digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 11:18:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ctf_challenges_merge' into january_19_merge

Browse Source 
# Conflicts:
#	lib/helpers/constants.rb
#	modules/utilities/unix/languages/java_wheezy_compatible/java/spec/spec_helper.rb~upstream_stretch_kde_update
This commit is contained in:
ts
2019-01-11 13:02:39 +00:00
parent 7b2373b1d4 a88ff5e8c3
commit 5bce99b86c
1452 changed files with 82353 additions and 550 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@@ -9,6 +9,7 @@ batch/failed
batch/successful
lib/test/tmp
modules/generators/challenges/exif/secgen_local/tmp.jpg
modules/generators/challenges/compression/zip/secgen_local/archive.zip
modules/generators/challenges/compression/zip/tmp
modules/generators/challenges/image/random_jpg/secgen_local/tmp.jpg
secgen.conf
secgen.conf
modules/encoders/compression/huffman/tmp

11
Gemfile
View File

@@ -22,6 +22,17 @@ gem 'programr', :git => "http://github.com/robertjwhitney/programr.git"
gem 'process_helper'
gem 'ovirt-engine-sdk'
gem 'duplicate'
gem 'smbhash'
gem 'digest-whirlpool'
gem 'digest-siphash'
gem 'scrypt'
gem 'braille', :git => "http://github.com/nicanor/braille.git"
gem 'bases'
gem 'huffman'
gem 'ruby-graphviz'
gem 'rsa'
gem 'gpgmeh'
gem 'digest-sha3', :git => "http://github.com/izetex/digest-sha3-ruby"
#development only gems go here
group :test, :development do

56
Gemfile.lock
View File

@@ -1,3 +1,15 @@
GIT
remote: http://github.com/izetex/digest-sha3-ruby
revision: c266a32868b95349f39a61395ff8c78f98951410
specs:
digest-sha3 (1.1.0)
GIT
remote: http://github.com/nicanor/braille.git
revision: 2c861ea0160d39aa96dc71d2f9779a4f984e0791
specs:
braille (0.1.0)
GIT
remote: http://github.com/robertjwhitney/programr.git
revision: 9885f3870407f57c3e2ca1fe644ed10573629ca6
@@ -7,12 +19,23 @@ GIT
GEM
remote: https://rubygems.org/
specs:
PriorityQueue (0.1.2)
activesupport (5.2.1)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
bases (1.0.2)
bcrypt (3.1.12)
chunky_png (1.3.10)
cinch (2.3.4)
concurrent-ruby (1.0.5)
credy (0.2.1)
thor (~> 0.19.1)
digest-simple (1.1.0)
digest-siphash (1.0.1)
digest-simple
digest-whirlpool (1.0.3)
duplicate (1.1.1)
facter (2.5.1)
faker (1.9.1)
@@ -22,6 +45,10 @@ GEM
faraday_middleware (0.12.2)
faraday (>= 0.7.4, < 1.0)
fast_gettext (1.1.2)
ffi (1.9.25)
ffi-compiler (1.0.1)
ffi (>= 1.0.0)
rake
forgery (0.7.0)
gettext (3.2.9)
locale (>= 2.0.5)
@@ -30,9 +57,16 @@ GEM
fast_gettext (~> 1.1.0)
gettext (>= 3.0.2)
locale
gpgmeh (0.1.6)
activesupport (>= 2.3)
nio4r (~> 2.2)
hiera (3.4.5)
hocon (1.2.5)
httpclient (2.8.3)
huffman (0.0.1)
PriorityQueue
activesupport
ruby-graphviz
i18n (1.1.0)
concurrent-ruby (~> 1.0)
json (2.1.0)
@@ -51,6 +85,7 @@ GEM
minitest (5.11.3)
multi_json (1.13.1)
multipart-post (2.0.0)
nio4r (2.3.1)
nokogiri (1.8.4)
mini_portile2 (~> 2.3.0)
nori (2.6.0)
@@ -81,14 +116,22 @@ GEM
rmagick (2.16.0)
rqrcode (0.10.1)
chunky_png (~> 1.0)
rsa (0.1.4)
rsync (1.0.9)
ruby-graphviz (1.2.3)
rubyzip (1.2.2)
scrypt (3.0.6)
ffi-compiler (>= 1.0, < 2.0)
semantic_puppet (1.0.2)
smbhash (1.0.2)
spidr (0.6.0)
nokogiri (~> 1.3)
sshkey (1.9.0)
text (1.3.1)
thor (0.19.4)
thread_safe (0.3.6)
tzinfo (1.2.5)
thread_safe (~> 0.1)
wordlist (0.1.1)
spidr (~> 0.2)
yard (0.9.16)
@@ -100,12 +143,19 @@ PLATFORMS
ruby
DEPENDENCIES
bases
bcrypt
braille!
cinch
credy
digest-sha3!
digest-siphash
digest-whirlpool
duplicate
faker
forgery
gpgmeh
huffman
librarian-puppet
mini_exiftool_vendored
minitest
@@ -121,6 +171,10 @@ DEPENDENCIES
redcarpet
rmagick
rqrcode
rsa
ruby-graphviz
scrypt
smbhash
sshkey
wordlist
yard
@@ -128,4 +182,4 @@ DEPENDENCIES
zipruby
BUNDLED WITH
1.15.4
1.16.1

2
README.md
View File

@@ -38,7 +38,7 @@ Install all the required packages:
wget https://releases.hashicorp.com/vagrant/1.9.8/vagrant_1.9.8_x86_64.deb
sudo apt install ./vagrant_1.9.8_x86_64.deb
# install other required packages via repos
sudo apt-get install ruby-dev zlib1g-dev liblzma-dev build-essential patch virtualbox ruby-bundler imagemagick libmagickwand-dev exiftool libpq-dev libcurl4-openssl-dev libxml2-dev
sudo apt-get install ruby-dev zlib1g-dev liblzma-dev build-essential patch virtualbox ruby-bundler imagemagick libmagickwand-dev exiftool libpq-dev libcurl4-openssl-dev libxml2-dev graphviz graphviz-dev
```
Copy SecGen to a directory of your choosing, such as */home/user/bin/SecGen*

56
backup-server Normal file
View File

@@ -0,0 +1,56 @@
[{:vm_name => "p-2-4-11-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.6.255", :new_ip_addr => "10.170.92.3"},
{:vm_name => "p-2-4-13-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.10.184", :new_ip_addr => "10.102.157.3"},
{:vm_name => "p-2-4-14-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.2.243", :new_ip_addr => "10.246.254.3"},
{:vm_name => "p-2-4-18-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.77", :new_ip_addr => "10.46.144.3"},
{:vm_name => "p-2-4-23-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.6.65", :new_ip_addr => "10.242.206.3"},
{:vm_name => "p-2-4-24-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.1", :new_ip_addr => "10.116.200.3"},
{:vm_name => "p-2-4-25-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.185", :new_ip_addr => "10.79.15.3"},
{:vm_name => "p-2-4-26-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.132", :new_ip_addr => "10.155.73.3"},
{:vm_name => "p-2-4-29-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.143", :new_ip_addr => "10.70.119.3"},
{:vm_name => "p-2-4-33-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.251", :new_ip_addr => "10.34.92.3"},
{:vm_name => "p-2-4-35-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.8.88", :new_ip_addr => "10.116.129.3"},
{:vm_name => "p-2-4-38-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.2.173", :new_ip_addr => "10.168.45.3"},
{:vm_name => "p-2-4-39-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.12", :new_ip_addr => "10.222.37.3"},
{:vm_name => "p-2-4-40-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.0.206", :new_ip_addr => "10.145.40.3"},
{:vm_name => "p-2-4-42-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.10.31", :new_ip_addr => "10.114.32.3"},
{:vm_name => "p-2-4-46-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.4.92", :new_ip_addr => "10.39.197.3"},
{:vm_name => "p-2-4-47-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.5.181", :new_ip_addr => "10.221.91.3"},
{:vm_name => "p-2-4-4-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.8.223", :new_ip_addr => "10.191.123.3"},
{:vm_name => "p-2-4-50-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.8.151", :new_ip_addr => "10.114.165.3"},
{:vm_name => "p-2-4-52-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.2.190", :new_ip_addr => "10.20.140.3"},
{:vm_name => "p-2-4-54-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.10.166", :new_ip_addr => "10.42.192.3"},
{:vm_name => "p-2-4-57-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.8.108", :new_ip_addr => "10.144.26.3"},
{:vm_name => "p-2-4-58-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.4.28", :new_ip_addr => "10.34.213.3"},
{:vm_name => "p-2-4-59-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.2.22", :new_ip_addr => "10.146.80.3"},
{:vm_name => "p-2-4-61-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.4.157", :new_ip_addr => "10.138.240.3"},
{:vm_name => "p-2-4-64-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.5.123", :new_ip_addr => "10.45.176.3"},
{:vm_name => "p-2-4-65-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.4", :new_ip_addr => "10.192.155.3"},
{:vm_name => "p-2-4-66-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.243", :new_ip_addr => "10.187.209.3"},
{:vm_name => "p-2-4-67-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.158", :new_ip_addr => "10.225.113.3"},
{:vm_name => "p-2-4-71-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.10", :new_ip_addr => "10.163.112.3"},
{:vm_name => "p-2-4-72-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.94", :new_ip_addr => "10.112.148.3"},
{:vm_name => "p-2-4-75-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.6.68", :new_ip_addr => "10.188.110.3"},
{:vm_name => "p-2-4-76-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.162", :new_ip_addr => "10.107.129.3"},
{:vm_name => "p-2-4-77-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.2.112", :new_ip_addr => "10.177.250.3"},
{:vm_name => "p-2-4-78-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.68", :new_ip_addr => "10.162.175.3"},
{:vm_name => "p-2-4-79-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.255", :new_ip_addr => "10.68.201.3"},
{:vm_name => "p-2-4-7-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.9.72", :new_ip_addr => "10.34.30.3"},
{:vm_name => "p-2-4-83-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.181", :new_ip_addr => "10.207.94.3"},
{:vm_name => "p-2-4-86-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.9", :new_ip_addr => "10.232.227.3"},
{:vm_name => "p-2-4-87-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.0.250", :new_ip_addr => "10.106.5.3"},
{:vm_name => "p-2-4-88-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.52", :new_ip_addr => "10.156.195.3"},
{:vm_name => "p-2-4-89-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.29", :new_ip_addr => "10.74.36.3"},
{:vm_name => "p-2-4-8-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.66", :new_ip_addr => "10.210.251.3"},
{:vm_name => "p-2-4-9-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.5.60", :new_ip_addr => "10.210.131.3"}]
Example:
p-2-4-11-iMQL-3-backups-and-recovery-backup-server 172.22.6.255 10.170.92.3
cat /etc/hosts | ssh otherhost "sudo sh -c 'cat >/etc/hosts'" will do the trick.
