forked from rapid7/metasploit-baseline-builder
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuild_linux_baselines.py
153 lines (119 loc) · 5.18 KB
/
build_linux_baselines.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
import getopt
import glob
import json
import sys
import sh
import os
import packer
import requests
import fnmatch
from tqdm import tqdm
from lib import packerMod
from lib import serverHelper
def build_base(packer_var_file, common_vars, packerfile, replace_existing, vmServer=None, prependString = "", factory_image = False):
TEMP_DIR="tmp"
vm_name = packer_var_file.strip(".json")
if "-server" in vm_name:
vm_name = vm_name[:vm_name.index("-server")]
vm_name = "Linux" + vm_name.capitalize() + "x64"
temp_path = os.path.join("..", "..", TEMP_DIR, prependString + vm_name)
if not os.path.exists(temp_path):
os.makedirs(temp_path)
output = vm_name + "_vmware.box"
only = ['vmware-iso']
with open(os.path.join("", packer_var_file)) as packer_var_source:
packer_vars = json.load(packer_var_source)
# Old Packer versions used a separate iso_checksum and iso_checksum_type keys.
# New Packer versions combine them together: "iso_checksum_type:iso_checksum"
# Let's implement a workaround for old Packer versions here rather than for each individual
# top-level Packer json template.
if 'iso_checksum_type' in packer_vars:
packer_vars['iso_checksum'] = packer_vars['iso_checksum_type'] + ':' + packer_vars['iso_checksum']
del packer_vars['iso_checksum_type']
packer_vars.update({
"vm_name": prependString + vm_name,
"output": os.path.join("..", "..", "box", output)
})
packer_vars.update(common_vars)
if factory_image:
del packer_vars["custom_script"]
packer_obj = packerMod(packerfile)
packer_obj.update_linux_config(packer_vars)
request = requests.head(packer_vars['iso_url'])
if request.status_code != 200:
packer_obj.update_url(packer_vars)
if vmServer.get_esxi() is not None:
packer_vars.update(vmServer.get_config())
packer_obj.use_esxi_config()
else:
packer_obj.update_config({
"output": "./../../box/" + output
})
packerfile = os.path.join(temp_path, "current_packer.json")
packer_obj.save_config(packerfile)
out_file = os.path.join(temp_path, "output.log")
err_file = os.path.join(temp_path, "error.log")
p = packer.Packer(str(packerfile), only=only, vars=packer_vars,
out_iter=out_file, err_iter=err_file)
vm = vmServer.get_vm(prependString + vm_name)
if vm is not None:
if replace_existing:
vm.powerOff
vm.waitForTask(vm.vmObject.Destroy_Task())
else:
return p # just return without exec since ret value is not checked anyways
try:
p.build(parallel=True, debug=False, force=False)
except sh.ErrorReturnCode:
print "Error: build of " + prependString + vm_name + " returned non-zero"
return p
if vmServer.get_esxi() is not None:
vm = vmServer.get_vm(prependString + vm_name)
if vm is not None:
vm.takeSnapshot(snapshotName='baseline')
return p
def main(argv):
prependString = ""
replace_vms = False
factory_image = False
esxi_file = "esxi_config.json"
try:
opts, args = getopt.getopt(argv[1:], "c:fhp:r", ["esxiConfig=", "factory", "help", "prependString=", "replace"])
except getopt.GetoptError:
print argv[0] + ' -n <numProcessors>'
sys.exit(2)
for opt, arg in opts:
if opt in ("-h", "--help"):
print argv[0] + " [options]"
print '-c <file>, --esxiConfig=<file> use alternate hypervisor config file'
print '-f, --factory builds system without additional packages'
print '-p <string>, --prependString=<file> prepend string to the beginning of VM names'
print '-r, --replace replace existing msf_host'
sys.exit()
elif opt in ("-c", "--esxiConfig"):
esxi_file = arg
elif opt in ("-f", "--factory"):
factory_image = True # Build with minimum required software, users and vm tools.
elif opt in ("-p", "--prependString"):
prependString = arg
elif opt in ("-r", "--replace"):
replace_vms = True
vm_server = serverHelper(esxi_file)
os.chdir("boxcutter")
for os_dir in os.listdir("."):
if os.path.isdir(os.path.join(".", os_dir)):
common_var_file = os.path.join("..", "linux_vars", os_dir + "_common.json")
with open(os.path.join("", common_var_file)) as common_var_source:
common_vars = json.load(common_var_source)
os.chdir(os.path.join("", os_dir))
packer_file = os_dir + ".json"
targets = []
for pattern in common_vars['file_patterns']:
targets.extend(glob.glob(pattern))
print "\nBuilding " + str(len(targets)) + " " + os_dir.capitalize() + " baselines:"
for target in tqdm(targets):
build_base(target, common_vars, packer_file, replace_existing=replace_vms, vmServer=vm_server, prependString=prependString, factory_image=factory_image)
os.chdir("../")
return True
if __name__ == "__main__":
main(sys.argv)