diff --git a/.gitignore b/.gitignore
index 7fc6c76b2..48fc02156 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,6 +9,7 @@ batch/failed
batch/successful
lib/test/tmp
modules/generators/challenges/exif/secgen_local/tmp.jpg
-modules/generators/challenges/compression/zip/secgen_local/archive.zip
+modules/generators/challenges/compression/zip/tmp
modules/generators/challenges/image/random_jpg/secgen_local/tmp.jpg
-secgen.conf
\ No newline at end of file
+secgen.conf
+modules/encoders/compression/huffman/tmp
\ No newline at end of file
diff --git a/Gemfile b/Gemfile
index 0bdf9ed20..bc9ba0183 100644
--- a/Gemfile
+++ b/Gemfile
@@ -22,6 +22,17 @@ gem 'programr', :git => "http://github.com/robertjwhitney/programr.git"
gem 'process_helper'
gem 'ovirt-engine-sdk'
gem 'duplicate'
+gem 'smbhash'
+gem 'digest-whirlpool'
+gem 'digest-siphash'
+gem 'scrypt'
+gem 'braille', :git => "http://github.com/nicanor/braille.git"
+gem 'bases'
+gem 'huffman'
+gem 'ruby-graphviz'
+gem 'rsa'
+gem 'gpgmeh'
+gem 'digest-sha3', :git => "http://github.com/izetex/digest-sha3-ruby"
#development only gems go here
group :test, :development do
diff --git a/Gemfile.lock b/Gemfile.lock
index 192a102be..214c26f37 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,3 +1,15 @@
+GIT
+ remote: http://github.com/izetex/digest-sha3-ruby
+ revision: c266a32868b95349f39a61395ff8c78f98951410
+ specs:
+ digest-sha3 (1.1.0)
+
+GIT
+ remote: http://github.com/nicanor/braille.git
+ revision: 2c861ea0160d39aa96dc71d2f9779a4f984e0791
+ specs:
+ braille (0.1.0)
+
GIT
remote: http://github.com/robertjwhitney/programr.git
revision: 9885f3870407f57c3e2ca1fe644ed10573629ca6
@@ -7,12 +19,23 @@ GIT
GEM
remote: https://rubygems.org/
specs:
+ PriorityQueue (0.1.2)
+ activesupport (5.2.1)
+ concurrent-ruby (~> 1.0, >= 1.0.2)
+ i18n (>= 0.7, < 2)
+ minitest (~> 5.1)
+ tzinfo (~> 1.1)
+ bases (1.0.2)
bcrypt (3.1.12)
chunky_png (1.3.10)
cinch (2.3.4)
concurrent-ruby (1.0.5)
credy (0.2.1)
thor (~> 0.19.1)
+ digest-simple (1.1.0)
+ digest-siphash (1.0.1)
+ digest-simple
+ digest-whirlpool (1.0.3)
duplicate (1.1.1)
facter (2.5.1)
faker (1.9.1)
@@ -22,6 +45,10 @@ GEM
faraday_middleware (0.12.2)
faraday (>= 0.7.4, < 1.0)
fast_gettext (1.1.2)
+ ffi (1.9.25)
+ ffi-compiler (1.0.1)
+ ffi (>= 1.0.0)
+ rake
forgery (0.7.0)
gettext (3.2.9)
locale (>= 2.0.5)
@@ -30,9 +57,16 @@ GEM
fast_gettext (~> 1.1.0)
gettext (>= 3.0.2)
locale
+ gpgmeh (0.1.6)
+ activesupport (>= 2.3)
+ nio4r (~> 2.2)
hiera (3.4.5)
hocon (1.2.5)
httpclient (2.8.3)
+ huffman (0.0.1)
+ PriorityQueue
+ activesupport
+ ruby-graphviz
i18n (1.1.0)
concurrent-ruby (~> 1.0)
json (2.1.0)
@@ -51,6 +85,7 @@ GEM
minitest (5.11.3)
multi_json (1.13.1)
multipart-post (2.0.0)
+ nio4r (2.3.1)
nokogiri (1.8.4)
mini_portile2 (~> 2.3.0)
nori (2.6.0)
@@ -81,14 +116,22 @@ GEM
rmagick (2.16.0)
rqrcode (0.10.1)
chunky_png (~> 1.0)
+ rsa (0.1.4)
rsync (1.0.9)
+ ruby-graphviz (1.2.3)
rubyzip (1.2.2)
+ scrypt (3.0.6)
+ ffi-compiler (>= 1.0, < 2.0)
semantic_puppet (1.0.2)
+ smbhash (1.0.2)
spidr (0.6.0)
nokogiri (~> 1.3)
sshkey (1.9.0)
text (1.3.1)
thor (0.19.4)
+ thread_safe (0.3.6)
+ tzinfo (1.2.5)
+ thread_safe (~> 0.1)
wordlist (0.1.1)
spidr (~> 0.2)
yard (0.9.16)
@@ -100,12 +143,19 @@ PLATFORMS
ruby
DEPENDENCIES
+ bases
bcrypt
+ braille!
cinch
credy
+ digest-sha3!
+ digest-siphash
+ digest-whirlpool
duplicate
faker
forgery
+ gpgmeh
+ huffman
librarian-puppet
mini_exiftool_vendored
minitest
@@ -121,6 +171,10 @@ DEPENDENCIES
redcarpet
rmagick
rqrcode
+ rsa
+ ruby-graphviz
+ scrypt
+ smbhash
sshkey
wordlist
yard
@@ -128,4 +182,4 @@ DEPENDENCIES
zipruby
BUNDLED WITH
- 1.15.4
+ 1.16.1
diff --git a/README.md b/README.md
index 68a6053f4..0a11dc45b 100644
--- a/README.md
+++ b/README.md
@@ -38,7 +38,7 @@ Install all the required packages:
wget https://releases.hashicorp.com/vagrant/1.9.8/vagrant_1.9.8_x86_64.deb
sudo apt install ./vagrant_1.9.8_x86_64.deb
# install other required packages via repos
-sudo apt-get install ruby-dev zlib1g-dev liblzma-dev build-essential patch virtualbox ruby-bundler imagemagick libmagickwand-dev exiftool libpq-dev libcurl4-openssl-dev libxml2-dev
+sudo apt-get install ruby-dev zlib1g-dev liblzma-dev build-essential patch virtualbox ruby-bundler imagemagick libmagickwand-dev exiftool libpq-dev libcurl4-openssl-dev libxml2-dev graphviz graphviz-dev
```
Copy SecGen to a directory of your choosing, such as */home/user/bin/SecGen*
diff --git a/backup-server b/backup-server
new file mode 100644
index 000000000..620303afc
--- /dev/null
+++ b/backup-server
@@ -0,0 +1,56 @@
+[{:vm_name => "p-2-4-11-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.6.255", :new_ip_addr => "10.170.92.3"},
+{:vm_name => "p-2-4-13-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.10.184", :new_ip_addr => "10.102.157.3"},
+{:vm_name => "p-2-4-14-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.2.243", :new_ip_addr => "10.246.254.3"},
+{:vm_name => "p-2-4-18-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.77", :new_ip_addr => "10.46.144.3"},
+{:vm_name => "p-2-4-23-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.6.65", :new_ip_addr => "10.242.206.3"},
+{:vm_name => "p-2-4-24-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.1", :new_ip_addr => "10.116.200.3"},
+{:vm_name => "p-2-4-25-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.185", :new_ip_addr => "10.79.15.3"},
+{:vm_name => "p-2-4-26-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.132", :new_ip_addr => "10.155.73.3"},
+{:vm_name => "p-2-4-29-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.143", :new_ip_addr => "10.70.119.3"},
+{:vm_name => "p-2-4-33-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.251", :new_ip_addr => "10.34.92.3"},
+{:vm_name => "p-2-4-35-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.8.88", :new_ip_addr => "10.116.129.3"},
+{:vm_name => "p-2-4-38-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.2.173", :new_ip_addr => "10.168.45.3"},
+{:vm_name => "p-2-4-39-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.12", :new_ip_addr => "10.222.37.3"},
+{:vm_name => "p-2-4-40-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.0.206", :new_ip_addr => "10.145.40.3"},
+{:vm_name => "p-2-4-42-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.10.31", :new_ip_addr => "10.114.32.3"},
+{:vm_name => "p-2-4-46-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.4.92", :new_ip_addr => "10.39.197.3"},
+{:vm_name => "p-2-4-47-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.5.181", :new_ip_addr => "10.221.91.3"},
+{:vm_name => "p-2-4-4-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.8.223", :new_ip_addr => "10.191.123.3"},
+{:vm_name => "p-2-4-50-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.8.151", :new_ip_addr => "10.114.165.3"},
+{:vm_name => "p-2-4-52-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.2.190", :new_ip_addr => "10.20.140.3"},
+{:vm_name => "p-2-4-54-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.10.166", :new_ip_addr => "10.42.192.3"},
+{:vm_name => "p-2-4-57-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.8.108", :new_ip_addr => "10.144.26.3"},
+{:vm_name => "p-2-4-58-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.4.28", :new_ip_addr => "10.34.213.3"},
+{:vm_name => "p-2-4-59-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.2.22", :new_ip_addr => "10.146.80.3"},
+{:vm_name => "p-2-4-61-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.4.157", :new_ip_addr => "10.138.240.3"},
+{:vm_name => "p-2-4-64-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.5.123", :new_ip_addr => "10.45.176.3"},
+{:vm_name => "p-2-4-65-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.4", :new_ip_addr => "10.192.155.3"},
+{:vm_name => "p-2-4-66-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.243", :new_ip_addr => "10.187.209.3"},
+{:vm_name => "p-2-4-67-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.7.158", :new_ip_addr => "10.225.113.3"},
+{:vm_name => "p-2-4-71-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.10", :new_ip_addr => "10.163.112.3"},
+{:vm_name => "p-2-4-72-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.94", :new_ip_addr => "10.112.148.3"},
+{:vm_name => "p-2-4-75-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.6.68", :new_ip_addr => "10.188.110.3"},
+{:vm_name => "p-2-4-76-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.162", :new_ip_addr => "10.107.129.3"},
+{:vm_name => "p-2-4-77-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.2.112", :new_ip_addr => "10.177.250.3"},
+{:vm_name => "p-2-4-78-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.68", :new_ip_addr => "10.162.175.3"},
+{:vm_name => "p-2-4-79-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.255", :new_ip_addr => "10.68.201.3"},
+{:vm_name => "p-2-4-7-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.9.72", :new_ip_addr => "10.34.30.3"},
+{:vm_name => "p-2-4-83-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.181", :new_ip_addr => "10.207.94.3"},
+{:vm_name => "p-2-4-86-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.9", :new_ip_addr => "10.232.227.3"},
+{:vm_name => "p-2-4-87-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.0.250", :new_ip_addr => "10.106.5.3"},
+{:vm_name => "p-2-4-88-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.3.52", :new_ip_addr => "10.156.195.3"},
+{:vm_name => "p-2-4-89-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.29", :new_ip_addr => "10.74.36.3"},
+{:vm_name => "p-2-4-8-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.1.66", :new_ip_addr => "10.210.251.3"},
+{:vm_name => "p-2-4-9-iMQL-3-backups-and-recovery-backup-server", :old_ip_addr => "172.22.5.60", :new_ip_addr => "10.210.131.3"}]
+
+
+
+Example:
+p-2-4-11-iMQL-3-backups-and-recovery-backup-server 172.22.6.255 10.170.92.3
+
+
+
+ cat /etc/hosts | ssh otherhost "sudo sh -c 'cat >/etc/hosts'" will do the trick.
+
+
+echo "auto lo\niface lo inet loopback\n\nauto eth0\niface eth0 inet static\n\taddress " + $new_ip_addr | ssh vagrant@$old_ip_addr "sudo sh -c 'cat >/etc/network/interfaces'"
\ No newline at end of file
diff --git a/desktop_sorted b/desktop_sorted
new file mode 100644
index 000000000..66f3b48e0
--- /dev/null
+++ b/desktop_sorted
@@ -0,0 +1,44 @@
+p-2-4-11-iMQL-3-backups-and-recovery-desktop 10.170.92.2
+p-2-4-13-iMQL-3-backups-and-recovery-desktop 10.102.157.2
+p-2-4-14-iMQL-3-backups-and-recovery-desktop 10.246.254.2
+p-2-4-18-iMQL-3-backups-and-recovery-desktop 10.46.144.2
+p-2-4-23-iMQL-3-backups-and-recovery-desktop 10.242.206.2
+p-2-4-24-iMQL-3-backups-and-recovery-desktop 10.116.200.2
+p-2-4-25-iMQL-3-backups-and-recovery-desktop 10.79.15.2
+p-2-4-26-iMQL-3-backups-and-recovery-desktop 10.155.73.2
+p-2-4-29-iMQL-3-backups-and-recovery-desktop 10.70.119.2
+p-2-4-33-iMQL-3-backups-and-recovery-desktop 10.34.92.2
+p-2-4-35-iMQL-3-backups-and-recovery-desktop 10.116.129.2
+p-2-4-38-iMQL-3-backups-and-recovery-desktop 10.168.45.2
+p-2-4-39-iMQL-3-backups-and-recovery-desktop 10.222.37.2
+p-2-4-40-iMQL-3-backups-and-recovery-desktop 10.145.40.2
+p-2-4-42-iMQL-3-backups-and-recovery-desktop 10.114.32.2
+p-2-4-46-iMQL-3-backups-and-recovery-desktop 10.39.197.2
+p-2-4-47-iMQL-3-backups-and-recovery-desktop 10.221.91.2
+p-2-4-4-iMQL-3-backups-and-recovery-desktop 10.191.123.2
+p-2-4-50-iMQL-3-backups-and-recovery-desktop 10.114.165.2
+p-2-4-52-iMQL-3-backups-and-recovery-desktop 10.20.140.2
+p-2-4-54-iMQL-3-backups-and-recovery-desktop 10.42.192.2
+p-2-4-57-iMQL-3-backups-and-recovery-desktop 10.144.26.2
+p-2-4-58-iMQL-3-backups-and-recovery-desktop 10.34.213.2
+p-2-4-59-iMQL-3-backups-and-recovery-desktop 10.146.80.2
+p-2-4-61-iMQL-3-backups-and-recovery-desktop 10.138.240.2
+p-2-4-64-iMQL-3-backups-and-recovery-desktop 10.45.176.2
+p-2-4-65-iMQL-3-backups-and-recovery-desktop 10.192.155.2
+p-2-4-66-iMQL-3-backups-and-recovery-desktop 10.187.209.2
+p-2-4-67-iMQL-3-backups-and-recovery-desktop 10.225.113.2
+p-2-4-71-iMQL-3-backups-and-recovery-desktop 10.163.112.2
+p-2-4-72-iMQL-3-backups-and-recovery-desktop 10.112.148.2
+p-2-4-75-iMQL-3-backups-and-recovery-desktop 10.188.110.2
+p-2-4-76-iMQL-3-backups-and-recovery-desktop 10.107.129.2
+p-2-4-77-iMQL-3-backups-and-recovery-desktop 10.177.250.2
+p-2-4-78-iMQL-3-backups-and-recovery-desktop 10.162.175.2
+p-2-4-79-iMQL-3-backups-and-recovery-desktop 10.68.201.2
+p-2-4-7-iMQL-3-backups-and-recovery-desktop 10.34.30.2
+p-2-4-83-iMQL-3-backups-and-recovery-desktop 10.207.94.2
+p-2-4-86-iMQL-3-backups-and-recovery-desktop 10.232.227.2
+p-2-4-87-iMQL-3-backups-and-recovery-desktop 10.106.5.2
+p-2-4-88-iMQL-3-backups-and-recovery-desktop 10.156.195.2
+p-2-4-89-iMQL-3-backups-and-recovery-desktop 10.74.36.2
+p-2-4-8-iMQL-3-backups-and-recovery-desktop 10.210.251.2
+p-2-4-9-iMQL-3-backups-and-recovery-desktop 10.210.131.2
diff --git a/lib/batch/batch_secgen.rb b/lib/batch/batch_secgen.rb
index 8e4e65321..461173043 100644
--- a/lib/batch/batch_secgen.rb
+++ b/lib/batch/batch_secgen.rb
@@ -196,7 +196,7 @@ def start(options)
# execute secgen
puts "Running job_id(#{job_id}): secgen.rb #{secgen_args}"
- stdout, stderr, status = Open3.capture3("ruby secgen.rb #{secgen_args}")
+ stdout, stderr, status = Open3.capture3("bundle exec ruby secgen.rb #{secgen_args}")
# Update job status and back-up paths
if status.exitstatus == 0
diff --git a/lib/helpers/blacklist.rb b/lib/helpers/blacklist.rb
new file mode 100644
index 000000000..661c6dda2
--- /dev/null
+++ b/lib/helpers/blacklist.rb
@@ -0,0 +1,11 @@
+class Blacklist
+ attr_accessor :blacklisted_words
+ def initialize
+ self.blacklisted_words = File.readlines(BLACKLISTED_WORDS_FILE)
+ self.blacklisted_words.map! { |w| w.strip }
+ end
+
+ def is_blacklisted?(word)
+ blacklisted_words.include? word
+ end
+end
\ No newline at end of file
diff --git a/lib/helpers/constants.rb b/lib/helpers/constants.rb
index e9a8c7609..91a60ad14 100644
--- a/lib/helpers/constants.rb
+++ b/lib/helpers/constants.rb
@@ -42,6 +42,7 @@ DOCUMENTATION_DIR = "#{ROOT_DIR}/documentation/yard/doc"
# Path to resources
WORDLISTS_DIR = "#{ROOT_DIR}/lib/resources/wordlists"
LINELISTS_DIR = "#{ROOT_DIR}/lib/resources/linelists"
+BLACKLISTED_WORDS_FILE = "#{ROOT_DIR}/lib/resources/blacklisted_words/blacklist.txt"
IMAGES_DIR = "#{ROOT_DIR}/lib/resources/images"
# Path to build puppet modules
@@ -75,4 +76,4 @@ RETRIES_LIMIT = 10
# Version number of SecGen
# e.g. [release state (0 = alpha, 3 = final release)].[Major bug fix].[Minor bug fix].[Cosmetic or other features]
-VERSION_NUMBER = '0.0.1.1'
+VERSION_NUMBER = '0.0.1.1'
\ No newline at end of file
diff --git a/lib/objects/local_hash_encoder.rb b/lib/objects/local_hash_encoder.rb
new file mode 100644
index 000000000..d093bb049
--- /dev/null
+++ b/lib/objects/local_hash_encoder.rb
@@ -0,0 +1,67 @@
+#!/usr/bin/ruby
+require_relative 'local_string_encoder.rb'
+require 'digest'
+
+class HashEncoder < StringEncoder
+ attr_accessor :salt
+ attr_accessor :return_salts
+ attr_accessor :salt_position
+
+ def initialize
+ super
+ self.module_name = 'Hash Encoder'
+ self.strings_to_encode = []
+ self.salt = []
+ self.return_salts = false
+ self.salt_position = %w(before after).sample
+ end
+
+ def hash_function(str)
+ end
+
+ def encode_all
+ self.strings_to_encode.each_with_index do |string, i|
+
+ combined_string = string
+
+ if self.salt[i]
+ if salt_position == 'before'
+ combined_string = self.salt[i] + combined_string
+ elsif salt_position == 'after'
+ combined_string = combined_string + self.salt[i]
+ end
+ end
+
+ self.outputs[i] = hash_function(combined_string)
+ self.outputs[i] += "\n salt:#{self.salt[i]}" if self.return_salts
+ end
+ end
+
+ def process_options(opt, arg)
+ super
+ if opt == '--salt'
+ self.salt << arg;
+ end
+
+ if opt == '--return_salts'
+ self.return_salts = (arg.to_s.downcase == 'true');
+ end
+ end
+
+
+ def get_options_array
+ super + [['--salt', GetoptLong::OPTIONAL_ARGUMENT],
+ ['--return_salts', GetoptLong::OPTIONAL_ARGUMENT]]
+ end
+
+ def encoding_print_string
+ print_string = 'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
+ 'salt: ' + self.salt.to_s
+ if self.salt.size > 0
+ print_string += print_string_padding
+ print_string += "return_salts: #{self.return_salts.to_s} #{print_string_padding}"
+ print_string += "salt_position: #{self.salt_position.to_s}"
+ end
+ print_string
+ end
+end
\ No newline at end of file
diff --git a/lib/objects/local_ruby_challenge_generator.rb b/lib/objects/local_ruby_challenge_generator.rb
new file mode 100644
index 000000000..1560ac7da
--- /dev/null
+++ b/lib/objects/local_ruby_challenge_generator.rb
@@ -0,0 +1,26 @@
+#!/usr/bin/ruby
+
+require_relative 'local_script_challenge_generator.rb'
+class RubyChallengeGenerator < ScriptChallengeGenerator
+
+ def initialize
+ super
+ self.module_name = 'Ruby Example Script Generator'
+ end
+
+ def pre_challenge_setup
+ "flag_path = ''
+ if ARGV[0] and File.directory? ARGV[0]
+ flag_path = ARGV.shift
+ if flag_path[-1] != '/'
+ flag_path += '/'
+ end
+ end
+ flag_path += 'flag'\n"
+ end
+
+ def interpreter_path
+ '/usr/bin/ruby'
+ end
+
+end
\ No newline at end of file
diff --git a/lib/objects/local_script_challenge_generator.rb b/lib/objects/local_script_challenge_generator.rb
new file mode 100644
index 000000000..5d6e3e7f0
--- /dev/null
+++ b/lib/objects/local_script_challenge_generator.rb
@@ -0,0 +1,159 @@
+require 'getoptlong'
+require_relative '../helpers/constants'
+require 'base64'
+# Inherited by local script challenge generators
+# stdout used to return value
+# use Print.local to print status messages (formatted to stdout)
+
+# A nice side-effect is that each of these modules is also an executable script
+
+class ScriptChallengeGenerator
+ require_relative '../helpers/print.rb'
+
+ attr_accessor :module_name
+ attr_accessor :has_base64_inputs
+ attr_accessor :outputs
+ attr_accessor :difficulty
+ attr_accessor :challenge_path
+
+ # override this
+ def initialize
+ # default values
+ self.module_name = 'Null generator'
+ self.has_base64_inputs = false
+ self.outputs = []
+ self.difficulty = ''
+ self.challenge_path = ''
+ end
+
+ # override this
+ def generate
+ self.outputs << shebang_line + pre_challenge_setup + challenge_content
+ end
+
+ def read_arguments
+ # Get command line arguments
+ opts = get_options
+
+ # process option arguments
+ opts.each do |opt, arg|
+ # Check if base64 decoding is required and set instance variable
+ if opt == '--b64'
+ self.has_base64_inputs = true
+ end
+ # Decode if required
+ argument = self.has_base64_inputs ? Base64.strict_decode64(arg) : arg
+ process_options(opt, argument)
+ end
+ end
+
+ # Override this when using read_fact's in your module
+ def get_options
+ GetoptLong.new(*get_options_array)
+ end
+
+ def get_options_array
+ [['--help', '-h', GetoptLong::NO_ARGUMENT],
+ ['--b64', GetoptLong::OPTIONAL_ARGUMENT],
+ ['--difficulty', GetoptLong::OPTIONAL_ARGUMENT]]
+ end
+
+ # Override this when using read_fact's in your module. Always call super first
+ def process_options(opt, arg)
+ unless option_is_valid(opt)
+ Print.err "Argument not valid: #{arg}"
+ usage
+ exit
+ end
+
+ case opt
+ when '--help'
+ usage
+ when '--b64'
+ # do nothing
+ when '--difficulty'
+ self.difficulty << arg
+
+ end
+ end
+
+ def usage
+ Print.err "Usage:
+ #{$0} [--options]
+"
+ exit
+ end
+
+ def run
+ Print.local module_name
+
+ read_arguments
+
+ Print.local_verbose "Generating..."
+ generate
+
+ # print the first 1000 chars to screen
+ output = self.outputs.to_s
+ length = output.length
+
+ if self.challenge_path
+ Print.local_verbose "Selected: #{self.challenge_path}"
+ end
+
+ if length < 1000
+ Print.local_verbose "Generated: #{output}..."
+ else
+ Print.local_verbose "Generated: #{output.to_s[0..1000]}..."