echo "auto lo\niface lo inet loopback\n\nauto eth0\niface eth0 inet static\n\taddress " + $new_ip_addr | ssh vagrant@$old_ip_addr "sudo sh -c 'cat >/etc/network/interfaces'"

44
desktop_sorted Normal file
View File

@@ -0,0 +1,44 @@
p-2-4-11-iMQL-3-backups-and-recovery-desktop 10.170.92.2
p-2-4-13-iMQL-3-backups-and-recovery-desktop 10.102.157.2
p-2-4-14-iMQL-3-backups-and-recovery-desktop 10.246.254.2
p-2-4-18-iMQL-3-backups-and-recovery-desktop 10.46.144.2
p-2-4-23-iMQL-3-backups-and-recovery-desktop 10.242.206.2
p-2-4-24-iMQL-3-backups-and-recovery-desktop 10.116.200.2
p-2-4-25-iMQL-3-backups-and-recovery-desktop 10.79.15.2
p-2-4-26-iMQL-3-backups-and-recovery-desktop 10.155.73.2
p-2-4-29-iMQL-3-backups-and-recovery-desktop 10.70.119.2
p-2-4-33-iMQL-3-backups-and-recovery-desktop 10.34.92.2
p-2-4-35-iMQL-3-backups-and-recovery-desktop 10.116.129.2
p-2-4-38-iMQL-3-backups-and-recovery-desktop 10.168.45.2
p-2-4-39-iMQL-3-backups-and-recovery-desktop 10.222.37.2
p-2-4-40-iMQL-3-backups-and-recovery-desktop 10.145.40.2
p-2-4-42-iMQL-3-backups-and-recovery-desktop 10.114.32.2
p-2-4-46-iMQL-3-backups-and-recovery-desktop 10.39.197.2
p-2-4-47-iMQL-3-backups-and-recovery-desktop 10.221.91.2
p-2-4-4-iMQL-3-backups-and-recovery-desktop 10.191.123.2
p-2-4-50-iMQL-3-backups-and-recovery-desktop 10.114.165.2
p-2-4-52-iMQL-3-backups-and-recovery-desktop 10.20.140.2
p-2-4-54-iMQL-3-backups-and-recovery-desktop 10.42.192.2
p-2-4-57-iMQL-3-backups-and-recovery-desktop 10.144.26.2
p-2-4-58-iMQL-3-backups-and-recovery-desktop 10.34.213.2
p-2-4-59-iMQL-3-backups-and-recovery-desktop 10.146.80.2
p-2-4-61-iMQL-3-backups-and-recovery-desktop 10.138.240.2
p-2-4-64-iMQL-3-backups-and-recovery-desktop 10.45.176.2
p-2-4-65-iMQL-3-backups-and-recovery-desktop 10.192.155.2
p-2-4-66-iMQL-3-backups-and-recovery-desktop 10.187.209.2
p-2-4-67-iMQL-3-backups-and-recovery-desktop 10.225.113.2
p-2-4-71-iMQL-3-backups-and-recovery-desktop 10.163.112.2
p-2-4-72-iMQL-3-backups-and-recovery-desktop 10.112.148.2
p-2-4-75-iMQL-3-backups-and-recovery-desktop 10.188.110.2
p-2-4-76-iMQL-3-backups-and-recovery-desktop 10.107.129.2
p-2-4-77-iMQL-3-backups-and-recovery-desktop 10.177.250.2
p-2-4-78-iMQL-3-backups-and-recovery-desktop 10.162.175.2
p-2-4-79-iMQL-3-backups-and-recovery-desktop 10.68.201.2
p-2-4-7-iMQL-3-backups-and-recovery-desktop 10.34.30.2
p-2-4-83-iMQL-3-backups-and-recovery-desktop 10.207.94.2
p-2-4-86-iMQL-3-backups-and-recovery-desktop 10.232.227.2
p-2-4-87-iMQL-3-backups-and-recovery-desktop 10.106.5.2
p-2-4-88-iMQL-3-backups-and-recovery-desktop 10.156.195.2
p-2-4-89-iMQL-3-backups-and-recovery-desktop 10.74.36.2
p-2-4-8-iMQL-3-backups-and-recovery-desktop 10.210.251.2
p-2-4-9-iMQL-3-backups-and-recovery-desktop 10.210.131.2

2
lib/batch/batch_secgen.rb
View File

@@ -196,7 +196,7 @@ def start(options)
# execute secgen
puts "Running job_id(#{job_id}): secgen.rb #{secgen_args}"
stdout, stderr, status = Open3.capture3("ruby secgen.rb #{secgen_args}")
stdout, stderr, status = Open3.capture3("bundle exec ruby secgen.rb #{secgen_args}")
# Update job status and back-up paths
if status.exitstatus == 0

11
lib/helpers/blacklist.rb Normal file
View File

@@ -0,0 +1,11 @@
class Blacklist
attr_accessor :blacklisted_words
def initialize
self.blacklisted_words = File.readlines(BLACKLISTED_WORDS_FILE)
self.blacklisted_words.map! { |w| w.strip }
end
def is_blacklisted?(word)
blacklisted_words.include? word
end
end

3
lib/helpers/constants.rb
View File

@@ -42,6 +42,7 @@ DOCUMENTATION_DIR = "#{ROOT_DIR}/documentation/yard/doc"
# Path to resources
WORDLISTS_DIR = "#{ROOT_DIR}/lib/resources/wordlists"
LINELISTS_DIR = "#{ROOT_DIR}/lib/resources/linelists"
BLACKLISTED_WORDS_FILE = "#{ROOT_DIR}/lib/resources/blacklisted_words/blacklist.txt"
IMAGES_DIR = "#{ROOT_DIR}/lib/resources/images"
# Path to build puppet modules
@@ -75,4 +76,4 @@ RETRIES_LIMIT = 10
# Version number of SecGen
# e.g. [release state (0 = alpha, 3 = final release)].[Major bug fix].[Minor bug fix].[Cosmetic or other features]
VERSION_NUMBER = '0.0.1.1'
VERSION_NUMBER = '0.0.1.1'

67
lib/objects/local_hash_encoder.rb Normal file
View File

@@ -0,0 +1,67 @@
#!/usr/bin/ruby
require_relative 'local_string_encoder.rb'
require 'digest'
class HashEncoder < StringEncoder
attr_accessor :salt
attr_accessor :return_salts
attr_accessor :salt_position
def initialize
super
self.module_name = 'Hash Encoder'
self.strings_to_encode = []
self.salt = []
self.return_salts = false
self.salt_position = %w(before after).sample
end
def hash_function(str)
end
def encode_all
self.strings_to_encode.each_with_index do |string, i|
combined_string = string
if self.salt[i]
if salt_position == 'before'
combined_string = self.salt[i] + combined_string
elsif salt_position == 'after'
combined_string = combined_string + self.salt[i]
end
end
self.outputs[i] = hash_function(combined_string)
self.outputs[i] += "\n salt:#{self.salt[i]}" if self.return_salts
end
end
def process_options(opt, arg)
super
if opt == '--salt'
self.salt << arg;
end
if opt == '--return_salts'
self.return_salts = (arg.to_s.downcase == 'true');
end
end
def get_options_array
super + [['--salt', GetoptLong::OPTIONAL_ARGUMENT],
['--return_salts', GetoptLong::OPTIONAL_ARGUMENT]]
end
def encoding_print_string
print_string = 'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
'salt: ' + self.salt.to_s
if self.salt.size > 0
print_string += print_string_padding
print_string += "return_salts: #{self.return_salts.to_s} #{print_string_padding}"
print_string += "salt_position: #{self.salt_position.to_s}"
end
print_string
end
end

26
lib/objects/local_ruby_challenge_generator.rb Normal file
View File

@@ -0,0 +1,26 @@
#!/usr/bin/ruby
require_relative 'local_script_challenge_generator.rb'
class RubyChallengeGenerator < ScriptChallengeGenerator
def initialize
super
self.module_name = 'Ruby Example Script Generator'
end
def pre_challenge_setup
"flag_path = ''
if ARGV[0] and File.directory? ARGV[0]
flag_path = ARGV.shift
if flag_path[-1] != '/'
flag_path += '/'
end
end
flag_path += 'flag'\n"
end
def interpreter_path
'/usr/bin/ruby'
end
end

159
lib/objects/local_script_challenge_generator.rb Normal file
View File

@@ -0,0 +1,159 @@
require 'getoptlong'
require_relative '../helpers/constants'
require 'base64'
# Inherited by local script challenge generators
# stdout used to return value
# use Print.local to print status messages (formatted to stdout)
# A nice side-effect is that each of these modules is also an executable script
class ScriptChallengeGenerator
require_relative '../helpers/print.rb'
attr_accessor :module_name
attr_accessor :has_base64_inputs
attr_accessor :outputs
attr_accessor :difficulty
attr_accessor :challenge_path
# override this
def initialize
# default values
self.module_name = 'Null generator'
self.has_base64_inputs = false
self.outputs = []
self.difficulty = ''
self.challenge_path = ''
end
# override this
def generate
self.outputs << shebang_line + pre_challenge_setup + challenge_content
end
def read_arguments
# Get command line arguments
opts = get_options
# process option arguments
opts.each do |opt, arg|
# Check if base64 decoding is required and set instance variable
if opt == '--b64'
self.has_base64_inputs = true
end
# Decode if required
argument = self.has_base64_inputs ? Base64.strict_decode64(arg) : arg
process_options(opt, argument)
end
end
# Override this when using read_fact's in your module
def get_options
GetoptLong.new(*get_options_array)
end
def get_options_array
[['--help', '-h', GetoptLong::NO_ARGUMENT],
['--b64', GetoptLong::OPTIONAL_ARGUMENT],
['--difficulty', GetoptLong::OPTIONAL_ARGUMENT]]
end
# Override this when using read_fact's in your module. Always call super first
def process_options(opt, arg)
unless option_is_valid(opt)
Print.err "Argument not valid: #{arg}"
usage
exit
end
case opt
when '--help'
usage
when '--b64'
# do nothing
when '--difficulty'
self.difficulty << arg
end
end
def usage
Print.err "Usage:
#{$0} [--options]
"
exit
end
def run
Print.local module_name
read_arguments
Print.local_verbose "Generating..."
