mirror of
https://github.com/rapid7/metasploitable3.git
synced 2024-07-01 01:06:05 +02:00
Add tests for easy mode flags
This commit is contained in:
parent
f0667a1785
commit
b8288b3441
|
@ -7,30 +7,30 @@
|
||||||
# 10 of Clubs
|
# 10 of Clubs
|
||||||
directory '/home/artoo_detoo/music' do
|
directory '/home/artoo_detoo/music' do
|
||||||
owner 'artoo_detoo'
|
owner 'artoo_detoo'
|
||||||
mode 700
|
mode '700'
|
||||||
end
|
end
|
||||||
|
|
||||||
cookbook_file '/home/artoo_detoo/music/10_of_clubs.wav' do
|
cookbook_file '/home/artoo_detoo/music/10_of_clubs.wav' do
|
||||||
source 'flags/10_of_clubs.wav'
|
source 'flags/10_of_clubs.wav'
|
||||||
owner 'artoo_detoo'
|
owner 'artoo_detoo'
|
||||||
mode 400
|
mode '400'
|
||||||
end
|
end
|
||||||
|
|
||||||
# 7 of Diamonds
|
# 7 of Diamonds
|
||||||
include_recipe 'metasploitable::docker'
|
include_recipe 'metasploitable::docker'
|
||||||
|
|
||||||
directory '/opt/docker' do
|
directory '/opt/docker' do
|
||||||
mode 700
|
mode '700'
|
||||||
end
|
end
|
||||||
|
|
||||||
cookbook_file '/opt/docker/Dockerfile' do
|
cookbook_file '/opt/docker/Dockerfile' do
|
||||||
source '/flags/Dockerfile'
|
source '/flags/Dockerfile'
|
||||||
mode 700
|
mode '700'
|
||||||
end
|
end
|
||||||
|
|
||||||
cookbook_file '/opt/docker/7_of_diamonds.zip' do
|
cookbook_file '/opt/docker/7_of_diamonds.zip' do
|
||||||
source '/flags/7_of_diamonds.zip'
|
source '/flags/7_of_diamonds.zip'
|
||||||
mode 700
|
mode '700'
|
||||||
end
|
end
|
||||||
|
|
||||||
bash 'build docker image for 7 of diamonds' do
|
bash 'build docker image for 7 of diamonds' do
|
||||||
|
@ -50,17 +50,17 @@ if ENV['MS3_LINUX_HARD']
|
||||||
include_recipe 'metasploitable::knockd'
|
include_recipe 'metasploitable::knockd'
|
||||||
|
|
||||||
directory '/opt/knock_knock' do
|
directory '/opt/knock_knock' do
|
||||||
mode 0700
|
mode '700'
|
||||||
end
|
end
|
||||||
|
|
||||||
cookbook_file '/opt/knock_knock/five_of_diamonds' do
|
cookbook_file '/opt/knock_knock/five_of_diamonds' do
|
||||||
source 'flags/five_of_diamonds'
|
source 'flags/five_of_diamonds'
|
||||||
mode 0700
|
mode '700'
|
||||||
end
|
end
|
||||||
|
|
||||||
cookbook_file '/etc/init/five_of_diamonds_srv.conf' do
|
cookbook_file '/etc/init/five_of_diamonds_srv.conf' do
|
||||||
source 'flags/five_of_diamonds_srv'
|
source 'flags/five_of_diamonds_srv'
|
||||||
mode 777
|
mode '777'
|
||||||
end
|
end
|
||||||
|
|
||||||
service 'five_of_diamonds_srv' do
|
service 'five_of_diamonds_srv' do
|
||||||
|
@ -71,7 +71,7 @@ if ENV['MS3_LINUX_HARD']
|
||||||
cookbook_file '/home/leia_organa/2_of_spades.pcapng' do
|
cookbook_file '/home/leia_organa/2_of_spades.pcapng' do
|
||||||
source 'flags/2_of_spades.pcapng'
|
source 'flags/2_of_spades.pcapng'