+ Print.local_verbose "(Displaying 1000/#{length} length output)"
+ end
+
+ puts has_base64_inputs ? base64_encode_outputs : self.outputs
+ end
+
+ def base64_encode_outputs
+ self.outputs.map { |o| Base64.strict_encode64 o }
+ end
+
+ def option_is_valid(opt_to_check)
+ arg_validity = false
+ valid_arguments = get_options_array
+ valid_arguments.each{ |valid_arg_array|
+ valid_arg_array.each_with_index { |valid_arg|
+ if valid_arg == opt_to_check
+ arg_validity = true
+ end
+ }
+ }
+ arg_validity
+ end
+
+ # override me with setup content
+ def pre_challenge_setup
+ end
+
+ # For non-randomised difficulty override me with challenge content
+ def challenge_content
+ randomise_by_difficulty ? select_by_difficulty(randomise_by_difficulty) : ''
+ end
+
+ # Override me with a generator's '__FILE__' path for difficulty based selection.
+ # Files will be selected from the generators secgen_local/ directory based on the difficulty
+ # i.e. 'medium' will select any file that satisfies generators/etc/module_name/secgen_local/medium.*.rb
+ def randomise_by_difficulty
+ false
+ end
+
+ def select_by_difficulty(path)
+ self.challenge_path = Dir.glob(File.dirname(path) + '/' + difficulty + '*').sample
+ File.read(ROOT_DIR + '/' + self.challenge_path)
+ end
+
+ # override me with a string containing the interpreter path e.g. "/bin/bash"
+ def interpreter_path
+ end
+
+ def shebang_line
+ "#!/usr/local/bin/suid #{interpreter_path} --\n"
+ end
+end
+
diff --git a/lib/objects/local_string_encoder.rb b/lib/objects/local_string_encoder.rb
index ed942e643..14c7c2478 100644
--- a/lib/objects/local_string_encoder.rb
+++ b/lib/objects/local_string_encoder.rb
@@ -40,6 +40,21 @@ class StringEncoder
def read_arguments
# Get command line arguments
+ Print.local 'Reading args from STDIN'
+ if ARGV.size == 0
+ begin
+ args_array = []
+ ARGF.each do |arg|
+ arg.strip.split(' ').each do |split|
+ args_array << split
+ end
+ end
+ ARGV.unshift(*args_array)
+ rescue
+ # Do nothing...
+ end
+ end
+
opts = get_options
# process option arguments
@@ -101,6 +116,7 @@ class StringEncoder
Print.local module_name
read_arguments
+ enforce_utf8
Print.local_verbose "Encoding '#{encoding_print_string}'"
encode_all
@@ -115,6 +131,29 @@ class StringEncoder
Print.local_verbose "(Displaying 1000/#{length} length output)"
end
+ enforce_utf8
+ print_outputs
+ end
+
+ # Encode local instance variables as UTF-8
+ def enforce_utf8
+ self.instance_variables.each do |iv|
+ iv_value = self.instance_variable_get(iv)
+ if iv_value.is_a? Array
+ utf8 = []
+ iv_value.map {|element|
+ if element.is_a? String
+ utf8 << element.force_encoding('UTF-8')
+ end
+ }
+ self.instance_variable_set(iv, utf8)
+ elsif iv_value.is_a? String
+ self.instance_variable_set(iv, iv_value.force_encoding('UTF-8'))
+ end
+ end
+ end
+
+ def print_outputs
puts has_base64_inputs ? base64_encode_outputs : self.outputs
end
diff --git a/lib/objects/local_string_generator.rb b/lib/objects/local_string_generator.rb
index 554299ef9..f03cdd894 100644
--- a/lib/objects/local_string_generator.rb
+++ b/lib/objects/local_string_generator.rb
@@ -30,6 +30,21 @@ class StringGenerator
def read_arguments
# Get command line arguments
+ Print.local 'Reading args from STDIN'
+ if ARGV.size == 0
+ begin
+ args_array = []
+ ARGF.each do |arg|
+ arg.strip.split(' ').each do |split|
+ args_array << split
+ end
+ end
+ ARGV.unshift(*args_array)
+ rescue
+ # Do nothing...
+ end
+ end
+
opts = get_options
# process option arguments
@@ -98,6 +113,15 @@ class StringGenerator
Print.local_verbose "(Displaying 1000/#{length} length output)"
end
+ enforce_utf8(self.outputs)
+ print_outputs
+ end
+
+ def enforce_utf8(values)
+ values.map { |o| o.force_encoding('UTF-8') }
+ end
+
+ def print_outputs
puts has_base64_inputs ? base64_encode_outputs : self.outputs
end
diff --git a/lib/objects/system.rb b/lib/objects/system.rb
index e08dcdf2d..30dbd4b2f 100644
--- a/lib/objects/system.rb
+++ b/lib/objects/system.rb
@@ -306,28 +306,31 @@ class System
if selected.local_calc_file
Print.verbose 'Module includes local calculation of output. Processing...'
# build arguments
- args_string = '--b64 ' # Sets the flag for decoding base64
+ args_string = "--b64 " # Sets the flag for decoding base64
selected.received_inputs.each do |input_key, input_values|
puts input_values.inspect
input_values.each do |input_element|
if input_key == ''
Print.warn "Warning: output values not directed to module input"
else
- args_string += "'--#{input_key}=#{Base64.strict_encode64(input_element)}' "
+ args_string += "--#{input_key}=#{Base64.strict_encode64(input_element)} "
end
end
end
# execute calculation script and format output to an array of Base64 strings
- command = "ruby #{selected.local_calc_file} #{args_string}"
- Print.verbose "Running: #{command}"
- outputs = `#{command}`.chomp
- unless $?.success?
+ Print.verbose "Running: ruby #{selected.local_calc_file} #{args_string[0..200]} ..."
+ command = "bundle exec ruby #{selected.local_calc_file}"
+ stdout, stderr, status = Open3.capture3(command, :stdin_data => args_string)
+ puts stderr
+ outputs = stdout.chomp
+
+ unless status
Print.err "Module failed to run (#{command})"
# TODO: this works, but subsequent attempts at resolving the scenario always fail ("Error can't add no data...")
raise 'failed'
end
output_array = outputs.split("\n")
- selected.output = output_array.map { |o| Base64.strict_decode64 o }
+ selected.output = output_array.map { |o| (Base64.strict_decode64 o).force_encoding('UTF-8') }
end
# store the output of the module into a datastore, if specified
diff --git a/lib/resources/blacklisted_words/blacklist.txt b/lib/resources/blacklisted_words/blacklist.txt
new file mode 100644
index 000000000..249457803
--- /dev/null
+++ b/lib/resources/blacklisted_words/blacklist.txt
@@ -0,0 +1,1703 @@
+2 girls 1 cup
+2g1c
+4r5e
+5h1t
+5hit
+a$$
+a$$hole
+a_s_s
+a2m
+a54
+a55
+a55hole
+acrotomophilia
+aeolus
+ahole
+alabama hot pocket
+alaskan pipeline
+anal
+anal impaler
+anal leakage
+analprobe
+anilingus
+anus
+apeshit
+ar5e
+areola
+areole
+arian
+arrse
+arse
+arsehole
+aryan
+ass
+ass fuck
+ass fuck
+ass hole
+assbag
+assbandit
+assbang
+assbanged
+assbanger
+assbangs
+assbite
+assclown
+asscock
+asscracker
+asses
+assface
+assfaces
+assfuck
+assfucker
+ass-fucker
+assfukka
+assgoblin
+assh0le
+asshat
+ass-hat
+asshead
+assho1e
+asshole
+assholes
+asshopper
+ass-jabber
+assjacker
+asslick
+asslicker
+assmaster
+assmonkey
+assmucus
+assmucus
+assmunch
+assmuncher
+assnigger
+asspirate
+ass-pirate
+assshit
+assshole
+asssucker
+asswad
+asswhole
+asswipe
+asswipes
+auto erotic
+autoerotic
+axwound
+azazel
+azz
+b!tch
+b00bs
+b17ch
+b1tch
+babeland
+baby batter
+baby juice
+ball gag
+ball gravy
+ball kicking
+ball licking
+ball sack
+ball sucking
+ballbag
+balls
+ballsack
+bampot
+bang (one's) box
+bangbros
+bareback
+barely legal
+barenaked
+barf
+bastard
+bastardo
+bastards
+bastinado
+batty boy
+bawdy
+bbw
+bdsm
+beaner
+beaners
+beardedclam
+beastial
+beastiality
+beatch
+beaver
+beaver cleaver
+beaver lips
+beef curtain
+beef curtain
+beef curtains
+beeyotch
+bellend
+bender
+beotch
+bescumber
+bestial
+bestiality
+bi+ch
+biatch
+big black
+big breasts
+big knockers
+big tits
+bigtits
+bimbo
+bimbos
+bint
+birdlock
+bitch
+bitch tit
+bitch tit
+bitchass
+bitched
+bitcher
+bitchers
+bitches
+bitchin
+bitching
+bitchtits
+bitchy
+black cock
+blonde action
+blonde on blonde action
+bloodclaat
+bloody
+bloody hell
+blow job
+blow me
+blow mud
+blow your load
+blowjob
+blowjobs
+blue waffle
+blue waffle
+blumpkin
+blumpkin
+bod
+bodily
+boink
+boiolas
+bollock
+bollocks
+bollok
+bollox
+bondage
+boned
+boner
+boners
+bong
+boob
+boobies
+boobs
+booby
+booger
+bookie
+boong
+booobs
+boooobs
+booooobs
+booooooobs
+bootee
+bootie
+booty
+booty call
+booze
+boozer
+boozy
+bosom
+bosomy
+breasts
+Breeder
+brotherfucker
+brown showers
+brunette action
+buceta
+bugger
+bukkake
+bull shit
+bulldyke
+bullet vibe
+bullshit
+bullshits
+bullshitted
+bullturds
+bum
+bum boy
+bumblefuck
+bumclat
+bummer
+buncombe
+bung
+bung hole
+bunghole
+bunny fucker
+bust a load
+bust a load
+busty
+butt
+butt fuck
+butt fuck
+butt plug
+buttcheeks
+buttfuck
+buttfucka
+buttfucker
+butthole
+buttmuch
+buttmunch
+butt-pirate
+buttplug
+c.0.c.k
+c.o.c.k.
+c.u.n.t
+c0ck
+c-0-c-k
+c0cksucker
+caca
+cacafuego
+cahone
+camel toe
+cameltoe
+camgirl
+camslut
+camwhore
+carpet muncher
+carpetmuncher
+cawk
+cervix
+chesticle
+chi-chi man
+chick with a dick
+child-fucker
+chinc
+chincs
+chink
+chinky
+choad
+choade
+choade
+choc ice
+chocolate rosebuds
+chode
+chodes
+chota bags
+chota bags
+cipa
+circlejerk
+cl1t
+cleveland steamer
+climax
+clit
+clit licker
+clit licker
+clitface
+clitfuck
+clitoris
+clitorus
+clits
+clitty
+clitty litter
+clitty litter
+clover clamps
+clunge
+clusterfuck
+cnut
+cocain
+cocaine
+coccydynia
+cock
+c-o-c-k
+cock pocket
+cock pocket
+cock snot
+cock snot
+cock sucker
+cockass
+cockbite
+cockblock
+cockburger
+cockeye
+cockface
+cockfucker
+cockhead
+cockholster
+cockjockey
+cockknocker
+cockknoker
+Cocklump
+cockmaster
+cockmongler
+cockmongruel
+cockmonkey
+cockmunch
+cockmuncher
+cocknose
+cocknugget
+cocks
+cockshit
+cocksmith
+cocksmoke
+cocksmoker
+cocksniffer
+cocksuck
+cocksuck
+cocksucked
+cocksucked
+cocksucker
+cock-sucker
+cocksuckers
+cocksucking
+cocksucks
+cocksucks
+cocksuka
+cocksukka
+cockwaffle
+coffin dodger
+coital
+cok
+cokmuncher
+coksucka
+commie
+condom
+coochie
+coochy
+coon
+coonnass
+coons
+cooter
+cop some wood
+cop some wood
+coprolagnia
+coprophilia
+corksucker
+cornhole
+cornhole
+corp whore
+corp whore
+corpulent
+cox
+crabs
+crack
+cracker
+crackwhore
+crap
+crappy
+creampie
+cretin
+crikey
+cripple
+crotte
+cum
+cum chugger
+cum chugger
+cum dumpster
+cum dumpster
+cum freak
+cum freak
+cum guzzler
+cum guzzler
+cumbubble
+cumdump
+cumdump
+cumdumpster
+cumguzzler
+cumjockey
+cummer
+cummin
+cumming
+cums
+cumshot
+cumshots
+cumslut
+cumstain
+cumtart
+cunilingus
+cunillingus
+cunnie
+cunnilingus
+cunny
+cunt
+c-u-n-t
+cunt hair
+cunt hair
+cuntass
+cuntbag
+cuntbag
+cuntface
+cunthole
+cunthunter
+cuntlick
+cuntlick
+cuntlicker
+cuntlicker
+cuntlicking
+cuntlicking
+cuntrag
+cunts
+cuntsicle
+cuntsicle
+cuntslut
+cunt-struck
+cunt-struck
+cus
+cut rope
+cut rope
+cyalis
+cyberfuc
+cyberfuck
+cyberfuck
+cyberfucked
+cyberfucked
+cyberfucker
+cyberfuckers
+cyberfucking
+cyberfucking
+d0ng
+d0uch3
+d0uche
+d1ck
+d1ld0
+d1ldo
+dago
+dagos
+dammit
+damn
+damned
+damnit
+darkie
+darn
+date rape
+daterape
+dawgie-style
+deep throat
+deepthroat
+deggo
+dendrophilia
+dick
+dick head
+dick hole
+dick hole
+dick shy
+dick shy
+dickbag
+dickbeaters
+dickdipper
+dickface
+dickflipper
+dickfuck
+dickfucker
+dickhead
+dickheads
+dickhole
+dickish
+dick-ish
+dickjuice
+dickmilk
+dickmonger
+dickripper
+dicks
+dicksipper
+dickslap
+dick-sneeze
+dicksucker
+dicksucking
+dicktickler
+dickwad
+dickweasel
+dickweed
+dickwhipper
+dickwod
+dickzipper
+diddle
+dike
+dildo
+dildos
+diligaf
+dillweed
+dimwit
+dingle
+dingleberries
+dingleberry
+dink
+dinks
+dipship
+dipshit
+dirsa
+dirty
+dirty pillows
+dirty sanchez
+dirty Sanchez
+div
+dlck
+dog style
+dog-fucker
+doggie style
+doggiestyle
+doggie-style
+doggin
+dogging
+doggy style
+doggystyle
+doggy-style
+dolcett
+domination
+dominatrix
+dommes
+dong
+donkey punch
+donkeypunch
+donkeyribber
+doochbag
+doofus
+dookie
+doosh
+dopey
+double dong
+double penetration
+Doublelift
+douch3
+douche
+douchebag
+douchebags
+douche-fag
+douchewaffle
+douchey
+dp action
+drunk
+dry hump
+duche
+dumass
+dumb ass
+dumbass
+dumbasses
+Dumbcunt
+dumbfuck
+dumbshit
+dummy
+dumshit
+dvda
+dyke
+dykes
+eat a dick
+eat a dick
+eat hair pie
+eat hair pie
+eat my ass
+ecchi
+ejaculate
+ejaculated
+ejaculates
+ejaculates
+ejaculating
+ejaculating
+ejaculatings
+ejaculation
+ejakulate
+erect
+erection
+erotic
+erotism
+escort
+essohbee
+eunuch
+extacy
+extasy
+f u c k
+f u c k e r
+f.u.c.k
+f_u_c_k
+f4nny
+facial
+fack
+fag
+fagbag
+fagfucker
+fagg
+fagged
+fagging
+faggit
+faggitt
+faggot
+faggotcock
+faggots
+faggs
+fagot
+fagots
+fags
+fagtard
+faig
+faigt
+fanny
+fannybandit
+fannyflaps
+fannyfucker
+fanyy
+fart
+fartknocker
+fatass
+fcuk
+fcuker
+fcuking
+fecal
+feck
+fecker
+feist
+felch
+felcher
+felching
+fellate
+fellatio
+feltch
+feltcher
+female squirting
+femdom
+fenian
+fice
+figging
+fingerbang
+fingerfuck
+fingerfuck
+fingerfucked
+fingerfucked
+fingerfucker
+fingerfucker
+fingerfuckers
+fingerfucking
+fingerfucking
+fingerfucks
+fingerfucks
+fingering
+fist fuck
+fist fuck
+fisted
+fistfuck
+fistfucked
+fistfucked
+fistfucker
+fistfucker
+fistfuckers
+fistfuckers
+fistfucking
+fistfucking
+fistfuckings
+fistfuckings
+fistfucks
+fistfucks
+fisting
+fisty
+flamer
+flange
+flaps
+fleshflute
+flog the log
+flog the log
+floozy
+foad
+foah
+fondle
+foobar
+fook
+fooker
+foot fetish
+footjob
+foreskin
+freex
+frenchify
+frigg
+frigga
+frotting
+fubar
+fuc
+fuck
+fuck
+f-u-c-k
+fuck buttons
+fuck hole
+fuck hole
+Fuck off
+fuck puppet
+fuck puppet
+fuck trophy
+fuck trophy
+fuck yo mama
+fuck yo mama
+fuck you
+fucka
+fuckass
+fuck-ass
+fuck-ass
+fuckbag
+fuck-bitch
+fuck-bitch
+fuckboy
+fuckbrain
+fuckbutt
+fuckbutter
+fucked
+fuckedup
+fucker
+fuckers
+fuckersucker
+fuckface
+fuckhead
+fuckheads
+fuckhole
+fuckin
+fucking
+fuckings
+fuckingshitmotherfucker
+fuckme
+fuckme
+fuckmeat
+fuckmeat
+fucknugget
+fucknut
+fucknutt
+fuckoff
+fucks
+fuckstick
+fucktard
+fuck-tard
+fucktards
+fucktart
+fucktoy
+fucktoy
+fucktwat
+fuckup
+fuckwad
+fuckwhit
+fuckwit
+fuckwitt
+fudge packer
+fudgepacker
+fudge-packer
+fuk
+fuker
+fukker
+fukkers
+fukkin
+fuks
+fukwhit
+fukwit
+fuq
+futanari
+fux
+fux0r
+fvck
+fxck
+gae
+gai
+gang bang
+gangbang
+gang-bang
+gang-bang
+gangbanged
+gangbangs
+ganja
+gash
+gassy ass
+gassy ass
+gay
+gay sex
+gayass
+gaybob
+gaydo
+gayfuck
+gayfuckist
+gaylord
+gays
+gaysex
+gaytard
+gaywad
+gender bender
+genitals
+gey
+gfy
+ghay
+ghey
+giant cock
+gigolo
+ginger
+gippo
+girl on
+girl on top
+girls gone wild
+git
+glans
+goatcx
+goatse
+god
+god damn
+godamn
+godamnit
+goddam
+god-dam
+goddammit
+goddamn
+goddamned
+god-damned
+goddamnit
+godsdamn
+gokkun
+golden shower
+goldenshower
+golliwog
+gonad
+gonads
+goo girl
+gooch
+goodpoop
+gook
+gooks
+goregasm
+gringo
+grope
+group sex
+gspot
+g-spot
+gtfo
+guido
+guro
+h0m0
+h0mo
+ham flap
+ham flap
+hand job
+handjob
+hard core
+hard on
+hardcore
+hardcoresex
+he11
+hebe
+heeb
+hell
+hemp
+hentai
+heroin
+herp
+herpes
+herpy
+heshe
+he-she
+hircismus
+hitler
+hiv
+ho
+hoar
+hoare
+hobag
+hoe
+hoer
+holy shit
+hom0
+homey
+homo
+homodumbshit
+homoerotic
+homoey
+honkey
+honky
+hooch
+hookah
+hooker
+hoor
+hootch
+hooter
+hooters
+hore
+horniest
+horny
+hot carl
+hot chick
+hotsex
+how to kill
+how to murdep
+how to murder
+huge fat
+hump
+humped
+humping
+hun
+hussy
+hymen
+iap
+iberian slap
+inbred
+incest
+injun
+intercourse
+jack off
+jackass
+jackasses
+jackhole
+jackoff
+jack-off
+jaggi
+jagoff
+jail bait
+jailbait
+jap
+japs
+jelly donut
+jerk
+jerk off
+jerk0ff
+jerkass
+jerked
+jerkoff
+jerk-off
+jigaboo
+jiggaboo
+jiggerboo
+jism
+jiz
+jiz
+jizm
+jizm
+jizz
+jizzed
+jock
+juggs
+jungle bunny
+junglebunny
+junkie
+junky
+kafir
+kawk
+kike
+kikes
+kill
+kinbaku
+kinkster
+kinky
+klan
+knob
+knob end
+knobbing
+knobead
+knobed
+knobend
+knobhead
+knobjocky
+knobjokey
+kock
+kondum
+kondums
+kooch
+kooches
+kootch
+kraut
+kum
+kummer
+kumming
+kums
+kunilingus
+kunja
+kunt
+kwif
+kwif
+kyke
+l3i+ch
+l3itch
+labia
+lameass
+lardass
+leather restraint
+leather straight jacket
+lech
+lemon party
+LEN
+leper
+lesbian
+lesbians
+lesbo
+lesbos
+lez
+lezza/lesbo
+lezzie
+lmao
+lmfao
+loin
+loins
+lolita
+looney
+lovemaking
+lube
+lust
+lusting
+lusty
+m0f0
+m0fo
+m45terbate
+ma5terb8
+ma5terbate
+mafugly
+mafugly
+make me come
+male squirting
+mams
+masochist
+massa
+masterb8
+masterbat*
+masterbat3
+masterbate
+master-bate
+master-bate
+masterbating
+masterbation
+masterbations
+masturbate
+masturbating
+masturbation
+maxi
+mcfagget
+menage a trois
+menses
+menstruate
+menstruation
+meth
+m-fucking
+mick
+microphallus
+middle finger
+midget
+milf
+minge
+minger
+missionary position
+mof0
+mofo
+mo-fo
+molest
+mong
+moo moo foo foo
+moolie
+moron
+mothafuck
+mothafucka
+mothafuckas
+mothafuckaz
+mothafucked
+mothafucked
+mothafucker
+mothafuckers
+mothafuckin
+mothafucking
+mothafucking
+mothafuckings
+mothafucks
+mother fucker
+mother fucker
+motherfuck
+motherfucka
+motherfucked
+motherfucker
+motherfuckers
+motherfuckin
+motherfucking
+motherfuckings
+motherfuckka
+motherfucks
+mound of venus
+mr hands
+muff
+muff diver
+muff puff
+muff puff
+muffdiver
+muffdiving
+munging
+munter
+murder
+mutha
+muthafecker
+muthafuckker
+muther
+mutherfucker
+n1gga
+n1gger
+naked
+nambla
+napalm
+nappy
+nawashi
+nazi
+nazism
+need the dick
+need the dick
+negro
+neonazi
+nig nog
+nigaboo
+nigg3r
+nigg4h
+nigga
+niggah
+niggas
+niggaz
+nigger
+niggers
+niggle
+niglet
+nig-nog
+nimphomania
+nimrod
+ninny
+ninnyhammer
+nipple
+nipples
+nob
+nob jokey
+nobhead
+nobjocky
+nobjokey
+nonce
+nsfw images
+nude
+nudity
+numbnuts
+nut butter
+nut butter
+nut sack
+nutsack
+nutter
+nympho
+nymphomania
+octopussy
+old bag
+omg
+omorashi
+one cup two girls
+one guy one jar
+opiate
+opium
+orally
+organ
+orgasim
+orgasims
+orgasm
+orgasmic
+orgasms
+orgies
+orgy
+ovary
+ovum
+ovums
+p.u.s.s.y.
+p0rn
+paedophile
+paki
+panooch
+pansy
+pantie
+panties
+panty
+pawn
+pcp
+pecker
+peckerhead
+pedo
+pedobear
+pedophile
+pedophilia
+pedophiliac
+pee
+peepee
+pegging
+penetrate
+penetration
+penial
+penile
+penis
+penisbanger
+penisfucker
+penispuffer
+perversion
+phallic
+phone sex
+phonesex
+phuck
+phuk
+phuked
+phuking
+phukked
+phukking
+phuks
+phuq
+piece of shit
+pigfucker
+pikey
+pillowbiter
+pimp
+pimpis
+pinko
+piss
+piss off
+piss pig
+pissed
+pissed off
+pisser
+pissers
+pisses
+pisses
+pissflaps
+pissin
+pissin
+pissing
+pissoff
+pissoff
+piss-off
+pisspig
+playboy
+pleasure chest
+pms
+polack
+pole smoker
+polesmoker
+pollock
+ponyplay
+poof
+poon
+poonani
+poonany
+poontang
+poop
+poop chute
+poopchute
+Poopuncher
+porch monkey
+porchmonkey
+porn
+porno
+pornography
+pornos
+pot
+potty
+prick
+pricks
+prickteaser
+prig
+prince albert piercing
+prod
+pron
+prostitute
+prude
+psycho
+pthc
+pube
+pubes
+pubic
+pubis
+punani
+punanny
+punany
+punkass
+punky
+punta
+puss
+pusse
+pussi
+pussies
+pussy
+pussy fart
+pussy fart
+pussy palace
+pussy palace
+pussylicking
+pussypounder
+pussys
+pust
+puto
+queaf
+queaf
+queef
+queer
+queerbait
+queerhole
+queero
+queers
+quicky
+quim
+racy
+raghead
+raging boner
+rape
+raped
+raper
+rapey
+raping
+rapist
+raunch
+rectal
+rectum
+rectus
+reefer
+reetard
+reich
+renob
+retard
+retarded
+reverse cowgirl
+revue
+rimjaw
+rimjob
+rimming
+ritard
+rosy palm
+rosy palm and her 5 sisters
+rtard
+r-tard
+rubbish
+rum
+rump
+rumprammer
+ruski
+rusty trombone
+s hit
+s&m
+s.h.i.t.
