digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 11:18:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Initial changes to directory structure

Browse Source
This commit is contained in:
Connor Wilson
2016-03-08 21:12:47 +00:00
committed by thomashaw
parent 0ebfbd6069
commit 401db4b0c5
35 changed files with 397 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
modules/modules Normal file
View File

@@ -0,0 +1 @@
Vulnerabilities, Services, Users, Bases and Networks will go in here

BIN
modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/data/vsftpd-2.3.4.tar.gz Normal file
View File

Binary file not shown.

1
modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/puppet/manifest/ftpbackdoor.pp Normal file
View File

@@ -0,0 +1 @@
include vsftpdbackdoor::install

46
modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/puppet/module/install.pp Normal file
View File

@@ -0,0 +1,46 @@
#copies and unpacks vsftpd_234_backdoor saves it to usr/local/sbin and executes it for startup
class vsftpdbackdoor::install {
exec { 'unzip-vsftpd':
command => 'tar xzf vsftpd-2.3.4.tar.gz && mv vsftpd-2.3.4 /home/vagrant/vsftpd-2.3.4',
path => '/bin',
cwd => "/mount/files/shell",
creates => "/home/vagrant/vsftpd-2.3.4/vsftpd",
notify => Exec['make-vsftpd']
}
exec { 'make-vsftpd':
command => '/usr/bin/make',
cwd => "/home/vagrant/vsftpd-2.3.4",
creates => "/home/vagrant/vsftpd-2.3.4/vsftpd",
notify => Exec['copy-vsftpd'],
require => Exec["unzip-vsftpd"],
}
exec { 'copy-vsftpd':
command => '/mount/files/shell/copyvsftpd.sh',
cwd => "/home/vagrant/vsftpd-2.3.4",
creates => "/usr/local/sbin/vsftpd",
notify => User['ftp'],
require => Exec["make-vsftpd"],
}
user { 'ftp':
ensure => present,
uid => '507',
gid => 'root',
shell => '/bin/zsh',
home => '/var/ftp',
notify => Exec['start-vsftpd'],
require => Exec["copy-vsftpd"],
managehome => true,
}
exec { 'start-vsftpd':
command => '/mount/files/shell/startvsftpd.sh',
require => User["ftp"],
}
}

13
modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/scripts/copyvsftpd.sh Executable file
View File

@@ -0,0 +1,13 @@
#!/bin/sh
sudo mkdir -p /usr/share/empty/
sudo mkdir -p /var/ftp/
sudo chown root.root /var/ftp
sudo chmod og-w /var/ftp
sudo cp vsftpd /usr/local/sbin/vsftpd
sudo cp vsftpd.conf.5 /usr/local/man/man5
sudo cp vsftpd.8 /usr/local/man/man8
sudo cp vsftpd.conf /etc

3
modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/scripts/startvsftpd.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/bin/sh
sudo /usr/local/sbin/vsftpd &

19
modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,19 @@
<vulnerability
type="ftp"
cve=""
privilege="user"
access="remote"
details="ftpbackdoor smiley face backdoor exploit"
platform="unix">
<puppets>
<puppet>install.pp</puppet>
<puppet>ftpbackdoor.pp</puppet>
</puppets>
<files>
<file>vsftpd-2.3.4.tar.gz</file>
</files>
<scripts>
<script>copyvsftpd.sh</script>
<script>startvsftpd.sh</script>
</scripts>
</vulnerability>

24
modules/vulnerabilities/unix/misc/distcc_exec/data/distcc.erb Normal file
View File

@@ -0,0 +1,24 @@
# Defaults for distcc initscript
# sourced by /etc/init.d/distcc
#
# should distcc be started on boot?
#
STARTDISTCC="true"
#STARTDISTCC="false"
#
# Which networks/hosts should be allowed to connect to the daemon?
# You can list multiple hosts/networks separated by spaces.
# Networks have to be in CIDR notation, f.e. 192.168.1.0/24
# Hosts are represented by a single IP Adress
#
# ALLOWEDNETS="127.0.0.1"
ALLOWEDNETS="172.16.0.0/16 192.168.0.0/16 10.0.0.0/8"
#
# Which interface should distccd listen on?
LISTENER=""

23
modules/vulnerabilities/unix/misc/distcc_exec/puppet/config.pp Normal file
View File

@@ -0,0 +1,23 @@
class distcc::config {
package { 'distcc':
ensure => installed
}
file { '/etc/default/distcc':
require => Package['distcc'],
ensure => present,
owner => 'root',
group => 'root',
mode => '0777',
content => template('../data/distcc.erb')
}
service { 'distcc':
ensure => running,
}
}

16
modules/vulnerabilities/unix/misc/distcc_exec/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,16 @@
<vulnerability
type="distcc"
cve="CVE-2004-2687"
privilege="user"
access="remote"
details="distcc can be exploited by exploit/unix/misc/distcc_exec"
platform="unix">
<puppets>
<puppet>distcc.pp</puppet>
</puppets>
<files>
<file>distcc.erb</file>
</files>
<scripts>
</scripts>
</vulnerability>