digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-22 19:58:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

gitlist work with less flags than the module was expecting

Browse Source
This commit is contained in:
Z. Cliffe Schreuders
2019-07-15 10:04:13 +01:00
parent 16f7c12297
commit 240059801e
1 changed files with 27 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
modules/vulnerabilities/unix/webapp/gitlist_040/manifests/configure.pp
View File

@@ -5,6 +5,33 @@ class gitlist_040::configure {
$images_to_leak = $secgen_parameters['images_to_leak']
$leaked_files_path = '/home/git/repositories/secret_files'
# when there are multiple strings to leak:
# leak the first one as a flag, requiring exploitation to access;
# leak the subsequent ones publically through the website;
if $strings_to_leak.length == 0 {
warning('No strings_to_leak provided!')
} elsif $strings_to_leak.length == 1 {
warning("Only one string to leak provided, publically showing a default message.")
$flag = [$strings_to_leak[0]]
$flag_filename = [$leaked_filenames[0]]
$public_strings_to_leak = ["Nothing to see here."]
$public_strings_to_leak_filename = $leaked_filenames[1, -1]
} else { # more than 1 strings_to_leak
warning("One string to leak will require exploitation, others will be publically shown.")
$flag = [$strings_to_leak[0]]
$flag_filename = [$leaked_filenames[0]]
# all but the first elements (used above already)
$public_strings_to_leak = $strings_to_leak[1, -1]
$public_strings_to_leak_filename = $leaked_filenames[1, -1]
}
$git_args = '-c user.name="gitlist" -c user.email="git@list.com"'
Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }
# Create /home/git/repositories
@@ -23,12 +50,6 @@ class gitlist_040::configure {
command => "git init",
}
$flag = [$strings_to_leak[0]]
$flag_filename = [$leaked_filenames[0]]
# all but the first elements (used above already)
$public_strings_to_leak = $strings_to_leak[1, -1]
$public_strings_to_leak_filename = $leaked_filenames[1, -1]
::secgen_functions::leak_files { 'gitlist_040-flag-leak':
storage_directory => '/home/git',
leaked_filenames => $flag_filename,
@@ -50,8 +71,6 @@ class gitlist_040::configure {
before => Exec['initial_commit_leaked_files_repo']
}
$git_args = '-c user.name="gitlist" -c user.email="git@list.com"'
exec { 'initial_commit_leaked_files_repo':
cwd => $leaked_files_path,
command => "git $git_args add *; git $git_args commit -a -m 'initial commit'",