generate
# print the first 1000 chars to screen
output = self.outputs.to_s
length = output.length
if self.challenge_path
Print.local_verbose "Selected: #{self.challenge_path}"
end
if length < 1000
Print.local_verbose "Generated: #{output}..."
else
Print.local_verbose "Generated: #{output.to_s[0..1000]}..."
Print.local_verbose "(Displaying 1000/#{length} length output)"
end
puts has_base64_inputs ? base64_encode_outputs : self.outputs
end
def base64_encode_outputs
self.outputs.map { |o| Base64.strict_encode64 o }
end
def option_is_valid(opt_to_check)
arg_validity = false
valid_arguments = get_options_array
valid_arguments.each{ |valid_arg_array|
valid_arg_array.each_with_index { |valid_arg|
if valid_arg == opt_to_check
arg_validity = true
end
}
}
arg_validity
end
# override me with setup content
def pre_challenge_setup
end
# For non-randomised difficulty override me with challenge content
def challenge_content
randomise_by_difficulty ? select_by_difficulty(randomise_by_difficulty) : ''
end
# Override me with a generator's '__FILE__' path for difficulty based selection.
# Files will be selected from the generators secgen_local/ directory based on the difficulty
# i.e. 'medium' will select any file that satisfies generators/etc/module_name/secgen_local/medium.*.rb
def randomise_by_difficulty
false
end
def select_by_difficulty(path)
self.challenge_path = Dir.glob(File.dirname(path) + '/' + difficulty + '*').sample
File.read(ROOT_DIR + '/' + self.challenge_path)
end
# override me with a string containing the interpreter path e.g. "/bin/bash"
def interpreter_path
end
def shebang_line
"#!/usr/local/bin/suid #{interpreter_path} --\n"
end
end

39
lib/objects/local_string_encoder.rb
View File

@@ -40,6 +40,21 @@ class StringEncoder
def read_arguments
# Get command line arguments
Print.local 'Reading args from STDIN'
if ARGV.size == 0
begin
args_array = []
ARGF.each do |arg|
arg.strip.split(' ').each do |split|
args_array << split
end
end
ARGV.unshift(*args_array)
rescue
# Do nothing...
end
end
opts = get_options
# process option arguments
@@ -101,6 +116,7 @@ class StringEncoder
Print.local module_name
read_arguments
enforce_utf8
Print.local_verbose "Encoding '#{encoding_print_string}'"
encode_all
@@ -115,6 +131,29 @@ class StringEncoder
Print.local_verbose "(Displaying 1000/#{length} length output)"
end
enforce_utf8
print_outputs
end
# Encode local instance variables as UTF-8
def enforce_utf8
self.instance_variables.each do |iv|
iv_value = self.instance_variable_get(iv)
if iv_value.is_a? Array
utf8 = []
iv_value.map {|element|
if element.is_a? String
utf8 << element.force_encoding('UTF-8')
end
}
self.instance_variable_set(iv, utf8)
elsif iv_value.is_a? String
self.instance_variable_set(iv, iv_value.force_encoding('UTF-8'))
end
end
end
def print_outputs
puts has_base64_inputs ? base64_encode_outputs : self.outputs
end

24
lib/objects/local_string_generator.rb
View File

@@ -30,6 +30,21 @@ class StringGenerator
def read_arguments
# Get command line arguments
Print.local 'Reading args from STDIN'
if ARGV.size == 0
begin
args_array = []
ARGF.each do |arg|
arg.strip.split(' ').each do |split|
args_array << split
end
end
ARGV.unshift(*args_array)
rescue
# Do nothing...
end
end
opts = get_options
# process option arguments
@@ -98,6 +113,15 @@ class StringGenerator
Print.local_verbose "(Displaying 1000/#{length} length output)"
end
enforce_utf8(self.outputs)
print_outputs
end
def enforce_utf8(values)
values.map { |o| o.force_encoding('UTF-8') }
end
def print_outputs
puts has_base64_inputs ? base64_encode_outputs : self.outputs
end

17
lib/objects/system.rb
View File

@@ -306,28 +306,31 @@ class System
if selected.local_calc_file
Print.verbose 'Module includes local calculation of output. Processing...'
# build arguments
args_string = '--b64 ' # Sets the flag for decoding base64
args_string = "--b64 " # Sets the flag for decoding base64
selected.received_inputs.each do |input_key, input_values|
puts input_values.inspect
input_values.each do |input_element|
if input_key == ''
Print.warn "Warning: output values not directed to module input"
else
args_string += "'--#{input_key}=#{Base64.strict_encode64(input_element)}' "
args_string += "--#{input_key}=#{Base64.strict_encode64(input_element)} "
end
end
end
# execute calculation script and format output to an array of Base64 strings
command = "ruby #{selected.local_calc_file} #{args_string}"
Print.verbose "Running: #{command}"
outputs = `#{command}`.chomp
unless $?.success?
Print.verbose "Running: ruby #{selected.local_calc_file} #{args_string[0..200]} ..."
command = "bundle exec ruby #{selected.local_calc_file}"
stdout, stderr, status = Open3.capture3(command, :stdin_data => args_string)
puts stderr
outputs = stdout.chomp
unless status
Print.err "Module failed to run (#{command})"
