installs/install_flags.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a
end

1
scripts/configs/enable_firewall.bat Normal file
View File

@ -0,0 +1 @@
netsh advfirewall set allprofiles state on

1
scripts/configs/packer_cleanup.bat Normal file
View File

@ -0,0 +1 @@
rmdir /S /Q C:\vagrant

22
windows_2008_r2.json
View File

@ -103,12 +103,23 @@
"source": "resources",
"destination": "C:/vagrant"
},
{
"type": "shell",
"remote_path": "/tmp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"./scripts/configs/update_root_certs.bat",
"./scripts/installs/vm-guest-tools.bat",
"./scripts/configs/vagrant-ssh.bat",
"./scripts/configs/disable-auto-logon.bat",
"./scripts/configs/enable-rdp.bat"
]
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"./scripts/installs/vm-guest-tools.bat",
"./scripts/configs/disable_firewall.bat"
]
},
@ -129,10 +140,6 @@
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"./scripts/configs/vagrant-ssh.bat",
"./scripts/configs/disable-auto-logon.bat",
"./scripts/configs/enable-rdp.bat",
"./scripts/configs/update_root_certs.bat",
"scripts/installs/install_boxstarter.bat",
"scripts/chocolatey_installs/7zip.bat",
"scripts/configs/apply_password_settings.bat",
@ -184,14 +191,15 @@
"scripts/installs/setup_snmp.bat",
"scripts/configs/configure_firewall.bat",
"scripts/installs/install_elasticsearch.bat",
"scripts/installs/install_flags.bat"
"scripts/installs/install_flags.bat",
"scripts/configs/packer_cleanup.bat"
]
}
],
"post-processors": [
{
"type": "vagrant",
"keep_input_artifact": true,
"keep_input_artifact": false,
"output": "windows_2008_r2_{{.Provider}}.box",
"vagrantfile_template": "vagrantfile-windows_2008_r2.template"
}

147
windows_2008_r2_base.json
View File

@ -1,147 +0,0 @@
{
"builders": [
{
"type": "vmware-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": false,
"boot_wait": "2m",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "windows8srv-64",
"tools_upload_flavor": "windows",
"disk_size": 61440,
"floppy_files": [
"{{user `autounattend`}}",
"./scripts/configs/microsoft-updates.bat",
"./scripts/configs/win-updates.ps1",
"./scripts/installs/openssh.ps1",
"./scripts/installs/install_netfx.ps1",
"./resources/certs/oracle-cert.cer",
"./resources/certs/gdig2.crt",
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
"./resources/certs/comodorsacertificationauthority.crt",
"./resources/certs/addtrust_external_ca.cer",
"./resources/certs/baltimore_ca.cer",
"./resources/certs/digicert.cer",
"./resources/certs/equifax.cer",
"./resources/certs/globalsign.cer",
"./resources/certs/gte_cybertrust.cer",
"./resources/certs/microsoft_root_2011.cer",
"./resources/certs/thawte_primary_root.cer",
"./resources/certs/utn-userfirst.cer"
],
"vm_name": "metasploitable3",
"vmx_data": {
"cpuid.coresPerSocket": "2",
"memsize": "4096",
"numvcpus": "2",
"scsi0.virtualDev": "lsisas1068"
}
},
{
"type": "virtualbox-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": true,
"boot_wait": "2m",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "Windows2008_64",
"disk_size": 61440,
"floppy_files": [
"{{user `autounattend`}}",
"./scripts/configs/microsoft-updates.bat",
"./scripts/configs/win-updates.ps1",
"./scripts/installs/openssh.ps1",
"./scripts/installs/install_netfx.ps1",
"./resources/certs/oracle-cert.cer",
"./resources/certs/gdig2.crt",
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
"./resources/certs/comodorsacertificationauthority.crt",
"./resources/certs/addtrust_external_ca.cer",
"./resources/certs/baltimore_ca.cer",
"./resources/certs/digicert.cer",
"./resources/certs/equifax.cer",
"./resources/certs/globalsign.cer",
"./resources/certs/gte_cybertrust.cer",
"./resources/certs/microsoft_root_2011.cer",
"./resources/certs/thawte_primary_root.cer",
"./resources/certs/utn-userfirst.cer"
],
"vboxmanage": [
[
"modifyvm",
"{{.Name}}",
"--memory",
"2048"
],
[
"modifyvm",
"{{.Name}}",
"--cpus",
"2"
]
]
}
],
"provisioners": [
{
"type": "file",
"source": "scripts",
"destination": "C:/vagrant"
},
{
"type": "file",
"source": "resources",
"destination": "C:/vagrant"
},
{
"type":"powershell",
"inline": [
"iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))"
]
},
{
"type": "windows-restart"
},
{
"type": "windows-shell",
"remote_path": "C:/Windows/Temp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"./scripts/installs/vm-guest-tools.bat",
"./scripts/configs/vagrant-ssh.bat",
"./scripts/configs/disable-auto-logon.bat",
"./scripts/configs/enable-rdp.bat",
"./scripts/configs/update_root_certs.bat",
"scripts/installs/install_boxstarter.bat",
"scripts/chocolatey_installs/7zip.bat",
"scripts/configs/apply_password_settings.bat",
"scripts/configs/create_users.bat",
"scripts/installs/setup_iis.bat",
"scripts/installs/setup_ftp_site.bat"
]
}
],
"post-processors": [
{
"type": "vagrant",
"keep_input_artifact": true,
"output": "windows_2008_r2_{{.Provider}}.box",
"vagrantfile_template": "vagrantfile-windows_2008_r2.template"
}
],
"variables": {
"iso_url": "en_windows_server_2008_r2_x64_dvd_x15-50365.iso",
"iso_checksum_type": "md5",
"iso_checksum": "0ffbae83327f0ad8c2ab4d5dfa754c09",
"autounattend": "./answer_files/2008_r2/Autounattend.xml"
}
}