diff --git a/modules/generators/content/name_based_username/secgen_local/local.rb b/modules/generators/content/name_based_username/secgen_local/local.rb
index d3abea0c7..60e600ce1 100644
--- a/modules/generators/content/name_based_username/secgen_local/local.rb
+++ b/modules/generators/content/name_based_username/secgen_local/local.rb
@@ -13,7 +13,7 @@ class NameBasedUsernameGenerator < StringEncoder
# Generate a username based on a random adjective and a random noun
def encode_all
- self.outputs << Faker::Internet.user_name(self.name, %w(nil _))
+ self.outputs << Faker::Internet.user_name(self.name, ['_',''])
end
def get_options_array
diff --git a/modules/utilities/unix/system/parameterised_accounts/secgen_metadata.xml b/modules/utilities/unix/system/parameterised_accounts/secgen_metadata.xml
index e91b35fbc..0c0a706ed 100644
--- a/modules/utilities/unix/system/parameterised_accounts/secgen_metadata.xml
+++ b/modules/utilities/unix/system/parameterised_accounts/secgen_metadata.xml
@@ -7,8 +7,8 @@
Thomas Shaw
Puppet Labs
Apache v2
- Parameterised user account creation and modification. Adds an account with a random strength randomly
- generated password by default.
+ Parameterised user account creation and modification. Adds an account with a strong randomly generated password
+ by default.
system
@@ -21,13 +21,14 @@
-
-
+
+
-
-
-
+
+
+
+ false
diff --git a/modules/vulnerabilities/unix/system/crackable_user_account/crackable_user_account.pp b/modules/vulnerabilities/unix/system/crackable_user_account/crackable_user_account.pp
new file mode 100644
index 000000000..98f3770bb
--- /dev/null
+++ b/modules/vulnerabilities/unix/system/crackable_user_account/crackable_user_account.pp
@@ -0,0 +1 @@
+require crackable_user_account::init
\ No newline at end of file
diff --git a/modules/vulnerabilities/unix/system/crackable_user_account/manifests/init.pp b/modules/vulnerabilities/unix/system/crackable_user_account/manifests/init.pp
new file mode 100644
index 000000000..6599ad72b
--- /dev/null
+++ b/modules/vulnerabilities/unix/system/crackable_user_account/manifests/init.pp
@@ -0,0 +1,15 @@
+class crackable_user_account::init {
+ $json_inputs = base64('decode', $::base64_inputs)
+ $secgen_parameters = parsejson($json_inputs)
+
+ $account = parsejson($secgen_parameters['accounts'][0])
+ $username = $account['username']
+
+ ::parameterised_accounts::account { "crackable_user_account_$username":
+ username => $username,
+ password => $account['password'],
+ super_user => str2bool($account['super_user']),
+ strings_to_leak => $secgen_parameters['strings_to_leak'],
+ leaked_filenames => $account['leaked_filenames']
+ }
+}
\ No newline at end of file
diff --git a/modules/vulnerabilities/unix/system/crackable_user_account/secgen_metadata.xml b/modules/vulnerabilities/unix/system/crackable_user_account/secgen_metadata.xml
new file mode 100644
index 000000000..49b626bd3
--- /dev/null
+++ b/modules/vulnerabilities/unix/system/crackable_user_account/secgen_metadata.xml
@@ -0,0 +1,48 @@
+
+
+
+ Crackable User Account
+ Thomas Shaw
+ MIT
+ Unprivileged user account with a weak password.
+
+ system
+ user_rwx
+ local
+ linux
+
+ strings_to_leak
+ accounts
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ false
+
+
+
+
+
+ https://forge.puppet.com/puppetlabs/accounts
+
+
+ utilities/unix/system/parameterised_accounts
+
+
+
+ root_r
+
+
+
\ No newline at end of file