From dbe3947d22a349da247ba46838560aad968cb696 Mon Sep 17 00:00:00 2001
From: Sliim <sliim@mailoo.org>
Date: Wed, 15 Mar 2017 23:59:51 +0100
Subject: [PATCH] linux: add docker_daemon_privilege_escalation

Install docker from the community cookbook and add some users in the
docker group from attributes.
I created the `attributes/default.rb` attribute file to configure which
users are added in the `docker` group. I suggest to put all configurable
values here, such as users, passwords etc..
---
 Vagrantfile                                       |  5 +++++
 .../metasploitable/attributes/default.rb          |  9 +++++++++
 chef/cookbooks/metasploitable/metadata.rb         |  1 +
 chef/cookbooks/metasploitable/recipes/docker.rb   | 15 +++++++++++++++
 4 files changed, 30 insertions(+)
 create mode 100644 chef/cookbooks/metasploitable/attributes/default.rb
 create mode 100644 chef/cookbooks/metasploitable/recipes/docker.rb

diff --git a/Vagrantfile b/Vagrantfile
index 3c89824..8f53ed2 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -149,6 +149,10 @@ Vagrant.configure("2") do |config|
     config.vm.provision :chef_solo do |chef|
       chef.cookbooks_path = [ 'chef/cookbooks' ]
 
+      chef.json = { 'metasploitable' => {
+                      # Customizations here
+                    }
+                  }
 
       chef.add_recipe "metasploitable::mysql"
       chef.add_recipe "metasploitable::apache_continuum"
@@ -157,6 +161,7 @@ Vagrant.configure("2") do |config|
       chef.add_recipe "metasploitable::phpmyadmin"
       chef.add_recipe "metasploitable::proftpd"
       chef.add_recipe "metasploitable::users"
+      chef.add_recipe "metasploitable::docker"
     end
   end
 end
diff --git a/chef/cookbooks/metasploitable/attributes/default.rb b/chef/cookbooks/metasploitable/attributes/default.rb
new file mode 100644
index 0000000..7bea78e
--- /dev/null
+++ b/chef/cookbooks/metasploitable/attributes/default.rb
@@ -0,0 +1,9 @@
+#
+# Cookbook:: metasploitable
+# Attributes:: default
+#
+
+default['metasploitable']['docker_users'] = ['boba_fett',
+                                             'jabba_hutt',
+                                             'greedo',
+                                             'chewbacca',]
diff --git a/chef/cookbooks/metasploitable/metadata.rb b/chef/cookbooks/metasploitable/metadata.rb
index 0ee32db..804b8bf 100644
--- a/chef/cookbooks/metasploitable/metadata.rb
+++ b/chef/cookbooks/metasploitable/metadata.rb
@@ -18,4 +18,5 @@ version '0.1.0'
 #
 # source_url 'https://github.com/<insert_org_here>/metasploitable3' if respond_to?(:source_url)
 
+depends 'docker'
 depends 'mysql'
diff --git a/chef/cookbooks/metasploitable/recipes/docker.rb b/chef/cookbooks/metasploitable/recipes/docker.rb
new file mode 100644
index 0000000..423494b
--- /dev/null
+++ b/chef/cookbooks/metasploitable/recipes/docker.rb
@@ -0,0 +1,15 @@
+#
+# Cookbook:: metasploitable
+# Recipe:: docker
+#
+
+docker_service 'default' do
+  action [:create, :start]
+  group 'docker'
+end
+
+group 'docker' do
+  action [:create, :modify]
+  append true
+  members node['metasploitable']['docker_users']
+end