+s.o.b.
+s_h_i_t
+s0b
+sadism
+sadist
+sambo
+sand nigger
+sandbar
+sandbar
+Sandler
+sandnigger
+sanger
+santorum
+sausage queen
+sausage queen
+scag
+scantily
+scat
+schizo
+schlong
+scissoring
+screw
+screwed
+screwing
+scroat
+scrog
+scrot
+scrote
+scrotum
+scrud
+scum
+seaman
+seamen
+seduce
+seks
+semen
+sex
+sexo
+sexual
+sexy
+sh!+
+sh!t
+sh1t
+s-h-1-t
+shag
+shagger
+shaggin
+shagging
+shamedame
+shaved beaver
+shaved pussy
+shemale
+shi+
+shibari
+shirt lifter
+shit
+s-h-i-t
+shit ass
+shit fucker
+shit fucker
+shitass
+shitbag
+shitbagger
+shitblimp
+shitbrains
+shitbreath
+shitcanned
+shitcunt
+shitdick
+shite
+shiteater
+shited
+shitey
+shitface
+shitfaced
+shitfuck
+shitfull
+shithead
+shitheads
+shithole
+shithouse
+shiting
+shitings
+shits
+shitspitter
+shitstain
+shitt
+shitted
+shitter
+shitters
+shitters
+shittier
+shittiest
+shitting
+shittings
+shitty
+shiz
+shiznit
+shota
+shrimping
+sissy
+skag
+skank
+skeet
+skullfuck
+slag
+slanteye
+slave
+sleaze
+sleazy
+slope
+slope
+slut
+slut bucket
+slut bucket
+slutbag
+slutdumper
+slutkiss
+sluts
+smartass
+smartasses
+smeg
+smegma
+smut
+smutty
+snatch
+sniper
+snowballing
+snuff
+s-o-b
+sod off
+sodom
+sodomize
+sodomy
+son of a bitch
+son of a motherless goat
+son of a whore
+son-of-a-bitch
+souse
+soused
+spac
+spade
+sperm
+spic
+spick
+spik
+spiks
+splooge
+splooge moose
+spooge
+spook
+spread legs
+spunk
+stfu
+stiffy
+stoned
+strap on
+strapon
+strappado
+strip
+strip club
+stroke
+stupid
+style doggy
+suck
+suckass
+sucked
+sucking
+sucks
+suicide girls
+sultry women
+sumofabiatch
+swastika
+swinger
+t1t
+t1tt1e5
+t1tties
+taff
+taig
+tainted love
+taking the piss
+tampon
+tard
+tart
+taste my
+tawdry
+tea bagging
+teabagging
+teat
+teets
+teez
+teste
+testee
+testes
+testical
+testicle
+testis
+threesome
+throating
+thrust
+thug
+thundercunt
+tied up
+tight white
+tinkle
+tit
+tit wank
+tit wank
+titfuck
+titi
+tities
+tits
+titt
+tittie5
+tittiefucker
+titties
+titty
+tittyfuck
+tittyfucker
+tittywank
+titwank
+toke
+tongue in a
+toots
+topless
+tosser
+towelhead
+tramp
+tranny
+transsexual
+trashy
+tribadism
+trumped
+tub girl
+tubgirl
+turd
+tush
+tushy
+tw4t
+twat
+twathead
+twatlips
+twats
+twatty
+twatwaffle
+twink
+twinkie
+two fingers
+two fingers with tongue
+two girls one cup
+twunt
+twunter
+ugly
+unclefucker
+undies
+undressing
+unwed
+upskirt
+urethra play
+urinal
+urine
+urophilia
+uterus
+uzi
+v14gra
+v1gra
+vag
+vagina
+vajayjay
+va-j-j
+valium
+venus mound
+veqtable
+viagra
+vibrator
+violet wand
+virgin
+vixen
+vjayjay
+vodka
+vomit
+vorarephilia
+voyeur
+vulgar
+vulva
+w00se
+wad
+wang
+wank
+wanker
+wankjob
+wanky
+wazoo
+wedgie
+weed
+weenie
+weewee
+weiner
+weirdo
+wench
+wet dream
+wetback
+wh0re
+wh0reface
+white power
+whiz
+whoar
+whoralicious
+whore
+whorealicious
+whorebag
+whored
+whoreface
+whorehopper
+whorehouse
+whores
+whoring
+wigger
+willies
+willy
+window licker
+wiseass
+wiseasses
+wog
+womb
+wop
+wrapping men
+wrinkled starfish
+wtf
+xrated
+x-rated
+xx
+xxx
+yaoi
+yeasty
+yellow showers
+yid
+yiffy
+yobbo
+zibbi
+zoophilia
+zubb
diff --git a/lib/schemas/encoder_metadata_schema.xsd b/lib/schemas/encoder_metadata_schema.xsd
index 4bcaa06ec..e9acdb4d7 100644
--- a/lib/schemas/encoder_metadata_schema.xsd
+++ b/lib/schemas/encoder_metadata_schema.xsd
@@ -11,6 +11,13 @@
+
+
+
+
+
+
+
@@ -32,6 +39,7 @@
+
diff --git a/lib/schemas/scenario_schema.xsd b/lib/schemas/scenario_schema.xsd
index 528cdc50d..e1038d354 100644
--- a/lib/schemas/scenario_schema.xsd
+++ b/lib/schemas/scenario_schema.xsd
@@ -125,6 +125,7 @@
+
diff --git a/lib/schemas/vulnerability_metadata_schema.xsd b/lib/schemas/vulnerability_metadata_schema.xsd
index fc476d44b..d1f7093ef 100644
--- a/lib/schemas/vulnerability_metadata_schema.xsd
+++ b/lib/schemas/vulnerability_metadata_schema.xsd
@@ -41,6 +41,16 @@
+
+
+
+
+
+
+
+
+
+
@@ -114,11 +124,15 @@
+
+
+
+
+
-
@@ -186,12 +200,16 @@
+
+
+
+
+
-
@@ -223,7 +241,10 @@
+
+
+
@@ -257,7 +278,10 @@
+
+
+
diff --git a/lib/templates/Puppetfile.erb b/lib/templates/Puppetfile.erb
index dd25ea8ed..2ba8cf153 100644
--- a/lib/templates/Puppetfile.erb
+++ b/lib/templates/Puppetfile.erb
@@ -8,7 +8,7 @@
forge "https://forgeapi.puppetlabs.com"
-mod 'puppetlabs-stdlib', '4.18.0', :path => '<%= STDLIB_PUPPET_DIR %>' # stdlib enables parsejson() in manifests and other useful functions
+mod 'puppetlabs-stdlib', '4.24.0' # stdlib enables parsejson() in manifests and other useful functions
mod 'SecGen-secgen_functions', :path => '<%= SECGEN_FUNCTIONS_PUPPET_DIR %>'
<% @currently_processing_system.module_selections.each do |selected_module| -%>
diff --git a/modules/bases/debian_stretch/secgen_metadata.xml b/modules/bases/debian_stretch/secgen_metadata.xml
index 68e55d127..8d90df6f0 100644
--- a/modules/bases/debian_stretch/secgen_metadata.xml
+++ b/modules/bases/debian_stretch/secgen_metadata.xml
@@ -18,4 +18,4 @@
debian_stretch_server_291118
various
-
+
\ No newline at end of file
diff --git a/modules/bases/ubuntu_xenial_64/secgen_metadata.xml b/modules/bases/ubuntu_xenial_64/secgen_metadata.xml
new file mode 100644
index 000000000..f013c4cfb
--- /dev/null
+++ b/modules/bases/ubuntu_xenial_64/secgen_metadata.xml
@@ -0,0 +1,22 @@
+
+
+
+ Ubuntu Xenial 16.04 LTS 64-bit Server by puppetlabs
+ Thomas Shaw
+ GPLv3
+ TODO
+ 64-bit
+ server
+ cli
+
+ linux
+ unix
+ Ubuntu Xenial 16.04 LTS
+ https://app.vagrantup.com/puppetlabs/boxes/ubuntu-16.04-64-puppet/versions/1.0.0/providers/virtualbox.box
+ debian_server
+
+ https://atlas.hashicorp.com/puppetlabs
+ various
+
diff --git a/modules/build/puppet/secgen_functions/manifests/compile_binary_module.pp b/modules/build/puppet/secgen_functions/manifests/compile_binary_module.pp
new file mode 100644
index 000000000..da7396b54
--- /dev/null
+++ b/modules/build/puppet/secgen_functions/manifests/compile_binary_module.pp
@@ -0,0 +1,29 @@
+# Install function for setgid binaries
+# -- Modules calling this function must provide a Makefile and any .c files within it's /files directory
+
+define secgen_functions::compile_binary_module (
+ $source_module_name, # Name of the module that calls this function
+ $binary_directory, # Output path of the compiled binary
+ $challenge_name, # Name of the challenge / binary
+) {
+
+ ensure_packages('build-essential')
+ ensure_packages('gcc-multilib')
+
+ $modules_source = "puppet:///modules/$source_module_name"
+
+ # Move contents of the module's files directory into compile directory
+ file { "create-$binary_directory-$source_module_name":
+ path => $binary_directory,
+ ensure => directory,
+ recurse => true,
+ source => $modules_source,
+ }
+
+ # Build the binary with gcc
+ exec { "gcc_$challenge_name-$binary_directory":
+ cwd => $binary_directory,
+ command => "/usr/bin/make",
+ require => File["create-$binary_directory-$source_module_name"]
+ }
+}
diff --git a/modules/build/puppet/secgen_functions/manifests/create_directory.pp b/modules/build/puppet/secgen_functions/manifests/create_directory.pp
new file mode 100644
index 000000000..64da91b00
--- /dev/null
+++ b/modules/build/puppet/secgen_functions/manifests/create_directory.pp
@@ -0,0 +1,6 @@
+define secgen_functions::create_directory($res='create-dir', $path){
+ exec { "secgen_create_directory_$res":
+ path => '/bin:/sbin:/usr/bin:/usr/sbin',
+ command => "mkdir -p $path"
+ }
+}
diff --git a/modules/build/puppet/secgen_functions/manifests/install_setgid_binary.pp b/modules/build/puppet/secgen_functions/manifests/install_setgid_binary.pp
new file mode 100644
index 000000000..e5884d69c
--- /dev/null
+++ b/modules/build/puppet/secgen_functions/manifests/install_setgid_binary.pp
@@ -0,0 +1,83 @@
+# Install function for setgid binaries
+# -- Modules calling this function must provide a Makefile and any .c files within it's /files directory
+
+define secgen_functions::install_setgid_binary (
+ $challenge_name, # Challenge name, used for the wrapper-directory
+ $source_module_name, # Name of the module that calls this function
+ $group, # Name of group
+ $account, # User account
+ $flag, # ctf flag string
+ $flag_name, # ctf flag name
+ $binary_path = '', # Optional : Provide the path to a binary file that has already been compiled
+ $storage_dir = '', # Optional: Storage directory (takes precedent if supplied, e.g. nfs / smb share dir)
+ $strings_to_leak = [''], # Optional: strings to leak (could contain instructions or a message)
+) {
+
+ ensure_packages(['build-essential','gcc-multilib'])
+
+ if !$account {
+ err('install: account is required for setgid challenges')
+ fail
+ }
+
+ if $account {
+ $username = $account['username']
+
+ ensure_resource('parameterised_accounts::account', "parameterised_$username",
+ { "username" => $account['username'],
+ "password" => $account['password'],
+ "super_user" => str2bool($account['super_user']),
+ "strings_to_leak" => $account['strings_to_leak'],
+ "leaked_filenames" => $account['leaked_filenames'], })
+
+ if $storage_dir {
+ $storage_directory = $storage_dir
+ } else {
+ $storage_directory = "/home/$username"
+ }
+
+ $challenge_directory = "$storage_directory/$challenge_name"
+ $modules_source = "puppet:///modules/$source_module_name"
+
+ if $binary_path == '' {
+ $outer_bin_path = "/tmp/$challenge_name"
+ $bin_path = "$outer_bin_path/$challenge_name"
+ ::secgen_functions::compile_binary_module { "compile-$source_module_name-$challenge_name":
+ source_module_name => $source_module_name,
+ binary_directory => $outer_bin_path,
+ challenge_name => $challenge_name,
+ notify => Secgen_functions::Create_directory["create_$challenge_directory"]
+ }
+ } else {
+ $bin_path = $binary_path
+ }
+
+ ensure_resource('group', $group, { 'ensure' => 'present' })
+
+ # Create challenge directory
+ ensure_resource('file', $storage_directory, { 'ensure' => 'directory'})
+ ensure_resource('file', $challenge_directory, { 'ensure' => 'directory'})
+
+ # Move the compiled binary into the challenge directory
+ file { "$challenge_directory/$challenge_name":
+ ensure => present,
+ owner => 'root',
+ group => $group,
+ mode => '2771',
+ source => $bin_path,
+ require => File[$challenge_directory]
+ }
+
+ # Drop the flag file on the box and set permissions
+ ::secgen_functions::leak_files { "$challenge_directory/$challenge_name-flag-leak":
+ storage_directory => "$challenge_directory",
+ leaked_filenames => [$flag_name],
+ strings_to_leak => [$flag],
+ owner => 'root',
+ group => $group,
+ mode => '0440',
+ leaked_from => "$source_module_name/$challenge_name",
+ require => [Group[$group], File["$challenge_directory/$challenge_name"]],
+ }
+
+}
diff --git a/modules/build/puppet/secgen_functions/manifests/install_setgid_script.pp b/modules/build/puppet/secgen_functions/manifests/install_setgid_script.pp
new file mode 100644
index 000000000..d488dbebf
--- /dev/null
+++ b/modules/build/puppet/secgen_functions/manifests/install_setgid_script.pp
@@ -0,0 +1,96 @@
+# Install function for setgid binaries
+# -- usage depends on utilities/accounts and utilities/xinetd so ensure they are included as requirements
+# TODO: this is probably a poor way of doing this - can we automate it?
+
+define secgen_functions::install_setgid_script (
+ $challenge_name, # Challenge name, used for the wrapper-directory
+ $script_name, # Script filename
+ $script_data, # Script data
+ $source_module_name, # Name of the module that calls this function
+ $group, # Name of group
+ $account, # User account
+ $flag, # ctf flag string
+ $flag_name = 'flag', # ctf flag name
+ $port, # Optional: script will be run on network port using xinetd
+ $storage_directory = '', # Optional: Storage directory (takes precedent if supplied, e.g. nfs / smb share dir)
+ $strings_to_leak = [''], # Optional: strings to leak (could contain instructions or a message)
+) {
+
+ ensure_packages(['build-essential','gcc-multilib'])
+
+ if $group and $group[0] {
+ $grp = $group[0]
+ } else {
+ $grp = $challenge_name
+ }
+
+ if $account and $account[0] and $account[0] != ''{
+ $acc = parsejson($account[0])
+ $username = $acc['username']
+
+ ::accounts::user { $username:
+ shell => '/bin/bash',
+ password => pw_hash($acc['password'], 'SHA-512', 'mysalt'),
+ managehome => true,
+ home_mode => '0755',
+ }
+
+ $storage_dir = "/home/$username"
+
+ } elsif $storage_directory and $storage_directory[0]{
+ $storage_dir = $storage_directory[0]
+ $username = 'root'
+ } else {
+ err('install: either account or storage_dir is required')
+ fail
+ }
+
+ $challenge_directory = "$storage_dir/$challenge_name"
+ $modules_source = "puppet:///modules/$source_module_name"
+
+ group { $grp:
+ ensure => present,
+ }
+
+ # Create challenge directory
+ ::secgen_functions::create_directory { "create_$challenge_directory":
+ path => $challenge_directory,
+ notify => File["$challenge_directory/$script_name"],
+ }
+
+ # Move the compiled binary into the challenge directory
+ file { "$challenge_directory/$script_name":
+ ensure => present,
+ owner => 'root',
+ group => $grp,
+ mode => '2775',
+ content => $script_data,
+ require => Group[$grp],
+ }
+
+ # Drop the flag file on the box and set permissions
+ ::secgen_functions::leak_files { "$username-file-leak":
+ storage_directory => "$challenge_directory",
+ leaked_filenames => [$flag_name],
+ strings_to_leak => [$flag[0]],
+ owner => 'root',
+ group => $grp,
+ mode => '0440',
+ leaked_from => "$source_module_name-$module_name",
+ require => Group[$grp],
+ }
+
+ if $port and $port[0] {
+ $p = $port[0]
+ notice("Running $challenge_name on port $p (dir: $challenge_directory")
+ xinetd::service { "xinetd_$challenge_name":
+ port => $p,
+ server => "$challenge_directory/$script_name",
+ require => File["$challenge_directory/$script_name"],
+ service_type => 'UNLISTED',
+ server_args => $challenge_directory,
+ user => $username,
+ group => $grp,
+ }
+ }
+}
diff --git a/modules/build/puppet/secgen_functions/manifests/install_setuid_root_binary.pp b/modules/build/puppet/secgen_functions/manifests/install_setuid_root_binary.pp
index a66ecbd6a..39f65462c 100644
--- a/modules/build/puppet/secgen_functions/manifests/install_setuid_root_binary.pp
+++ b/modules/build/puppet/secgen_functions/manifests/install_setuid_root_binary.pp
@@ -4,25 +4,18 @@
define secgen_functions::install_setuid_root_binary (
$challenge_name, # Challenge name, used for the wrapper-directory
$source_module_name, # Name of the module that calls this function
- $gcc_output_binary_name, # Temporary name of the binary output by gcc when when /bin/make runs the Makefile
- $challenge_binary_name, # Renamed binary on copy to challenge directory, could differ from above
$account, # User account (leak here if $storage_directory is not supplied)
$flag, # ctf flag string
- $storage_dir = [''], # Optional: Storage directory (takes precedent if supplied, e.g. nfs / smb share dir)
+ $flag_name, # ctf flag name
+ $storage_dir = '', # Optional: Storage directory (takes precedent if supplied, e.g. nfs / smb share dir)
$strings_to_leak = [''], # Optional: strings to leak (could contain instructions or a message)
) {
ensure_packages('build-essential')
ensure_packages('gcc-multilib')
- # Use either storage directory or account's home directory. storage_directory takes precedent
- if $storage_dir[0] != '' {
- $storage_directory = $storage_dir[0]
- $leaked_filenames = ["$challenge_name-instructions"]
- } elsif $account {
+ if $account {
$username = $account['username']
- $storage_directory = "/home/$username"
- $leaked_filenames = $account['leaked_filenames']
::accounts::user { $username:
shell => '/bin/bash',
@@ -30,8 +23,9 @@ define secgen_functions::install_setuid_root_binary (
managehome => true,
home_mode => '0755',
}
+ $storage_directory = "/home/$username"
} else {
- err('dc16_amadhj::install: Either storage_directory or account is required')
+ err('install: either account or storage_dir is required')
fail
}
@@ -40,54 +34,51 @@ define secgen_functions::install_setuid_root_binary (
$modules_source = "puppet:///modules/$source_module_name"
# Create challenge directory
- file { $challenge_directory:
- ensure => directory,
+ ::secgen_functions::create_directory { "create_$challenge_directory":
+ path => $challenge_directory,
+ notify => File["create_$compile_directory"],
}
# Move contents of the module's files directory into compile directory
- file { $compile_directory:
+ file { "create_$compile_directory":
+ path => $compile_directory,
ensure => directory,
recurse => true,
source => $modules_source,
- notify => Exec["gcc_$gcc_output_binary_name-$compile_directory"],
}
# Build the binary with gcc
- exec { "gcc_$gcc_output_binary_name-$compile_directory":
+ exec { "gcc_$challenge_name-$compile_directory":
cwd => $compile_directory,
command => "/usr/bin/make",
- require => [File[$challenge_directory, $compile_directory], Package['build-essential', 'gcc-multilib']]
+ require => [File["create_$compile_directory"], Package['build-essential', 'gcc-multilib']]
}
# Move the compiled binary into the challenge directory
- file { "$challenge_directory/$challenge_binary_name":
+ file { "$challenge_directory/$challenge_name":
ensure => present,
owner => 'root',
group => 'root',
mode => '4755',
- source => "$compile_directory/$gcc_output_binary_name",
- require => Exec["gcc_$gcc_output_binary_name-$compile_directory"],
+ source => "$compile_directory/$challenge_name",
+ require => Exec["gcc_$challenge_name-$compile_directory"],
}
# Drop the flag file on the box and set permissions
- file { "$challenge_directory/flag":
- ensure => present,
- content => $flag,
- mode => '0600',
- require => Exec["gcc_$gcc_output_binary_name-$compile_directory"],
+ ::secgen_functions::leak_files { "$username-file-leak":
+ storage_directory => "$challenge_directory",
+ leaked_filenames => [$flag_name],
+ strings_to_leak => [$flag],
+ owner => 'root',
+ mode => '0400',
+ leaked_from => "accounts_$username",
+ require => Exec["gcc_$challenge_name-$compile_directory"],
+ notify => Exec["remove_$compile_directory"],
}
# Remove compile directory
exec { "remove_$compile_directory":
command => "/bin/rm -rf $compile_directory",
- require => File["$challenge_directory/$challenge_binary_name", "$challenge_directory/flag"]
- }
-
- # Leak messages / instructions in a text file in the storage directory / home directory
- ::secgen_functions::leak_files { "$challenge_directory-strings_to_leak":
- storage_directory => $challenge_directory,
- leaked_filenames => $leaked_filenames,
- strings_to_leak => $strings_to_leak,
- leaked_from => $source_module_name,
+ require => [File["$challenge_directory/$challenge_name"]]
}
}
diff --git a/modules/build/puppet/secgen_functions/manifests/leak_data.pp b/modules/build/puppet/secgen_functions/manifests/leak_data.pp
new file mode 100644
index 000000000..f7f477690
--- /dev/null
+++ b/modules/build/puppet/secgen_functions/manifests/leak_data.pp
@@ -0,0 +1,50 @@
+define secgen_functions::leak_data (
+ $data_to_leak = [],
+ $storage_directory,
+ $owner = 'root',
+ $group = 'root',
+ $mode = '0660',
+ $leaked_from = ''
+) {
+
+ $data_to_leak.each |$i, $data_element| {
+ if "secgen_leaked_data" in $data_element {
+ $secgen_leaked_data = parsejson($data_element)
+
+ $data = $secgen_leaked_data['secgen_leaked_data']['data']
+ $filename = $secgen_leaked_data['secgen_leaked_data']['filename']
+ $ext = $secgen_leaked_data['secgen_leaked_data']['ext']
+ $subdirectory = $secgen_leaked_data['secgen_leaked_data']['subdirectory']
+
+ if $ext != '' {
+ $full_filename = "$filename.$ext"
+ } else {
+ $full_filename = $filename
+ }
+
+ $storage_dir = "$storage_directory/$subdirectory"
+ $path_to_leak = "$storage_dir/$full_filename"
+ $leaked_file_resource = "$leaked_from-$path_to_leak"
+
+ unless $subdirectory == '' {
+ ::secgen_functions::create_directory { "create-$storage_dir-$i":
+ res => "create-$storage_dir-$i",
+ path => $storage_dir,
+ notify => File[$path_to_leak]
+ }
+ }
+
+ file { $path_to_leak:
+ ensure => present,
+ owner => $owner,
+ group => $group,
+ mode => $mode,
+ content => base64('decode', $data)
+ }
+
+ } else {
+ fail("Invalid data!")
