Marown/metasploitable3
1
0
Fork 0
mirror of https://github.com/rapid7/metasploitable3.git synced 2024-06-25 22:35:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add "pro" version.

Browse Source 
This separates out a "pro" version that builds almost everything
in Vagrant. This version will be used for customizability so
you can build with only specific services. The mainline files
will continue to be used to bring the system up with as little
friction as possible.
This commit is contained in:
James Barnett 2017-05-25 14:31:39 -05:00
parent f8e3e4a7ff
commit c4977eea3b
No known key found for this signature in database
GPG Key ID: 647983861A4EC5EA
3 changed files with 213 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
versions/pro/Vagrantfile vendored Normal file
View File

@ -0,0 +1,132 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
# Base configuration for the VM and provisioner
config.vm.box = "metasploitable3"
config.vm.hostname = "metasploitable3"
config.vm.communicator = "winrm"
config.vm.network "private_network", type: "dhcp"
# Install Chocolatey
config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd"
config.vm.provision :reload # Hack to reset environment variables
# Install BoxStarter
config.vm.provision :shell, path: "scripts/installs/install_boxstarter.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Install 7zip
config.vm.provision :shell, path: "scripts/chocolatey_installs/7zip.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Adjust password policy
config.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Add users and add to groups
config.vm.provision :shell, path: "scripts/configs/create_users.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Unpatched IIS and FTP
config.vm.provision :shell, path: "scripts/installs/setup_iis.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/setup_ftp_site.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Setup for Apache Struts
config.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :reload # Hack to reset environment variables
config.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Setup for Glassfish
config.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/start_glassfish_service.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Jenkins (1.8)
config.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Wordpress and phpMyAdmin
# This must run after the WAMP setup.
config.vm.provision :shell, path: "scripts/chocolatey_installs/vcredist2008.bat" # Visual Studio 2008 redistributable is a requirement for WAMP
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_wamp.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/start_wamp.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_wordpress.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - JMX
config.vm.provision :shell, path: "scripts/installs/install_openjdk6.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/setup_jmx.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Rails Server
config.vm.provision :shell, path: "scripts/installs/install_ruby.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_devkit.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_rails_server.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
config.vm.provision :shell, path: "scripts/installs/install_rails_service.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - WebDAV
# This must run after the WAMP setup.
config.vm.provision :shell, path: "scripts/installs/setup_webdav.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - MySQL
config.vm.provision :shell, path: "scripts/installs/setup_mysql.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - ManageEngine Desktop Central
config.vm.provision :shell, path: "scripts/installs/install_manageengine.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Axis2
# This must run after the Apache Struts setup.
config.vm.provision :shell, path: "scripts/installs/setup_axis2.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - Common backdoors
config.vm.provision :shell, path: "scripts/installs/install_backdoors.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - SNMP
config.vm.provision :shell, path: "scripts/installs/setup_snmp.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Configure Firewall to open up vulnerable services
case ENV['MS3_DIFFICULTY']
when 'easy'
config.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
else
config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
end
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - ElasticSearch
# This must run after the firewall rules, because it needs to make some HTTP requests in order to
# set up the vulnerable state.
config.vm.provision :shell, path: "scripts/installs/install_elasticsearch.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Configure flags
config.vm.provision :shell, path: "scripts/installs/install_flags.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a
end

79
versions/pro/windows_2008_r2_pro.json Normal file
View File

@ -0,0 +1,79 @@
{
"builders": [
{
"type": "virtualbox-iso",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"headless": true,
"boot_wait": "2m",
"ssh_username": "vagrant",
"ssh_password": "vagrant",
"ssh_wait_timeout": "2h",
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "Windows2008_64",
"disk_size": 61440,
"floppy_files": [
"{{user `autounattend`}}",
"./scripts/configs/microsoft-updates.bat",
"./scripts/configs/win-updates.ps1",
"./scripts/installs/openssh.ps1",
"./resources/certs/oracle-cert.cer",
"./resources/certs/gdig2.crt",
"./resources/certs/comodorsadomainvalidationsecureserverca.crt",
"./resources/certs/comodorsacertificationauthority.crt",
"./resources/certs/addtrust_external_ca.cer",
"./resources/certs/baltimore_ca.cer",
"./resources/certs/digicert.cer",
"./resources/certs/equifax.cer",
"./resources/certs/globalsign.cer",
"./resources/certs/gte_cybertrust.cer",
"./resources/certs/microsoft_root_2011.cer",
"./resources/certs/thawte_primary_root.cer",
"./resources/certs/utn-userfirst.cer"
],
"vboxmanage": [
[
"modifyvm",
"{{.Name}}",
"--memory",
"4096"
],
[
"modifyvm",
"{{.Name}}",
"--cpus",
"2"
]
]
}
],
"provisioners": [
{
"type": "shell",
"remote_path": "/tmp/script.bat",
"execute_command": "{{.Vars}} cmd /c C:/Windows/Temp/script.bat",
"scripts": [
"./scripts/installs/vm-guest-tools.bat",
"./scripts/configs/vagrant-ssh.bat",
"./scripts/configs/disable-auto-logon.bat",
"./scripts/configs/enable-rdp.bat",
"./scripts/configs/update_root_certs.bat"
]
}
],
"post-processors": [
{
"type": "vagrant",
"keep_input_artifact": false,
"output": "windows_2008_r2_{{.Provider}}_pro.box",
"vagrantfile_template": "vagrantfile-windows_2008_r2.template"
}
],
"variables": {
"iso_url": "http://download.microsoft.com/download/7/5/E/75EC4E54-5B02-42D6-8879-D8D3A25FBEF7/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso",
"iso_checksum_type": "md5",
"iso_checksum": "4263be2cf3c59177c45085c0a7bc6ca5",
"autounattend": "./answer_files/2008_r2/Autounattend.xml"
}
}

3
windows_2008_r2.json
View File

@ -35,7 +35,7 @@
"./resources/certs/thawte_primary_root.cer",
"./resources/certs/utn-userfirst.cer"
],
"vm_name": "metasploitable3",
"vm_name": "metasploitable3-win2k8",
"vmx_data": {
"cpuid.coresPerSocket": "2",
"memsize": "4096",
@ -57,6 +57,7 @@
"shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
"guest_os_type": "Windows2008_64",
"disk_size": 61440,
"vm_name": "metasploitable3-win2k8",
"floppy_files": [
"{{user `autounattend`}}",
"./scripts/configs/microsoft-updates.bat",