Converted to Chef provisioning #174
Conversation
commit 9d6666fbb9f066179e17030808bd02e3ad27a2c0 Author: Chan9390 <[email protected]> Date: Fri Jul 28 18:20:46 2017 +0530 Removed cmd /c from commands commit ef6abe66f4a79e150c9d85a0a38896b061bc5def Author: Chan9390 <[email protected]> Date: Fri Jul 28 07:14:52 2017 +0530 Added certificates
- Updated to powershell resource - Added vagrant ssh
- Converted to chef
- Enabled RDP
- Updated registry entries to chef resources - Updated registry entries - Updated user groups - Added users
- Converted to batch resource - Setup IIS
- Converted to chef - Added Apache Struts
- Converted to chef - Added scripts to start glassfish - Added GlassFish
- Converted to chef - Added jenkins
- Converted to chef - Added code to start WAMP - Added WAMP
Squashed commit of the following: - Moved ruby - Moved java - Moved tomcat - Moved jdk8 - Moved vcredist - Moved 7zip - Moved 7zip
Squashed commit of the following: - Added everything to default - put everything to default - Linked jenkins to java and jdk8 - Linked backdoors to iis and wamp - Linked flags to iis and wamp - Linked ftp to iis - Linked rails to devkit - Linked devkit to 7zip and ruby - Linked struts to tomcat and java - Linked axis2 to tomcat - Linked elasticsearch to 7zip and jdk8 - Linked mysql to wordpress and wamp - Linked webdav to wamp - Linked wordpress to 7zip and vcredist - Linked wamp to vcredist - Linked jmx to openjdk6 - Linked openjdk to 7zip - Linked tomcat to jdk8
- Updated wamp - Updated openjdk6 - Updated glassfish - Updated devkit - Updated axis2 - Updated vagrant_ssh - Updated elasticsearch
|
|
||
| file 'C:\Program Files\Apache Software Foundation\tomcat\apache-tomcat-8.0.33\conf\tomcat-users.xml' do | ||
| action :delete | ||
| end |
There was a problem hiding this comment.
This is not idempotent, the cookbook_file resource will override this file you don't need to delete it.
|
|
||
| directory 'C:\vagrant' do | ||
| recursive true | ||
| action :delete |
There was a problem hiding this comment.
Are you trying to remove a shared folder?
There was a problem hiding this comment.
Yes. If the folder C:\vagrant exists in the packer build, some issues occur when starting the box using vagrant.
There was a problem hiding this comment.
Hmm ok, I think this can be dangerous if user mounted a local directory to the guest at C:\vagrant.. no?
| # Copyright:: 2017, The Authors, All Rights Reserved. | ||
|
|
||
| execute 'Closed port 445 for SMB' do | ||
| command 'netsh advfirewall firewall add rule name="Closed port 445 for SMB" dir=in action=block protocol=TCP localport=445' |
There was a problem hiding this comment.
What happen if the rule already exists?
| end | ||
|
|
||
| execute 'Starting service' do | ||
| command '"C:\Program Files\elasticsearch-1.1.1\bin\service.bat" start' |
There was a problem hiding this comment.
Why not using actions [:enable, :start] for windows_service[elasticsearch-service-x64] resource? instead of this execute?
| action :run | ||
| end | ||
|
|
||
| powershell_script 'Test response' do |
|
|
||
| cookbook_file 'C:\Windows\three_of_spades.png' do | ||
| source 'flags/three_of_spades.png' | ||
| action :create |
There was a problem hiding this comment.
Should you use the mode, owner, group etc.. attributes instead of the batch resource below?
| action :create | ||
| end | ||
|
|
||
| file 'C:\inetpub\wwwroot\iisstart.htm' do |
There was a problem hiding this comment.
Why this here? In the flags recipe?
| action [:enable, :start] | ||
| end | ||
|
|
||
| ruby_block 'Sleep for 15 secs' do |
There was a problem hiding this comment.
Glassfish installation runs at the background and it needs some time to get installed. So I had introduced a time delay using ruby block resource.
| action :create | ||
| end | ||
|
|
||
| windows_service 'wampapache' do |
There was a problem hiding this comment.
You shoukd use resource notifications instead of a service stop/start
https://docs.chef.io/resource_common.html#notifications
This PR converts the provisioning from shell to chef-solo in packer. As there is an issue with chef-solo provisioning in packer, a Vagrantfile is included under
/versions/cheffolder which does the same but using vagrant.To test the vagrant build, the files (
Vagrantfileandwindows_2008_r2.json) should be manually moved to the metasploitable3 folder and replace the default ones.Verification:
Vagrantfileandwindows_2008_r2.jsonfile in the main folder with those present in the/versions/cheffolderpacker build --only=virtualbox-iso windows_2008_r2.json. Verify the system comes up successfully.vagrant box add mtest windows_2008_r2_virtualbox.boxvagrant up