+ }
+ }
+
+}
diff --git a/modules/build/puppet/secgen_functions/manifests/leak_files.pp b/modules/build/puppet/secgen_functions/manifests/leak_files.pp
index fef69b944..e2abe595b 100644
--- a/modules/build/puppet/secgen_functions/manifests/leak_files.pp
+++ b/modules/build/puppet/secgen_functions/manifests/leak_files.pp
@@ -6,33 +6,33 @@ define secgen_functions::leak_files($leaked_filenames=[], $storage_directory, $s
# Pair strings with the leaked_filenames and leak them.
$string_leak_pairs = zip($strings_to_leak, $leaked_filenames)
$string_leak_pairs.each |$counter, $leak_pair| {
- $leaked_strings = $leak_pair[0]
- $leaked_filename = $leak_pair[1]
+ $leaked_strings = $leak_pair[0]
+ $leaked_filename = $leak_pair[1]
- # until we run out of filenames, create a new file per string
- unless $leaked_filename == undef {
- $leaked_file_resource = "$leaked_from-$leaked_filename-$counter"
- secgen_functions::leak_file { $leaked_file_resource:
- leaked_filename => $leaked_filename,
- storage_directory => $storage_directory,
- strings_to_leak => $leaked_strings,
- owner => $owner,
- mode => $mode,
- }
- } else {
- # Then just add to first file.
- $first_filename = $leaked_filenames[0]
- $leaked_file_resource = "$leaked_from-$first_filename-$counter"
- secgen_functions::leak_file { $leaked_file_resource:
- leaked_filename => $first_filename,
- storage_directory => $storage_directory,
- strings_to_leak => $leaked_strings,
- owner => $owner,
- mode => $mode,
- leaked_from => $leaked_file_resource, # pass this in when appending to avoid resource clashes
- }
+ # until we run out of filenames, create a new file per string
+ unless $leaked_filename == undef {
+ $leaked_file_resource = "$leaked_from-$leaked_filename-$counter"
+ secgen_functions::leak_file { $leaked_file_resource:
+ leaked_filename => $leaked_filename,
+ storage_directory => $storage_directory,
+ strings_to_leak => $leaked_strings,
+ owner => $owner,
+ mode => $mode,
+ }
+ } else {
+ # Then just add to first file.
+ $first_filename = $leaked_filenames[0]
+ $leaked_file_resource = "$leaked_from-$first_filename-$counter"
+ secgen_functions::leak_file { $leaked_file_resource:
+ leaked_filename => $first_filename,
+ storage_directory => $storage_directory,
+ strings_to_leak => $leaked_strings,
+ owner => $owner,
+ mode => $mode,
+ leaked_from => $leaked_file_resource, # pass this in when appending to avoid resource clashes
}
}
+ }
# Leak images with name image#{$counter}.png
# First file is image1.png not image0.png
diff --git a/modules/encoders/string/base64/base64.pp b/modules/encoders/bases/base64/base64.pp
similarity index 100%
rename from modules/encoders/string/base64/base64.pp
rename to modules/encoders/bases/base64/base64.pp
diff --git a/modules/encoders/string/base64/manifests/.no_puppet b/modules/encoders/bases/base64/manifests/.no_puppet
similarity index 100%
rename from modules/encoders/string/base64/manifests/.no_puppet
rename to modules/encoders/bases/base64/manifests/.no_puppet
diff --git a/modules/encoders/string/base64/secgen_local/local.rb b/modules/encoders/bases/base64/secgen_local/local.rb
similarity index 100%
rename from modules/encoders/string/base64/secgen_local/local.rb
rename to modules/encoders/bases/base64/secgen_local/local.rb
diff --git a/modules/encoders/string/base64/secgen_metadata.xml b/modules/encoders/bases/base64/secgen_metadata.xml
similarity index 96%
rename from modules/encoders/string/base64/secgen_metadata.xml
rename to modules/encoders/bases/base64/secgen_metadata.xml
index 7e86adb73..f4c2ebb81 100644
--- a/modules/encoders/string/base64/secgen_metadata.xml
+++ b/modules/encoders/bases/base64/secgen_metadata.xml
@@ -13,6 +13,7 @@
alpha_reversible
linux
windows
+ low
Encoded using Base64. Decoding tools available online e.g. https://www.base64decode.org/
diff --git a/modules/encoders/cipher/ascii_value_shift/secgen_metadata.xml b/modules/encoders/cipher/ascii_value_shift/secgen_metadata.xml
index 642a107a1..2f7930614 100644
--- a/modules/encoders/cipher/ascii_value_shift/secgen_metadata.xml
+++ b/modules/encoders/cipher/ascii_value_shift/secgen_metadata.xml
@@ -16,6 +16,7 @@
ascii_reversible
linux
windows
+ medium
Encoded with a rotation cipher based on the ASCII value using a random key. Uses the 94 printable ascii
characters.
diff --git a/modules/generators/challenges/bitwise_xor/manifests/.no_puppet b/modules/encoders/cipher/asymmetric_decrypt/simple_gpg/manifests/.no_puppet
similarity index 100%
rename from modules/generators/challenges/bitwise_xor/manifests/.no_puppet
rename to modules/encoders/cipher/asymmetric_decrypt/simple_gpg/manifests/.no_puppet
diff --git a/modules/encoders/cipher/asymmetric_decrypt/simple_gpg/secgen_local/local.rb b/modules/encoders/cipher/asymmetric_decrypt/simple_gpg/secgen_local/local.rb
new file mode 100644
index 000000000..b798c29da
--- /dev/null
+++ b/modules/encoders/cipher/asymmetric_decrypt/simple_gpg/secgen_local/local.rb
@@ -0,0 +1,81 @@
+#!/usr/bin/ruby
+require_relative '../../../../../../lib/objects/local_string_encoder.rb'
+require 'json'
+require 'open3'
+require 'fileutils'
+
+class SimpleGPGDecrypt < StringEncoder
+ attr_accessor :gpg_key_pair
+ attr_accessor :tmp_path
+ attr_accessor :subdirectory
+
+ def initialize
+ super
+ self.module_name = 'Simple SSH Decryption Challenge'
+ self.subdirectory = ''
+ self.gpg_key_pair = {}
+ self.tmp_path = File.expand_path(File.dirname(__FILE__)).split("/")[0...-1].join('/') + '/tmp/'
+ Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
+ self.tmp_path += Time.new.strftime("%Y%m%d_%H%M%S")
+ Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
+ end
+
+ def encode_all
+ begin
+ public_ascii = self.gpg_key_pair['public']
+ private_ascii = self.gpg_key_pair['private']
+
+ # save strings_to_encode to a file
+ File.open("#{self.tmp_path}/ciphertext", "w+") do |file|
+ self.strings_to_encode.each do |line|
+ file.write(line + "\n")
+ end
+ file.close
+ end
+
+ # Save ascii pubkey to file
+ File.open("#{self.tmp_path}/pub_key", "w+") do |file|
+ file.write(public_ascii)
+ end
+
+ # generate a binary key file from our ascii input and save it in ../tmp/binary_pub.key.
+ _, _, _ = Open3.capture3("gpg --dearmor #{self.tmp_path}/pub_key")
+
+ # Use the binary key to encode some cipher text
+ _, _, _ = Open3.capture3("gpg --no-default-keyring --keyring #{self.tmp_path}/pub_key.gpg --trust-model always -ear secgen@localhost #{self.tmp_path}/ciphertext")
+
+ # Read the ciphertext.asc file in and feed it into the outputs
+ ciphertext = File.read("#{self.tmp_path}/ciphertext.asc")
+
+ self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(ciphertext), :filename => 'cipher', :ext => 'txt', :subdirectory => self.subdirectory}}.to_json
+ self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(private_ascii), :filename => 'private', :ext => 'key', :subdirectory => self.subdirectory}}.to_json
+ ensure
+ # Delete the local key files to avoid batch clashes
+ FileUtils.rm_r self.tmp_path
+ end
+ end
+
+ def process_options(opt, arg)
+ super
+ case opt
+ when '--subdirectory'
+ self.subdirectory << arg;
+ when '--gpg_key_pair'
+ self.gpg_key_pair = JSON.parse(arg);
+ end
+ end
+
+ def get_options_array
+ super + [['--subdirectory', GetoptLong::REQUIRED_ARGUMENT],
+ ['--gpg_key_pair', GetoptLong::REQUIRED_ARGUMENT]]
+ end
+
+
+ def encoding_print_string
+ 'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
+ 'subdirectory: ' + self.subdirectory.to_s + print_string_padding +
+ 'gpg_key_pair: ' + self.gpg_key_pair.to_json
+ end
+end
+
+SimpleGPGDecrypt.new.run
\ No newline at end of file
diff --git a/modules/encoders/cipher/asymmetric_decrypt/simple_gpg/secgen_metadata.xml b/modules/encoders/cipher/asymmetric_decrypt/simple_gpg/secgen_metadata.xml
new file mode 100644
index 000000000..7bfc36bd3
--- /dev/null
+++ b/modules/encoders/cipher/asymmetric_decrypt/simple_gpg/secgen_metadata.xml
@@ -0,0 +1,41 @@
+
+
+
+ Simple GPG Decryption Challenge
+ Thomas Shaw
+ MIT
+ Returns a private key and some encrypted ciphertext.
+
+ asymmetric
+ asymmetric_cipher
+ challenge_generator
+ crypto_challenge_generator
+ local_calculation
+ linux
+ windows
+
+ low
+
+ strings_to_encode
+ gpg_key_pair
+ subdirectory
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ array
+
\ No newline at end of file
diff --git a/modules/generators/challenges/bitwise_xor/bitwise_xor.pp b/modules/encoders/cipher/asymmetric_decrypt/simple_gpg/simple_gpg.pp
similarity index 100%
rename from modules/generators/challenges/bitwise_xor/bitwise_xor.pp
rename to modules/encoders/cipher/asymmetric_decrypt/simple_gpg/simple_gpg.pp
diff --git a/modules/generators/flag/flag_words/random_word.pp b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/manifests/.no_puppet
similarity index 100%
rename from modules/generators/flag/flag_words/random_word.pp
rename to modules/encoders/cipher/asymmetric_decrypt/simple_ssh/manifests/.no_puppet
diff --git a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_local/local.rb b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_local/local.rb
new file mode 100644
index 000000000..138f2e165
--- /dev/null
+++ b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_local/local.rb
@@ -0,0 +1,83 @@
+#!/usr/bin/ruby
+require_relative '../../../../../../lib/objects/local_string_encoder.rb'
+require 'json'
+require 'open3'
+require 'fileutils'
+require 'openssl'
+
+class SimpleSSHDecrypt < StringEncoder
+ attr_accessor :ssh_key_pair
+ attr_accessor :tmp_path
+ attr_accessor :subdirectory
+
+ def initialize
+ super
+ self.module_name = 'Simple SSH Decryption Challenge'
+ self.subdirectory = ''
+ self.ssh_key_pair = {}
+ self.tmp_path = File.expand_path(File.dirname(__FILE__)).split("/")[0...-1].join('/') + '/tmp/'
+ Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
+ self.tmp_path += Time.new.strftime("%Y%m%d_%H%M%S")
+ Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
+ end
+
+ def encode_all
+ begin
+ private_ascii = self.ssh_key_pair['private']
+
+ privkey_path = "#{self.tmp_path}/id_rsa"
+ pubkey_pem_path = "#{self.tmp_path}/id_rsa.pem.pub"
+ strings_to_encode_path = "#{self.tmp_path}/strings_to_encode"
+ ciphertext_path = "#{self.tmp_path}/ciphertext"
+
+ # save strings_to_encode to a file
+ File.open(strings_to_encode_path, "w+") do |file|
+ self.strings_to_encode.each do |line|
+ file.write(line)
+ end
+ file.close
+ end
+
+ # Save ascii privkey to file
+ File.open(privkey_path, "w+") do |file|
+ file.write(private_ascii.chomp)
+ end
+
+ # Convert public key to PEM so OpenSSL can consume it
+ _, _, _ = Open3.capture3("openssl rsa -in #{privkey_path} -pubout > #{pubkey_pem_path}")
+
+ # Encrypt text data
+ _, _, _ = Open3.capture3("cat #{strings_to_encode_path} | openssl rsautl -encrypt -pubin -inkey #{pubkey_pem_path} > #{ciphertext_path}")
+
+ self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(File.binread(ciphertext_path)), :filename => 'cipher', :ext => 'txt', :subdirectory => self.subdirectory}}.to_json
+ self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(File.binread(privkey_path)), :filename => 'id_rsa', :ext => '', :subdirectory => self.subdirectory}}.to_json
+ ensure
+ # Delete the local key files to avoid batch clashes
+ FileUtils.rm_r self.tmp_path
+ end
+ end
+
+ def process_options(opt, arg)
+ super
+ case opt
+ when '--subdirectory'
+ self.subdirectory << arg;
+ when '--ssh_key_pair'
+ self.ssh_key_pair = JSON.parse(arg);
+ end
+ end
+
+ def get_options_array
+ super + [['--subdirectory', GetoptLong::REQUIRED_ARGUMENT],
+ ['--ssh_key_pair', GetoptLong::REQUIRED_ARGUMENT]]
+ end
+
+
+ def encoding_print_string
+ 'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
+ 'subdirectory: ' + self.subdirectory.to_s + print_string_padding +
+ 'ssh_key_pair: ' + self.ssh_key_pair.to_json
+ end
+end
+
+SimpleSSHDecrypt.new.run
\ No newline at end of file
diff --git a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_metadata.xml b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_metadata.xml
new file mode 100644
index 000000000..581fdeb9d
--- /dev/null
+++ b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_metadata.xml
@@ -0,0 +1,41 @@
+
+
+
+ Simple SSH Decryption Challenge
+ Thomas Shaw
+ MIT
+ Returns a private key and some encrypted ciphertext.
+
+ asymmetric
+ asymmetric_cipher
+ challenge_generator
+ crypto_challenge_generator
+ local_calculation
+ linux
+ windows
+
+ low
+
+ strings_to_encode
+ ssh_key_pair
+ subdirectory
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ array
+
\ No newline at end of file
diff --git a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/simple_ssh.pp b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/simple_ssh.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/cipher/bitwise_xor/bitwise_xor.pp b/modules/encoders/cipher/bitwise_xor/bitwise_xor.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/cipher/bitwise_xor/manifests/.no_puppet b/modules/encoders/cipher/bitwise_xor/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/bitwise_xor/secgen_local/local.rb b/modules/encoders/cipher/bitwise_xor/secgen_local/local.rb
similarity index 61%
rename from modules/generators/challenges/bitwise_xor/secgen_local/local.rb
rename to modules/encoders/cipher/bitwise_xor/secgen_local/local.rb
index b37a77e3f..f9415a8ac 100644
--- a/modules/generators/challenges/bitwise_xor/secgen_local/local.rb
+++ b/modules/encoders/cipher/bitwise_xor/secgen_local/local.rb
@@ -8,19 +8,17 @@
require_relative '../../../../../lib/objects/local_string_encoder.rb'
class BitwiseXORChallengeGenerator < StringEncoder
- attr_accessor :string_to_mask
def initialize
super
self.module_name = 'Bitwise XOR Challenge Generator'
- self.string_to_mask = ''
end
- def encode_all
- number_of_bytes = self.string_to_mask.length
+ def encode(str)
+ number_of_bytes = str.length
# String A: Convert input that we're hiding into binary
- binary_string_to_mask = self.string_to_mask.unpack('B*')[0]
+ binary_string_to_mask = str.unpack('B*')[0]
# String B: Generate bitstream
generated_bit_stream = []
@@ -29,34 +27,19 @@ class BitwiseXORChallengeGenerator < StringEncoder
end
generated_bit_stream = generated_bit_stream.join
- # Add String B to self.outputs
- self.outputs << generated_bit_stream
-
# bitwise xor
decimal_result = binary_string_to_mask.to_i(2) ^ generated_bit_stream.to_i(2)
# Turn decimal result back into a string of bits
binary_string_c = decimal_result.to_s(2)
- # prepend leading 0's to the result and add String C to self.outputs
- self.outputs << binary_string_c.to_s.rjust(number_of_bytes * 8, '0')
+ # prepend leading 0's to the result
+ result = binary_string_c.to_s.rjust(number_of_bytes * 8, '0')
+
+ # join the binary strings with an underscore
+ self.outputs << "#{generated_bit_stream}_#{result}"
end
- def get_options_array
- super + [['--string_to_mask', GetoptLong::REQUIRED_ARGUMENT]]
- end
-
- def process_options(opt, arg)
- super
- case opt
- when '--string_to_mask'
- self.string_to_mask << arg;
- end
- end
-
- def encoding_print_string
- 'String to mask: ' + self.string_to_mask
- end
end
BitwiseXORChallengeGenerator.new.run
\ No newline at end of file
diff --git a/modules/generators/challenges/bitwise_xor/secgen_metadata.xml b/modules/encoders/cipher/bitwise_xor/secgen_metadata.xml
similarity index 65%
rename from modules/generators/challenges/bitwise_xor/secgen_metadata.xml
rename to modules/encoders/cipher/bitwise_xor/secgen_metadata.xml
index a2827698a..1dfec4d4c 100644
--- a/modules/generators/challenges/bitwise_xor/secgen_metadata.xml
+++ b/modules/encoders/cipher/bitwise_xor/secgen_metadata.xml
@@ -1,21 +1,22 @@
-
- Bitwise XOR Challenge Generator
+ xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+ Bitwise XOR Challenge encoder
Thomas Shaw
MIT
Binary bitwise XOR operation module. Takes a string input, generates a random bitstream of equal length.,
- XOR's the 2 strings, outputs the binary streams.
+ XOR's the 2 strings, outputs the binary streams joined with an underscore.
ctf_challenge
- bitstream_generator
- string_generator
+ ascii_reversible
+ string_encoder
local_calculation
linux
windows
+ high
Perform a bitwise XOR on both strings - https://www.youtube.com/watch?v=YtghBxoBxpA
Example bitwise XOR tool:
@@ -23,11 +24,12 @@
Decode the result into it's ASCII representation.
- string_to_mask
-
+ strings_to_encode
+
+
generated_strings
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/modules/encoders/cipher/braille/braille.pp b/modules/encoders/cipher/braille/braille.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/cipher/braille/manifests/.no_puppet b/modules/encoders/cipher/braille/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/cipher/braille/secgen_local/local.rb b/modules/encoders/cipher/braille/secgen_local/local.rb
new file mode 100644
index 000000000..e3f9b37a6
--- /dev/null
+++ b/modules/encoders/cipher/braille/secgen_local/local.rb
@@ -0,0 +1,26 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+
+class BrailleEncoder < StringEncoder
+
+ def initialize
+ super
+ self.module_name = 'Braille Encoder'
+ end
+
+ def encode(str)
+ require 'braille/translator'
+ braille = Braille::Translator.new
+ translation = []
+ str.each_char do |char|
+ if ! char =~ /[a-zA-Z0-9]/ # If non-alphanumeric, return the character as is.
+ translation << char
+ else
+ translation << braille.translate_word(char)
+ end
+ end
+ translation.join
+ end
+end
+
+BrailleEncoder.new.run
\ No newline at end of file
diff --git a/modules/encoders/cipher/braille/secgen_metadata.xml b/modules/encoders/cipher/braille/secgen_metadata.xml
new file mode 100644
index 000000000..172e0a4a9
--- /dev/null
+++ b/modules/encoders/cipher/braille/secgen_metadata.xml
@@ -0,0 +1,29 @@
+
+
+
+ Braille Code Encoder
+ Thomas Shaw
+ MIT
+ Encodes a string into Braille.
+
+ braille_encoder
+ ascii_reversible
+ string_encoder
+ linux
+ windows
+ medium
+
+ https://github.com/nicanor/braille
+
+ Braille decoders are available online e.g. https://www.dcode.fr/braille-alphabet
+
+ strings_to_encode
+
+
+
+
+
+ encoded_strings
+
diff --git a/modules/encoders/cipher/caesar_shift/secgen_metadata.xml b/modules/encoders/cipher/caesar_shift/secgen_metadata.xml
index cfa5b854e..f9a871fc6 100644
--- a/modules/encoders/cipher/caesar_shift/secgen_metadata.xml
+++ b/modules/encoders/cipher/caesar_shift/secgen_metadata.xml
@@ -15,6 +15,7 @@
cipher_encoder
linux
windows
+ low
Encoded with a rotation/shift cipher using a random key. Watch: https://www.youtube.com/watch?v=o6TPx1Co_wg
Decoding tools are available online e.g. http://www.dcode.fr/rot-cipher
diff --git a/modules/encoders/cipher/dna/dna.pp b/modules/encoders/cipher/dna/dna.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/cipher/dna/manifests/.no_puppet b/modules/encoders/cipher/dna/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/cipher/dna/secgen_local/local.rb b/modules/encoders/cipher/dna/secgen_local/local.rb
new file mode 100644
index 000000000..83befda48
--- /dev/null
+++ b/modules/encoders/cipher/dna/secgen_local/local.rb
@@ -0,0 +1,67 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+class DNACipher < StringEncoder
+ attr_accessor :char_map
+
+ def initialize
+ super
+ self.module_name = 'DNA Cipher Encoder'
+ self.strings_to_encode = []
+ self.char_map = {
+ 'A' => 'CGA',
+ 'B' => 'CCA',
+ 'C' => 'GTT',
+ 'D' => 'TTG',
+ 'E' => 'GGC',
+ 'F' => 'GGT',
+ 'G' => 'TTT',
+ 'H' => 'CGC',
+ 'I' => 'ATG',
+ 'J' => 'AGT',
+ 'K' => 'AAG',
+ 'L' => 'TGC',
+ 'M' => 'TCC',
+ 'N' => 'TCT',
+ 'O' => 'GGA',
+ 'P' => 'GTG',
+ 'Q' => 'AAC',
+ 'R' => 'TCA',
+ 'S' => 'ACG',
+ 'T' => 'TTC',
+ 'U' => 'CTG',
+ 'V' => 'CCT',
+ 'W' => 'CCG',
+ 'X' => 'CTA',
+ 'Y' => 'AAA',
+ 'Z' => 'CTT',
+ ' ' => 'CCC',
+ ',' => 'TCG',
+ '.' => 'GAT',
+ ':' => 'GCT',
+ '0' => 'ACT',
+ '1' => 'ACC',
+ '2' => 'TAG',
+ '3' => 'GCA',
+ '4' => 'GAG',
+ '5' => 'AGA',
+ '6' => 'TTA',
+ '7' => 'ACA',
+ '8' => 'AGG',
+ '9' => 'GCG',
+ '{' => '{',
+ '}' => '}',
+ '_' => 'ATA',
+ }
+ end
+
+ def encode(str)
+ encoded = []
+ str.each_char do |char|
+ self.char_map.key? char.upcase
+ encoded << self.char_map[char.upcase]
+ end
+ encoded.join
+ end
+end
+
+DNACipher.new.run
\ No newline at end of file
diff --git a/modules/encoders/cipher/dna/secgen_metadata.xml b/modules/encoders/cipher/dna/secgen_metadata.xml
new file mode 100644
index 000000000..dad366ab8
--- /dev/null
+++ b/modules/encoders/cipher/dna/secgen_metadata.xml
@@ -0,0 +1,32 @@
+
+
+
+ DNA Cipher
+ Thomas Shaw
+ MIT
+
+
+
+ alpha_reversible
+ dna_encoder
+ cipher_encoder
+ linux
+ windows
+ medium
+
+ https://www.semanticscholar.org/paper/Innovative-field-of-cryptography-%3A-DNA-cryptography-Soni-Soni/5efcd2ab63e103fd8d158eaa2e30ca3de7d99fcb/figure/2
+
+ Guanine, Adenine, Thymine and Cytosine
+ DNA cryptography is a new instinctive cryptographic field emerged with the research of DNA computing, in which DNA is used as information shipper...
