diff --git a/modules/vulnerabilities/unix/email_phishing/phish_victim_bot/manifests/install.pp b/modules/vulnerabilities/unix/email_phishing/phish_victim_bot/manifests/install.pp
index 70f90036c..53139cf8b 100644
--- a/modules/vulnerabilities/unix/email_phishing/phish_victim_bot/manifests/install.pp
+++ b/modules/vulnerabilities/unix/email_phishing/phish_victim_bot/manifests/install.pp
@@ -37,11 +37,14 @@ class phish_victim_bot::install {
if $usernames {
$usernames.each |$index, $username| {
# Create user
- user { $username:
- ensure => present,
- password => pw_hash($passwords[$index], 'SHA-512', 'bXlzYWx0'),
- managehome => true,
- } ->
+ if $username != "kali" {
+ user { $username:
+ ensure => present,
+ password => pw_hash($passwords[$index], 'SHA-512', 'bXlzYWx0'),
+ managehome => true,
+ before => File["/home/$username/.user.properties"],
+ }
+ }
file { "/home/$username/.user.properties":
ensure => present,
owner => $username,
@@ -62,22 +65,25 @@ class phish_victim_bot::install {
source => 'puppet:///modules/phish_victim_bot/libreoffice-macros-registrymodifications.xcu',
}
+ if $username != "kali" {
# run on each boot via cron
- cron { "$username-mail":
- command => "Xvfb :9$index & export DISPLAY=:9$index && sleep 60 && cd /home/$username && java -cp /opt/mailreader/mail.jar:/opt/mailreader/activation-1.1-rev-1.jar:/opt/mailreader/ MailReader &",
- special => 'reboot',
- user => $username,
- }
+ cron { "$username-mail":
+ command => "Xvfb :9$index & export DISPLAY=:9$index && sleep 60 && cd /home/$username && java -cp /opt/mailreader/mail.jar:/opt/mailreader/activation-1.1-rev-1.jar:/opt/mailreader/ MailReader &",
+ special => 'reboot',
+ user => $username,
+ require => User[$username]
+ }
- ::secgen_functions::leak_files { "$username-mail-file-leak":
- storage_directory => "/home/$username",
- leaked_filenames => [$leaked_filenames[$index]],
- strings_to_leak => [$strings_to_leak[$index]],
- owner => $username,
- mode => '0600',
- leaked_from => "phish_victim_bot-$username",
+ ::secgen_functions::leak_files { "$username-mail-file-leak":
+ storage_directory => "/home/$username",
+ leaked_filenames => [$leaked_filenames[$index]],
+ strings_to_leak => [$strings_to_leak[$index]],
+ owner => $username,
+ mode => '0600',
+ leaked_from => "phish_victim_bot-$username",
+ require => User[$username]
+ }
}
-
}
}
@@ -112,13 +118,5 @@ class phish_victim_bot::install {
path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'],
command => "javac -cp /opt/mailreader/mail.jar:/opt/mailreader/activation-1.1-rev-1.jar MailReader.java && chmod 0755 /opt/mailreader/MailReader.class && chown root:root /opt/mailreader/MailReader.class",
cwd => '/opt/mailreader/',
- } ->
- file { "/home/kali/.config/libreoffice/4/user/registrymodifications.xcu":
- ensure => present,
- owner => "kali",
- group => "kali",
- mode => '0600',
- source => 'puppet:///modules/phish_victim_bot/libreoffice-macros-registrymodifications.xcu',
}
-
}
diff --git a/scenarios/labs/cyber_security_landscape/3_phishing.xml b/scenarios/labs/cyber_security_landscape/3_phishing.xml
index 7ae626b56..c71eef8f1 100644
--- a/scenarios/labs/cyber_security_landscape/3_phishing.xml
+++ b/scenarios/labs/cyber_security_landscape/3_phishing.xml
@@ -59,6 +59,7 @@
j.addams
j.baker
j.wilkinson
+ kali
newbie