bannsec

Overview

Metasploitable3 by rapid7 is an environment built for testing metapsploit. Unfortunately, it hasn't been updated in many years and the default instructions on their page are wrong.

This walkthrough is based on Ubuntu 22.04, so subject to change.

Official page here: https://github.com/rapid7/metasploitable3

Steps

Step 1 -- Vagrant

Install vagrant. Follow the instructions on their page for the most up-to-date details for your distro:

This was VERY irritating to figure out. So here are the steps to create an installation usb for Windows manually.

Option 1 -- FAT32 + NTFS

Download the installation iso from Windows (https://www.microsoft.com/en-us/software-download/windows10ISO)
Prepare the usb drive
- sudo gparted (or cfdisk, whatever)
- Create partition table of GPT
- Create 2 partitions

fat32 partition of 1024MB with label BOOT (mark it bootable)

Need to uninstall the baked in nvidia drives and install nvidia drivers from the run file:

https://developer.nvidia.com/cuda-downloads?target_os=Linux&target_arch=x86_64&Distribution=WSL-Ubuntu&target_version=2.0&target_type=runfile_local

Don't install the driver (that'll be wsl passthru), just everything else

Install cublas? After my install of the runfile i didn't actually have this installed, so had to do it manually.

sudo apt install libcublas11

	$CimSession = New-CimSession -ComputerName 10.0.0.2

	$FilePath = 'C:\Windows\System32\notepad.exe'

	# PS_ModuleFile only implements GetInstance (versus EnumerateInstance) so this trick below will force a "Get" operation versus the default "Enumerate" operation.
	$PSModuleFileClass = Get-CimClass -Namespace ROOT/Microsoft/Windows/Powershellv3 -ClassName PS_ModuleFile -CimSession $CimSession
	$InMemoryModuleFileInstance = New-CimInstance -CimClass $PSModuleFileClass -Property @{ InstanceID= $FilePath } -ClientOnly
	$FileContents = Get-CimInstance -InputObject $InMemoryModuleFileInstance -CimSession $CimSession
	$FileLengthBytes = $FileContents.FileData[0..3]
	[Array]::Reverse($FileLengthBytes)

	# Alias to automatically forward in relevant display stuff.
	# docker-run -it --rm ubuntu:jammy
	alias docker-run="sudo docker run -e DISPLAY=$DISPLAY -v ${XAUTHORITY:-~/.Xauthority}:/xauth:ro -v /tmp/.X11-unix/:/tmp/.X11-unix -e XAUTHORITY=/xauth"

	# Bash function to help with running commands in the docker namespace
	# docker-nsenter mycontainer -n ss
	function docker-nsenter {
	PID=`sudo docker inspect $1 -f '{{.State.Pid}}'`
	shift
	sudo nsenter -t $PID $@

	#!/bin/bash
	sudo modprobe vmmon
	sudo modprobe vmnet
	sudo /usr/bin/vmware-networks --start

	import asyncio
	from concurrent.futures import ThreadPoolExecutor


	async def ainput(prompt: str = ''):
	with ThreadPoolExecutor(1, 'ainput') as executor:
	return (await asyncio.get_event_loop().run_in_executor(executor, input, prompt)).rstrip()

	# https://github.com/docker/cli/issues/1278
	Stop docker daemon (with your container)
	Modify hostconfig.json as you want
	Now you can start docker daemon and your container with updated ShmSize.

	Merges every other page, starting page 1 of A, page 1 of B, page 2 of A, page 2 of B, etc.

	pdftk A=A.pdf B=B.pdf shuffle A B output merged.pdf

	pyppeteer downloads a version of chrome, but doesn't bother to install deps...

	sudo apt install -y libx11-6 libx11-xcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxi6 libxtst6 libglib2.0-0 libnss3 libcups2 libxss1 libxrandr2 libpangocairo-1.0-0 libatk1.0-0 libatk-bridge2.0-0 libgtk-3-0

	Also can disable sanbox if needed:
	/usr/local/lib/python3.8/dist-packages/pyppeteer/launcher.py
	--no-sandbox