James Barnett
c03cbe633e
Merge branch 'add_linux_vm' into chatbot
...
Fix conflict in Vagrantfile
2017-04-20 15:20:07 -05:00
wchen-r7
6488953464
Land #136 , custom readme rails app for Linux
2017-04-20 15:17:43 -05:00
wchen-r7
27634d321b
change port to 3500 because 3000 is occupied by the bot
2017-04-20 15:14:38 -05:00
James Barnett
1c2cea73f2
Add missing files.
2017-04-20 14:44:26 -05:00
wchen-r7
be04fc19d8
Resolve merge conflict in Vagrantfile
2017-04-20 14:11:02 -05:00
James Barnett
6462446b44
Fix bundle install and startup errors.
2017-04-20 13:43:11 -05:00
James Barnett
a66ff125d9
Add readme_app.
...
Also moved ruby installs out into its own recipe and included that in readme_app and sinatra recipes.
2017-04-19 16:25:46 -05:00
wchen-r7
af004b1845
Resolve merge conflict in Vagrantfile
2017-04-19 11:07:53 -05:00
wchen-r7
71688d59f6
Land #129 , webdav in Linux
2017-04-19 11:06:34 -05:00
wchen-r7
416066f536
Up to date linux/webdav
2017-04-18 16:08:10 -05:00
wchen-r7
e221d6ec49
Land #127 , PHP injection in Linux VM
2017-04-18 16:03:21 -05:00
wchen-r7
88bea47229
Update payroll_app
2017-04-18 16:02:52 -05:00
wchen-r7
2ecf81cb65
Update payroll_app
2017-04-18 16:00:38 -05:00
wchen-r7
8e2d05d2c8
up to date linux/sql_injection
2017-04-18 15:02:01 -05:00
wchen-r7
a92d7693d2
Update chatbot.zip
2017-04-17 15:52:50 -05:00
wchen-r7
b522075693
update chatbot.rb
2017-04-17 13:28:07 -05:00
wchen-r7
fe3cd99781
Add chatbot to Linux VM
2017-04-17 11:45:23 -05:00
James Barnett
7b60422bbf
Enable WebDAV on Apache.
2017-04-13 16:52:10 -05:00
jbarnett-r7
3002800d20
Merge pull request #123 from rapid7/windows_to_linux_share
...
Mount a share from Linux samba
2017-04-12 14:07:26 -05:00
James Barnett
3183374191
Add poc for sql injection.
2017-04-11 16:12:46 -05:00
James Barnett
fa021341aa
Add php page vulnerable to sql injection.
2017-04-11 12:53:34 -05:00
James Barnett
9ee6631831
Merge branch 'add_linux_vm' of github.com:rapid7/metasploitable3 into add_linux_vm
2017-04-10 14:33:26 -05:00
James Barnett
a2c943940a
Fix syntax in user config.
2017-04-10 14:33:00 -05:00
wchen-r7
10f3d7b2e1
Land #121 , Add unrealircd Vulnerable Service
2017-04-10 10:00:27 -05:00
wchen-r7
22cc0d944a
Add share from Linux
2017-04-07 14:33:30 -05:00
James Barnett
9d750aa155
Add unrealircd vulnerable service.
2017-04-06 13:19:21 -05:00
jbarnett-r7
3daf5181f3
Merge pull request #111 from rapid7/add_custom_vuln
...
Add Custom Vulnerability (deserialization due to a compromised secret) for Linux VM
2017-04-05 17:27:49 -05:00
James Barnett
759bde200a
Remove unused file.
2017-04-05 17:27:15 -05:00
wchen-r7
d3dd4e00c3
Restore Vagrantfile
2017-04-05 16:03:00 -05:00
wchen-r7
ab5a2ae9d3
Add missing file
2017-04-05 15:59:49 -05:00
wchen-r7
bccc03578b
Update sinatra.rb
2017-04-05 15:58:26 -05:00
wchen-r7
2f2a2f2309
Use upstart script
2017-04-05 15:54:14 -05:00
jbarnett-r7
b4ebd18094
Merge pull request #119 from rapid7/samba
...
Add Samba service to Linux VM
2017-04-04 13:50:26 -05:00
wchen-r7
1e8b607fe1
Add a comment explaining where the passwords are
2017-04-03 17:19:20 -05:00
wchen-r7
ed38a9e2fa
Add Samba with vulnerable share
...
There is a samba share named "public". Cred to access:
chewbacca:rwaaaaawr5
2017-04-03 17:06:40 -05:00
wchen-r7
eef880200f
Merge branch 'add_linux_vm' into add_custom_vuln
2017-04-03 11:19:47 -05:00
wchen-r7
820f265241
Change port
2017-03-31 17:20:04 -05:00
wchen-r7
2642ae3146
fix typo
2017-03-31 17:17:09 -05:00
wchen-r7
1b21911005
Add Sinatra Leaked Secret Deserialization Vulnerability
2017-03-31 17:15:04 -05:00
James Barnett
7f77216223
Merge branch 'docker_vuln'
2017-03-30 15:27:41 -05:00
James Barnett
9f20618e2a
Add docker and compat_resource cookbooks.
2017-03-30 15:26:04 -05:00
Sliim
dbe3947d22
linux: add docker_daemon_privilege_escalation
...
Install docker from the community cookbook and add some users in the
docker group from attributes.
I created the `attributes/default.rb` attribute file to configure which
users are added in the `docker` group. I suggest to put all configurable
values here, such as users, passwords etc..
2017-03-25 12:41:46 +01:00
James Barnett
5d36ad0306
Fix typo in proftpd recipe header
2017-03-24 15:31:47 -05:00
James Barnett
6549e398bc
Add new vuln for proftpd mod_copy
2017-03-23 13:06:48 -05:00
James Barnett
3566e9f009
Add php 5.4.5 and phpmyadmin 3.5.8
2017-03-21 13:50:39 -05:00
jbarnett-r7
8b1af132e1
Merge pull request #93 from a-garcia/Update_Elasticsearch's_initial_startup_time
...
Updated the initial startup time for Elasticsearch Fixes #73
2017-03-17 15:11:20 -05:00
James Barnett
8ae68cb895
Remove unused file.
2017-03-13 17:35:51 -05:00
James Barnett
4d6c47efda
Add shellshock vulnerability exploitable through Apache mod_cgi.
2017-03-13 17:34:45 -05:00
James Barnett
ffed818290
Do an apt-get update before installing mysql.
2017-03-13 17:33:17 -05:00
James Barnett
1066317922
Update URL for WAMP download. Fixes #91
2017-03-06 17:05:28 -06:00