Marown/metasploitable3
1
0
Fork 0
mirror of https://github.com/rapid7/metasploitable3.git synced 2024-06-28 07:45:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
573 Commits 9 Branches 0 Tags 259 MiB
72dc282aa0
Commit Graph

146 Commits

Author SHA1 Message Date
wchen-r7
30fa1a7b60 change perm 2017-07-22 01:52:23 -05:00
wchen-r7
d3559e1628 Auto close for knockd 2017-07-22 01:28:30 -05:00
wchen-r7
5c802ca808 Change start script to upstart for five of diamonds 2017-07-21 17:32:29 -05:00
wchen-r7
1dec6f1d0b Update binary 2017-07-21 16:56:41 -05:00
wchen-r7
7c0e16ecfe Set perm 2017-07-21 16:31:42 -05:00
wchen-r7
f893bdeafa Update five of diamonds with obfuscation 2017-07-21 14:53:49 -05:00
wchen-r7
326982e3ed Fix 5 of Hearts in Drupal 2017-07-20 16:38:18 -05:00
wchen-r7
1944427139 Clear chef cache 2017-07-20 15:44:38 -05:00
wchen-r7
52fd8f351d Use Crystal loader for Sinatra 2017-07-20 14:08:03 -05:00
Chan9390
bc1c62a3c2
Converted scripts to port resource 2017-07-19 18:22:41 +05:30
Chan9390
a86f53bffc
Updated wamp.rb 2017-07-19 18:13:45 +05:30
Chan9390
be2c849d3b
Updated snmp.rb 2017-07-19 18:09:15 +05:30
Chan9390
06cba9d340
Updated rails_service.rb 2017-07-19 18:02:59 +05:30
Chan9390
6acb359c09
Updated mysql.rb 2017-07-19 17:42:49 +05:30
Chan9390
97e5e7ede6
Updated manageengine.rb 2017-07-19 17:39:42 +05:30
Chan9390
bf7d1b498f
Updated jmx.rb 2017-07-19 17:31:38 +05:30
Chan9390
09a45f05f6
Updated elasticsearch.rb 2017-07-19 16:38:28 +05:30
Chan9390
f31f99d49b
Updated create_users.rb 2017-07-19 16:10:43 +05:30
wchen-r7
bc4f5e3a41 Make port 80 browsable and set a pass for phpmyadmin 2017-07-17 13:54:12 -05:00
wchen-r7
a8ea9d7cb6 Fix ircd 2017-07-14 17:47:05 -05:00
wchen-r7
31160bda49 This is the right chatbot.zip 2017-07-14 16:40:07 -05:00
James Barnett
ec2b7380c7 Missed dockerfile 2017-07-14 15:43:48 -05:00
wchen-r7
b7205c3351 merge conflict 2017-07-14 15:27:26 -05:00
wchen-r7
30f4b325d6 Update chatbot code for ace of clubs 2017-07-14 15:27:07 -05:00
James Barnett
268537fa5d Hide 7 of diamonds in docker container 2017-07-14 15:13:15 -05:00
wchen-r7
d088960490 Fix a typo 2017-07-14 14:27:57 -05:00
James Barnett
dc733474af Add more flags 2017-07-14 12:14:01 -05:00
James Barnett
2824f96795 Hide 5 of hearts in drupal 2017-07-13 16:26:38 -05:00
James Barnett
3dddb7c3e8 Hide king of spades in unrealircd 2017-07-13 16:23:31 -05:00
James Barnett
c1e40ac1d4 Hide ace of clubs 2017-07-13 15:23:28 -05:00
James Barnett
c2f5a4ff52 Hide king of spades 2017-07-13 15:21:50 -05:00
James Barnett
b2aeac3028 Fix typo in file name 2017-07-13 13:11:12 -05:00
James Barnett
55b0cbf763 Forgot the readme_app in port listing 2017-07-13 12:50:14 -05:00
wchen-r7
cdb7987c67 Embed 6 of Clubs in Sinatra service 2017-07-12 16:51:08 -05:00
Chan9390
36d99c45d3
Added IIS, psexec and winrm tests 2017-07-07 18:46:43 +05:30
Chan9390
e90d1b1163
Added port checking 2017-07-07 17:50:21 +05:30
James Barnett
6fd0a57fdf Configure iptables for other services. 2017-07-06 17:08:33 -05:00
James Barnett
fc336a5f1b Configure other services in iptables 2017-07-06 14:52:39 -05:00
Chan9390
b95eec973f
Initial test scripts 2017-07-06 08:55:40 +05:30
James Barnett
367d3fd6db Use actual flag name 2017-06-30 15:45:08 -05:00
James Barnett
5bbed5387e Add five_of_diamonds flag 
This flag is hidden within a binary that runs a webservice on a given port.