# TODO: this works, but subsequent attempts at resolving the scenario always fail ("Error can't add no data...")
raise 'failed'
end
output_array = outputs.split("\n")
selected.output = output_array.map { |o| Base64.strict_decode64 o }
selected.output = output_array.map { |o| (Base64.strict_decode64 o).force_encoding('UTF-8') }
end
# store the output of the module into a datastore, if specified

1703
lib/resources/blacklisted_words/blacklist.txt Normal file
View File

File diff suppressed because it is too large Load Diff

8
lib/schemas/encoder_metadata_schema.xsd
View File

@@ -11,6 +11,13 @@
<xs:enumeration value="windows"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="difficultyOptions">
<xs:restriction base="xs:string">
<xs:enumeration value="low"/>
<xs:enumeration value="medium"/>
<xs:enumeration value="high"/>
</xs:restriction>
</xs:simpleType>
<xs:element name="encoder">
<xs:complexType>
@@ -32,6 +39,7 @@
<xs:element name="platform" type="platformOptions" minOccurs="1" maxOccurs="unbounded"/>
<!--optional details-->
<xs:element name="difficulty" type="difficultyOptions" minOccurs="0" maxOccurs="1"/>
<xs:element name="reference" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="software_name" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="software_license" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>

1
lib/schemas/scenario_schema.xsd
View File

@@ -125,6 +125,7 @@
<xs:attribute name="description" type="xs:string"/>
<xs:attribute name="type" type="xs:string"/>
<xs:attribute name="platform" type="xs:string"/>
<xs:attribute name="difficulty" type="xs:string"/>
<xs:attribute name="read_fact" type="xs:string"/>

28
lib/schemas/vulnerability_metadata_schema.xsd
View File

@@ -41,6 +41,16 @@
<xs:enumeration value="high"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="challengeTypeOptions">
<xs:restriction base="xs:string">
<xs:enumeration value="crypto"/>
<xs:enumeration value="web"/>
<xs:enumeration value="reverse"/>
<xs:enumeration value="forensic"/>
<xs:enumeration value="pwn"/>
<xs:enumeration value="misc"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="CVEregexp">
<xs:restriction base="xs:string">
<xs:pattern value="CVE-[0-9]{4}-[0-9]{1,39}"/>
@@ -114,11 +124,15 @@
<xs:attribute name="access" type="xs:string"/>
<xs:attribute name="platform" type="xs:string"/>
<!--optional challenge details-->
<xs:attribute name="challenge_type" type="xs:string"/>
<xs:attribute name="challenge_subtype" type="xs:string"/>
<xs:attribute name="difficulty" type="xs:string"/>
<!--optional vulnerability inputs-->
<xs:attribute name="read_fact" type="xs:string"/>
<!--optional vulnerability details-->
<xs:attribute name="difficulty" type="xs:string"/>
<xs:attribute name="cve" type="xs:string"/>
<xs:attribute name="cvss_base_score" type="xs:string"/>
<xs:attribute name="cvss_vector" type="xs:string"/>
@@ -186,12 +200,16 @@
<xs:element name="access" type="accessOptions" minOccurs="1" maxOccurs="1"/>
<xs:element name="platform" type="platformOptions" minOccurs="1" maxOccurs="1"/>
<!--optional challenge details-->
<xs:element name="challenge_type" type="challengeTypeOptions" minOccurs="0" maxOccurs="1"/>
<xs:element name="challenge_subtype" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="difficulty" type="difficultyOptions" minOccurs="0" maxOccurs="1"/>
<!--optional input values-->
<xs:element name="read_fact" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="default_input" type="InputElements" minOccurs="0" maxOccurs="unbounded" />
<!--optional vulnerability details-->
<xs:element name="difficulty" type="difficultyOptions" minOccurs="0" maxOccurs="1"/>
<xs:element name="cve" type="CVEregexp" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="cvss_base_score" type="oneDecimalPlace" minOccurs="0" maxOccurs="1"/>
<xs:element name="cvss_vector" type="CVSSregexp" minOccurs="0" maxOccurs="1"/>
@@ -223,7 +241,10 @@
<xs:element name="access" type="accessOptions" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="platform" type="platformOptions" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="challenge_type" type="challengeTypeOptions" minOccurs="0" maxOccurs="1"/>
<xs:element name="challenge_subtype" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="difficulty" type="difficultyOptions" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="cve" type="CVEregexp" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="cvss_base_score" type="oneDecimalPlace" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="cvss_vector" type="CVSSregexp" minOccurs="0" maxOccurs="unbounded"/>
@@ -257,7 +278,10 @@
<xs:element name="access" type="accessOptions" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="platform" type="platformOptions" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="challenge_type" type="challengeTypeOptions" minOccurs="0" maxOccurs="1"/>
<xs:element name="challenge_subtype" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="difficulty" type="difficultyOptions" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="cve" type="CVEregexp" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="cvss_base_score" type="oneDecimalPlace" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="cvss_vector" type="CVSSregexp" minOccurs="0" maxOccurs="unbounded"/>

2
lib/templates/Puppetfile.erb
View File

@@ -8,7 +8,7 @@
forge "https://forgeapi.puppetlabs.com"
mod 'puppetlabs-stdlib', '4.18.0', :path => '<%= STDLIB_PUPPET_DIR %>' # stdlib enables parsejson() in manifests and other useful functions
mod 'puppetlabs-stdlib', '4.24.0' # stdlib enables parsejson() in manifests and other useful functions
mod 'SecGen-secgen_functions', :path => '<%= SECGEN_FUNCTIONS_PUPPET_DIR %>'
<% @currently_processing_system.module_selections.each do |selected_module| -%>

2
modules/bases/debian_stretch/secgen_metadata.xml
View File

@@ -18,4 +18,4 @@
<ovirt_template>debian_stretch_server_291118</ovirt_template>
<software_license>various</software_license>
</base>
</base>

22
modules/bases/ubuntu_xenial_64/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,22 @@
<?xml version="1.0"?>
<base xmlns="http://www.github/cliffe/SecGen/base"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/base">
<name>Ubuntu Xenial 16.04 LTS 64-bit Server by puppetlabs</name>
<author>Thomas Shaw</author>
<module_license>GPLv3</module_license>
<description>TODO </description>
<cpu_word_size>64-bit</cpu_word_size>
<type>server</type>
<type>cli</type>
<platform>linux</platform>
<platform>unix</platform>
<distro>Ubuntu Xenial 16.04 LTS</distro>
<url>https://app.vagrantup.com/puppetlabs/boxes/ubuntu-16.04-64-puppet/versions/1.0.0/providers/virtualbox.box</url>
<ovirt_template>debian_server</ovirt_template>
<reference>https://atlas.hashicorp.com/puppetlabs</reference>
<software_license>various</software_license>
</base>

29
modules/build/puppet/secgen_functions/manifests/compile_binary_module.pp Normal file
View File

@@ -0,0 +1,29 @@
# Install function for setgid binaries
# -- Modules calling this function must provide a Makefile and any .c files within it's <module_name>/files directory
define secgen_functions::compile_binary_module (
$source_module_name, # Name of the module that calls this function
$binary_directory, # Output path of the compiled binary
$challenge_name, # Name of the challenge / binary
) {
ensure_packages('build-essential')
ensure_packages('gcc-multilib')
$modules_source = "puppet:///modules/$source_module_name"
# Move contents of the module's files directory into compile directory
file { "create-$binary_directory-$source_module_name":
path => $binary_directory,
ensure => directory,
recurse => true,
source => $modules_source,
}
# Build the binary with gcc
exec { "gcc_$challenge_name-$binary_directory":
cwd => $binary_directory,
command => "/usr/bin/make",
require => File["create-$binary_directory-$source_module_name"]
}
}

6
modules/build/puppet/secgen_functions/manifests/create_directory.pp Normal file
View File

@@ -0,0 +1,6 @@
define secgen_functions::create_directory($res='create-dir', $path){
exec { "secgen_create_directory_$res":
path => '/bin:/sbin:/usr/bin:/usr/sbin',
command => "mkdir -p $path"
}
}

83
modules/build/puppet/secgen_functions/manifests/install_setgid_binary.pp Normal file
View File

@@ -0,0 +1,83 @@
# Install function for setgid binaries
# -- Modules calling this function must provide a Makefile and any .c files within it's <module_name>/files directory
define secgen_functions::install_setgid_binary (
$challenge_name, # Challenge name, used for the wrapper-directory
$source_module_name, # Name of the module that calls this function
$group, # Name of group
$account, # User account
$flag, # ctf flag string
$flag_name, # ctf flag name
$binary_path = '', # Optional : Provide the path to a binary file that has already been compiled
$storage_dir = '', # Optional: Storage directory (takes precedent if supplied, e.g. nfs / smb share dir)
$strings_to_leak = [''], # Optional: strings to leak (could contain instructions or a message)
) {
ensure_packages(['build-essential','gcc-multilib'])
if !$account {
err('install: account is required for setgid challenges')
fail
}
if $account {
$username = $account['username']
ensure_resource('parameterised_accounts::account', "parameterised_$username",
{ "username" => $account['username'],
"password" => $account['password'],
"super_user" => str2bool($account['super_user']),
"strings_to_leak" => $account['strings_to_leak'],
"leaked_filenames" => $account['leaked_filenames'], })
if $storage_dir {
$storage_directory = $storage_dir
} else {
$storage_directory = "/home/$username"
}
$challenge_directory = "$storage_directory/$challenge_name"
$modules_source = "puppet:///modules/$source_module_name"
if $binary_path == '' {
$outer_bin_path = "/tmp/$challenge_name"
$bin_path = "$outer_bin_path/$challenge_name"
::secgen_functions::compile_binary_module { "compile-$source_module_name-$challenge_name":
source_module_name => $source_module_name,
binary_directory => $outer_bin_path,
challenge_name => $challenge_name,
notify => Secgen_functions::Create_directory["create_$challenge_directory"]
}
} else {
$bin_path = $binary_path
}
ensure_resource('group', $group, { 'ensure' => 'present' })
# Create challenge directory
ensure_resource('file', $storage_directory, { 'ensure' => 'directory'})
ensure_resource('file', $challenge_directory, { 'ensure' => 'directory'})
# Move the compiled binary into the challenge directory
file { "$challenge_directory/$challenge_name":
ensure => present,
owner => 'root',
group => $group,
mode => '2771',
source => $bin_path,
require => File[$challenge_directory]
}
# Drop the flag file on the box and set permissions
::secgen_functions::leak_files { "$challenge_directory/$challenge_name-flag-leak":
storage_directory => "$challenge_directory",
leaked_filenames => [$flag_name],
strings_to_leak => [$flag],
owner => 'root',
group => $group,
mode => '0440',
leaked_from => "$source_module_name/$challenge_name",
require => [Group[$group], File["$challenge_directory/$challenge_name"]],
}
}

96
modules/build/puppet/secgen_functions/manifests/install_setgid_script.pp Normal file
View File