+ https://ai2-s2-public.s3.amazonaws.com/figures/2017-08-08/5efcd2ab63e103fd8d158eaa2e30ca3de7d99fcb/8-Table2-1.png
+
+ strings_to_encode
+
+
+
+
+
+ encoded_string
+
diff --git a/modules/encoders/cipher/morse_code/secgen_metadata.xml b/modules/encoders/cipher/morse_code/secgen_metadata.xml
index 196d12c84..61eff7281 100644
--- a/modules/encoders/cipher/morse_code/secgen_metadata.xml
+++ b/modules/encoders/cipher/morse_code/secgen_metadata.xml
@@ -13,6 +13,7 @@
string_encoder
linux
windows
+ medium
https://gist.github.com/mikedamage/105081
diff --git a/modules/encoders/cipher/vigenere/secgen_local/local.rb b/modules/encoders/cipher/vigenere/secgen_local/local.rb
index 1dddfefb6..a12ca3933 100644
--- a/modules/encoders/cipher/vigenere/secgen_local/local.rb
+++ b/modules/encoders/cipher/vigenere/secgen_local/local.rb
@@ -1,5 +1,6 @@
#!/usr/bin/ruby
# Encryption algorithm code from http://rosettacode.org/wiki/Vigen%C3%A8re_cipher#Ruby
+# TODO: Add difficulty: easy returns key, medium returns key length, hard doesn't return either.
require_relative '../../../../../lib/objects/local_string_encoder.rb'
class VigenereCipher < StringEncoder
attr_accessor :encryption_key
@@ -30,6 +31,13 @@ class VigenereCipher < StringEncoder
end
end
+ # def encode_all
+ # self.strings_to_encode.each do |str|
+ # self.outputs << encrypt(str, self.encryption_key)
+ # self.outputs << "KEY: #{self.encryption_key}"
+ # end
+ # end
+
def encode(str)
self.encryption_key + '_' + encrypt(str, self.encryption_key)
end
diff --git a/modules/encoders/cipher/vigenere/secgen_metadata.xml b/modules/encoders/cipher/vigenere/secgen_metadata.xml
index 2d8f7d3e9..6dbc5803c 100644
--- a/modules/encoders/cipher/vigenere/secgen_metadata.xml
+++ b/modules/encoders/cipher/vigenere/secgen_metadata.xml
@@ -19,6 +19,7 @@
cipher_encoder
linux
windows
+ medium
http://www.cs.mtu.edu/~shene/NSF-4/Tutorial/VIG/Vig-Base.html
http://rosettacode.org/wiki/Vigen%C3%A8re_cipher#Ruby
diff --git a/modules/encoders/compression/huffman/huffman.pp b/modules/encoders/compression/huffman/huffman.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/compression/huffman/manifests/.no_puppet b/modules/encoders/compression/huffman/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/compression/huffman/secgen_local/local.rb b/modules/encoders/compression/huffman/secgen_local/local.rb
new file mode 100644
index 000000000..edc26fb49
--- /dev/null
+++ b/modules/encoders/compression/huffman/secgen_local/local.rb
@@ -0,0 +1,52 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+require 'huffman'
+require 'fileutils'
+
+class HuffmanEncoder < StringEncoder
+ attr_accessor :tmp_path
+ attr_accessor :subdirectory
+
+ def initialize
+ super
+ self.module_name = 'Huffman Encoder'
+ self.subdirectory = ''
+ self.strings_to_encode = []
+ self.tmp_path = File.expand_path(File.dirname(__FILE__)).split("/")[0...-1].join('/') + '/tmp/'
+ Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
+ self.tmp_path += Time.new.strftime("%Y%m%d_%H%M%S")
+ Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
+ end
+
+ def encode_all
+ begin
+ tree_path = "#{self.tmp_path}/tree"
+ result = Huffman.encode_text(strings_to_encode[0], tree_picture: true, tree_path: tree_path)
+
+ self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(result.first), :filename => 'cipher', :ext => 'txt', :subdirectory => self.subdirectory}}.to_json
+ self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(File.binread("#{tree_path}.png")), :filename => 'tree', :ext => 'png', :subdirectory => self.subdirectory}}.to_json
+ ensure
+ FileUtils.rm_r self.tmp_path
+ end
+ end
+
+ def process_options(opt, arg)
+ super
+ case opt
+ when '--subdirectory'
+ self.subdirectory << arg;
+ end
+ end
+
+ def get_options_array
+ super + [['--subdirectory', GetoptLong::REQUIRED_ARGUMENT]]
+ end
+
+
+ def encoding_print_string
+ 'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
+ 'subdirectory: ' + self.subdirectory.to_s
+ end
+end
+
+HuffmanEncoder.new.run
\ No newline at end of file
diff --git a/modules/encoders/compression/huffman/secgen_metadata.xml b/modules/encoders/compression/huffman/secgen_metadata.xml
new file mode 100644
index 000000000..7c8491e75
--- /dev/null
+++ b/modules/encoders/compression/huffman/secgen_metadata.xml
@@ -0,0 +1,34 @@
+
+
+
+ Huffman Encoder
+ Thomas Shaw
+ MIT
+ Encodes a string with Huffman compression. Outputs a huffman string and png.
+
+ huffman_encoder
+ compression
+ misc
+ linux
+ windows
+ high
+
+ https://github.com/nicanor/braille
+
+ Braille decoders are available online e.g. https://www.dcode.fr/braille-alphabet
+
+ strings_to_encode
+ subdirectory
+
+
+
+
+
+
+ challenges
+
+
+ array
+
diff --git a/modules/encoders/hash/bcrypt/bcrypt.pp b/modules/encoders/hash/bcrypt/bcrypt.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/bcrypt/manifests/.no_puppet b/modules/encoders/hash/bcrypt/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/bcrypt/secgen_local/local.rb b/modules/encoders/hash/bcrypt/secgen_local/local.rb
new file mode 100644
index 000000000..d4335c8c8
--- /dev/null
+++ b/modules/encoders/hash/bcrypt/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class BCryptEncoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'BCrypt Hash Encoder'
+ end
+
+ def hash_function(string)
+ require 'bcrypt'
+ BCrypt::Password.create(string)
+ end
+end
+
+BCryptEncoder.new.run
diff --git a/modules/encoders/hash/bcrypt/secgen_metadata.xml b/modules/encoders/hash/bcrypt/secgen_metadata.xml
new file mode 100644
index 000000000..947549d9c
--- /dev/null
+++ b/modules/encoders/hash/bcrypt/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ Bcrypt Hash Encoder
+ Thomas Shaw
+ MIT
+ Generates an bcrypt hash for each of the strings.
+
+ hash
+ bcrypt
+ linux
+ windows
+ high
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/lm/lm.pp b/modules/encoders/hash/lm/lm.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/lm/manifests/.no_puppet b/modules/encoders/hash/lm/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/lm/secgen_local/local.rb b/modules/encoders/hash/lm/secgen_local/local.rb
new file mode 100644
index 000000000..b17228a2e
--- /dev/null
+++ b/modules/encoders/hash/lm/secgen_local/local.rb
@@ -0,0 +1,18 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class LMEncoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'LM Hash Encoder'
+ end
+
+ def hash_function(string)
+ # Validation
+ raise 'error: String too long for LM hashes' if string.length > 14
+ require 'smbhash'
+ Smbhash.lm_hash(string)
+ end
+end
+
+LMEncoder.new.run
diff --git a/modules/encoders/hash/lm/secgen_metadata.xml b/modules/encoders/hash/lm/secgen_metadata.xml
new file mode 100644
index 000000000..e85eb66ef
--- /dev/null
+++ b/modules/encoders/hash/lm/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ LM Encoder
+ Thomas Shaw
+ MIT
+ Generates an MD5 hash for each of the strings.
+
+ hash
+ lm
+ linux
+ windows
+ low
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/md4/manifests/.no_puppet b/modules/encoders/hash/md4/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/md4/md4.pp b/modules/encoders/hash/md4/md4.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/md4/secgen_local/local.rb b/modules/encoders/hash/md4/secgen_local/local.rb
new file mode 100644
index 000000000..4722f6b7c
--- /dev/null
+++ b/modules/encoders/hash/md4/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class MD4Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'MD4 Encoder'
+ end
+
+ def hash_function(string)
+ require 'openssl'
+ OpenSSL::Digest::MD4.hexdigest(string)
+ end
+end
+
+MD4Encoder.new.run
diff --git a/modules/encoders/hash/md4/secgen_metadata.xml b/modules/encoders/hash/md4/secgen_metadata.xml
new file mode 100644
index 000000000..100acc593
--- /dev/null
+++ b/modules/encoders/hash/md4/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ MD4 Encoder
+ Thomas Shaw
+ MIT
+ Generates an MD4 hash for each of the strings.
+
+ hash
+ MD4
+ linux
+ windows
+ low
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/md5/manifests/.no_puppet b/modules/encoders/hash/md5/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/md5/md5.pp b/modules/encoders/hash/md5/md5.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/md5/secgen_local/local.rb b/modules/encoders/hash/md5/secgen_local/local.rb
new file mode 100644
index 000000000..9bf8fea7f
--- /dev/null
+++ b/modules/encoders/hash/md5/secgen_local/local.rb
@@ -0,0 +1,15 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class MD5Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'MD5 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::MD5.hexdigest(string)
+ end
+end
+
+MD5Encoder.new.run
diff --git a/modules/encoders/hash/md5/secgen_metadata.xml b/modules/encoders/hash/md5/secgen_metadata.xml
new file mode 100644
index 000000000..aecd928dc
--- /dev/null
+++ b/modules/encoders/hash/md5/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ MD5 Encoder
+ Thomas Shaw
+ MIT
+ Generates an MD5 hash for each of the strings.
+
+ hash
+ md5
+ linux
+ windows
+ low
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/mysql_password/manifests/.no_puppet b/modules/encoders/hash/mysql_password/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/mysql_password/mysql_password.pp b/modules/encoders/hash/mysql_password/mysql_password.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/mysql_password/secgen_local/local.rb b/modules/encoders/hash/mysql_password/secgen_local/local.rb
new file mode 100644
index 000000000..9474a3288
--- /dev/null
+++ b/modules/encoders/hash/mysql_password/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class MySQLPasswordHashEncoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'MySQL Password Hash Encoder'
+ end
+
+ def hash_function(string)
+ require 'digest/sha1'
+ "*" + Digest::SHA1.hexdigest(Digest::SHA1.digest(string)).upcase
+ end
+end
+
+MySQLPasswordHashEncoder.new.run
diff --git a/modules/encoders/hash/mysql_password/secgen_metadata.xml b/modules/encoders/hash/mysql_password/secgen_metadata.xml
new file mode 100644
index 000000000..1ce7d8bfa
--- /dev/null
+++ b/modules/encoders/hash/mysql_password/secgen_metadata.xml
@@ -0,0 +1,24 @@
+
+
+
+ MySQL Password Hash Encoder
+ Thomas Shaw
+ MIT
+ Generates a MySQL password hash for each of the strings. '*' + sha1sum(sha1sum(password))
+
+ hash
+ mysql
+ mysql_password
+ linux
+ windows
+ medium
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/ntlm/manifests/.no_puppet b/modules/encoders/hash/ntlm/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/ntlm/ntlm.pp b/modules/encoders/hash/ntlm/ntlm.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/ntlm/secgen_local/local.rb b/modules/encoders/hash/ntlm/secgen_local/local.rb
new file mode 100644
index 000000000..385a97332
--- /dev/null
+++ b/modules/encoders/hash/ntlm/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class NTLMEncoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'NTLM Hash Encoder'
+ end
+
+ def hash_function(string)
+ require 'smbhash'
+ Smbhash.ntlm_hash(string)
+ end
+end
+
+NTLMEncoder.new.run
diff --git a/modules/encoders/hash/ntlm/secgen_metadata.xml b/modules/encoders/hash/ntlm/secgen_metadata.xml
new file mode 100644
index 000000000..aa723018d
--- /dev/null
+++ b/modules/encoders/hash/ntlm/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ NTLM Encoder
+ Thomas Shaw
+ MIT
+ Generates an NTLM hash for each of the strings.
+
+ hash
+ ntlm
+ linux
+ windows
+ low
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/rmd160/manifests/.no_puppet b/modules/encoders/hash/rmd160/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/rmd160/rmd160.pp b/modules/encoders/hash/rmd160/rmd160.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/rmd160/secgen_local/local.rb b/modules/encoders/hash/rmd160/secgen_local/local.rb
new file mode 100644
index 000000000..024a78606
--- /dev/null
+++ b/modules/encoders/hash/rmd160/secgen_local/local.rb
@@ -0,0 +1,15 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class RMD160Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'RMD160 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::RMD160.hexdigest(string)
+ end
+end
+
+RMD160Encoder.new.run
diff --git a/modules/encoders/hash/rmd160/secgen_metadata.xml b/modules/encoders/hash/rmd160/secgen_metadata.xml
new file mode 100644
index 000000000..7cbd2b6a4
--- /dev/null
+++ b/modules/encoders/hash/rmd160/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ RMD160 Encoder
+ Thomas Shaw
+ MIT
+ Generates an RMD160 hash for each of the strings.
+
+ hash
+ rmd160
+ linux
+ windows
+ low
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/scrypt/manifests/.no_puppet b/modules/encoders/hash/scrypt/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/scrypt/scrypt.pp b/modules/encoders/hash/scrypt/scrypt.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/scrypt/secgen_local/local.rb b/modules/encoders/hash/scrypt/secgen_local/local.rb
new file mode 100644
index 000000000..4abbc92d4
--- /dev/null
+++ b/modules/encoders/hash/scrypt/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class SCryptEncoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SCrypt Encoder'
+ end
+
+ def hash_function(string)
+ require 'scrypt'
+ SCrypt::Password.create(string)
+ end
+end
+
+SCryptEncoder.new.run
\ No newline at end of file
diff --git a/modules/encoders/hash/scrypt/secgen_metadata.xml b/modules/encoders/hash/scrypt/secgen_metadata.xml
new file mode 100644
index 000000000..71c9f27ec
--- /dev/null
+++ b/modules/encoders/hash/scrypt/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SCrypt Encoder
+ Thomas Shaw
+ MIT
+ Generates an SCrypt hash for each of the strings.
+
+ hash
+ scrypt
+ linux
+ windows
+ medium
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha1/manifests/.no_puppet b/modules/encoders/hash/sha1/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha1/secgen_local/local.rb b/modules/encoders/hash/sha1/secgen_local/local.rb
new file mode 100644
index 000000000..8eebcf998
--- /dev/null
+++ b/modules/encoders/hash/sha1/secgen_local/local.rb
@@ -0,0 +1,15 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class SHA1Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA1 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SHA1.hexdigest(string)
+ end
+end
+
+SHA1Encoder.new.run
diff --git a/modules/encoders/hash/sha1/secgen_metadata.xml b/modules/encoders/hash/sha1/secgen_metadata.xml
new file mode 100644
index 000000000..61358d90d
--- /dev/null
+++ b/modules/encoders/hash/sha1/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SHA1 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA1 hash for each of the strings.
+
+ hash
+ sha1
+ linux
+ windows
+ low
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha1/sha1.pp b/modules/encoders/hash/sha1/sha1.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha224/manifests/.no_puppet b/modules/encoders/hash/sha224/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha224/secgen_local/local.rb b/modules/encoders/hash/sha224/secgen_local/local.rb
new file mode 100644
index 000000000..71b540dc0
--- /dev/null
+++ b/modules/encoders/hash/sha224/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class SHA224Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA224 Encoder'
+ end
+
+ def hash_function(string)
+ require 'openssl'
+ OpenSSL::Digest::SHA224.hexdigest(string)
+ end
+end
+
+SHA224Encoder.new.run
diff --git a/modules/encoders/hash/sha224/secgen_metadata.xml b/modules/encoders/hash/sha224/secgen_metadata.xml
new file mode 100644
index 000000000..dcb449d61
--- /dev/null
+++ b/modules/encoders/hash/sha224/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SHA224 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA224 hash for each of the strings.
+
+ hash
+ sha224
+ linux
+ windows
+ medium
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha224/sha224.pp b/modules/encoders/hash/sha224/sha224.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha256/manifests/.no_puppet b/modules/encoders/hash/sha256/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha256/secgen_local/local.rb b/modules/encoders/hash/sha256/secgen_local/local.rb
new file mode 100644
index 000000000..356405a05
--- /dev/null
+++ b/modules/encoders/hash/sha256/secgen_local/local.rb
@@ -0,0 +1,15 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class SHA256Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA256 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SHA256.hexdigest(string)
+ end
+end
+
+SHA256Encoder.new.run
diff --git a/modules/encoders/hash/sha256/secgen_metadata.xml b/modules/encoders/hash/sha256/secgen_metadata.xml
new file mode 100644
index 000000000..798e02c93
--- /dev/null
+++ b/modules/encoders/hash/sha256/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SHA256 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA256 hash for each of the strings.
+
+ hash
+ sha256
+ linux
+ windows
+ medium
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha256/sha256.pp b/modules/encoders/hash/sha256/sha256.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3-224/manifests/.no_puppet b/modules/encoders/hash/sha3-224/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3-224/secgen_local/local.rb b/modules/encoders/hash/sha3-224/secgen_local/local.rb
new file mode 100644
index 000000000..30fc8dfba
--- /dev/null
+++ b/modules/encoders/hash/sha3-224/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+require 'digest/sha3'
+
+class SHA3_224_Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA3-224 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SHA3.hexdigest(string, 224)
+ end
+end
+
+SHA3_224_Encoder.new.run
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3-224/secgen_metadata.xml b/modules/encoders/hash/sha3-224/secgen_metadata.xml
new file mode 100644
index 000000000..1b887aadf
--- /dev/null
+++ b/modules/encoders/hash/sha3-224/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SHA3-224 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA3-224 hash for each of the strings.
+
+ hash
+ sha3_224
+ linux
+ windows
+ high
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3-224/sha3-224.pp b/modules/encoders/hash/sha3-224/sha3-224.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3-256/manifests/.no_puppet b/modules/encoders/hash/sha3-256/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3-256/secgen_local/local.rb b/modules/encoders/hash/sha3-256/secgen_local/local.rb
new file mode 100644
index 000000000..b4d5f1a2c
--- /dev/null
+++ b/modules/encoders/hash/sha3-256/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+require 'digest/sha3'
+
+class SHA3_256_Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA3-256 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SHA3.hexdigest(string, 256)
+ end
+end
+
+SHA3_256_Encoder.new.run
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3-256/secgen_metadata.xml b/modules/encoders/hash/sha3-256/secgen_metadata.xml
new file mode 100644
index 000000000..87766aca3
--- /dev/null
+++ b/modules/encoders/hash/sha3-256/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SHA3-256 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA3-256 hash for each of the strings.
+
+ hash
+ sha3_256
+ linux
+ windows
+ high
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3-256/sha3-256.pp b/modules/encoders/hash/sha3-256/sha3-256.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3-384/manifests/.no_puppet b/modules/encoders/hash/sha3-384/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3-384/secgen_local/local.rb b/modules/encoders/hash/sha3-384/secgen_local/local.rb
new file mode 100644
index 000000000..bb86c3ce7
--- /dev/null
+++ b/modules/encoders/hash/sha3-384/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+require 'digest/sha3'
+
+class SHA3_384_Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA3-384 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SHA3.hexdigest(string, 384)
+ end
+end
+
+SHA3_384_Encoder.new.run
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3-384/secgen_metadata.xml b/modules/encoders/hash/sha3-384/secgen_metadata.xml
new file mode 100644
index 000000000..03e1e9bd2
--- /dev/null
+++ b/modules/encoders/hash/sha3-384/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SHA3-384 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA3-384 hash for each of the strings.
+
+ hash
+ sha3_384
+ linux
+ windows
+ high
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3-384/sha3-384.pp b/modules/encoders/hash/sha3-384/sha3-384.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3-512/manifests/.no_puppet b/modules/encoders/hash/sha3-512/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3-512/secgen_local/local.rb b/modules/encoders/hash/sha3-512/secgen_local/local.rb
new file mode 100644
index 000000000..d9be87d7f
--- /dev/null
+++ b/modules/encoders/hash/sha3-512/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+require 'digest/sha3'
+
+class SHA3_512_Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA3-512 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SHA3.hexdigest(string, 512)
+ end
+end
+
+SHA3_512_Encoder.new.run
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3-512/secgen_metadata.xml b/modules/encoders/hash/sha3-512/secgen_metadata.xml
new file mode 100644
index 000000000..91e0f7dd0
--- /dev/null
+++ b/modules/encoders/hash/sha3-512/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SHA3-512 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA3-512 hash for each of the strings.
+
+ hash
+ sha3_512
+ linux
+ windows
+ high
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3-512/sha3-512.pp b/modules/encoders/hash/sha3-512/sha3-512.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3/manifests/.no_puppet b/modules/encoders/hash/sha3/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3/secgen_local/local.rb b/modules/encoders/hash/sha3/secgen_local/local.rb
new file mode 100644
index 000000000..c3f353f80
--- /dev/null
+++ b/modules/encoders/hash/sha3/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+require 'digest/sha3'
+
+class SHA3Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA1 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SHA1.hexdigest(string)
+ end
+end
+
+SHA3Encoder.new.run
diff --git a/modules/encoders/hash/sha3/secgen_metadata.xml b/modules/encoders/hash/sha3/secgen_metadata.xml
new file mode 100644
index 000000000..38de74226
--- /dev/null
+++ b/modules/encoders/hash/sha3/secgen_metadata.xml
@@ -0,0 +1,22 @@
+
+
+
+ SHA1 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA1 hash for each of the strings.
+
+ hash
+ sha1
+ linux
+ windows
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3/sha3.pp b/modules/encoders/hash/sha3/sha3.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha384/manifests/.no_puppet b/modules/encoders/hash/sha384/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha384/secgen_local/local.rb b/modules/encoders/hash/sha384/secgen_local/local.rb
new file mode 100644
index 000000000..cf8ba5b8e
--- /dev/null
+++ b/modules/encoders/hash/sha384/secgen_local/local.rb
@@ -0,0 +1,15 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class SHA384Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA384 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SHA384.hexdigest(string)
+ end
+end
+
+SHA384Encoder.new.run
diff --git a/modules/encoders/hash/sha384/secgen_metadata.xml b/modules/encoders/hash/sha384/secgen_metadata.xml
new file mode 100644
index 000000000..8829f3038
--- /dev/null
+++ b/modules/encoders/hash/sha384/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SHA384 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA384 hash for each of the strings.
+
+ hash
+ sha384
+ linux
+ windows
+ medium
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha384/sha384.pp b/modules/encoders/hash/sha384/sha384.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha512/manifests/.no_puppet b/modules/encoders/hash/sha512/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha512/secgen_local/local.rb b/modules/encoders/hash/sha512/secgen_local/local.rb
new file mode 100644
index 000000000..0b24e1d7b
--- /dev/null
+++ b/modules/encoders/hash/sha512/secgen_local/local.rb
@@ -0,0 +1,15 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class SHA512Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA512 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SHA512.hexdigest(string)
+ end
+end
+
+SHA512Encoder.new.run
diff --git a/modules/encoders/hash/sha512/secgen_metadata.xml b/modules/encoders/hash/sha512/secgen_metadata.xml
new file mode 100644
index 000000000..9a273d5bc
--- /dev/null
+++ b/modules/encoders/hash/sha512/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SHA512 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA512 hash for each of the strings.
+
+ hash
+ sha512
+ linux
+ windows
+ medium
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha512/sha512.pp b/modules/encoders/hash/sha512/sha512.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/siphash/manifests/.no_puppet b/modules/encoders/hash/siphash/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/siphash/secgen_local/local.rb b/modules/encoders/hash/siphash/secgen_local/local.rb
new file mode 100644
index 000000000..c0e26692f
--- /dev/null
+++ b/modules/encoders/hash/siphash/secgen_local/local.rb
@@ -0,0 +1,15 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class SipHashEncoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SipHash Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SipHash.hexdigest(string)
+ end
+end
+
+SipHashEncoder.new.run
\ No newline at end of file
diff --git a/modules/encoders/hash/siphash/secgen_metadata.xml b/modules/encoders/hash/siphash/secgen_metadata.xml
new file mode 100644
index 000000000..74205906f
--- /dev/null
+++ b/modules/encoders/hash/siphash/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ SipHash Encoder
+ Thomas Shaw
+ MIT
+ Generates a SipHash digest for each of the strings.
+
+ hash
+ siphash
+ linux
+ windows
+ high
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/siphash/siphash.pp b/modules/encoders/hash/siphash/siphash.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/whirlpool/manifests/.no_puppet b/modules/encoders/hash/whirlpool/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/whirlpool/secgen_local/local.rb b/modules/encoders/hash/whirlpool/secgen_local/local.rb
new file mode 100644
index 000000000..ba1c37eb1
--- /dev/null
+++ b/modules/encoders/hash/whirlpool/secgen_local/local.rb
@@ -0,0 +1,15 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class WhirlpoolEncoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'Whirlpool Hash Encoder'
+ end
+
+ def hash_function(string)
+ Digest::Whirlpool.hexdigest(string)
+ end
+end
+
+WhirlpoolEncoder.new.run
diff --git a/modules/encoders/hash/whirlpool/secgen_metadata.xml b/modules/encoders/hash/whirlpool/secgen_metadata.xml
new file mode 100644
index 000000000..534ccccab
--- /dev/null
+++ b/modules/encoders/hash/whirlpool/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ Whirlpool Hash Encoder
+ Thomas Shaw
+ MIT
+ Generates a Whirlpool hash for each of the strings.
