James Barnett
520c0564be
Build Linux VM in packer.
...
This makes some other changes:
* Moves packer related files to packer directory.
* Updates build scripts for new packer directory.
* Renames boxes to metasploitabl3-<OS>
2017-07-31 15:48:27 -05:00
wchen-r7
30fa1a7b60
change perm
2017-07-22 01:52:23 -05:00
wchen-r7
5c802ca808
Change start script to upstart for five of diamonds
2017-07-21 17:32:29 -05:00
wchen-r7
326982e3ed
Fix 5 of Hearts in Drupal
2017-07-20 16:38:18 -05:00
wchen-r7
1944427139
Clear chef cache
2017-07-20 15:44:38 -05:00
wchen-r7
52fd8f351d
Use Crystal loader for Sinatra
2017-07-20 14:08:03 -05:00
wchen-r7
bc4f5e3a41
Make port 80 browsable and set a pass for phpmyadmin
2017-07-17 13:54:12 -05:00
James Barnett
268537fa5d
Hide 7 of diamonds in docker container
2017-07-14 15:13:15 -05:00
wchen-r7
d088960490
Fix a typo
2017-07-14 14:27:57 -05:00
James Barnett
dc733474af
Add more flags
2017-07-14 12:14:01 -05:00
James Barnett
3dddb7c3e8
Hide king of spades in unrealircd
2017-07-13 16:23:31 -05:00
James Barnett
b2aeac3028
Fix typo in file name
2017-07-13 13:11:12 -05:00
James Barnett
55b0cbf763
Forgot the readme_app in port listing
2017-07-13 12:50:14 -05:00
wchen-r7
cdb7987c67
Embed 6 of Clubs in Sinatra service
2017-07-12 16:51:08 -05:00
James Barnett
6fd0a57fdf
Configure iptables for other services.
2017-07-06 17:08:33 -05:00
James Barnett
fc336a5f1b
Configure other services in iptables
2017-07-06 14:52:39 -05:00
James Barnett
5bbed5387e
Add five_of_diamonds flag
...
This flag is hidden within a binary that runs a webservice on a given port.
The port is blocked until the correct port knocking sequence is initiated.
The default port sequence is all of the user's salary numbers.
The commit also moves a lot of values that were previously in recipes into
attributes files for easier maintaining going forward.
2017-06-30 14:47:30 -05:00
James Barnett
dfcdafe410
Convert users to use attributes file.
2017-06-21 17:15:42 -05:00
James Barnett
1570bf7117
Add drupal 7.5
...
Also make some changes to other recipes as I learn more about chef.
2017-06-06 14:46:22 -05:00
James Barnett
456ed291b5
Merge branch 'add_linux_vm' into chatbot
2017-05-03 13:03:54 -05:00
wchen-r7
3b492538b7
Resolve merge conflict
2017-04-21 14:27:54 -05:00
James Barnett
e2221d2460
Install nodejs 4.x instead of 0.10.2.
2017-04-21 10:46:21 -05:00
James Barnett
1eae27f271
Move nodejs install to separate recipe.
2017-04-20 15:50:02 -05:00
James Barnett
c03cbe633e
Merge branch 'add_linux_vm' into chatbot
...
Fix conflict in Vagrantfile
2017-04-20 15:20:07 -05:00
James Barnett
9bb04bbaec
Update cups to listen on all interfaces.
2017-04-20 14:42:47 -05:00
wchen-r7
be04fc19d8
Resolve merge conflict in Vagrantfile
2017-04-20 14:11:02 -05:00
James Barnett
6462446b44
Fix bundle install and startup errors.
2017-04-20 13:43:11 -05:00
James Barnett
a66ff125d9
Add readme_app.
...
Also moved ruby installs out into its own recipe and included that in readme_app and sinatra recipes.
2017-04-19 16:25:46 -05:00
wchen-r7
41d86d73a3
Bring linux/cups up to date
2017-04-19 16:25:35 -05:00
wchen-r7
af004b1845
Resolve merge conflict in Vagrantfile
2017-04-19 11:07:53 -05:00
wchen-r7
416066f536
Up to date linux/webdav
2017-04-18 16:08:10 -05:00
James Barnett
8939a3d84f
Add vulnerable service cups.
2017-04-17 14:54:43 -05:00
wchen-r7
b522075693
update chatbot.rb
2017-04-17 13:28:07 -05:00
wchen-r7
fe3cd99781
Add chatbot to Linux VM
2017-04-17 11:45:23 -05:00
James Barnett
7b60422bbf
Enable WebDAV on Apache.
2017-04-13 16:52:10 -05:00
James Barnett
3183374191
Add poc for sql injection.
2017-04-11 16:12:46 -05:00
James Barnett
fa021341aa
Add php page vulnerable to sql injection.
2017-04-11 12:53:34 -05:00
James Barnett
9ee6631831
Merge branch 'add_linux_vm' of github.com:rapid7/metasploitable3 into add_linux_vm
2017-04-10 14:33:26 -05:00
James Barnett
a2c943940a
Fix syntax in user config.
2017-04-10 14:33:00 -05:00
James Barnett
9d750aa155
Add unrealircd vulnerable service.
2017-04-06 13:19:21 -05:00
jbarnett-r7
3daf5181f3
Merge pull request #111 from rapid7/add_custom_vuln
...
Add Custom Vulnerability (deserialization due to a compromised secret) for Linux VM
2017-04-05 17:27:49 -05:00
wchen-r7
ab5a2ae9d3
Add missing file
2017-04-05 15:59:49 -05:00
wchen-r7
bccc03578b
Update sinatra.rb
2017-04-05 15:58:26 -05:00
wchen-r7
2f2a2f2309
Use upstart script
2017-04-05 15:54:14 -05:00
wchen-r7
1e8b607fe1
Add a comment explaining where the passwords are
2017-04-03 17:19:20 -05:00
wchen-r7
ed38a9e2fa
Add Samba with vulnerable share
...
There is a samba share named "public". Cred to access:
chewbacca:rwaaaaawr5
2017-04-03 17:06:40 -05:00
wchen-r7
eef880200f
Merge branch 'add_linux_vm' into add_custom_vuln
2017-04-03 11:19:47 -05:00
wchen-r7
1b21911005
Add Sinatra Leaked Secret Deserialization Vulnerability
2017-03-31 17:15:04 -05:00
Sliim
dbe3947d22
linux: add docker_daemon_privilege_escalation
...
Install docker from the community cookbook and add some users in the
docker group from attributes.
I created the `attributes/default.rb` attribute file to configure which
users are added in the `docker` group. I suggest to put all configurable
values here, such as users, passwords etc..
2017-03-25 12:41:46 +01:00
James Barnett
5d36ad0306
Fix typo in proftpd recipe header
2017-03-24 15:31:47 -05:00