@@ -0,0 +1,96 @@
# Install function for setgid binaries
# -- usage depends on utilities/accounts and utilities/xinetd so ensure they are included as requirements
# TODO: this is probably a poor way of doing this - can we automate it?
define secgen_functions::install_setgid_script (
$challenge_name, # Challenge name, used for the wrapper-directory
$script_name, # Script filename
$script_data, # Script data
$source_module_name, # Name of the module that calls this function
$group, # Name of group
$account, # User account
$flag, # ctf flag string
$flag_name = 'flag', # ctf flag name
$port, # Optional: script will be run on network port using xinetd
$storage_directory = '', # Optional: Storage directory (takes precedent if supplied, e.g. nfs / smb share dir)
$strings_to_leak = [''], # Optional: strings to leak (could contain instructions or a message)
) {
ensure_packages(['build-essential','gcc-multilib'])
if $group and $group[0] {
$grp = $group[0]
} else {
$grp = $challenge_name
}
if $account and $account[0] and $account[0] != ''{
$acc = parsejson($account[0])
$username = $acc['username']
::accounts::user { $username:
shell => '/bin/bash',
password => pw_hash($acc['password'], 'SHA-512', 'mysalt'),
managehome => true,
home_mode => '0755',
}
$storage_dir = "/home/$username"
} elsif $storage_directory and $storage_directory[0]{
$storage_dir = $storage_directory[0]
$username = 'root'
} else {
err('install: either account or storage_dir is required')
fail
}
$challenge_directory = "$storage_dir/$challenge_name"
$modules_source = "puppet:///modules/$source_module_name"
group { $grp:
ensure => present,
}
# Create challenge directory
::secgen_functions::create_directory { "create_$challenge_directory":
path => $challenge_directory,
notify => File["$challenge_directory/$script_name"],
}
# Move the compiled binary into the challenge directory
file { "$challenge_directory/$script_name":
ensure => present,
owner => 'root',
group => $grp,
mode => '2775',
content => $script_data,
require => Group[$grp],
}
# Drop the flag file on the box and set permissions
::secgen_functions::leak_files { "$username-file-leak":
storage_directory => "$challenge_directory",
leaked_filenames => [$flag_name],
strings_to_leak => [$flag[0]],
owner => 'root',
group => $grp,
mode => '0440',
leaked_from => "$source_module_name-$module_name",
require => Group[$grp],
}
if $port and $port[0] {
$p = $port[0]
notice("Running $challenge_name on port $p (dir: $challenge_directory")
xinetd::service { "xinetd_$challenge_name":
port => $p,
server => "$challenge_directory/$script_name",
require => File["$challenge_directory/$script_name"],
service_type => 'UNLISTED',
server_args => $challenge_directory,
user => $username,
group => $grp,
}
}
}

59
modules/build/puppet/secgen_functions/manifests/install_setuid_root_binary.pp
View File

@@ -4,25 +4,18 @@
define secgen_functions::install_setuid_root_binary (
$challenge_name, # Challenge name, used for the wrapper-directory
$source_module_name, # Name of the module that calls this function
$gcc_output_binary_name, # Temporary name of the binary output by gcc when when /bin/make runs the Makefile
$challenge_binary_name, # Renamed binary on copy to challenge directory, could differ from above
$account, # User account (leak here if $storage_directory is not supplied)
$flag, # ctf flag string
$storage_dir = [''], # Optional: Storage directory (takes precedent if supplied, e.g. nfs / smb share dir)
$flag_name, # ctf flag name
$storage_dir = '', # Optional: Storage directory (takes precedent if supplied, e.g. nfs / smb share dir)
$strings_to_leak = [''], # Optional: strings to leak (could contain instructions or a message)
) {
ensure_packages('build-essential')
ensure_packages('gcc-multilib')
# Use either storage directory or account's home directory. storage_directory takes precedent
if $storage_dir[0] != '' {
$storage_directory = $storage_dir[0]
$leaked_filenames = ["$challenge_name-instructions"]
} elsif $account {
if $account {
$username = $account['username']
$storage_directory = "/home/$username"
$leaked_filenames = $account['leaked_filenames']
::accounts::user { $username:
shell => '/bin/bash',
@@ -30,8 +23,9 @@ define secgen_functions::install_setuid_root_binary (
managehome => true,
home_mode => '0755',
}
$storage_directory = "/home/$username"
} else {
err('dc16_amadhj::install: Either storage_directory or account is required')
err('install: either account or storage_dir is required')
fail
}
@@ -40,54 +34,51 @@ define secgen_functions::install_setuid_root_binary (
$modules_source = "puppet:///modules/$source_module_name"
# Create challenge directory
file { $challenge_directory:
ensure => directory,
::secgen_functions::create_directory { "create_$challenge_directory":
path => $challenge_directory,
notify => File["create_$compile_directory"],
}
# Move contents of the module's files directory into compile directory
file { $compile_directory:
file { "create_$compile_directory":
path => $compile_directory,
ensure => directory,
recurse => true,
source => $modules_source,
notify => Exec["gcc_$gcc_output_binary_name-$compile_directory"],
}
# Build the binary with gcc
exec { "gcc_$gcc_output_binary_name-$compile_directory":
exec { "gcc_$challenge_name-$compile_directory":
cwd => $compile_directory,
command => "/usr/bin/make",
require => [File[$challenge_directory, $compile_directory], Package['build-essential', 'gcc-multilib']]
require => [File["create_$compile_directory"], Package['build-essential', 'gcc-multilib']]
}
# Move the compiled binary into the challenge directory
file { "$challenge_directory/$challenge_binary_name":
file { "$challenge_directory/$challenge_name":
ensure => present,
owner => 'root',
group => 'root',
mode => '4755',
source => "$compile_directory/$gcc_output_binary_name",
require => Exec["gcc_$gcc_output_binary_name-$compile_directory"],
source => "$compile_directory/$challenge_name",
require => Exec["gcc_$challenge_name-$compile_directory"],
}
# Drop the flag file on the box and set permissions
file { "$challenge_directory/flag":
ensure => present,
content => $flag,
mode => '0600',
require => Exec["gcc_$gcc_output_binary_name-$compile_directory"],
::secgen_functions::leak_files { "$username-file-leak":
storage_directory => "$challenge_directory",
leaked_filenames => [$flag_name],
strings_to_leak => [$flag],
owner => 'root',
mode => '0400',
leaked_from => "accounts_$username",
require => Exec["gcc_$challenge_name-$compile_directory"],
notify => Exec["remove_$compile_directory"],
}
# Remove compile directory
exec { "remove_$compile_directory":
command => "/bin/rm -rf $compile_directory",
require => File["$challenge_directory/$challenge_binary_name", "$challenge_directory/flag"]
}
# Leak messages / instructions in a text file in the storage directory / home directory
::secgen_functions::leak_files { "$challenge_directory-strings_to_leak":
storage_directory => $challenge_directory,
leaked_filenames => $leaked_filenames,
strings_to_leak => $strings_to_leak,
leaked_from => $source_module_name,
require => [File["$challenge_directory/$challenge_name"]]
}
}

50
modules/build/puppet/secgen_functions/manifests/leak_data.pp Normal file
View File

@@ -0,0 +1,50 @@
define secgen_functions::leak_data (
$data_to_leak = [],
$storage_directory,
$owner = 'root',
$group = 'root',
$mode = '0660',
$leaked_from = ''
) {
$data_to_leak.each |$i, $data_element| {
if "secgen_leaked_data" in $data_element {
$secgen_leaked_data = parsejson($data_element)
$data = $secgen_leaked_data['secgen_leaked_data']['data']
$filename = $secgen_leaked_data['secgen_leaked_data']['filename']
$ext = $secgen_leaked_data['secgen_leaked_data']['ext']
$subdirectory = $secgen_leaked_data['secgen_leaked_data']['subdirectory']
if $ext != '' {
$full_filename = "$filename.$ext"
} else {
$full_filename = $filename
}
$storage_dir = "$storage_directory/$subdirectory"
$path_to_leak = "$storage_dir/$full_filename"
$leaked_file_resource = "$leaked_from-$path_to_leak"
unless $subdirectory == '' {
::secgen_functions::create_directory { "create-$storage_dir-$i":
res => "create-$storage_dir-$i",
path => $storage_dir,
notify => File[$path_to_leak]
}
}
file { $path_to_leak:
ensure => present,
owner => $owner,
group => $group,
mode => $mode,
content => base64('decode', $data)
}
} else {
fail("Invalid data!")
}
}
}

48
modules/build/puppet/secgen_functions/manifests/leak_files.pp
View File

@@ -6,33 +6,33 @@ define secgen_functions::leak_files($leaked_filenames=[], $storage_directory, $s
# Pair strings with the leaked_filenames and leak them.
$string_leak_pairs = zip($strings_to_leak, $leaked_filenames)
$string_leak_pairs.each |$counter, $leak_pair| {
$leaked_strings = $leak_pair[0]
$leaked_filename = $leak_pair[1]
$leaked_strings = $leak_pair[0]
$leaked_filename = $leak_pair[1]
# until we run out of filenames, create a new file per string
unless $leaked_filename == undef {
$leaked_file_resource = "$leaked_from-$leaked_filename-$counter"
secgen_functions::leak_file { $leaked_file_resource:
leaked_filename => $leaked_filename,
storage_directory => $storage_directory,
strings_to_leak => $leaked_strings,
owner => $owner,
mode => $mode,
}
} else {
# Then just add to first file.
$first_filename = $leaked_filenames[0]
$leaked_file_resource = "$leaked_from-$first_filename-$counter"
secgen_functions::leak_file { $leaked_file_resource:
leaked_filename => $first_filename,
storage_directory => $storage_directory,
strings_to_leak => $leaked_strings,
owner => $owner,
mode => $mode,
leaked_from => $leaked_file_resource, # pass this in when appending to avoid resource clashes
}
# until we run out of filenames, create a new file per string
unless $leaked_filename == undef {
$leaked_file_resource = "$leaked_from-$leaked_filename-$counter"
secgen_functions::leak_file { $leaked_file_resource:
leaked_filename => $leaked_filename,
storage_directory => $storage_directory,
strings_to_leak => $leaked_strings,
owner => $owner,
mode => $mode,
}
} else {
# Then just add to first file.
$first_filename = $leaked_filenames[0]
$leaked_file_resource = "$leaked_from-$first_filename-$counter"
secgen_functions::leak_file { $leaked_file_resource:
leaked_filename => $first_filename,
storage_directory => $storage_directory,
strings_to_leak => $leaked_strings,
owner => $owner,
mode => $mode,
leaked_from => $leaked_file_resource, # pass this in when appending to avoid resource clashes
}
}
}
# Leak images with name image#{$counter}.png
# First file is image1.png not image0.png

0
modules/encoders/string/base64/base64.pp → modules/encoders/bases/base64/base64.pp
View File

0
modules/encoders/string/base64/manifests/.no_puppet → modules/encoders/bases/base64/manifests/.no_puppet
View File

0
modules/encoders/string/base64/secgen_local/local.rb → modules/encoders/bases/base64/secgen_local/local.rb
View File

1
modules/encoders/string/base64/secgen_metadata.xml → modules/encoders/bases/base64/secgen_metadata.xml
View File

@@ -13,6 +13,7 @@
<type>alpha_reversible</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>low</difficulty>
<solution>Encoded using Base64. Decoding tools available online e.g. https://www.base64decode.org/</solution>

1
modules/encoders/cipher/ascii_value_shift/secgen_metadata.xml
View File

@@ -16,6 +16,7 @@
<type>ascii_reversible</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>medium</difficulty>
<hint>Encoded with a rotation cipher based on the ASCII value using a random key. Uses the 94 printable ascii
characters.