+
+ hash
+ whirlpool
+ linux
+ windows
+ medium
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/whirlpool/whirlpool.pp b/modules/encoders/hash/whirlpool/whirlpool.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/string/1337/secgen_metadata.xml b/modules/encoders/string/1337/secgen_metadata.xml
index d57ea2279..903373237 100644
--- a/modules/encoders/string/1337/secgen_metadata.xml
+++ b/modules/encoders/string/1337/secgen_metadata.xml
@@ -12,6 +12,7 @@
alpha_reversible
linux
windows
+ low
strings_to_encode
diff --git a/modules/encoders/string/binary/secgen_metadata.xml b/modules/encoders/string/binary/secgen_metadata.xml
index f5dfb3009..6da67b89d 100644
--- a/modules/encoders/string/binary/secgen_metadata.xml
+++ b/modules/encoders/string/binary/secgen_metadata.xml
@@ -13,6 +13,7 @@
string_encoder
linux
windows
+ low
Convert the binary (base 2) string into its ASCII value - https://www.youtube.com/watch?v=wCQSIub_g7M
Binary to ASCII converters are available online e.g. https://www.branah.com/ascii-converter
diff --git a/modules/encoders/string/dec/secgen_metadata.xml b/modules/encoders/string/dec/secgen_metadata.xml
index 89105b6e6..ff85e3798 100644
--- a/modules/encoders/string/dec/secgen_metadata.xml
+++ b/modules/encoders/string/dec/secgen_metadata.xml
@@ -13,6 +13,7 @@
string_encoder
linux
windows
+ low
Convert the decimal (base 10) string into its ASCII value, character by character in sets of 3.
Use an ascii table e.g. http://www.asciitable.com OR an online converter e.g. https://www.branah.com/ascii-converter
diff --git a/modules/encoders/string/hex/secgen_metadata.xml b/modules/encoders/string/hex/secgen_metadata.xml
index aa3cf10fc..7a16cb119 100644
--- a/modules/encoders/string/hex/secgen_metadata.xml
+++ b/modules/encoders/string/hex/secgen_metadata.xml
@@ -13,6 +13,7 @@
string_encoder
linux
windows
+ low
Convert the hexadecimal (base 16) string into its ASCII value, character by character in sets of 2.
Use an ascii table e.g. http://www.asciitable.com OR an online converter e.g. https://www.branah.com/ascii-converter
diff --git a/modules/encoders/string/oct/secgen_metadata.xml b/modules/encoders/string/oct/secgen_metadata.xml
index 0f3a6e377..fd27c3c90 100644
--- a/modules/encoders/string/oct/secgen_metadata.xml
+++ b/modules/encoders/string/oct/secgen_metadata.xml
@@ -13,6 +13,7 @@
string_encoder
linux
windows
+ medium
Convert the octal (base 8) string character by character in sets of 3 into its ASCII value.
Decoders are available online e.g. http://www.unit-conversion.info/texttools/octal/
diff --git a/modules/encoders/string/rot13/secgen_metadata.xml b/modules/encoders/string/rot13/secgen_metadata.xml
index 96937178b..ad4996793 100644
--- a/modules/encoders/string/rot13/secgen_metadata.xml
+++ b/modules/encoders/string/rot13/secgen_metadata.xml
@@ -13,6 +13,7 @@
alpha_reversible
linux
windows
+ low
Alphabet rotation cipher by 13 positions.
diff --git a/modules/generators/challenges/crypto/rsa_challenge/manifests/.no_puppet b/modules/generators/challenges/crypto/rsa_challenge/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/crypto/rsa_challenge/rsa_challenge.pp b/modules/generators/challenges/crypto/rsa_challenge/rsa_challenge.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/crypto/rsa_challenge/secgen_local/local.rb b/modules/generators/challenges/crypto/rsa_challenge/secgen_local/local.rb
new file mode 100644
index 000000000..bfa9ea9de
--- /dev/null
+++ b/modules/generators/challenges/crypto/rsa_challenge/secgen_local/local.rb
@@ -0,0 +1,83 @@
+#!/usr/bin/ruby
+require_relative '../../../../../../lib/objects/local_string_encoder.rb'
+require 'rsa'
+
+class RSAChallenge < StringEncoder
+
+ def initialize
+ super
+ self.module_name = 'RSA Challenge Generator'
+ self.strings_to_encode = ['150']
+ end
+
+ def encode(str)
+
+ # For a challenge ee want to return n, e and c or p, q, e and c and to have the challenger feed this into the RSA algorithm to decrypt the ciphertext.
+ #
+ #
+ # n should be small enough to be cracked. prime factorization of n will return p and q
+ #
+
+ # 1. Choose two distinct prime numbers p and q.
+
+ # For security purposes, the integers p and q should be chosen at random, and should be of similar bit-length.
+ # Prime integers can be efficiently found using a primality test.
+
+ # 2. Compute n = pq.
+
+
+ # RSA Challenge Generator style:
+ # RSA Encryption parameters. Public key: [e,N].
+ # e: 65537
+ # N: 793317875048486727769682005180064761
+ # Cipher: 378078478708458631194952101156921202
+
+ # PicoCTF style:
+ #
+ # p = 9648423029010515676590551740010426534945737639235739800643989352039852507298491399561035009163427050370107570733633350911691280297777160200625281665378483
+ # q = 11874843837980297032092405848653656852760910154543380907650040190704283358909208578251063047732443992230647903887510065547947313543299303261986053486569407
+ # e = 65537
+ # c = 83208298995174604174773590298203639360540024871256126892889661345742403314929861939100492666605647316646576486526217457006376842280869728581726746401583705899941768214138742259689334840735633553053887641847651173776251820293087212885670180367406807406765923638973161375817392737747832762751690104423869019034
+ #
+ # Use RSA to find the secret message
+ #
+
+ output_data = "Solve the challenge using RSA!\n"
+
+ value = str.to_i
+ key_pair = RSA::KeyPair.generate(60)
+
+ e = key_pair.public_key.exponent
+ n = key_pair.public_key.modulus
+ c = key_pair.encrypt(value)
+
+ output_data += "e: #{e}\n"
+ output_data += "n: #{n}\n"
+ output_data += "ciphertext: #{c}\n"
+
+ self.outputs << output_data
+ end
+
+
+ # def get_options_array
+ # super + [['--base64_image', GetoptLong::REQUIRED_ARGUMENT],
+ # ['--strings_to_leak', GetoptLong::REQUIRED_ARGUMENT]]
+ # end
+
+ # def process_options(opt, arg)
+ # super
+ # case opt
+ # when '--base64_image'
+ # self.base64_image << arg;
+ # when '--strings_to_leak'
+ # self.strings_to_leak << arg;
+ # end
+ # end
+
+ # def encoding_print_string
+ # 'base64_image: ' + print_string_padding +
+ # 'strings_to_leak: ' + self.strings_to_leak.to_s
+ # end
+end
+
+RSAChallenge.new.run
\ No newline at end of file
diff --git a/modules/generators/challenges/crypto/rsa_challenge/secgen_metadata.xml b/modules/generators/challenges/crypto/rsa_challenge/secgen_metadata.xml
new file mode 100644
index 000000000..a27f72985
--- /dev/null
+++ b/modules/generators/challenges/crypto/rsa_challenge/secgen_metadata.xml
@@ -0,0 +1,25 @@
+
+
+
+ RSA Challenge Generator
+ Thomas Shaw
+ MIT
+ RSA Generator.
+
+ rsa
+ challenge_generator
+ crypto_challenge_generator
+ local_calculation
+ linux
+ windows
+
+
+
+
+
+
+
+ string_challenge
+
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/math_challenge/manifests/.no_puppet b/modules/generators/challenges/misc/programming/math_challenge/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/misc/programming/math_challenge/math_challenge.pp b/modules/generators/challenges/misc/programming/math_challenge/math_challenge.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/misc/programming/math_challenge/secgen_local/challenge.rb b/modules/generators/challenges/misc/programming/math_challenge/secgen_local/challenge.rb
new file mode 100644
index 000000000..435026d43
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/math_challenge/secgen_local/challenge.rb
@@ -0,0 +1,37 @@
+#!/usr/bin/ruby
+require 'random'
+require 'timeout'
+
+# Valid operations
+operations = {'add' => '+', 'subtract' => '-'}
+
+# Types - pick a type first + store that, then select random from type
+odd_even = ['odd', 'even']
+begins_with = "begins with #{range(0..9)}"
+ends_with = "ends with #{range(0..9)}"
+
+type = odd_even # +
+
+
+
+puts 'This is an arithmetic test. Time for some quick maths.'
+sleep(0.5)
+puts "Unfortunately our test is not quite as simple as 2 plus 2 that's 4, minus 1 that's 3."
+sleep(0.5)
+puts "This time you need to #{operation} every number that: #{type}."
+sleep (0.5)
+puts 'Here we go....'
+sleep(0.5)
+
+# Calculate
+
+begin
+ Timeout::timeout 5 do
+ answer = gets.chomp
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
+
+puts File.read(flag_path)
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/math_challenge/secgen_local/local.rb b/modules/generators/challenges/misc/programming/math_challenge/secgen_local/local.rb
new file mode 100644
index 000000000..e4a9d92f8
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/math_challenge/secgen_local/local.rb
@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+
+require_relative '../../../../../../../lib/objects/local_ruby_challenge_generator.rb'
+class MathChallenge < RubyChallengeGenerator
+
+ def initialize
+ super
+ self.module_name = 'Ruby Example Script Generator'
+ end
+
+ def challenge_content
+ "puts File.read(flag_path)"
+ end
+
+end
+
+MathChallenge.new.run
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/math_challenge/secgen_metadata.xml b/modules/generators/challenges/misc/programming/math_challenge/secgen_metadata.xml
new file mode 100644
index 000000000..abb6477fb
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/math_challenge/secgen_metadata.xml
@@ -0,0 +1,20 @@
+
+
+
+ Ruby Math Challenge Generator
+ Thomas Shaw
+ MIT
+ TODO
+
+ ruby_script_challenge
+ programming_challenge
+ ctf_challenge
+
+ linux
+ windows
+
+ script
+
+
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/python2_example/manifests/.no_puppet b/modules/generators/challenges/misc/programming/python2_example/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/misc/programming/python2_example/python2_example.pp b/modules/generators/challenges/misc/programming/python2_example/python2_example.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/misc/programming/python2_example/secgen_local/local.rb b/modules/generators/challenges/misc/programming/python2_example/secgen_local/local.rb
new file mode 100644
index 000000000..4204ed124
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/python2_example/secgen_local/local.rb
@@ -0,0 +1,24 @@
+#!/usr/bin/ruby
+
+require_relative '../../../../../../../lib/objects/local_script_challenge_generator.rb'
+class RubyExampleScriptGenerator < ScriptChallengeGenerator
+
+ def initialize
+ super
+ self.module_name = 'Python2 Example Script Generator'
+ end
+
+
+ def interpreter_path
+ '/usr/bin/python'
+ end
+
+ def script_content
+"from sys import argv
+with open('flag') as f:
+ print f.read()"
+ end
+
+end
+
+RubyExampleScriptGenerator.new.run
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/python2_example/secgen_metadata.xml b/modules/generators/challenges/misc/programming/python2_example/secgen_metadata.xml
new file mode 100644
index 000000000..7b143d8fd
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/python2_example/secgen_metadata.xml
@@ -0,0 +1,18 @@
+
+
+
+ Ruby Example Challenge Generator
+ Thomas Shaw
+ MIT
+ TODO
+
+ python2_script_challenge
+
+ linux
+ windows
+
+ script
+
+
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/ruby_example/manifests/.no_puppet b/modules/generators/challenges/misc/programming/ruby_example/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/misc/programming/ruby_example/ruby_example.pp b/modules/generators/challenges/misc/programming/ruby_example/ruby_example.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/misc/programming/ruby_example/secgen_local/local.rb b/modules/generators/challenges/misc/programming/ruby_example/secgen_local/local.rb
new file mode 100644
index 000000000..a4ccc426e
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/ruby_example/secgen_local/local.rb
@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+
+require_relative '../../../../../../../lib/objects/local_ruby_challenge_generator.rb'
+class ExampleRubyScriptGenerator < RubyChallengeGenerator
+
+ def initialize
+ super
+ self.module_name = 'Ruby Example Script Generator'
+ end
+
+ def challenge_content
+ "puts File.read(flag_path)"
+ end
+
+end
+
+ExampleRubyScriptGenerator.new.run
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/ruby_example/secgen_metadata.xml b/modules/generators/challenges/misc/programming/ruby_example/secgen_metadata.xml
new file mode 100644
index 000000000..f5c773c1a
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/ruby_example/secgen_metadata.xml
@@ -0,0 +1,31 @@
+
+
+
+ Ruby Example Challenge Generator
+ Thomas Shaw
+ MIT
+ TODO
+
+ ruby_script_challenge
+
+ linux
+ windows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ script
+
+
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/strings/manifests/.no_puppet b/modules/generators/challenges/misc/programming/strings/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/flag b/modules/generators/challenges/misc/programming/strings/secgen_local/flag
new file mode 100644
index 000000000..d39bb3e8a
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/flag
@@ -0,0 +1 @@
+test successful wayyy :D
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/high.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/high.rb
new file mode 100644
index 000000000..cf8e9e6d2
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/high.rb
@@ -0,0 +1,75 @@
+require 'securerandom'
+require 'timeout'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+# determine encoding format required
+encoding_formats = %w[reverse hex_little_endian hex_big_endian binary_little_endian binary_big_endian base64 octal decimal]
+encoding_format = encoding_formats.sample
+
+case encoding_format
+ when 'reverse'
+ print_string = 'reverse'
+ operation = ->(data) {data.reverse}
+ when 'hex_little_endian'
+ print_string = 'hexadecimal (little endian / LSB first)'
+ operation = ->(data) {data.unpack('h*').first}
+ when 'hex_big_endian'
+ print_string = 'hexadecimal (big endian / MSB first)'
+ operation = ->(data) {data.unpack('H*').first}
+ when 'binary_little_endian'
+ print_string = 'binary (little endian / LSB first)'
+ operation = ->(data) {data.unpack('b*').first}
+ when 'binary_big_endian'
+ print_string = 'binary (big endian / MSB first)'
+ operation = ->(data) {data.unpack('B*').first}
+ when 'base64'
+ require 'base64'
+ print_string = 'base64'
+ operation = ->(data) {Base64.strict_encode64(data)}
+ when 'octal'
+ print_string = 'octal'
+ operation = -> (data) {
+ sum = []
+ data.each_char {|char| sum << char.ord.to_s(8).to_i}
+ sum.join
+ }
+ when 'decimal'
+ print_string = 'decimal'
+ operation = -> (data) {
+ sum = []
+ data.each_char {|char| sum << char.ord.to_s}
+ sum.join
+ }
+ else
+ print_string = 'ERROR'
+ operation = ->(data) {data}
+end
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts "Echo the string back to me, in #{print_string}, before the script times out. Try writing a script of your own to make it easier!"
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+puts string
+
+begin
+ Timeout.timeout 0.3 do
+ response = gets.chomp
+ valid_answer = operation.call(string)
+ if response == valid_answer
+ puts File.read(flag_path)
+ else
+ puts 'Incorrect!'
+ puts 'We were looking for: ' + valid_answer
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/local.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/local.rb
new file mode 100644
index 000000000..e64780369
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/local.rb
@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+
+require_relative '../../../../../../../lib/objects/local_ruby_challenge_generator.rb'
+class EchoStringChallenge < RubyChallengeGenerator
+
+ def initialize
+ super
+ self.module_name = 'Echo String Script Generator'
+ end
+
+ def randomise_by_difficulty
+ __FILE__
+ end
+
+end
+
+EchoStringChallenge.new.run
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/low.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/low.rb
new file mode 100644
index 000000000..89c138921
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/low.rb
@@ -0,0 +1,36 @@
+# #####################
+# Programming Challenge
+# Echo string - Repeat a string and repeat back to the script
+# #####################
+
+require 'securerandom'
+require 'timeout'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts 'Echo the string back to me before the script times out. Try writing a script of your own to make it easier!'
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+puts string
+
+begin
+ Timeout.timeout 0.3 do
+ response = gets.chomp
+ if response == string
+ puts File.read(flag_path)
+ else
+ puts 'Incorrect answer!'
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
+
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/low_every_2nd_char.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/low_every_2nd_char.rb
new file mode 100644
index 000000000..096320352
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/low_every_2nd_char.rb
@@ -0,0 +1,39 @@
+# #####################
+# Programming Challenge
+# Echo string - Repeat a string and repeat back to the script
+# #####################
+
+require 'securerandom'
+require 'timeout'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts 'Echo every second character of the string, starting with the [0]th character, back to me before the script times out. Try writing a script of your own to make it easier!'
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+puts string
+
+begin
+ Timeout.timeout 5 do
+ response = gets.chomp
+ char_array = string.split('')
+ valid_answer = char_array.select.with_index{|_,i| i.even?}.join
+ if response == valid_answer
+ puts File.read(flag_path)
+ else
+ puts 'Incorrect answer!'
+ puts 'We were looking for: ' + valid_answer
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
+
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/medium_base64.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_base64.rb
new file mode 100644
index 000000000..5e25651ea
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_base64.rb
@@ -0,0 +1,34 @@
+require 'securerandom'
+require 'timeout'
+require 'base64'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts 'Echo the string back to me, in base64, before the script times out. Try writing a script of your own to make it easier!'
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+puts string
+
+begin
+ Timeout.timeout 0.3 do
+ response = gets.chomp
+ valid_answer = Base64.strict_encode64(data)
+ if response == valid_answer
+ puts File.read(flag_path) # Flag path
+ else
+ puts 'Incorrect answer!'
+ puts 'We were looking for: ' + valid_answer
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
+
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/medium_binary_big_endian.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_binary_big_endian.rb
new file mode 100644
index 000000000..8a86bf04c
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_binary_big_endian.rb
@@ -0,0 +1,33 @@
+require 'securerandom'
+require 'timeout'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts 'Echo the string back to me, in binary (big endian / MSB first), before the script times out. Try writing a script of your own to make it easier!'
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+puts string
+
+begin
+ Timeout.timeout 0.3 do
+ response = gets.chomp
+ valid_answer = string.unpack('B*').first
+ if response == valid_answer
+ puts File.read(flag_path) # Flag path
+ else
+ puts 'Incorrect answer!'
+ puts 'We were looking for: ' + valid_answer
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
+
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/medium_binary_little_endian.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_binary_little_endian.rb
new file mode 100644
index 000000000..c35e1fd5d
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_binary_little_endian.rb
@@ -0,0 +1,33 @@
+require 'securerandom'
+require 'timeout'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts 'Echo the string back to me, in binary (little endian / LSB first), before the script times out. Try writing a script of your own to make it easier!'
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+puts string
+
+begin
+ Timeout.timeout 0.3 do
+ response = gets.chomp
+ valid_answer = string.unpack('b*').first
+ if response == valid_answer
+ puts File.read(flag_path) # Flag path
+ else
+ puts 'Incorrect answer!'
+ puts 'We were looking for: ' + valid_answer
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
+
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/medium_decimal.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_decimal.rb
new file mode 100644
index 000000000..6d401be80
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_decimal.rb
@@ -0,0 +1,34 @@
+require 'securerandom'
+require 'timeout'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts 'Echo the string back to me, in decimal, before the script times out. Try writing a script of your own to make it easier!'
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+puts string
+
+begin
+ Timeout.timeout 5 do
+ response = gets.chomp
+ sum = []
+ string.each_char{|char| sum << char.ord.to_s}
+ valid_answer = sum.join
+ if response == valid_answer
+ puts File.read(flag_path) # Flag path
+ else
+ puts 'Incorrect answer!'
+ puts 'We were looking for: ' + valid_answer
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/medium_hex_big_endian.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_hex_big_endian.rb
new file mode 100644
index 000000000..43c910a11
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_hex_big_endian.rb
@@ -0,0 +1,33 @@
+require 'securerandom'
+require 'timeout'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts 'Echo the string back to me, in hexadecimal (big endian / MSB first), before the script times out. Try writing a script of your own to make it easier!'
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+puts string
+
+begin
+ Timeout.timeout 0.3 do
+ response = gets.chomp
+ valid_answer = string.unpack('H*').first
+ if response == valid_answer
+ puts File.read(flag_path) # Flag path
+ else
+ puts 'Incorrect answer!'
+ puts 'We were looking for: ' + valid_answer
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
+
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/medium_hex_little_endian.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_hex_little_endian.rb
new file mode 100644
index 000000000..1ccef87f5
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_hex_little_endian.rb
@@ -0,0 +1,33 @@
+require 'securerandom'
+require 'timeout'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts 'Echo the string back to me, in hexadecimal (little endian / LSB first), before the script times out. Try writing a script of your own to make it easier!'
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+puts string
+
+begin
+ Timeout.timeout 0.3 do
+ response = gets.chomp
+ valid_answer = string.unpack('h*').first
+ if response == valid_answer
+ puts File.read(flag_path) # Flag path
+ else
+ puts 'Incorrect answer!'
+ puts 'We were looking for: ' + valid_answer
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
+
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/medium_octal.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_octal.rb
new file mode 100644
index 000000000..139496e75
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_octal.rb
@@ -0,0 +1,35 @@
+require 'securerandom'
+require 'timeout'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts 'Echo the string back to me, in octal, before the script times out. Try writing a script of your own to make it easier!'
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+puts string
+
+begin
+ Timeout.timeout 0.3 do
+ response = gets.chomp
+ sum = []
+ string.each_char {|char| sum << char.ord.to_s(8).to_i}
+ valid_answer = sum.join
+ if response == valid_answer
+ puts File.read(flag_path) # Flag path
+ else
+ puts 'Incorrect answer!'
+ puts 'We were looking for: ' + valid_answer
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
+
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_local/medium_reverse.rb b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_reverse.rb
new file mode 100644
index 000000000..bc9e57237
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_local/medium_reverse.rb
@@ -0,0 +1,44 @@
+# #####################
+# Programming Challenge
+# Echo string - Medium: Reverse a string and repeat it back to the script
+# #####################
+
+require 'securerandom'
+require 'timeout'
+
+$stdout.sync = true # Disable stdout caching (for challenges that can be run over the network)
+
+# Should the challenge types be separate scripts (medium1,medium2,medium3 etc?)
+# so the challenge type is static on the box? less difficult + more replayable
+# TODO: Implement other medium difficulty options:
+# in reverse [done]
+# but I only want every second character starting with index 0 e.g. [0,2,4...]
+# but I only want every second character starting with index 1 e.g. [1,3,5...]
+
+puts 'Prepare yourself. You need to work quickly for this challenge.'
+sleep 2
+puts 'Echo the string back to me, in reverse, before the script times out. Try writing a script of your own to make it easier!'
+sleep 2
+puts 'Get ready, here we go...'
+sleep 2
+# Generate random string
+string = [SecureRandom.base64(rand(20..40)), SecureRandom.hex(rand(20..40))].sample
+
+puts string
+STDOUT.flush
+
+begin
+ Timeout.timeout 0.3 do
+ response = gets.chomp
+ if response == string.reverse
+ puts File.read(flag_path) # Flag path
+ else
+ puts 'Incorrect answer!'
+ exit
+ end
+ end
+rescue Timeout::Error
+ puts 'Too slow!'