|
||||||
owner 'leia_organa'
|
owner 'leia_organa'
|
||||||
mode 600
|
mode '600'
|
||||||
end
|
end
|
||||||
|
|
||||||
# 8 of Hearts
|
# 8 of Hearts
|
||||||
|
@ -89,7 +89,7 @@ if ENV['MS3_LINUX_HARD']
|
||||||
# Joker - red
|
# Joker - red
|
||||||
cookbook_file '/etc/joker.png' do
|
cookbook_file '/etc/joker.png' do
|
||||||
source 'flags/joker.png'
|
source 'flags/joker.png'
|
||||||
mode 600
|
mode '600'
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
# 10 of Spades
|
# 10 of Spades
|
||||||
|
@ -97,7 +97,7 @@ else
|
||||||
|
|
||||||
cookbook_file '/opt/readme_app/public/images/10_of_spades.png' do
|
cookbook_file '/opt/readme_app/public/images/10_of_spades.png' do
|
||||||
source 'flags/flag_images/10 of spades.png'
|
source 'flags/flag_images/10 of spades.png'
|
||||||
mode 644
|
mode '644'
|
||||||
end
|
end
|
||||||
|
|
||||||
# 8 of Clubs
|
# 8 of Clubs
|
||||||
|
@ -106,30 +106,36 @@ else
|
||||||
|
|
||||||
random_directories.each do |dir|
|
random_directories.each do |dir|
|
||||||
directory File.join('home', 'anakin_skywalker', prev_dirs.join('/'), dir.to_s) do
|
directory File.join('home', 'anakin_skywalker', prev_dirs.join('/'), dir.to_s) do
|
||||||
mode 600
|
mode '600'
|
||||||
|
owner 'anakin_skywalker'
|
||||||
|
group 'users'
|
||||||
end
|
end
|
||||||
prev_dirs << dir
|
prev_dirs << dir
|
||||||
end
|
end
|
||||||
|
|
||||||
cookbook_file File.join('home', 'anakin_skywalker', random_directories.join('/'), '8_of_clubs.png') do
|
cookbook_file File.join('home', 'anakin_skywalker', random_directories.join('/'), '8_of_clubs.png') do
|
||||||
source 'flags/flag_images/8 of clubs.png'
|
source 'flags/flag_images/8 of clubs.png'
|
||||||
mode 644
|
mode '644'
|
||||||
end
|
end
|
||||||
|
|
||||||
# 3 of Hearts
|
# 3 of Hearts
|
||||||
cookbook_file '/lost+found/3_of_hearts.png' do
|
cookbook_file '/lost+found/3_of_hearts.png' do
|
||||||
source 'flags/flag_images/3 of hearts.png'
|
source 'flags/flag_images/3 of hearts.png'
|
||||||
mode 600
|
mode '600'
|
||||||
end
|
end
|
||||||
|
|
||||||
# 9 of Diamonds
|
# 9 of Diamonds
|
||||||
directory '/home/kylo_ren/.secret_files/' do
|
directory '/home/kylo_ren/.secret_files/' do
|
||||||
mode 600
|
mode '600'
|
||||||
|
owner 'kylo_ren'
|
||||||
|
group 'users'
|
||||||
end
|
end
|
||||||
|
|
||||||
cookbook_file '/home/kylo_ren/.secret_files/my_recordings_do_not_open.iso' do
|
cookbook_file '/home/kylo_ren/.secret_files/my_recordings_do_not_open.iso' do
|
||||||
source 'flags/my_recordings_do_not_open.iso'
|
source 'flags/my_recordings_do_not_open.iso'
|
||||||
mode 600
|
mode '600'
|
||||||
|
owner 'kylo_ren'
|
||||||
|
group 'users'
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,68 @@ require '../helpers/chat_test.rb'