0
modules/generators/challenges/bitwise_xor/manifests/.no_puppet → modules/encoders/cipher/asymmetric_decrypt/simple_gpg/manifests/.no_puppet
View File

81
modules/encoders/cipher/asymmetric_decrypt/simple_gpg/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,81 @@
#!/usr/bin/ruby
require_relative '../../../../../../lib/objects/local_string_encoder.rb'
require 'json'
require 'open3'
require 'fileutils'
class SimpleGPGDecrypt < StringEncoder
attr_accessor :gpg_key_pair
attr_accessor :tmp_path
attr_accessor :subdirectory
def initialize
super
self.module_name = 'Simple SSH Decryption Challenge'
self.subdirectory = ''
self.gpg_key_pair = {}
self.tmp_path = File.expand_path(File.dirname(__FILE__)).split("/")[0...-1].join('/') + '/tmp/'
Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
self.tmp_path += Time.new.strftime("%Y%m%d_%H%M%S")
Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
end
def encode_all
begin
public_ascii = self.gpg_key_pair['public']
private_ascii = self.gpg_key_pair['private']
# save strings_to_encode to a file
File.open("#{self.tmp_path}/ciphertext", "w+") do |file|
self.strings_to_encode.each do |line|
file.write(line + "\n")
end
file.close
end
# Save ascii pubkey to file
File.open("#{self.tmp_path}/pub_key", "w+") do |file|
file.write(public_ascii)
end
# generate a binary key file from our ascii input and save it in ../tmp/binary_pub.key.
_, _, _ = Open3.capture3("gpg --dearmor #{self.tmp_path}/pub_key")
# Use the binary key to encode some cipher text
_, _, _ = Open3.capture3("gpg --no-default-keyring --keyring #{self.tmp_path}/pub_key.gpg --trust-model always -ear secgen@localhost #{self.tmp_path}/ciphertext")
# Read the ciphertext.asc file in and feed it into the outputs
ciphertext = File.read("#{self.tmp_path}/ciphertext.asc")
self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(ciphertext), :filename => 'cipher', :ext => 'txt', :subdirectory => self.subdirectory}}.to_json
self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(private_ascii), :filename => 'private', :ext => 'key', :subdirectory => self.subdirectory}}.to_json
ensure
# Delete the local key files to avoid batch clashes
FileUtils.rm_r self.tmp_path
end
end
def process_options(opt, arg)
super
case opt
when '--subdirectory'
self.subdirectory << arg;
when '--gpg_key_pair'
self.gpg_key_pair = JSON.parse(arg);
end
end
def get_options_array
super + [['--subdirectory', GetoptLong::REQUIRED_ARGUMENT],
['--gpg_key_pair', GetoptLong::REQUIRED_ARGUMENT]]
end
def encoding_print_string
'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
'subdirectory: ' + self.subdirectory.to_s + print_string_padding +
'gpg_key_pair: ' + self.gpg_key_pair.to_json
end
end
SimpleGPGDecrypt.new.run

41
modules/encoders/cipher/asymmetric_decrypt/simple_gpg/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,41 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>Simple GPG Decryption Challenge</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Returns a private key and some encrypted ciphertext.</description>
<type>asymmetric</type>
<type>asymmetric_cipher</type>
<type>challenge_generator</type>
<type>crypto_challenge_generator</type>
<type>local_calculation</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>gpg_key_pair</read_fact>
<read_fact>subdirectory</read_fact>
<default_input into="strings_to_encode">
<generator type="flag_generator"/>
<generator type="message_generator"/>
<generator type="message_generator"/>
<generator type="message_generator"/>
</default_input>
<default_input into="gpg_key_pair">
<generator type="gpg_key_pair"/>
</default_input>
<default_input into="subdirectory">
<generator type="challenges"/>
</default_input>
<output_type>array</output_type>
</encoder>

0
modules/generators/challenges/bitwise_xor/bitwise_xor.pp → modules/encoders/cipher/asymmetric_decrypt/simple_gpg/simple_gpg.pp
View File

0
modules/generators/flag/flag_words/random_word.pp → modules/encoders/cipher/asymmetric_decrypt/simple_ssh/manifests/.no_puppet
View File

83
modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,83 @@
#!/usr/bin/ruby
require_relative '../../../../../../lib/objects/local_string_encoder.rb'
require 'json'
require 'open3'
require 'fileutils'
require 'openssl'
class SimpleSSHDecrypt < StringEncoder
attr_accessor :ssh_key_pair
attr_accessor :tmp_path
attr_accessor :subdirectory
def initialize
super
self.module_name = 'Simple SSH Decryption Challenge'
self.subdirectory = ''
self.ssh_key_pair = {}
self.tmp_path = File.expand_path(File.dirname(__FILE__)).split("/")[0...-1].join('/') + '/tmp/'
Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
self.tmp_path += Time.new.strftime("%Y%m%d_%H%M%S")
Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
end
def encode_all
begin
private_ascii = self.ssh_key_pair['private']
privkey_path = "#{self.tmp_path}/id_rsa"
pubkey_pem_path = "#{self.tmp_path}/id_rsa.pem.pub"
strings_to_encode_path = "#{self.tmp_path}/strings_to_encode"
ciphertext_path = "#{self.tmp_path}/ciphertext"
# save strings_to_encode to a file
File.open(strings_to_encode_path, "w+") do |file|
self.strings_to_encode.each do |line|
file.write(line)
end
file.close
end
# Save ascii privkey to file
File.open(privkey_path, "w+") do |file|
file.write(private_ascii.chomp)
end
# Convert public key to PEM so OpenSSL can consume it
_, _, _ = Open3.capture3("openssl rsa -in #{privkey_path} -pubout > #{pubkey_pem_path}")
# Encrypt text data
_, _, _ = Open3.capture3("cat #{strings_to_encode_path} | openssl rsautl -encrypt -pubin -inkey #{pubkey_pem_path} > #{ciphertext_path}")
self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(File.binread(ciphertext_path)), :filename => 'cipher', :ext => 'txt', :subdirectory => self.subdirectory}}.to_json
self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(File.binread(privkey_path)), :filename => 'id_rsa', :ext => '', :subdirectory => self.subdirectory}}.to_json
ensure
# Delete the local key files to avoid batch clashes
FileUtils.rm_r self.tmp_path
end
end
def process_options(opt, arg)
super
case opt
when '--subdirectory'
self.subdirectory << arg;
when '--ssh_key_pair'
self.ssh_key_pair = JSON.parse(arg);
end
end
def get_options_array
super + [['--subdirectory', GetoptLong::REQUIRED_ARGUMENT],
['--ssh_key_pair', GetoptLong::REQUIRED_ARGUMENT]]
end
def encoding_print_string
'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
'subdirectory: ' + self.subdirectory.to_s + print_string_padding +
'ssh_key_pair: ' + self.ssh_key_pair.to_json
end
end
SimpleSSHDecrypt.new.run

41
modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,41 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>Simple SSH Decryption Challenge</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Returns a private key and some encrypted ciphertext.</description>
<type>asymmetric</type>
<type>asymmetric_cipher</type>
<type>challenge_generator</type>
<type>crypto_challenge_generator</type>
<type>local_calculation</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>ssh_key_pair</read_fact>
<read_fact>subdirectory</read_fact>
<default_input into="strings_to_encode">
<generator type="flag_generator"/>
<generator type="message_generator"/>
<generator type="message_generator"/>
<generator type="message_generator"/>
</default_input>
<default_input into="ssh_key_pair">
<generator type="ssh_key_pair"/>
</default_input>
<default_input into="subdirectory">
<generator type="challenges"/>
</default_input>
<output_type>array</output_type>
</encoder>

0
modules/encoders/cipher/asymmetric_decrypt/simple_ssh/simple_ssh.pp Normal file
View File

0
modules/encoders/cipher/bitwise_xor/bitwise_xor.pp Normal file
View File

0
modules/encoders/cipher/bitwise_xor/manifests/.no_puppet Normal file
View File

33
modules/generators/challenges/bitwise_xor/secgen_local/local.rb → modules/encoders/cipher/bitwise_xor/secgen_local/local.rb
View File

@@ -8,19 +8,17 @@
require_relative '../../../../../lib/objects/local_string_encoder.rb'
class BitwiseXORChallengeGenerator < StringEncoder
attr_accessor :string_to_mask
def initialize
super
self.module_name = 'Bitwise XOR Challenge Generator'
self.string_to_mask = ''
end
def encode_all
number_of_bytes = self.string_to_mask.length
def encode(str)
number_of_bytes = str.length
# String A: Convert input that we're hiding into binary
binary_string_to_mask = self.string_to_mask.unpack('B*')[0]
binary_string_to_mask = str.unpack('B*')[0]
# String B: Generate bitstream
generated_bit_stream = []
@@ -29,34 +27,19 @@ class BitwiseXORChallengeGenerator < StringEncoder
end
generated_bit_stream = generated_bit_stream.join
# Add String B to self.outputs
self.outputs << generated_bit_stream
# bitwise xor
decimal_result = binary_string_to_mask.to_i(2) ^ generated_bit_stream.to_i(2)
# Turn decimal result back into a string of bits
binary_string_c = decimal_result.to_s(2)
# prepend leading 0's to the result and add String C to self.outputs
self.outputs << binary_string_c.to_s.rjust(number_of_bytes * 8, '0')
# prepend leading 0's to the result
result = binary_string_c.to_s.rjust(number_of_bytes * 8, '0')
# join the binary strings with an underscore
self.outputs << "#{generated_bit_stream}_#{result}"
end
def get_options_array
super + [['--string_to_mask', GetoptLong::REQUIRED_ARGUMENT]]
end
def process_options(opt, arg)
super
case opt
when '--string_to_mask'
self.string_to_mask << arg;
end
end
def encoding_print_string
'String to mask: ' + self.string_to_mask
end
end
BitwiseXORChallengeGenerator.new.run

20
modules/generators/challenges/bitwise_xor/secgen_metadata.xml → modules/encoders/cipher/bitwise_xor/secgen_metadata.xml
View File

@@ -1,21 +1,22 @@
<?xml version="1.0"?>
<generator xmlns="http://www.github/cliffe/SecGen/generator"
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/generator">
<name>Bitwise XOR Challenge Generator</name>
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>Bitwise XOR Challenge encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Binary bitwise XOR operation module. Takes a string input, generates a random bitstream of equal length.,
XOR's the 2 strings, outputs the binary streams.