+ exit
+end
+
diff --git a/modules/generators/challenges/misc/programming/strings/secgen_metadata.xml b/modules/generators/challenges/misc/programming/strings/secgen_metadata.xml
new file mode 100644
index 000000000..7b583e18b
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/strings/secgen_metadata.xml
@@ -0,0 +1,33 @@
+
+
+
+ String Challenge Generator
+ Thomas Shaw
+ MIT
+ TODO
+
+ ruby_script_challenge
+ programming_challenge
+ ctf_challenge
+
+ linux
+ windows
+
+ difficulty
+
+
+
+
+ low
+ medium
+ high
+
+
+
+
+
+ script
+
+
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/strings/strings.pp b/modules/generators/challenges/misc/programming/strings/strings.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/compression/zip/secgen_local/local.rb b/modules/generators/compression/zip/secgen_local/local.rb
index 330bd38de..08c933f0b 100644
--- a/modules/generators/compression/zip/secgen_local/local.rb
+++ b/modules/generators/compression/zip/secgen_local/local.rb
@@ -14,10 +14,11 @@ class ZipGenerator < StringEncoder
self.file_name = ''
self.strings_to_leak = []
self.password = ''
+ Dir.mkdir '../tmp/' unless Dir.exists? '../tmp/'
end
def encode_all
- zip_file_path = GENERATORS_DIR + 'compression/zip/secgen_local/archive.zip'
+ zip_file_path = GENERATORS_DIR + 'compression/zip/tmp/archive.zip'
file_contents = ''
data = self.strings_to_leak.join("\n")
diff --git a/modules/generators/flag/flag_words/secgen_local/local.rb b/modules/generators/flag/flag_words/secgen_local/local.rb
index 50c13f00f..bb792b295 100644
--- a/modules/generators/flag/flag_words/secgen_local/local.rb
+++ b/modules/generators/flag/flag_words/secgen_local/local.rb
@@ -1,6 +1,6 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_string_generator.rb'
-
+require_relative '../../../../../lib/helpers/blacklist.rb'
class WordFlagGenerator < StringGenerator
def initialize
super
@@ -8,11 +8,24 @@ class WordFlagGenerator < StringGenerator
end
def generate
- file = File.readlines("#{ROOT_DIR}/lib/resources/wordlists/wordlist")
- flag_string = file.sample.chomp + file.sample.chomp + file.sample.chomp + file.sample.chomp + file.sample.chomp
+ file = File.readlines("#{WORDLISTS_DIR}/wordlist")
+ flag_string = ''
+ blacklist = Blacklist.new
+
+ (0..4).each { |_|
+ flag_word = ''
+ until flag_word != ''
+ selected_word = file.sample.chomp
+ unless blacklist.is_blacklisted? selected_word
+ flag_word = selected_word
+ flag_string += flag_word
+ end
+ end
+ }
+
flag_string.gsub!(/[^0-9a-z ]/i, '') # strip special characters from the word string. removes umlauts/accents etc.
self.outputs << 'flag{' + flag_string + '}'
end
end
-WordFlagGenerator.new.run
+WordFlagGenerator.new.run
\ No newline at end of file
diff --git a/modules/generators/key/gpg_key_pair/files/parameterfile b/modules/generators/key/gpg_key_pair/files/parameterfile
new file mode 100644
index 000000000..09effc8c2
--- /dev/null
+++ b/modules/generators/key/gpg_key_pair/files/parameterfile
@@ -0,0 +1,7 @@
+Key-Type: 1
+Key-Length: 2048
+Subkey-Type: 1
+Subkey-Length: 2048
+Name-Real: SecGen
+Name-Email: secgen@localhost
+Expire-Date: 0
\ No newline at end of file
diff --git a/modules/generators/key/gpg_key_pair/gpg_key_pair.pp b/modules/generators/key/gpg_key_pair/gpg_key_pair.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/key/gpg_key_pair/manifests/.no_puppet b/modules/generators/key/gpg_key_pair/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/key/gpg_key_pair/secgen_local/local.rb b/modules/generators/key/gpg_key_pair/secgen_local/local.rb
new file mode 100644
index 000000000..b103a6a40
--- /dev/null
+++ b/modules/generators/key/gpg_key_pair/secgen_local/local.rb
@@ -0,0 +1,25 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+require 'open3'
+
+class SSHKeyPairGenerator < StringEncoder
+
+ def initialize
+ super
+ self.module_name = 'GPG Key Pair Generator'
+ end
+
+ def encode_all
+ # TODO: Incorporate some way of making this key import temporary... We don't want to fill our host systems keyring up with a million keys.
+ _, gen_stderr, _ = Open3.capture3("gpg --batch --gen-key #{GENERATORS_DIR}key/gpg_key_pair/files/parameterfile")
+ key_id = gen_stderr.split("\n").last.split(" ")[2]
+
+ privkey_stdout, _, _ = Open3.capture3("gpg --armor --export-secret-keys #{key_id}")
+ pubkey_stdout, _, _ = Open3.capture3("gpg --armor --export #{key_id}")
+
+ self.outputs << {'private' => privkey_stdout, 'public' => pubkey_stdout}.to_json
+ end
+
+end
+
+SSHKeyPairGenerator.new.run
diff --git a/modules/generators/key/gpg_key_pair/secgen_metadata.xml b/modules/generators/key/gpg_key_pair/secgen_metadata.xml
new file mode 100644
index 000000000..7cd9d1e34
--- /dev/null
+++ b/modules/generators/key/gpg_key_pair/secgen_metadata.xml
@@ -0,0 +1,15 @@
+
+
+
+ SSH Key Pair Generator
+ Thomas Shaw
+ MIT
+ Generates a pair of RSA 2048 ssh keys.
+
+ gpg_key_pair
+ linux
+
+ ssh_key_pair
+
diff --git a/modules/generators/key/ssh_key_pair/secgen_metadata.xml b/modules/generators/key/ssh_key_pair/secgen_metadata.xml
index 291008e36..d5a429e18 100644
--- a/modules/generators/key/ssh_key_pair/secgen_metadata.xml
+++ b/modules/generators/key/ssh_key_pair/secgen_metadata.xml
@@ -9,6 +9,7 @@
Generates a pair of RSA 2048 ssh keys.
ssh_key_generator
+ ssh_key_pair
linux
ssh_key_pair
diff --git a/modules/generators/passwords/random_common_password/secgen_metadata.xml b/modules/generators/passwords/random_common_password/secgen_metadata.xml
index 5cbf3d22d..3857448c2 100644
--- a/modules/generators/passwords/random_common_password/secgen_metadata.xml
+++ b/modules/generators/passwords/random_common_password/secgen_metadata.xml
@@ -12,6 +12,7 @@
password_generator
weak_password_generator
+ crackable_password_generator
local_calculation
linux
windows
diff --git a/modules/generators/passwords/random_medium_password/secgen_metadata.xml b/modules/generators/passwords/random_medium_password/secgen_metadata.xml
index d777563ac..1d1aaae95 100644
--- a/modules/generators/passwords/random_medium_password/secgen_metadata.xml
+++ b/modules/generators/passwords/random_medium_password/secgen_metadata.xml
@@ -8,6 +8,7 @@
MIT
Selects a random word or name 6 characters long and appends 2 random digits.
+ crackable_password_generator
medium_password_generator
password_generator
local_calculation
diff --git a/modules/generators/passwords/random_weak_password/secgen_metadata.xml b/modules/generators/passwords/random_weak_password/secgen_metadata.xml
index 8e3e2d0b3..08462bd38 100644
--- a/modules/generators/passwords/random_weak_password/secgen_metadata.xml
+++ b/modules/generators/passwords/random_weak_password/secgen_metadata.xml
@@ -10,6 +10,7 @@
password_generator
weak_password_generator
+ crackable_password_generator
local_calculation
linux
windows
diff --git a/modules/generators/random/random_difficulty/manifests/.no_puppet b/modules/generators/random/random_difficulty/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/random/random_difficulty/random_difficulty.pp b/modules/generators/random/random_difficulty/random_difficulty.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/random/random_difficulty/secgen_local/local.rb b/modules/generators/random/random_difficulty/secgen_local/local.rb
new file mode 100644
index 000000000..b00b63039
--- /dev/null
+++ b/modules/generators/random/random_difficulty/secgen_local/local.rb
@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_generator.rb'
+
+class RandomDifficulty < StringGenerator
+
+ def initialize
+ super
+ self.module_name = 'Random Difficulty Generator'
+ end
+
+ def generate
+ outputs << %w(easy medium high).sample.chomp
+ end
+
+end
+
+RandomDifficulty.new.run
\ No newline at end of file
diff --git a/modules/generators/random/random_difficulty/secgen_metadata.xml b/modules/generators/random/random_difficulty/secgen_metadata.xml
new file mode 100644
index 000000000..5f1ed816d
--- /dev/null
+++ b/modules/generators/random/random_difficulty/secgen_metadata.xml
@@ -0,0 +1,18 @@
+
+
+
+ Random Difficulty Generator
+ Thomas Shaw
+ MIT
+ Returns one of the strings: easy, medium or hard
+
+ difficulty
+ string_generator
+ local_calculation
+ linux
+ windows
+
+ generated_strings
+
\ No newline at end of file
diff --git a/modules/generators/random/random_hex/secgen_metadata.xml b/modules/generators/random/random_hex/secgen_metadata.xml
index 7a601d1d9..64bfcd667 100644
--- a/modules/generators/random/random_hex/secgen_metadata.xml
+++ b/modules/generators/random/random_hex/secgen_metadata.xml
@@ -9,6 +9,8 @@
Uses Ruby's SecureRandom to generate a message made up of hex digits (a-f0-9).
string_generator
+ hex_generator
+ random_hex
local_calculation
linux
windows
diff --git a/modules/generators/random/random_metactf_challenge/manifests/.no_puppet b/modules/generators/random/random_metactf_challenge/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/random/random_metactf_challenge/random_metactf_challenge.pp b/modules/generators/random/random_metactf_challenge/random_metactf_challenge.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/random/random_metactf_challenge/secgen_local/local.rb b/modules/generators/random/random_metactf_challenge/secgen_local/local.rb
new file mode 100644
index 000000000..052cad8d2
--- /dev/null
+++ b/modules/generators/random/random_metactf_challenge/secgen_local/local.rb
@@ -0,0 +1,160 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_generator.rb'
+
+class RandomMetaCTFChallenge < StringGenerator
+ attr_accessor :difficulty
+
+ def initialize
+ super
+ self.module_name = 'Random Wordpress Version Generator'
+ self.difficulty = ''
+ end
+
+
+ def get_options_array
+ super + [['--difficulty', GetoptLong::REQUIRED_ARGUMENT]]
+ end
+
+ def process_options(opt, arg)
+ super
+ case opt
+ when '--difficulty'
+ self.difficulty << arg;
+ end
+ end
+
+ def generate
+
+ # TODO : run through the challenges and adjust difficulty to something more appropriate
+
+ src_angr = [
+ {:difficulty => 'medium', :name => 'src_angr/00_angr_find'},
+ {:difficulty => 'medium', :name => 'src_angr/01_angr_avoid'},
+ {:difficulty => 'medium', :name => 'src_angr/02_angr_find_condition'},
+ {:difficulty => 'medium', :name => 'src_angr/03_angr_symbolic_registers'},
+ {:difficulty => 'medium', :name => 'src_angr/04_angr_symbolic_stack'},
+ {:difficulty => 'medium', :name => 'src_angr/05_angr_symbolic_memory'},
+ {:difficulty => 'medium', :name => 'src_angr/06_angr_symbolic_dynamic_memory'},
+ {:difficulty => 'medium', :name => 'src_angr/07_angr_symbolic_file'},
+ {:difficulty => 'medium', :name => 'src_angr/08_angr_constraints'},
+ {:difficulty => 'hard', :name => 'src_angr/09_angr_hooks'},
+ {:difficulty => 'hard', :name => 'src_angr/10_angr_simprocedures'},
+ {:difficulty => 'hard', :name => 'src_angr/11_angr_sim_scanf'},
+ {:difficulty => 'hard', :name => 'src_angr/12_angr_veritesting'},
+ {:difficulty => 'hard', :name => 'src_angr/13_angr_static_binary'},
+ {:difficulty => 'hard', :name => 'src_angr/14_angr_shared_library'},
+ # TODO: Replacing 'Good Job with a printflag(); call requires more thought for task 15 - omit for now
+ # '{:difficulty => 'easy', :name => 'src_angr/15_angr_arbitrary_read'},
+ {:difficulty => 'hard', :name => 'src_angr/16_angr_arbitrary_write'},
+ {:difficulty => 'hard', :name => 'src_angr/17_angr_arbitrary_jump'},
+ ]
+
+ src_csp = [
+ {:difficulty => 'easy', :name => 'src_csp/Ch1-2/Ch1_Ltrace'},
+ {:difficulty => 'easy', :name => 'src_csp/Ch1-2/Ch1_Readelf'},
+ {:difficulty => 'easy', :name => 'src_csp/Ch1-2/Ch2_01_Endian'},
+ {:difficulty => 'easy', :name => 'src_csp/Ch1-2/Ch2_01_Showkey'},
+ {:difficulty => 'easy', :name => 'src_csp/Ch1-2/Ch2_03_IntOverflow'},
+ {:difficulty => 'easy', :name => 'src_csp/Ch1-2/Ch2_03_TwosComplement'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch1-2/Ch2_03_XorInt'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch1-2/Ch2_05_FloatConvert'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3-ExtraFormatStr/Ch3_Format0_Leak'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3-ExtraFormatStr/Ch3_Format1_LeakDollar'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3-ExtraFormatStr/Ch3_Format2_nCorruptKey'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3-ExtraFormatStr/Ch3_Format3_nWriteKey'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3-ExtraFormatStr/Ch3_Format4_nWriteFnP'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3-ExtraFormatStr/Ch3_Format5_nTargetWrite'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3-ExtraFormatStr/Ch3_Format6_PLTHijack'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3.1-3.5/Ch3_00_GdbIntro'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3.1-3.5/Ch3_00_GdbRegs'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3.1-3.5/Ch3_00_GdbSetmem'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3.1-3.5/Ch3_01_GdbPractice'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3.1-3.5/Ch3_02_AsciiInstr'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3.1-3.5/Ch3_04_FnPointer'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3.1-3.5/Ch3_04_LinkedList'},
+ {:difficulty => 'medium', :name => 'src_csp/Ch3.1-3.5/Ch3_05_XorLong'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.1-3.5/Ch3_05_XorStr'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.6-3.7/Ch3_06_Conditionals'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.6-3.7/Ch3_06_LoopMulti'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.6-3.7/Ch3_06_SwitchTable'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.6-3.7/Ch3_07_FloatReturn'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.6-3.7/Ch3_07_ParamsRegs'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.6-3.7/Ch3_07_ParamsStack'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.6-3.7/Ch3_07_SegvBacktrace'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.6-3.7/Ch3_07_StaticInt'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.6-3.7/Ch3_07_StaticStrcmp'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.7-3.9/Ch3_07_CanaryBypass'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.7-3.9/Ch3_07_HijackPLT'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.7-3.9/Ch3_07_ScanfOverflow'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.7-3.9/Ch3_07_StackSmash'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.7-3.9/Ch3_08_2DArrays'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.7-3.9/Ch3_08_Matrix'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch3.7-3.9/Ch3_09_Structs'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch5-8/Ch5_08_LoopUnroll'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch5-8/Ch7_13_LdPreloadGetUID'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch5-8/Ch8_05_PsSignals'},
+ {:difficulty => 'hard', :name => 'src_csp/Ch5-8/Ch8_05_Signals'},
+ ]
+
+ src_malware = [
+ {:difficulty => 'easy', :name => 'src_malware/Ch01-08/Ch01StatA_Readelf'},
+ {:difficulty => 'easy', :name => 'src_malware/Ch01-08/Ch03DynA_Ltrace'},
+ {:difficulty => 'easy', :name => 'src_malware/Ch01-08/Ch04x86_AsciiInstr'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch04x86_AsciiStrcmp'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch06CAsm_Conditionals'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch06CAsm_LinkedList'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch06CAsm_LoopMulti'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch06CAsm_SwitchTable'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch08Dbg_GdbIntro'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch08Dbg_GdbParams'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch08Dbg_GdbPractice'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch08Dbg_GdbRegs'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch08Dbg_GdbSetmem'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch08Dbg_InputFormat'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch08Dbg_Radare2Intro1'},
+ {:difficulty => 'medium', :name => 'src_malware/Ch01-08/Ch08Dbg_Radare2Intro2'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch01-08/Ch08Dbg_StaticInt'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch01-08/Ch08Dbg_StaticRE'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch01-08/Ch08Dbg_StaticStrcmp'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch11-13/Ch11MalBeh_HijackPLT'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch11-13/Ch11MalBeh_LdPreloadGetUID'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch11-13/Ch11MalBeh_LdPreloadRand'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch11-13/Ch11MalBeh_NetcatShovel'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch11-13/Ch12Covert_ForkFollow'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch11-13/Ch12Covert_ForkPipe'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch11-13/Ch13DataEnc_BaseEnc'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch11-13/Ch13DataEnc_XorEnc'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch15AntiDis_FakeCallInt'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch15AntiDis_FakeCond'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch15AntiDis_FakeMetaConds'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch15AntiDis_InJmp'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch15AntiDis_PushRet'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch16AntiDbg_BypassPtrace'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch16AntiDbg_GdbCheckTrace'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch16AntiDbg_Int3Scan'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch16AntiDbg_SigtrapCheck'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch16AntiDbg_SigtrapEntangle'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch16AntiDbg_SigtrapHijack'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch15-16/Ch16AntiDbg_TimeCheck'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch18-21/Ch18PackUnp_UnpackEasy'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch18-21/Ch18PackUnp_UnpackGdb'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch18-21/Ch21x64_ParamsRegs'},
+ {:difficulty => 'hard', :name => 'src_malware/Ch18-21/Ch21x64_ParamsStack'},
+ ]
+
+ challenges = src_angr + src_csp + src_malware
+
+ # Select based on difficulty
+
+ challenges.delete_if do |challenge|
+ challenge[:difficulty] != self.difficulty
+ end
+
+ challenge = challenges.sample
+ outputs << challenge[:name]
+
+ end
+
+end
+
+RandomMetaCTFChallenge.new.run
\ No newline at end of file
diff --git a/modules/generators/random/random_metactf_challenge/secgen_metadata.xml b/modules/generators/random/random_metactf_challenge/secgen_metadata.xml
new file mode 100644
index 000000000..c5c69317f
--- /dev/null
+++ b/modules/generators/random/random_metactf_challenge/secgen_metadata.xml
@@ -0,0 +1,25 @@
+
+
+
+ Random MetaCTF Challenge Generator
+ Thomas Shaw
+ MIT
+ Selects the name of a random MetaCTF challenge.
+
+ metactf_challenge
+ string_generator
+ local_calculation
+ linux
+
+ https://bitbucket.org/wuchangfeng/metactf
+
+ difficulty
+
+
+
+
+
+ generated_strings
+
\ No newline at end of file
diff --git a/modules/generators/random/random_number/manifests/.no_puppet b/modules/generators/random/random_number/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/random/random_number/random_number.pp b/modules/generators/random/random_number/random_number.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/random/random_number/secgen_local/local.rb b/modules/generators/random/random_number/secgen_local/local.rb
new file mode 100644
index 000000000..1f1c5dc25
--- /dev/null
+++ b/modules/generators/random/random_number/secgen_local/local.rb
@@ -0,0 +1,51 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_generator.rb'
+
+class NumberGenerator < StringGenerator
+ attr_accessor :minimum
+ attr_accessor :maximum
+ attr_accessor :zero_padding
+
+ def initialize
+ super
+ self.module_name = 'Random NumberGenerator'
+ self.minimum = ''
+ self.maximum = ''
+ self.zero_padding = ''
+ end
+
+ def generate
+ random_number = rand(self.minimum .. self.maximum).to_s
+ random_number = random_number.to_s.rjust(self.maximum.to_s.length,'0') if self.zero_padding.downcase == "true"
+ self.outputs << random_number
+ end
+
+ def process_options(opt, arg)
+ super
+ if opt == '--minimum'
+ self.minimum = arg.to_i;
+ end
+
+ if opt == '--maximum'
+ self.maximum = arg.to_i;
+ end
+
+ if opt == '--zero_padding'
+ self.zero_padding = arg;
+ end
+ end
+
+ def get_options_array
+ super + [['--minimum', GetoptLong::REQUIRED_ARGUMENT],
+ ['--maximum', GetoptLong::REQUIRED_ARGUMENT],
+ ['--zero_padding', GetoptLong::OPTIONAL_ARGUMENT]]
+ end
+
+ def encoding_print_string
+ 'minimum: ' + self.minimum.to_s + print_string_padding +
+ 'maximum: ' + self.maximum.to_s + print_string_padding +
+ 'zero_padding: ' + self.zero_padding.to_s
+ end
+end
+
+NumberGenerator.new.run
\ No newline at end of file
diff --git a/modules/generators/random/random_number/secgen_metadata.xml b/modules/generators/random/random_number/secgen_metadata.xml
new file mode 100644
index 000000000..9f7a7347f
--- /dev/null
+++ b/modules/generators/random/random_number/secgen_metadata.xml
@@ -0,0 +1,35 @@
+
+
+
+ Random Number Generator
+ Thomas Shaw
+ MIT
+ Random number generator.