The port is blocked until the correct port knocking sequence is initiated.
The default port sequence is all of the user's salary numbers.

The commit also moves a lot of values that were previously in recipes into
attributes files for easier maintaining going forward.
 2017-06-30 14:47:30 -05:00
James Barnett
dfcdafe410
Convert users to use attributes file. 2017-06-21 17:15:42 -05:00
James Barnett
541e39430b
Add tests for the chatbot. 2017-06-13 12:24:44 -05:00
James Barnett
121b8ed880
Add tests for drupal. 2017-06-06 15:34:30 -05:00
James Barnett
eb9188f04d Merge branch 'inspec_testing' into linux/drupal 2017-06-06 14:58:36 -05:00
James Barnett
1570bf7117
Add drupal 7.5 
Also make some changes to other recipes as I learn more about chef.
 2017-06-06 14:46:22 -05:00
James Barnett
e4b142c2ef
Add cups tests 2017-05-30 16:25:42 -05:00
James Barnett
00b263a0e2
Add tests for apache. 2017-05-26 14:23:27 -05:00
James Barnett
456ed291b5
Merge branch 'add_linux_vm' into chatbot 2017-05-03 13:03:54 -05:00
wchen-r7
3b492538b7 Resolve merge conflict 2017-04-21 14:27:54 -05:00
wchen-r7
8259ef67a1 Update chatbot.zip 2017-04-21 14:07:49 -05:00
James Barnett
e2221d2460
Install nodejs 4.x instead of 0.10.2. 2017-04-21 10:46:21 -05:00
James Barnett
1eae27f271
Move nodejs install to separate recipe. 2017-04-20 15:50:02 -05:00
James Barnett
c03cbe633e
Merge branch 'add_linux_vm' into chatbot 
Fix conflict in Vagrantfile
 2017-04-20 15:20:07 -05:00
wchen-r7
27634d321b change port to 3500 because 3000 is occupied by the bot 2017-04-20 15:14:38 -05:00
James Barnett
1c2cea73f2
Add missing files. 2017-04-20 14:44:26 -05:00
James Barnett
9bb04bbaec
Update cups to listen on all interfaces. 2017-04-20 14:42:47 -05:00
wchen-r7
be04fc19d8 Resolve merge conflict in Vagrantfile 2017-04-20 14:11:02 -05:00
James Barnett
6462446b44
Fix bundle install and startup errors. 2017-04-20 13:43:11 -05:00
James Barnett
a66ff125d9
Add readme_app. 
Also moved ruby installs out into its own recipe and included that in readme_app and sinatra recipes.