XOR's the 2 strings, outputs the binary streams joined with an underscore.
</description>
<type>ctf_challenge</type>
<type>bitstream_generator</type>
<type>string_generator</type>
<type>ascii_reversible</type>
<type>string_encoder</type>
<type>local_calculation</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>high</difficulty>
<hint>Perform a bitwise XOR on both strings - https://www.youtube.com/watch?v=YtghBxoBxpA</hint>
<solution>Example bitwise XOR tool:
@@ -23,11 +24,12 @@
Decode the result into it's ASCII representation.
</solution>
<read_fact>string_to_mask</read_fact>
<default_input into="string_to_mask">
<read_fact>strings_to_encode</read_fact>
<default_input into="strings_to_encode">
<generator type="flag_generator"/>
</default_input>
<output_type>generated_strings</output_type>
</generator>
</encoder>

0
modules/encoders/cipher/braille/braille.pp Normal file
View File

0
modules/encoders/cipher/braille/manifests/.no_puppet Normal file
View File

26
modules/encoders/cipher/braille/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,26 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_string_encoder.rb'
class BrailleEncoder < StringEncoder
def initialize
super
self.module_name = 'Braille Encoder'
end
def encode(str)
require 'braille/translator'
braille = Braille::Translator.new
translation = []
str.each_char do |char|
if ! char =~ /[a-zA-Z0-9]/ # If non-alphanumeric, return the character as is.
translation << char
else
translation << braille.translate_word(char)
end
end
translation.join
end
end
BrailleEncoder.new.run

29
modules/encoders/cipher/braille/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,29 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>Braille Code Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Encodes a string into Braille.</description>
<type>braille_encoder</type>
<type>ascii_reversible</type>
<type>string_encoder</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>medium</difficulty>
<reference>https://github.com/nicanor/braille</reference>
<solution>Braille decoders are available online e.g. https://www.dcode.fr/braille-alphabet</solution>
<read_fact>strings_to_encode</read_fact>
<default_input into="strings_to_encode">
<generator type="flag_generator"/>
</default_input>
<output_type>encoded_strings</output_type>
</encoder>

1
modules/encoders/cipher/caesar_shift/secgen_metadata.xml
View File

@@ -15,6 +15,7 @@
<type>cipher_encoder</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>low</difficulty>
<hint>Encoded with a rotation/shift cipher using a random key. Watch: https://www.youtube.com/watch?v=o6TPx1Co_wg</hint>
<solution>Decoding tools are available online e.g. http://www.dcode.fr/rot-cipher</solution>

0
modules/encoders/cipher/dna/dna.pp Normal file
View File

0
modules/encoders/cipher/dna/manifests/.no_puppet Normal file
View File

67
modules/encoders/cipher/dna/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,67 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_string_encoder.rb'
class DNACipher < StringEncoder
attr_accessor :char_map
def initialize
super
self.module_name = 'DNA Cipher Encoder'
self.strings_to_encode = []
self.char_map = {
'A' => 'CGA',
'B' => 'CCA',
'C' => 'GTT',
'D' => 'TTG',
'E' => 'GGC',
'F' => 'GGT',
'G' => 'TTT',
'H' => 'CGC',
'I' => 'ATG',
'J' => 'AGT',
'K' => 'AAG',
'L' => 'TGC',
'M' => 'TCC',
'N' => 'TCT',
'O' => 'GGA',
'P' => 'GTG',
'Q' => 'AAC',
'R' => 'TCA',
'S' => 'ACG',
'T' => 'TTC',
'U' => 'CTG',
'V' => 'CCT',
'W' => 'CCG',
'X' => 'CTA',
'Y' => 'AAA',
'Z' => 'CTT',
' ' => 'CCC',
',' => 'TCG',
'.' => 'GAT',
':' => 'GCT',
'0' => 'ACT',
'1' => 'ACC',
'2' => 'TAG',
'3' => 'GCA',
'4' => 'GAG',
'5' => 'AGA',
'6' => 'TTA',
'7' => 'ACA',
'8' => 'AGG',
'9' => 'GCG',
'{' => '{',
'}' => '}',
'_' => 'ATA',
}
end
def encode(str)
encoded = []
str.each_char do |char|
self.char_map.key? char.upcase
encoded << self.char_map[char.upcase]
end
encoded.join
end
end
DNACipher.new.run

32
modules/encoders/cipher/dna/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,32 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>DNA Cipher</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>
</description>
<type>alpha_reversible</type>
<type>dna_encoder</type>
<type>cipher_encoder</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>medium</difficulty>
<reference>https://www.semanticscholar.org/paper/Innovative-field-of-cryptography-%3A-DNA-cryptography-Soni-Soni/5efcd2ab63e103fd8d158eaa2e30ca3de7d99fcb/figure/2</reference>
<hint>Guanine, Adenine, Thymine and Cytosine</hint>
<hint>DNA cryptography is a new instinctive cryptographic field emerged with the research of DNA computing, in which DNA is used as information shipper...</hint>
<solution>https://ai2-s2-public.s3.amazonaws.com/figures/2017-08-08/5efcd2ab63e103fd8d158eaa2e30ca3de7d99fcb/8-Table2-1.png</solution>
<read_fact>strings_to_encode</read_fact>
<default_input into="strings_to_encode">
<generator type="flag_generator"/>
</default_input>
<output_type>encoded_string</output_type>
</encoder>

1
modules/encoders/cipher/morse_code/secgen_metadata.xml
View File

@@ -13,6 +13,7 @@
<type>string_encoder</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>medium</difficulty>
<reference>https://gist.github.com/mikedamage/105081</reference>

8
modules/encoders/cipher/vigenere/secgen_local/local.rb
View File

