Marown/metasploitable3
1
0
Fork 0
mirror of https://github.com/rapid7/metasploitable3.git synced 2024-06-30 00:35:46 +02:00
Code Issues Packages Projects Releases Wiki Activity

Change user passwords and groups

Browse Source
This commit is contained in:
James Barnett 2017-08-15 17:28:53 -05:00
parent bc3ef65dbf
commit afd863afe1
5 changed files with 59 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
chef/cookbooks/metasploitable/attributes/users.rb
View File

@ -4,59 +4,67 @@
# #
default[:users][:leia_organa] = { username: 'leia_organa', default[:users][:leia_organa] = { username: 'leia_organa',
password: 'obiwan', password: 'help_me_obiwan',
password_hash: '$1$2ny4/xaH$tAFV5fbEqHx2OkOPIQhpx0', password_hash: '$1$N6DIbGGZ$LpERCRfi8IXlNebhQuYLK/',
first_name: 'Leia', first_name: 'Leia',
last_name: 'Organa', last_name: 'Organa',
admin: true,
salary: '9560' } salary: '9560' }
default[:users][:luke_skywalker] = { username: 'luke_skywalker', default[:users][:luke_skywalker] = { username: 'luke_skywalker',
password: 'password', password: 'like_my_father_beforeme',
password_hash: '$1$n8tgrGRs$8xaS40CFS1J5iIAEmbnx50', password_hash: '$1$/7D55Ozb$Y/aKb.UNrDS2w7nZVq.Ll/',
first_name: 'Luke', first_name: 'Luke',
last_name: 'Skywalker', last_name: 'Skywalker',
admin: true,
salary: '1080'} salary: '1080'}
default[:users][:han_solo] = { username: 'han_solo', default[:users][:han_solo] = { username: 'han_solo',
password: 'sh00t-first', password: 'nerf_herder',
password_hash: '$1$L/2/AWAh$ZMUulbFhP2IesZ6xwBmaV0', password_hash: '$1$6jIF3qTC$7jEXfQsNENuWYeO6cK7m1.',
first_name: 'Han', first_name: 'Han',
last_name: 'Solo', last_name: 'Solo',
admin: true,
salary: '1200'} salary: '1200'}
default[:users][:artoo_detoo] = { username: 'artoo_detoo', default[:users][:artoo_detoo] = { username: 'artoo_detoo',
password: 'beep_b00p', password: 'b00p_b33p',
password_hash: '$1$DlEuqBUm$u71bKO9I603kDCqEphmon1', password_hash: '$1$tfvzyRnv$mawnXAR4GgABt8rtn7Dfv.',
first_name: 'Artoo', first_name: 'Artoo',
last_name: 'Detoo', last_name: 'Detoo',
admin: false,
salary: '22222'} salary: '22222'}
default[:users][:c_three_pio] = { username: 'c_three_pio', default[:users][:c_three_pio] = { username: 'c_three_pio',
password: 'pr0t0c0l', password: 'Pr0t0c07',
password_hash: '$1$4JMoAFqs$b5MwsiCfOASdUKktx6wQ7/', password_hash: '$1$lXx7tKuo$xuM4AxkByTUD78BaJdYdG.',
first_name: 'C', first_name: 'C',
last_name: 'Threepio', last_name: 'Threepio',
admin: false,
salary: '3200'} salary: '3200'}
default[:users][:ben_kenobi] = { username: 'ben_kenobi', default[:users][:ben_kenobi] = { username: 'ben_kenobi',
password: 'thats_no_moon', password: 'thats_no_m00n',
password_hash: '$1$vmHrrI9b$OyLulJjgi18GxgREG5V5c1', password_hash: '$1$5nfRD/bA$y7ZZD0NimJTbX9FtvhHJX1',
first_name: 'Ben', first_name: 'Ben',
last_name: 'Kenobi', last_name: 'Kenobi',
admin: false,
salary: '10000'} salary: '10000'}
default[:users][:darth_vader] = { username: 'darth_vader', default[:users][:darth_vader] = { username: 'darth_vader',
password: 'd@rk_sid3', password: 'Dark_syD3',
password_hash: '$1$c7AfQJ86$zvcdz7pPate7GdCQ.yfTf0', password_hash: '$1$rLuMkR1R$YHumHRxhswnfO7eTUUfHJ.',
first_name: 'Darth', first_name: 'Darth',
last_name: 'Vader', last_name: 'Vader',
admin: false,
salary: '6666'} salary: '6666'}