 2017-04-19 16:25:46 -05:00
wchen-r7
41d86d73a3 Bring linux/cups up to date 2017-04-19 16:25:35 -05:00
wchen-r7
af004b1845 Resolve merge conflict in Vagrantfile 2017-04-19 11:07:53 -05:00
wchen-r7
416066f536 Up to date linux/webdav 2017-04-18 16:08:10 -05:00
wchen-r7
88bea47229 Update payroll_app 2017-04-18 16:02:52 -05:00
wchen-r7
2ecf81cb65 Update payroll_app 2017-04-18 16:00:38 -05:00
wchen-r7
a92d7693d2 Update chatbot.zip 2017-04-17 15:52:50 -05:00
James Barnett
8939a3d84f
Add vulnerable service cups. 2017-04-17 14:54:43 -05:00
wchen-r7
b522075693 update chatbot.rb 2017-04-17 13:28:07 -05:00
wchen-r7
fe3cd99781 Add chatbot to Linux VM 2017-04-17 11:45:23 -05:00
James Barnett
7b60422bbf
Enable WebDAV on Apache. 2017-04-13 16:52:10 -05:00
James Barnett
3183374191
Add poc for sql injection. 2017-04-11 16:12:46 -05:00
James Barnett
fa021341aa
Add php page vulnerable to sql injection. 2017-04-11 12:53:34 -05:00
James Barnett
9ee6631831 Merge branch 'add_linux_vm' of github.com:rapid7/metasploitable3 into add_linux_vm 2017-04-10 14:33:26 -05:00
James Barnett
a2c943940a
Fix syntax in user config. 2017-04-10 14:33:00 -05:00
James Barnett
9d750aa155
Add unrealircd vulnerable service. 2017-04-06 13:19:21 -05:00
jbarnett-r7
3daf5181f3 Merge pull request #111 from rapid7/add_custom_vuln 
Add Custom Vulnerability (deserialization due to a compromised secret) for Linux VM
 2017-04-05 17:27:49 -05:00
James Barnett
759bde200a
Remove unused file. 2017-04-05 17:27:15 -05:00
wchen-r7
ab5a2ae9d3 Add missing file 2017-04-05 15:59:49 -05:00
wchen-r7
bccc03578b Update sinatra.rb 2017-04-05 15:58:26 -05:00
wchen-r7
2f2a2f2309 Use upstart script 2017-04-05 15:54:14 -05:00
wchen-r7
1e8b607fe1 Add a comment explaining where the passwords are 2017-04-03 17:19:20 -05:00
wchen-r7
ed38a9e2fa Add Samba with vulnerable share 
There is a samba share named "public". Cred to access:

chewbacca:rwaaaaawr5
 2017-04-03 17:06:40 -05:00
wchen-r7
eef880200f Merge branch 'add_linux_vm' into add_custom_vuln 2017-04-03 11:19:47 -05:00
James Barnett
50a8a91c71 Revert "Merge branch 'docker_vuln'" 
This reverts commit 7f77216223, reversing
changes made to 8b1af132e1.
 2017-04-03 10:43:43 -05:00
wchen-r7
820f265241 Change port 2017-03-31 17:20:04 -05:00
wchen-r7
1b21911005 Add Sinatra Leaked Secret Deserialization Vulnerability 2017-03-31 17:15:04 -05:00
James Barnett
9f20618e2a
Add docker and compat_resource cookbooks. 2017-03-30 15:26:04 -05:00
Sliim
dbe3947d22 linux: add docker_daemon_privilege_escalation 
Install docker from the community cookbook and add some users in the
docker group from attributes.
I created the `attributes/default.rb` attribute file to configure which
users are added in the `docker` group. I suggest to put all configurable
values here, such as users, passwords etc..
 2017-03-25 12:41:46 +01:00
James Barnett
5d36ad0306
Fix typo in proftpd recipe header 2017-03-24 15:31:47 -05:00
James Barnett
6549e398bc
Add new vuln for proftpd mod_copy 2017-03-23 13:06:48 -05:00
James Barnett
3566e9f009
Add php 5.4.5 and phpmyadmin 3.5.8 2017-03-21 13:50:39 -05:00
James Barnett
8ae68cb895
Remove unused file. 2017-03-13 17:35:51 -05:00
James Barnett
4d6c47efda
Add shellshock vulnerability exploitable through Apache mod_cgi. 2017-03-13 17:34:45 -05:00
James Barnett
ffed818290
Do an apt-get update before installing mysql. 2017-03-13 17:33:17 -05:00
James Barnett
0c6a9063e8
Add recipe for vulnerable Apache Continuum 2017-02-17 16:25:13 -06:00
James Barnett
c3bf91c693
WIP: Adding Linux VM using chef solo provisioning 2017-02-13 15:53:51 -06:00