Running Metasploit Framework (pre-ruby) on VAX

From the past series of computer archeology I wanted to try this in a long time. So what I did was first to get simh VAX NetBSD simulation running on a decent machine (not Ci20)

All the information on how to get NetBSD 8_BETA running on SimH-VAX can be found here -> https://astr0baby.wordpress.com/2018/03/11/running-vax-netbsd-on-mipsel-ci20-creator-board-via-simh/

I have managed to build some binary pkgsrc packages for NetBSD VAX (Including ruby24) with help from @kittenpies3 and keep a repo available here http://45.76.81.249/pkgsrc/vax-simh/

Unfortunately I cannot yet get postgresql-xx-client to build correctly on the VAX NetBSD via pkgsrc so metasploit-current bundler install fails on the pg-0.20.0 gem fails to build due to missing postgresql packages. Hopefully this will get sorted out in the future.

Now Im not expecting metasploit-framework-current (5.0-dev) to run on 256 MB RAM Vax NetBSD system, but at least a test on msfvenom file generation could be done. However what works quite well is the last pre-ruby metasploit-framework 2.8-dev which we gonna try here just now.

Among other tools git is compiled for NetBSD VAX and you can actually use it and pull the metasploit framework2 to you VAX

[user@vaxnetbsd root]# git clone https://github.com/metasploit/framework2.git

Once we get a local copy, I have quickly prepared 2 VirtualBox VMs to test against

  • Windows 2000
  • Windows XP SP2

In order for these simulated/virtualized  systems to speak to each other over TCP/IP I have used the following trick to connect bot the SimH and Virtual Box VMs

For my VAX simh environment I use the following script to prepare network

#Setup tap and bridge 
tunctl -t tap0 -u user
ifconfig tap0 up
brctl addbr br0
brctl addif br0 eth0 vboxnet0
brctl setfd br0 0
ifconfig eth0 10.0.2.1 up 
ifconfig br0 10.0.2.2 netmask 255.255.255.0 broadcast 10.0.2.255 up
brctl addif br0 tap0 vboxnet0
ifconfig tap0 0.0.0.0
sysctl net.ipv4.ip_forward=1
iptables -A FORWARD --in-interface eth0 -j ACCEPT
iptables --table nat -A POSTROUTING --out-interface wlan0 -j MASQUERADE

On my Virtual Box machine I only use host-only-adapter and set IP manually on Windows

Once all systems are up, they should be able to speak to each other and we can try to exploit the Windows 2000 and Windows XP from the VAX NetBSD simulation.

Attacking Windows 2000


Attacking Windows XP SP2

Advertisement

About astr0baby

Please run Adblock or similar... we have been told to do so since Carl Sagan wrote the Contact .
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.