default[:users][:anakin_skywalker] = { username: 'anakin_skywalker', default[:users][:anakin_skywalker] = { username: 'anakin_skywalker',
password: 'yipp33!!', password: 'but_master:(',
password_hash: '$1$AvIldIHu$o1s2OCU4n/qSCGQMKMgkH/', password_hash: '$1$jlpeszLc$PW4IPiuLTwiSH5YaTlRaB0',
first_name: 'Anakin', first_name: 'Anakin',
last_name: 'Skywalker', last_name: 'Skywalker',
admin: false,
salary: '1025'} salary: '1025'}
default[:users][:jarjar_binks] = { username: 'jarjar_binks', default[:users][:jarjar_binks] = { username: 'jarjar_binks',
@ -64,13 +72,15 @@ default[:users][:jarjar_binks] = { username: 'jarjar_binks',
password_hash: '$1$SNokFi0c$F.SvjZQjYRSuoBuobRWMh1', password_hash: '$1$SNokFi0c$F.SvjZQjYRSuoBuobRWMh1',
first_name: 'Jar-Jar', first_name: 'Jar-Jar',
last_name: 'Binks', last_name: 'Binks',
admin: false,
salary: '2048'} salary: '2048'}
default[:users][:lando_calrissian] = { username: 'lando_calrissian', default[:users][:lando_calrissian] = { username: 'lando_calrissian',
password: 'b@ckstab', password: '@dm1n1str8r',
password_hash: '$1$8aWC7zHq$bz6K2rZVD7XlMNqBIIMGX.', password_hash: '$1$Af1ek3xT$nKc8jkJ30gMQWeW/6.ono0',
first_name: 'Lando', first_name: 'Lando',
last_name: 'Calrissian', last_name: 'Calrissian',
admin: false,
salary: '40000'} salary: '40000'}
default[:users][:boba_fett] = { username: 'boba_fett', default[:users][:boba_fett] = { username: 'boba_fett',
@ -78,32 +88,37 @@ default[:users][:boba_fett] = { username: 'boba_fett',
password_hash: '$1$TjxlmV4j$k/rG1vb4.pj.z0yFWJ.ZD0', password_hash: '$1$TjxlmV4j$k/rG1vb4.pj.z0yFWJ.ZD0',
first_name: 'Boba', first_name: 'Boba',
last_name: 'Fett', last_name: 'Fett',
admin: false,
salary: '20000'} salary: '20000'}
default[:users][:jabba_hutt] = { username: 'jabba_hutt', default[:users][:jabba_hutt] = { username: 'jabba_hutt',
password: 'not-a-slug12', password: 'my_kinda_skum',
password_hash: '$1$1q5jRHYC$LIp/8O/g9qg3NaeGOxGSl/', password_hash: '$1$9rpNcs3v$//v2ltj5MYhfUOHYVAzjD/',
first_name: 'Jaba', first_name: 'Jaba',
last_name: 'Hutt', last_name: 'Hutt',
admin: false,
salary: '65000'} salary: '65000'}
default[:users][:greedo] = { username: 'greedo', default[:users][:greedo] = { username: 'greedo',
password: 'hanShotFirst!', password: 'hanSh0tF1rst',
password_hash: '$1$1lmZ0rOJ$GITT5.sX0tvOQeC2/wWQF1', password_hash: '$1$vOU.f3Tj$tsgBZJbBS4JwtchsRUW0a1',
first_name: 'Greedo', first_name: 'Greedo',
last_name: 'Rodian', last_name: 'Rodian',
admin: false,
salary: '50000'} salary: '50000'}
default[:users][:chewbacca] = { username: 'chewbacca', default[:users][:chewbacca] = { username: 'chewbacca',
password: 'rwaaaaawr5', password: 'rwaaaaawr8',
password_hash: '$1$AjU5ZLh9$WjO.j9fYh3yms3HSDBKya1', password_hash: '$1$.qt4t8zH$RdKbdafuqc7rYiDXSoQCI.',
first_name: 'Chewbacca', first_name: 'Chewbacca',
last_name: '', last_name: '',
admin: false,
salary: '4500'} salary: '4500'}
default[:users][:kylo_ren] = { username: 'kylo_ren', default[:users][:kylo_ren] = { username: 'kylo_ren',
password: 'daddy_issues1', password: 'Daddy_Issues2',
password_hash: '$1$Zcw3AKDA$1Mjgzmr/HpmFXuxUjj2Vv1', password_hash: '$1$rpvxsssI$hOBC/qL92d0GgmD/uSELx.',
first_name: 'Kylo', first_name: 'Kylo',
last_name: 'Ren', last_name: 'Ren',
admin: false,
salary: '6667'} salary: '6667'}