|
||||||
|
|
||||||
# Inspec Tests for Linux Flags
|
# Inspec Tests for Linux Flags
|
||||||
|
|
||||||
|
# 10 of clubs tests
|
||||||
|
describe file('/home/artoo_detoo/music/10_of_clubs.wav') do
|
||||||
|
it { should be_file }
|
||||||
|
it { should be_owned_by 'artoo_detoo' }
|
||||||
|
its('mode') { should cmp '400' }
|
||||||
|
its('md5sum') { should eq '5b97f084aa90c4b9504725519cf5204e' }
|
||||||
|
end
|
||||||
|
|
||||||
|
describe command('docker cp 7_of_diamonds:/home/7_of_diamonds.zip .') do
|
||||||
|
its('exit_status') { should eq 0 }
|
||||||
|
end
|
||||||
|
|
||||||
|
# King of Spades tests
|
||||||
|
describe file('/opt/unrealircd/Unreal3.2/ircd.motd') do
|
||||||
|
it { should be_file }
|
||||||
|
its('md5sum') { should eq 'be373836982164f7b479f8c12cc03e90' }
|
||||||
|
end
|
||||||
|
|
||||||
|
# 5 of Hearts tests
|
||||||
|
describe command('curl http://localhost/drupal/?q=node/2') do
|
||||||
|
its('stdout') { should match /5_of_hearts\.png/ } # Make sure it has the icon
|
||||||
|
end
|
||||||
|
|
||||||
|
# Ace of Clubs tests
|
||||||
|
# NOTE: The chatbot can get a little laggy if there is a lot of data in the log.
|
||||||
|
# This can cause this test to fail incorrectly.
|
||||||
|
# To remedy, clear the /var/www/log.html file on metasploitable and restart the chatbot service.
|
||||||
|
describe 'ace_of_clubs' do
|
||||||
|
let(:host_ip) { command("ip addr | grep 'state UP' -A2 | grep 'eth0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/'").stdout.strip }
|
||||||
|
|
||||||
|
it 'should print out the correct base64 flag' do
|
||||||
|
ct = ChatTest.new(host_ip)
|
||||||
|
expect(ct.check_chat_bot).to eq true #TODO: Make this output more meaningful. e.g. output what was returned and what was expected.
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
# Tests for "Hard mode" flags
|
||||||
|
if ENV['MS3_LINUX_HARD']
|
||||||
|
|
||||||
|
# Red Joker tests
|
||||||
|
describe file('/etc/joker.png') do
|
||||||
|
it { should be_file }
|
||||||
|
it { should be_owned_by 'root' }
|
||||||
|
its('mode') { should cmp '644' }
|
||||||
|
its('md5sum') { should eq '1fe82fcb96be25ef155f741811d58dac' }
|
||||||
|
end
|
||||||
|
|
||||||
|
# 2 of Spades tests
|
||||||
|
describe file('/home/leia_organa/2_of_spades.pcapng') do
|
||||||
|
it { should be_file }
|
||||||
|
it { should be_owned_by 'leia_organa' }
|
||||||
|
its('mode') { should cmp '600' }
|
||||||
|
its('md5sum') { should eq 'bbbd4b738b5521cb3df8a78b1f3214d7' }
|
||||||
|
end
|
||||||
|
|
||||||
|
# 8 of Hearts tests
|
||||||
|
describe command('mysql -h 127.0.0.1 --user="root" --password="sploitme" --database="super_secret_db" --execute="USE super_secret_db; SELECT \'8_of_hearts\' FROM flags;"') do
|
||||||
|
its('exit_status') { should eq 0 }
|
||||||
|
its('stdout') { should match /8_of_hearts/ } # TODO: This test just makes sure the SQL output contains '8_of_hearts'. It doesnt actually verify the correct flag image is present
|
||||||
|
end
|
||||||
|
|
||||||
|
# 5 of Diamonds tests
|
||||||
describe file('/opt/knock_knock/five_of_diamonds') do
|
describe file('/opt/knock_knock/five_of_diamonds') do
|
||||||
it { should be_file }
|
it { should be_file }
|
||||||
it { should be_executable }
|
it { should be_executable }
|
||||||
|
@ -27,57 +89,34 @@ describe service('five_of_diamonds_srv') do
|
||||||
it { should be_running }
|
it { should be_running }
|
||||||
end
|
end
|
||||||
|
|
||||||
describe file('/home/artoo_detoo/music/10_of_clubs.wav') do
|
else
|
