Parallels DesktopでMetasploitable3を使う


必要なもの
・Parallels Desktop
・Homebrew
・Vagrant
・Packer

rapid7/metasploitable3

Vagrantのプラグインをインストール

$ vagrant plugin install vagrant-parallels
$ vagrant plugin install vagrant-reload

Parallels Virtualization SDKをインストール

$ brew cask install parallels-virtualization-sdk

GitHubからクローン

$ git clone https://github.com/rapid7/metasploitable3.git

ファイル作成

metasploitable3/chef/cookbooks/metasploitable/recipes/ifnames.rb
link '/etc/udev/rules.d/75-persistent-net-generator.rules' do |
  to '/dev/null' |
end |

ファイル修正

metasploitable3/build.sh
//最初らへんに追加
min_vagrantparallels_ver="0.0.1"

//vagrant-reloadの前に追加
if compare_versions $(vagrant plugin list | grep 'vagrant-parallels' | cut -d' ' -f2 | tr -d '(' | tr -d ')' | tr -d ',') $min_vagrantparallels_ver false; then
  echo 'Compatible version of vagrant-parallels plugin was found.'
  echo 'Parallels image will be built'
  providers="parallels $providers"
fi
metasploitable3/packer/templates/windows_2008_r2.json
//buildersのところに追加
{
      "type": "parallels-iso",
      "iso_url": "{{user `iso_url`}}",
      "iso_checksum_type": "{{user `iso_checksum_type`}}",
      "iso_checksum": "{{user `iso_checksum`}}",
      "boot_wait": "10m",
      "communicator": "ssh",
      "ssh_username": "vagrant",
      "ssh_password": "vagrant",
      "ssh_wait_timeout": "2h",
      "shutdown_command": "shutdown /s /t 10 /f /d p:4:1 /c \"Packer Shutdown\"",
      "guest_os_type": "win-2008",
      "parallels_tools_flavor": "win",
      "disk_size": 61440,
      "floppy_files": [
        "{{user `autounattend`}}",
        "{{user `scripts_dir`}}/configs/microsoft-updates.bat",
        "{{user `scripts_dir`}}/configs/win-updates.ps1",
        "{{user `scripts_dir`}}/installs/openssh.ps1",
        "{{user `scripts_dir`}}/installs/install_dotnet45.ps1",
        "{{user `scripts_dir`}}/installs/install_wmf.ps1",
        "{{user `resources_dir`}}/certs/oracle-cert.cer",
        "{{user `resources_dir`}}/certs/gdig2.crt",
        "{{user `resources_dir`}}/certs/comodorsadomainvalidationsecureserverca.crt",
        "{{user `resources_dir`}}/certs/comodorsacertificationauthority.crt",
        "{{user `resources_dir`}}/certs/addtrust_external_ca.cer",
        "{{user `resources_dir`}}/certs/baltimore_ca.cer",
        "{{user `resources_dir`}}/certs/digicert.cer",
        "{{user `resources_dir`}}/certs/equifax.cer",
        "{{user `resources_dir`}}/certs/globalsign.cer",
        "{{user `resources_dir`}}/certs/gte_cybertrust.cer",
        "{{user `resources_dir`}}/certs/microsoft_root_2011.cer",
        "{{user `resources_dir`}}/certs/thawte_primary_root.cer",
        "{{user `resources_dir`}}/certs/utn-userfirst.cer"
      ],
      "vm_name": "metasploitable3-win2k8",
      "cpus": 2,
      "memory": 4096
},
metasploitable3/packer/templates/ubuntu_1404.json
//buildersのところに追加
{
      "type": "parallels-iso",
      "iso_url": "{{user `iso_url`}}",
      "iso_checksum_type": "{{user `iso_checksum_type`}}",
      "iso_checksum": "{{user `iso_checksum`}}",
      "http_directory" : "{{template_dir}}/../http",
      "http_port_min" : 9001,
      "http_port_max" : 9001,
      "boot_command": [
        "<esc><wait>",
        "<esc><wait>",
        "<enter><wait>",
        "/install/vmlinuz",
        " auto=true",
        " priority=critical",
        " initrd=/install/initrd.gz",
        " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
        " -- ",
        "<enter>"
      ],
      "boot_wait": "20s",
      "communicator": "ssh",
      "ssh_username": "vagrant",
      "ssh_password": "vagrant",
      "ssh_wait_timeout": "2h",
      "shutdown_command": "echo 'packer' | sudo -S shutdown -P now",
      "guest_os_type": "ubuntu",
      "disk_size": 40000,
      "vm_name": "metasploitable3-ub1404",
      "parallels_tools_flavor": "lin",
      "cpus": 2,
      "memory": 4096
},

//run_listのところに追加
"metasploitable::ifnames"
metasploitable3/Vagrantfile
//ub1404.vm.boxを変更
ub1404.vm.box = "ubuntu_1404_parallels_0.1.12.box"
//win2k8.vm.boxを変更
win2k8.vm.box = "windows_2008_r2_parallels_0.1.0.box"

ビルド

$ cd metasploitable3
$ ./build.sh windows2008
$ ./build.sh ubuntu1404

起動

$ vagrant up win2k8
$ vagrant up ub1404

参考情報

Metasploitable3に盛り込まれている脆弱性