@@ -1,5 +1,6 @@
#!/usr/bin/ruby
# Encryption algorithm code from http://rosettacode.org/wiki/Vigen%C3%A8re_cipher#Ruby
# TODO: Add difficulty: easy returns key, medium returns key length, hard doesn't return either.
require_relative '../../../../../lib/objects/local_string_encoder.rb'
class VigenereCipher < StringEncoder
attr_accessor :encryption_key
@@ -30,6 +31,13 @@ class VigenereCipher < StringEncoder
end
end
# def encode_all
# self.strings_to_encode.each do |str|
# self.outputs << encrypt(str, self.encryption_key)
# self.outputs << "KEY: #{self.encryption_key}"
# end
# end
def encode(str)
self.encryption_key + '_' + encrypt(str, self.encryption_key)
end

1
modules/encoders/cipher/vigenere/secgen_metadata.xml
View File

@@ -19,6 +19,7 @@
<type>cipher_encoder</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>medium</difficulty>
<reference>http://www.cs.mtu.edu/~shene/NSF-4/Tutorial/VIG/Vig-Base.html</reference>
<reference>http://rosettacode.org/wiki/Vigen%C3%A8re_cipher#Ruby</reference>

0
modules/encoders/compression/huffman/huffman.pp Normal file
View File

0
modules/encoders/compression/huffman/manifests/.no_puppet Normal file
View File

52
modules/encoders/compression/huffman/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,52 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_string_encoder.rb'
require 'huffman'
require 'fileutils'
class HuffmanEncoder < StringEncoder
attr_accessor :tmp_path
attr_accessor :subdirectory
def initialize
super
self.module_name = 'Huffman Encoder'
self.subdirectory = ''
self.strings_to_encode = []
self.tmp_path = File.expand_path(File.dirname(__FILE__)).split("/")[0...-1].join('/') + '/tmp/'
Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
self.tmp_path += Time.new.strftime("%Y%m%d_%H%M%S")
Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
end
def encode_all
begin
tree_path = "#{self.tmp_path}/tree"
result = Huffman.encode_text(strings_to_encode[0], tree_picture: true, tree_path: tree_path)
self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(result.first), :filename => 'cipher', :ext => 'txt', :subdirectory => self.subdirectory}}.to_json
self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(File.binread("#{tree_path}.png")), :filename => 'tree', :ext => 'png', :subdirectory => self.subdirectory}}.to_json
ensure
FileUtils.rm_r self.tmp_path
end
end
def process_options(opt, arg)
super
case opt
when '--subdirectory'
self.subdirectory << arg;
end
end
def get_options_array
super + [['--subdirectory', GetoptLong::REQUIRED_ARGUMENT]]
end
def encoding_print_string
'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
'subdirectory: ' + self.subdirectory.to_s
end
end
HuffmanEncoder.new.run

34
modules/encoders/compression/huffman/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,34 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>Huffman Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Encodes a string with Huffman compression. Outputs a huffman string and png.</description>
<type>huffman_encoder</type>
<type>compression</type>
<type>misc</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>high</difficulty>
<reference>https://github.com/nicanor/braille</reference>
<solution>Braille decoders are available online e.g. https://www.dcode.fr/braille-alphabet</solution>
<read_fact>strings_to_encode</read_fact>
<read_fact>subdirectory</read_fact>
<default_input into="strings_to_encode">
<generator type="flag_generator"/>
</default_input>
<default_input into="subdirectory">
<value>challenges</value>
</default_input>
<output_type>array</output_type>
</encoder>

0
modules/encoders/hash/bcrypt/bcrypt.pp Normal file
View File

0
modules/encoders/hash/bcrypt/manifests/.no_puppet Normal file
View File

16
modules/encoders/hash/bcrypt/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,16 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_hash_encoder.rb'
class BCryptEncoder < HashEncoder
def initialize
super
self.module_name = 'BCrypt Hash Encoder'
end
def hash_function(string)
require 'bcrypt'
BCrypt::Password.create(string)
end
end
BCryptEncoder.new.run

23
modules/encoders/hash/bcrypt/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,23 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>Bcrypt Hash Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Generates an bcrypt hash for each of the strings.</description>
<type>hash</type>
<type>bcrypt</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>high</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>salt</read_fact>
<read_fact>return_salts</read_fact>
<output_type>string</output_type>
</encoder>

0
modules/encoders/hash/lm/lm.pp Normal file
View File

0
modules/encoders/hash/lm/manifests/.no_puppet Normal file
View File

18
modules/encoders/hash/lm/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,18 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_hash_encoder.rb'
class LMEncoder < HashEncoder
def initialize
super
self.module_name = 'LM Hash Encoder'
end
def hash_function(string)
# Validation
raise 'error: String too long for LM hashes' if string.length > 14
require 'smbhash'
Smbhash.lm_hash(string)
end
end
LMEncoder.new.run

23
modules/encoders/hash/lm/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,23 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>LM Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Generates an MD5 hash for each of the strings.</description>
<type>hash</type>
<type>lm</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>salt</read_fact>
<read_fact>return_salts</read_fact>
<output_type>string</output_type>
</encoder>

0
modules/encoders/hash/md4/manifests/.no_puppet Normal file
View File

0
modules/encoders/hash/md4/md4.pp Normal file
View File

16
modules/encoders/hash/md4/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,16 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_hash_encoder.rb'
class MD4Encoder < HashEncoder
def initialize
super
self.module_name = 'MD4 Encoder'
end
def hash_function(string)
require 'openssl'
OpenSSL::Digest::MD4.hexdigest(string)
end
end
MD4Encoder.new.run

23
modules/encoders/hash/md4/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,23 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>MD4 Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Generates an MD4 hash for each of the strings.</description>
<type>hash</type>
<type>MD4</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>salt</read_fact>
<read_fact>return_salts</read_fact>
<output_type>string</output_type>
</encoder>

0
modules/encoders/hash/md5/manifests/.no_puppet Normal file
View File

0
modules/encoders/hash/md5/md5.pp Normal file
View File

15
modules/encoders/hash/md5/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,15 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_hash_encoder.rb'
class MD5Encoder < HashEncoder
def initialize
super
self.module_name = 'MD5 Encoder'
end
def hash_function(string)
Digest::MD5.hexdigest(string)
end
end
MD5Encoder.new.run

23
modules/encoders/hash/md5/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,23 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>MD5 Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Generates an MD5 hash for each of the strings.</description>
<type>hash</type>
<type>md5</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>salt</read_fact>
<read_fact>return_salts</read_fact>
<output_type>string</output_type>
</encoder>

0
modules/encoders/hash/mysql_password/manifests/.no_puppet Normal file
View File

0
modules/encoders/hash/mysql_password/mysql_password.pp Normal file
View File

16
modules/encoders/hash/mysql_password/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,16 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_hash_encoder.rb'
class MySQLPasswordHashEncoder < HashEncoder
def initialize
super
self.module_name = 'MySQL Password Hash Encoder'
end
def hash_function(string)
require 'digest/sha1'
"*" + Digest::SHA1.hexdigest(Digest::SHA1.digest(string)).upcase
end
end
MySQLPasswordHashEncoder.new.run

24
modules/encoders/hash/mysql_password/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,24 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>MySQL Password Hash Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Generates a MySQL password hash for each of the strings. '*' + sha1sum(sha1sum(password))</description>
<type>hash</type>
<type>mysql</type>
<type>mysql_password</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>medium</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>salt</read_fact>
<read_fact>return_salts</read_fact>
<output_type>string</output_type>
</encoder>

0
modules/encoders/hash/ntlm/manifests/.no_puppet Normal file
View File

0
modules/encoders/hash/ntlm/ntlm.pp Normal file
View File

16
modules/encoders/hash/ntlm/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,16 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_hash_encoder.rb'
class NTLMEncoder < HashEncoder
def initialize
super
self.module_name = 'NTLM Hash Encoder'
end
def hash_function(string)
require 'smbhash'
Smbhash.ntlm_hash(string)
end
end
NTLMEncoder.new.run

23
modules/encoders/hash/ntlm/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,23 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>NTLM Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Generates an NTLM hash for each of the strings.</description>
<type>hash</type>
<type>ntlm</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>salt</read_fact>
<read_fact>return_salts</read_fact>
<output_type>string</output_type>
</encoder>

0
modules/encoders/hash/rmd160/manifests/.no_puppet Normal file
View File

0
modules/encoders/hash/rmd160/rmd160.pp Normal file
View File

15
modules/encoders/hash/rmd160/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,15 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_hash_encoder.rb'
class RMD160Encoder < HashEncoder
def initialize
super
self.module_name = 'RMD160 Encoder'
end
def hash_function(string)
Digest::RMD160.hexdigest(string)
end
end
RMD160Encoder.new.run

23
modules/encoders/hash/rmd160/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,23 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>RMD160 Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Generates an RMD160 hash for each of the strings.</description>
<type>hash</type>
<type>rmd160</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>salt</read_fact>
<read_fact>return_salts</read_fact>
<output_type>string</output_type>
</encoder>

0
modules/encoders/hash/scrypt/manifests/.no_puppet Normal file
View File

0
modules/encoders/hash/scrypt/scrypt.pp Normal file
View File

16
modules/encoders/hash/scrypt/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,16 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_hash_encoder.rb'
class SCryptEncoder < HashEncoder
def initialize
super
self.module_name = 'SCrypt Encoder'
end
def hash_function(string)
require 'scrypt'
SCrypt::Password.create(string)
end
end
SCryptEncoder.new.run

23
modules/encoders/hash/scrypt/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,23 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>SCrypt Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Generates an SCrypt hash for each of the strings.</description>
<type>hash</type>
<type>scrypt</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>medium</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>salt</read_fact>
<read_fact>return_salts</read_fact>
<output_type>string</output_type>
</encoder>

0
modules/encoders/hash/sha1/manifests/.no_puppet Normal file
View File

15
modules/encoders/hash/sha1/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,15 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_hash_encoder.rb'
class SHA1Encoder < HashEncoder
def initialize
super
self.module_name = 'SHA1 Encoder'
end
def hash_function(string)
Digest::SHA1.hexdigest(string)
end
end
SHA1Encoder.new.run

23
modules/encoders/hash/sha1/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,23 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>SHA1 Encoder</name>
<author>Thomas Shaw</author>
<module_license>MIT</module_license>
<description>Generates an SHA1 hash for each of the strings.</description>
<type>hash</type>
<type>sha1</type>
<platform>linux</platform>
<platform>windows</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_encode</read_fact>
<read_fact>salt</read_fact>
<read_fact>return_salts</read_fact>
<output_type>string</output_type>
</encoder>

0
modules/encoders/hash/sha1/sha1.pp Normal file
View File

0
modules/encoders/hash/sha224/manifests/.no_puppet Normal file
View File

16
modules/encoders/hash/sha224/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,16 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_hash_encoder.rb'
class SHA224Encoder < HashEncoder
def initialize
super
self.module_name = 'SHA224 Encoder'
end
def hash_function(string)
require 'openssl'
OpenSSL::Digest::SHA224.hexdigest(string)
end
end
SHA224Encoder.new.run

Some files were not shown because too many files have changed in this diff Show More