||||||
it { should be_file }
|
# Tests for "Easy mode" flags
|
||||||
it { should be_owned_by 'artoo_detoo' }
|
|
||||||
its('mode') { should cmp '400' }
|
|
||||||
its('md5sum') { should eq '5b97f084aa90c4b9504725519cf5204e' }
|
|
||||||
end
|
|
||||||
|
|
||||||
describe file('/etc/joker.png') do
|
# 10 of Spades tests
|
||||||
|
describe file('/opt/readme_app/public/images/10_of_spades.png') do
|
||||||
it { should be_file }
|
it { should be_file }
|
||||||
it { should be_owned_by 'root' }
|
|
||||||
its('mode') { should cmp '644'}
|
its('mode') { should cmp '644'}
|
||||||
its('md5sum') { should eq '1fe82fcb96be25ef155f741811d58dac' }
|
|
||||||
end
|
end
|
||||||
|
|
||||||
describe command('docker cp 7_of_diamonds:/home/7_of_diamonds.zip .') do
|
# 8 of Clubs tests
|
||||||
|
describe command('find /home/anakin_skywalker -name "*clubs*"') do
|
||||||
its('exit_status') { should eq 0 }
|
its('exit_status') { should eq 0 }
|
||||||
|
its('stdout') { should match /8_of_clubs\.png/}
|
||||||
end
|
end
|
||||||
|
|
||||||
describe file('/home/leia_organa/2_of_spades.pcapng') do
|
# 3 of Hearts tests
|
||||||
|
describe file('/lost+found/3_of_hearts.png') do
|
||||||
it { should be_file }
|
it { should be_file }
|
||||||
it { should be_owned_by 'leia_organa' }
|
|
||||||
its('mode') { should cmp '600' }
|
its('mode') { should cmp '600' }
|
||||||
its('md5sum') { should eq 'bbbd4b738b5521cb3df8a78b1f3214d7' }
|
its('owner') { should eq 'root' }
|
||||||
|
its('group') { should eq 'root' }
|
||||||
end
|
end
|
||||||
|
|
||||||
# 8 of Hearts tests
|
# 9 of Diamonds tests
|
||||||
describe command('mysql -h 127.0.0.1 --user="root" --password="sploitme" --database="super_secret_db" --execute="USE super_secret_db; SELECT \'8_of_hearts\' FROM flags;"') do
|
describe file('/home/kylo_ren/.secret_files/my_recordings_do_not_open.iso') do
|
||||||
its('exit_status') { should eq 0 }
|
|
||||||
its('stdout') { should match /8_of_hearts/ } # TODO: This test just makes sure the SQL output contains '8_of_hearts'. It doesnt actually verify the correct flag image is present
|
|
||||||
end
|
|
||||||
|
|
||||||
# King of Spades tests
|
|
||||||
describe file('/opt/unrealircd/Unreal3.2/ircd.motd') do
|
|
||||||
it { should be_file }
|
it { should be_file }
|
||||||
its('md5sum') { should eq 'be373836982164f7b479f8c12cc03e90' }
|
its('mode') { should cmp '600' }
|
||||||
end
|
its('owner') { should eq 'kylo_ren' }
|
||||||
|
its('group') { should eq 'users' }
|
||||||
# 5 of Hearts tests
|
|
||||||
describe command('curl http://localhost/drupal/?q=node/2') do
|
|
||||||
its('stdout') { should match /5_of_hearts\.png/ } # Make sure it has the icon
|
|
||||||
end
|
|
||||||
|
|
||||||
# Ace of Clubs test
|
|
||||||
# NOTE: The chatbot can get a little laggy if there is a lot of data in the log.
|
|
||||||
# This can cause this test to fail incorrectly.
|
|
||||||
# To remedy, clear the /var/www/log.html file on metasploitable and restart the chatbot service.
|
|
||||||
describe 'ace_of_clubs' do
|
|
||||||
let(:host_ip) { command("ip addr | grep 'state UP' -A2 | grep 'eth0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/'").stdout.strip }
|
|
||||||
|
|
||||||
it 'should print out the correct base64 flag' do
|
|
||||||
ct = ChatTest.new(host_ip)
|
|
||||||
expect(ct.check_chat_bot).to eq true #TODO: Make this output more meaningful. e.g. output what was returned and what was expected.
|
|
||||||
end
|
end
|
||||||
end
|
end
|
Loading…
Reference in New Issue
Block a user