search

cisagov / kali-packer

This project can be used to create AMIs based on Kali Linux, a penetration testing distribution.
Creative Commons Zero v1.0 Universal
16 stars 6 forks source link

Metasploit Ansible role no longer exists #112

Closed jsf9k closed 2 years ago

jsf9k commented 2 years ago

🐛 Summary

The Ansible role we were using to install Metasploit no longer exists (on GitHub or in Ansible Galaxy). This means that this AWS AMI can no longer be built.

We need to find a substitute or create our own Ansible role, or convince @leesoh to re-publish his Ansible role.

jsf9k commented 2 years ago

@leesoh - If you don't mind, can I ask why your Metasploit Ansible role was taken down?

leesoh commented 2 years ago

Hi there! First off, let me start by apologizing for any headaches I've caused you or your users. I created this role along with a handful others five years ago and haven't touched them since. I was growing increasingly uneasy with having a bunch of unmaintained stuff out there and, to be frank, didn't think anyone used them. With the benefit of hindsight I should have absolutely put more effort into hunting down users and maintainers.

Second, both the GitHub repository and the Ansible role should be available; please let me know if this is not the case. I'm not sure what the best path is going forward here. I'm happy to leave things as-is, but worry about things breaking due to a lack of maintenance in the future (I realize the irony of this, having just broken things).

Hopefully this un-breaks your build, let me know your thoughts on the future of the role.

jsf9k commented 2 years ago

No need to apologize @leesoh. You provided something useful to us, and we thank you for that.

I can see the role again on both GitHub and Ansible Galaxy. Would you prefer that we (@cisagov) create our own Ansible role loosely based on your work? That isn't a problem at all, and we can let you know when we have that in place. Other folks may still be using the role, though, since it's one of the first links that comes up when you Google ansible role metasploit.

leesoh commented 2 years ago

If it's working for you I am happy to leave it up! I would also fully support you using as much or as little of my work as you like to create your own role, but agree about the possible headaches for other users. Maybe we leave everything as is and revisit if/when we need to?

jsf9k commented 2 years ago

Sounds good to me. Thank you @leesoh!

leesoh commented 2 years ago

No problem, sorry again for the headache!

mcdonnnj commented 2 years ago

Hi there! First off, let me start by apologizing for any headaches I've caused you or your users. I created this role along with a handful others five years ago and haven't touched them since. I was growing increasingly uneasy with having a bunch of unmaintained stuff out there and, to be frank, didn't think anyone used them. With the benefit of hindsight I should have absolutely put more effort into hunting down users and maintainers.

Second, both the GitHub repository and the Ansible role should be available; please let me know if this is not the case. I'm not sure what the best path is going forward here. I'm happy to leave things as-is, but worry about things breaking due to a lack of maintenance in the future (I realize the irony of this, having just broken things).

Hopefully this un-breaks your build, let me know your thoughts on the future of the role.

@leesoh I totally understand where you're coming from with that mentality. I would suggest in the future though that you instead look at repository archiving to convey that you are no longer maintaining a project without impacting an unknown user base.

leesoh commented 2 years ago

Absolutely, I should have done that instead.