4
chef/cookbooks/metasploitable/recipes/chatbot.rb
View File

@ -20,7 +20,7 @@ end
cookbook_file '/tmp/chatbot.zip' do cookbook_file '/tmp/chatbot.zip' do
source 'chatbot/chatbot.zip' source 'chatbot/chatbot.zip'
mode '0777' mode 0700
end end
execute 'unzip chatbot' do execute 'unzip chatbot' do
@ -32,7 +32,7 @@ execute 'chown chatbot' do
end end
execute 'chmod chatbot' do execute 'chmod chatbot' do
command 'chmod -R 777 /opt/chatbot' command 'chmod -R 700 /opt/chatbot'
end end
execute 'install chatbot' do execute 'install chatbot' do

12
chef/cookbooks/metasploitable/recipes/users.rb
View File

@ -4,8 +4,6 @@
# #
# Copyright:: 2017, Rapid7, All Rights Reserved. # Copyright:: 2017, Rapid7, All Rights Reserved.
# See scripts/configs/create_users.bat for passwords
uid = 1111 uid = 1111
node[:users].each do |u, attributes| node[:users].each do |u, attributes|
@ -19,3 +17,13 @@ node[:users].each do |u, attributes|
end end
uid += 1 uid += 1
end end
administrator_members = node[:users].keys.find_all { |user| node[:users][user][:admin] == true }
group 'sudo' do
action :modify
members administrator_members.map { |u| node[:users][u][:username] }
append true
end

6
chef/cookbooks/metasploitable/templates/knockd/knockd.conf.erb
View File

@ -1,8 +1,8 @@
[options] [options]
UseSyslog UseSyslog
<% administrator_members = node[:users].keys.find_all { |user| node[:users][user][:admin] == true } %>
[openFlag] [openFlag]
sequence = <%= node[:users].keys[0..2].map { |u| node[:users][u][:salary] }.join(',') %> sequence = <%= administrator_members.map { |u| node[:users][u][:salary] }.join(',') %>
seq_timeout = 15 seq_timeout = 15
command = /sbin/iptables -I INPUT 1 -s %IP% -p tcp --dport <%= node[:flags][:five_of_diamonds][:vuln_port] %> -j ACCEPT command = /sbin/iptables -I INPUT 1 -s %IP% -p tcp --dport <%= node[:flags][:five_of_diamonds][:vuln_port] %> -j ACCEPT
tcpflags = syn tcpflags = syn
@ -10,7 +10,7 @@
stop_command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport <%= node[:flags][:five_of_diamonds][:vuln_port] %> -j ACCEPT stop_command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport <%= node[:flags][:five_of_diamonds][:vuln_port] %> -j ACCEPT
[closeFlag] [closeFlag]
sequence = <%= node[:users].keys[0..2].map { |u| node[:users][u][:salary] }.reverse.join(',') %> sequence = <%= administrator_members.map { |u| node[:users][u][:salary] }.reverse.join(',') %>
seq_timeout = 15 seq_timeout = 15
command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport <%= node[:flags][:five_of_diamonds][:vuln_port] %> -j ACCEPT command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport <%= node[:flags][:five_of_diamonds][:vuln_port] %> -j ACCEPT
tcpflags = syn tcpflags = syn

3
packer/templates/aws/ubuntu_1404_ctf_2017.json
View File

@ -35,7 +35,8 @@
"metasploitable::drupal", "metasploitable::drupal",
"metasploitable::knockd", "metasploitable::knockd",
"metasploitable::iptables", "metasploitable::iptables",
"metasploitable::flags" "metasploitable::flags",
"metasploitable::sshd"
] ]
} }
], ],