+
+ random_number_generator
+ number_generator
+ number
+ local_calculation
+ linux
+ windows
+
+ minimum
+ maximum
+ zero_padding
+
+
+ 0
+
+
+
+ 1000000
+
+
+
+ false
+
+
+ number
+
\ No newline at end of file
diff --git a/modules/generators/random/random_word/secgen_local/local.rb b/modules/generators/random/random_word/secgen_local/local.rb
index a8534333a..f43f07dc2 100644
--- a/modules/generators/random/random_word/secgen_local/local.rb
+++ b/modules/generators/random/random_word/secgen_local/local.rb
@@ -1,17 +1,24 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_string_generator.rb'
+require_relative '../../../../../lib/helpers/blacklist.rb'
class WordGenerator < StringGenerator
attr_accessor :wordlist
+ attr_accessor :min_length
+ attr_accessor :max_length
def initialize
super
self.wordlist = []
+ self.min_length = ''
+ self.max_length = ''
self.module_name = 'Random Word Generator'
end
def get_options_array
- super + [['--wordlist', GetoptLong::OPTIONAL_ARGUMENT]]
+ super + [['--wordlist', GetoptLong::OPTIONAL_ARGUMENT],
+ ['--min_length', GetoptLong::OPTIONAL_ARGUMENT],
+ ['--max_length', GetoptLong::OPTIONAL_ARGUMENT]]
end
def process_options(opt, arg)
@@ -19,12 +26,41 @@ class WordGenerator < StringGenerator
case opt
when '--wordlist'
self.wordlist << arg;
+ when '--min_length'
+ if arg == ''
+ self.min_length = 0
+ else
+ self.min_length = arg.to_i
+ end
+ when '--max_length'
+ if arg == ''
+ self.max_length = 999
+ else
+ self.max_length = arg.to_i
+ end
end
end
def generate
- word = File.readlines("#{WORDLISTS_DIR}/#{self.wordlist.sample.chomp}").sample.chomp
- self.outputs << word.gsub(/[^\w]/, '')
+ blacklist = Blacklist.new
+ flag_word = ''
+
+ until flag_word != ''
+ selected_word = File.readlines("#{WORDLISTS_DIR}/#{self.wordlist.sample.chomp}").sample.chomp
+ if suitable_word_length(selected_word) and !blacklist.is_blacklisted?(selected_word)
+ flag_word = selected_word.gsub(/[^\w]/, '')
+ end
+ end
+
+ self.outputs << flag_word
+ end
+
+ def suitable_word_length(string)
+ if self.min_length.is_a? String or self.max_length.is_a? String
+ true
+ else
+ ((string.length >= self.min_length) and (string.length <= self.max_length))
+ end
end
end
diff --git a/modules/generators/random/random_word/secgen_metadata.xml b/modules/generators/random/random_word/secgen_metadata.xml
index 66ab3fee2..f6a4ac9be 100644
--- a/modules/generators/random/random_word/secgen_metadata.xml
+++ b/modules/generators/random/random_word/secgen_metadata.xml
@@ -18,6 +18,9 @@
http://wordlist.sourceforge.net/
wordlist
+ min_length
+ max_length
+
wordlist
diff --git a/modules/generators/structured_content/account/secgen_local/local.rb b/modules/generators/structured_content/account/secgen_local/local.rb
index e6d98abf0..01194c725 100644
--- a/modules/generators/structured_content/account/secgen_local/local.rb
+++ b/modules/generators/structured_content/account/secgen_local/local.rb
@@ -6,6 +6,7 @@ class AccountGenerator < StringEncoder
attr_accessor :super_user
attr_accessor :strings_to_leak
attr_accessor :leaked_filenames
+ attr_accessor :data_to_leak
def initialize
super
@@ -14,6 +15,7 @@ class AccountGenerator < StringEncoder
self.password = ''
self.super_user = ''
self.strings_to_leak = []
+ self.data_to_leak = []
self.leaked_filenames = []
end
@@ -24,6 +26,7 @@ class AccountGenerator < StringEncoder
account_hash['super_user'] = self.super_user
account_hash['strings_to_leak'] = self.strings_to_leak
account_hash['leaked_filenames'] = self.leaked_filenames
+ account_hash['data_to_leak'] = self.data_to_leak
self.outputs << account_hash.to_json
end
@@ -31,6 +34,7 @@ class AccountGenerator < StringEncoder
def get_options_array
super + [['--strings_to_leak', GetoptLong::OPTIONAL_ARGUMENT],
['--leaked_filenames', GetoptLong::OPTIONAL_ARGUMENT],
+ ['--data_to_leak', GetoptLong::OPTIONAL_ARGUMENT],
['--username', GetoptLong::REQUIRED_ARGUMENT],
['--password', GetoptLong::REQUIRED_ARGUMENT],
['--super_user', GetoptLong::REQUIRED_ARGUMENT]]
@@ -49,6 +53,8 @@ class AccountGenerator < StringEncoder
self.strings_to_leak << arg;
when '--leaked_filenames'
self.leaked_filenames << arg;
+ when '--data_to_leak'
+ self.data_to_leak << arg;
end
end
@@ -57,7 +63,8 @@ class AccountGenerator < StringEncoder
'password: ' + self.password.to_s + print_string_padding +
'super_user: ' + self.super_user.to_s + print_string_padding +
'strings_to_leak: ' + self.strings_to_leak.to_s + print_string_padding +
- 'leaked_filenames: ' + self.leaked_filenames.to_s
+ 'leaked_filenames: ' + self.leaked_filenames.to_s + print_string_padding +
+ 'data_to_leak: ' + self.data_to_leak.to_s
end
end
diff --git a/modules/generators/structured_content/account/secgen_metadata.xml b/modules/generators/structured_content/account/secgen_metadata.xml
index 37f9990f7..0f2941462 100644
--- a/modules/generators/structured_content/account/secgen_metadata.xml
+++ b/modules/generators/structured_content/account/secgen_metadata.xml
@@ -19,6 +19,7 @@
super_user
strings_to_leak
leaked_filenames
+ data_to_leak
diff --git a/modules/generators/structured_content/leaked_data/leaked_data.pp b/modules/generators/structured_content/leaked_data/leaked_data.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/structured_content/leaked_data/manifests/.no_puppet b/modules/generators/structured_content/leaked_data/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/structured_content/leaked_data/secgen_local/local.rb b/modules/generators/structured_content/leaked_data/secgen_local/local.rb
new file mode 100644
index 000000000..fed2f3966
--- /dev/null
+++ b/modules/generators/structured_content/leaked_data/secgen_local/local.rb
@@ -0,0 +1,59 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+require 'base64'
+
+class LeakedDataGenerator < StringEncoder
+ attr_accessor :data
+ attr_accessor :filename
+ attr_accessor :ext
+ attr_accessor :subdirectory
+
+ def initialize
+ super
+ self.module_name = 'SecGen Leaked Data Wrapper'
+ self.data = ''
+ self.filename = ''
+ self.ext = ''
+ self.subdirectory = ''
+ end
+
+ def encode_all
+ data_hash = {:secgen_leaked_data => {}}
+ data_hash[:secgen_leaked_data]['data'] = Base64.strict_encode64(self.data)
+ data_hash[:secgen_leaked_data]['filename'] = self.filename
+ data_hash[:secgen_leaked_data]['ext'] = self.ext
+ data_hash[:secgen_leaked_data]['subdirectory'] = self.subdirectory
+
+ self.outputs << data_hash.to_json
+ end
+
+ def get_options_array
+ super + [['--data', GetoptLong::OPTIONAL_ARGUMENT],
+ ['--filename', GetoptLong::OPTIONAL_ARGUMENT],
+ ['--ext', GetoptLong::REQUIRED_ARGUMENT],
+ ['--subdirectory', GetoptLong::REQUIRED_ARGUMENT]]
+ end
+
+ def process_options(opt, arg)
+ super
+ case opt
+ when '--data'
+ self.data << arg;
+ when '--filename'
+ self.filename << arg;
+ when '--ext'
+ self.ext << arg;
+ when '--subdirectory'
+ self.subdirectory << arg;
+ end
+ end
+
+ def encoding_print_string
+ 'data: ' + self.data.to_s + print_string_padding +
+ 'filename: ' + self.filename.to_s + print_string_padding +
+ 'ext: ' + self.ext.to_s + print_string_padding +
+ 'subdirectory: ' + self.subdirectory.to_s
+ end
+end
+
+LeakedDataGenerator.new.run
diff --git a/modules/generators/structured_content/leaked_data/secgen_metadata.xml b/modules/generators/structured_content/leaked_data/secgen_metadata.xml
new file mode 100644
index 000000000..e4bd976e0
--- /dev/null
+++ b/modules/generators/structured_content/leaked_data/secgen_metadata.xml
@@ -0,0 +1,28 @@
+
+
+
+ Leaked Data Generator
+ Thomas Shaw
+ MIT
+ TODO:
+
+
+ leaked_data
+ linux
+
+ data
+ filename
+ ext
+ subdirectory
+
+
+ leaked_file
+
+
+ txt
+
+
+ hash
+
diff --git a/modules/services/unix/database/mysql_wheezy_compatible/mysql/CONTRIBUTING.md b/modules/services/unix/database/mysql_wheezy_compatible/mysql/CONTRIBUTING.md
deleted file mode 100644
index bfeaa701c..000000000
--- a/modules/services/unix/database/mysql_wheezy_compatible/mysql/CONTRIBUTING.md
+++ /dev/null
@@ -1,220 +0,0 @@
-Checklist (and a short version for the impatient)
-=================================================
-
- * Commits:
-
- - Make commits of logical units.
-
- - Check for unnecessary whitespace with "git diff --check" before
- committing.
-
- - Commit using Unix line endings (check the settings around "crlf" in
- git-config(1)).
-
- - Do not check in commented out code or unneeded files.
-
- - The first line of the commit message should be a short
- description (50 characters is the soft limit, excluding ticket
- number(s)), and should skip the full stop.
-
- - Associate the issue in the message. The first line should include
- the issue number in the form "(#XXXX) Rest of message".
-
- - The body should provide a meaningful commit message, which:
-
- - uses the imperative, present tense: "change", not "changed" or
- "changes".
-
- - includes motivation for the change, and contrasts its
- implementation with the previous behavior.
-
- - Make sure that you have tests for the bug you are fixing, or
- feature you are adding.
-
- - Make sure the test suites passes after your commit:
- `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below
-
- - When introducing a new feature, make sure it is properly
- documented in the README.md
-
- * Submission:
-
- * Pre-requisites:
-
- - Make sure you have a [GitHub account](https://github.com/join)
-
- - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for.
-
- * Preferred method:
-
- - Fork the repository on GitHub.
-
- - Push your changes to a topic branch in your fork of the
- repository. (the format ticket/1234-short_description_of_change is
- usually preferred for this project).
-
- - Submit a pull request to the repository in the puppetlabs
- organization.
-
-The long version
-================
-
- 1. Make separate commits for logically separate changes.
-
- Please break your commits down into logically consistent units
- which include new or changed tests relevant to the rest of the
- change. The goal of doing this is to make the diff easier to
- read for whoever is reviewing your code. In general, the easier
- your diff is to read, the more likely someone will be happy to
- review it and get it into the code base.
-
- If you are going to refactor a piece of code, please do so as a
- separate commit from your feature or bug fix changes.
-
- We also really appreciate changes that include tests to make
- sure the bug is not re-introduced, and that the feature is not
- accidentally broken.
-
- Describe the technical detail of the change(s). If your
- description starts to get too long, that is a good sign that you
- probably need to split up your commit into more finely grained
- pieces.
-
- Commits which plainly describe the things which help
- reviewers check the patch and future developers understand the
- code are much more likely to be merged in with a minimum of
- bike-shedding or requested changes. Ideally, the commit message
- would include information, and be in a form suitable for
- inclusion in the release notes for the version of Puppet that
- includes them.
-
- Please also check that you are not introducing any trailing
- whitespace or other "whitespace errors". You can do this by
- running "git diff --check" on your changes before you commit.
-
- 2. Sending your patches
-
- To submit your changes via a GitHub pull request, we _highly_
- recommend that you have them on a topic branch, instead of
- directly on "master".
- It makes things much easier to keep track of, especially if
- you decide to work on another thing before your first change
- is merged in.
-
- GitHub has some pretty good
- [general documentation](http://help.github.com/) on using
- their site. They also have documentation on
- [creating pull requests](http://help.github.com/send-pull-requests/).
-
- In general, after pushing your topic branch up to your
- repository on GitHub, you can switch to the branch in the
- GitHub UI and click "Pull Request" towards the top of the page
- in order to open a pull request.
-
-
- 3. Update the related GitHub issue.
-
- If there is a GitHub issue associated with the change you
- submitted, then you should update the ticket to include the
- location of your branch, along with any other commentary you
- may wish to make.
-
-Testing
-=======
-
-Getting Started
----------------
-
-Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby
-package manager such as [bundler](http://bundler.io/) what Ruby packages,
-or Gems, are required to build, develop, and test this software.
-
-Please make sure you have [bundler installed](http://bundler.io/#getting-started)
-on your system, then use it to install all dependencies needed for this project,
-by running
-
-```shell
-% bundle install
-Fetching gem metadata from https://rubygems.org/........
-Fetching gem metadata from https://rubygems.org/..
-Using rake (10.1.0)
-Using builder (3.2.2)
--- 8><-- many more --><8 --
-Using rspec-system-puppet (2.2.0)
-Using serverspec (0.6.3)
-Using rspec-system-serverspec (1.0.0)
-Using bundler (1.3.5)
-Your bundle is complete!
-Use `bundle show [gemname]` to see where a bundled gem is installed.
-```
-
-NOTE some systems may require you to run this command with sudo.
-
-If you already have those gems installed, make sure they are up-to-date:
-
-```shell
-% bundle update
-```
-
-With all dependencies in place and up-to-date we can now run the tests:
-
-```shell
-% bundle exec rake spec
-```
-
-This will execute all the [rspec tests](http://rspec-puppet.com/) tests
-under [spec/defines](./spec/defines), [spec/classes](./spec/classes),
-and so on. rspec tests may have the same kind of dependencies as the
-module they are testing. While the module defines in its [Modulefile](./Modulefile),
-rspec tests define them in [.fixtures.yml](./fixtures.yml).
-
-Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker)
-tests. These tests spin up a virtual machine under
-[VirtualBox](https://www.virtualbox.org/)) with, controlling it with
-[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test
-scenarios. In order to run these, you will need both of those tools
-installed on your system.
-
-You can run them by issuing the following command
-
-```shell
-% bundle exec rake spec_clean
-% bundle exec rspec spec/acceptance
-```
-
-This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml),
-install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb)
-and then run all the tests under [spec/acceptance](./spec/acceptance).
-
-Writing Tests
--------------
-
-XXX getting started writing tests.
-
-If you have commit access to the repository
-===========================================
-
-Even if you have commit access to the repository, you will still need to
-go through the process above, and have someone else review and merge
-in your changes. The rule is that all changes must be reviewed by a
-developer on the project (that did not write the code) to ensure that
-all changes go through a code review process.
-
-Having someone other than the author of the topic branch recorded as
-performing the merge is the record that they performed the code
-review.
-
-
-Additional Resources
-====================
-
-* [Getting additional help](http://puppetlabs.com/community/get-help)
-
-* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests)
-
-* [Patchwork](https://patchwork.puppetlabs.com)
-
-* [General GitHub documentation](http://help.github.com/)
-
-* [GitHub pull request documentation](http://help.github.com/send-pull-requests/)
-
diff --git a/modules/utilities/unix/audit_tools/hash_cracking/hashcat/hashcat.pp b/modules/utilities/unix/audit_tools/hash_cracking/hashcat/hashcat.pp
new file mode 100644
index 000000000..a9268c7e3
--- /dev/null
+++ b/modules/utilities/unix/audit_tools/hash_cracking/hashcat/hashcat.pp
@@ -0,0 +1 @@
+include hashcat::install
\ No newline at end of file
diff --git a/modules/utilities/unix/audit_tools/hash_cracking/hashcat/manifests/install.pp b/modules/utilities/unix/audit_tools/hash_cracking/hashcat/manifests/install.pp
new file mode 100644
index 000000000..4fdd53614
--- /dev/null
+++ b/modules/utilities/unix/audit_tools/hash_cracking/hashcat/manifests/install.pp
@@ -0,0 +1,5 @@
+class hashcat::install {
+ package { 'hashcat':
+ ensure => installed,
+ }
+}
\ No newline at end of file
diff --git a/modules/utilities/unix/audit_tools/hash_cracking/hashcat/secgen_metadata.xml b/modules/utilities/unix/audit_tools/hash_cracking/hashcat/secgen_metadata.xml
new file mode 100644
index 000000000..d41c1db72
--- /dev/null
+++ b/modules/utilities/unix/audit_tools/hash_cracking/hashcat/secgen_metadata.xml
@@ -0,0 +1,14 @@
+
+
+
+ Hashcat
+ Thomas Shaw
+ Apache v2
+ Installs hashcat hash cracking tool.
+
+ hash_cracking_tools
+ linux
+
+
diff --git a/modules/utilities/unix/audit_tools/hash_cracking/johntheripper/johntheripper.pp b/modules/utilities/unix/audit_tools/hash_cracking/johntheripper/johntheripper.pp
new file mode 100644
index 000000000..23495f87e
--- /dev/null
+++ b/modules/utilities/unix/audit_tools/hash_cracking/johntheripper/johntheripper.pp
@@ -0,0 +1 @@
+include johntheripper::install
\ No newline at end of file
diff --git a/modules/utilities/unix/audit_tools/hash_cracking/johntheripper/manifests/install.pp b/modules/utilities/unix/audit_tools/hash_cracking/johntheripper/manifests/install.pp
new file mode 100644
index 000000000..c2495efab
--- /dev/null
+++ b/modules/utilities/unix/audit_tools/hash_cracking/johntheripper/manifests/install.pp
@@ -0,0 +1,5 @@
+class johntheripper::install {
+ package { 'john':
+ ensure => installed,
+ }
+}
\ No newline at end of file
diff --git a/modules/utilities/unix/audit_tools/hash_cracking/johntheripper/secgen_metadata.xml b/modules/utilities/unix/audit_tools/hash_cracking/johntheripper/secgen_metadata.xml
new file mode 100644
index 000000000..9c899070b
--- /dev/null
+++ b/modules/utilities/unix/audit_tools/hash_cracking/johntheripper/secgen_metadata.xml
@@ -0,0 +1,14 @@
+
+
+
+ John The Ripper
+ Thomas Shaw
+ Apache v2
+ Installs John The Ripper hash cracking tool.
+
+ hash_cracking_tools
+ linux
+
+
\ No newline at end of file
diff --git a/modules/utilities/unix/audit_tools/reversing_tools/files/Cutter-v1.7.2-x86_64.Linux.AppImage b/modules/utilities/unix/audit_tools/reversing_tools/files/Cutter-v1.7.2-x86_64.Linux.AppImage
new file mode 100644
index 000000000..70d62ca91
Binary files /dev/null and b/modules/utilities/unix/audit_tools/reversing_tools/files/Cutter-v1.7.2-x86_64.Linux.AppImage differ
diff --git a/modules/utilities/unix/audit_tools/reversing_tools/files/radare2-2.7.0.tar.gz b/modules/utilities/unix/audit_tools/reversing_tools/files/radare2-2.7.0.tar.gz
new file mode 100644
index 000000000..730cb49f0
Binary files /dev/null and b/modules/utilities/unix/audit_tools/reversing_tools/files/radare2-2.7.0.tar.gz differ
diff --git a/modules/utilities/unix/audit_tools/reversing_tools/manifests/install.pp b/modules/utilities/unix/audit_tools/reversing_tools/manifests/install.pp
new file mode 100644
index 000000000..ef5b7d18a
--- /dev/null
+++ b/modules/utilities/unix/audit_tools/reversing_tools/manifests/install.pp
@@ -0,0 +1,105 @@
+class reversing_tools::install {
+
+ Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }
+ ensure_packages(['gdb', 'git', 'ltrace', 'strace', 'pax-utils', 'binwalk' ])
+
+ # Install Radare2
+
+ # file { '/opt/radare2-2.7.0.tar.gz':
+ # ensure => present,
+ # source => 'puppet:///modules/reversing_tools/radare2-2.7.0.tar.gz',
+ # }
+ #
+ # exec { 'unpack r2':
+ # cwd => '/opt/',
+ # command => 'tar -xzvf radare2-2.7.0.tar.gz',
+ # }
+ #
+ # exec { 'configure r2':
+ # cwd => '/opt/radare2-2.7.0/',
+ # command => '/bin/bash ./configure --prefix=/usr',
+ # }
+ #
+ # exec { 'make r2':
+ # cwd => '/opt/radare2-2.7.0/',
+ # command => '/usr/bin/make -j8',
+ # }
+ #
+ # exec { 'make install r2':
+ # cwd => '/opt/radare2-2.7.0/',
+ # command => 'make install',
+ # }
+ #
+ # # Install Cutter
+ # $cutter_dir = '/opt/Cutter'
+ # $cutter_appimage_url = 'https://github.com/radareorg/cutter/releases/download/v1.7.2/Cutter-v1.7.2-x86_64.Linux.AppImage'
+ # $cutter_filename = 'Cutter-v1.7.2-x86_64.Linux.AppImage'
+ # file { $cutter_dir:
+ # ensure => directory,
+ # }
+ #
+ # # Download image
+ # exec { 'download cutter appimage':
+ # command => "/usr/bin/wget -q $cutter_appimage_url -O $cutter_dir/$cutter_filename",
+ # cwd => $cutter_dir,
+ # require => File[$cutter_dir],
+ # }
+ #
+ # exec { 'chmod cutter':
+ # command => "/bin/chmod +x $cutter_dir/$cutter_filename",
+ # cwd => $cutter_dir,
+ # require => Exec['download cutter appimage'],
+ # }
+ #
+ # exec { 'install cutter':
+ # command => "/usr/bin/install $cutter_dir/$cutter_filename /usr/bin/cutter",
+ # cwd => $cutter_dir,
+ # require => Exec['download cutter appimage'],
+ # }
+
+ # Install angr
+ exec { 'clone angr-dev repo':
+ command => 'git clone https://github.com/angr/angr-dev',
+ cwd => '/usr/share/'
+ }
+
+ exec { 'run angr-dev setup.sh':
+ command => '/bin/bash /usr/share/angr-dev/setup.sh -i -e angr-dev',
+ cwd => '/usr/share/angr-dev',
+ logoutput => true,
+ loglevel => info,
+ timeout => 0,
+ require => Exec['clone angr-dev repo'],
+ }
+
+
+ # TODO: Test all this!
+ #
+ # if $accounts {
+ # $accounts.each |$raw_account| {
+ # $account = parsejson($raw_account)
+ # $username = $account['username']
+ # notice ("Enabling angr virtualenv for account: [$username]")
+ #
+ # $home_dir = "/home/$username"
+ #
+ # exec { "$username-angr-workon-env-append":
+ # command => "echo \"export WORKON_ENV=/.virtualenvs\" >> $home_dir/.bashrc",
+ # require => Exec['run angr-dev setup.sh'],
+ # }
+ #
+ # file { "$home_dir/angr-instructions.txt":
+ # content => 'The angr binary-analysis framework has been installed within a python virtual environment.
+ #
+ # Run `workon angr-dev` to use the virtualenv.
+ #
+ # If this fails, try adding adding the environment variable first by running `export WORKON_DEV=/.virtualenvs`'
+ # }
+ # }
+ # }
+
+ # Install packer detection tool? (e.g. Detect It Easy) (TODO)
+ # Install AFL?(TODO)
+ # Install Driller?(TODO)
+ # Install Qira? (TODO)
+}
\ No newline at end of file
diff --git a/modules/utilities/unix/audit_tools/reversing_tools/reversing_tools.pp b/modules/utilities/unix/audit_tools/reversing_tools/reversing_tools.pp
new file mode 100644
index 000000000..ec0eeb63d
--- /dev/null
+++ b/modules/utilities/unix/audit_tools/reversing_tools/reversing_tools.pp
@@ -0,0 +1 @@
+include reversing_tools::install
diff --git a/modules/utilities/unix/audit_tools/reversing_tools/secgen_metadata.xml b/modules/utilities/unix/audit_tools/reversing_tools/secgen_metadata.xml
new file mode 100644
index 000000000..deb6cd5eb
--- /dev/null
+++ b/modules/utilities/unix/audit_tools/reversing_tools/secgen_metadata.xml
@@ -0,0 +1,14 @@
+
+
+
+ Reversing tools
+ Thomas Shaw
+ Apache v2
+ Installs gdb, radare2 (TODO: and angr) for reverse engineering challenges.
+
+ reversing_tools
+ linux
+
+
diff --git a/modules/utilities/unix/configuration/augeas/augeas.pp b/modules/utilities/unix/configuration/augeas/augeas.pp
new file mode 100644
index 000000000..2ea83f458
--- /dev/null
+++ b/modules/utilities/unix/configuration/augeas/augeas.pp
@@ -0,0 +1 @@
+include augeas::install
diff --git a/modules/utilities/unix/configuration/augeas/manifests/install.pp b/modules/utilities/unix/configuration/augeas/manifests/install.pp
new file mode 100644
index 000000000..d85841ac0
--- /dev/null
+++ b/modules/utilities/unix/configuration/augeas/manifests/install.pp
@@ -0,0 +1,5 @@
+class augeas::install{
+ package { ['augeas-tools']:
+ ensure => 'installed',
+ }
+}
diff --git a/modules/utilities/unix/configuration/augeas/secgen_metadata.xml b/modules/utilities/unix/configuration/augeas/secgen_metadata.xml
new file mode 100644
index 000000000..053a4cac2
--- /dev/null
+++ b/modules/utilities/unix/configuration/augeas/secgen_metadata.xml
@@ -0,0 +1,15 @@
+
+
+
+ Augeas
+ Thomas Shaw
+ Apache v2
+ TODO
+
+ configuration_api
+ linux
+
+ augeas
+
diff --git a/modules/utilities/unix/container/docker/CHANGELOG.md b/modules/utilities/unix/container/docker/CHANGELOG.md
new file mode 100644
index 000000000..f6a05e3bf
--- /dev/null
+++ b/modules/utilities/unix/container/docker/CHANGELOG.md
@@ -0,0 +1,160 @@
+# Version 3.1.0
+
+Adding in the following faetures/functionality
+
+- Docker Stack support on Windows.
+
+# Version 3.0.0
+
+Various fixes for github issues
+- 206
+- 226
+- 241
+- 280
+- 281
+- 287
+- 289
+- 294
+- 303
+- 312
+- 314
+
+Adding in the following features/functionality
+
+-Support for multiple compose files.
+
+A full list of issues and PRs associated with this release can be found [here](https://github.com/puppetlabs/puppetlabs-docker/issues?q=is%3Aissue+milestone%3AV3.0.0+is%3Aclosed)
+
+
+# Version 2.0.0
+
+Various fixes for github issues
+- 193
+- 197
+- 198
+- 203
+- 207
+- 208
+- 209
+- 211
+- 212
+- 213
+- 215
+- 216
+- 217
+- 218
+- 223
+- 224
+- 225
+- 228
+- 229
+- 230
+- 232
+- 234
+- 237
+- 243
+- 245
+- 255
+- 256
+- 259
+
+Adding in the following features/functionality
+
+- Ability to define swarm clusters in Hiera.
+- Support docker compose file V2.3.
+- Support refresh only flag.
+- Support for Docker healthcheck and unhealthy container restart.
+- Support for Docker on Windows:
+ - Add docker ee support for windows server 2016.
+ - Docker image on Windows.
+ - Docker run on Windows.
+ - Docker compose on Windows.
+ - Docker swarm on Windows.
+ - Add docker exec functionality for docker on windows.
+ - Add storage driver for Windows.
+
+A full list of issues and PRs associated with this release can be found [here](https://github.com/puppetlabs/puppetlabs-docker/milestone/2?closed=1)
+
+
+# Version 1.1.0
+
+Various fixes for Github issues
+- 183
+- 173
+- 173
+- 167
+- 163
+- 161
+
+Adding in the following features/functionality
+
+- IPv6 support
+- Define type for docker plugins
+
+A full list of issues and PRs associated with this release can be found [here](https://github.com/puppetlabs/puppetlabs-docker/milestone/1?closed=1)
+
+
+# Version 1.0.5
+
+Various fixes for Github issues
+- 98
+- 104
+- 115
+- 122
+- 124
+
+Adding in the following features/functionality
+
+- Removed all unsupported OS related code from module
+- Removed EPEL dependency
+- Added http support in compose proxy
+- Added in rubocop support and i18 gem support
+- Type and provider for docker volumes
+- Update apt module to latest
+- Added in support for a registry mirror
+- Facts for docker version and docker info
+- Fixes for $pass_hash undef
+- Fixed typo in param.pp
+- Replaced deprecated stblib functions with data types
+
+# Version 1.0.4
+
+Correcting changelog
+
+# Version 1.0.3
+Various fixes for Github issues
+ - 33
+ - 68
+ - 74
+ - 77
+ - 84
+
+Adding in the following features/functionality:
+
+ - Add tasks to update existing service
+ - Backwards compatible TMPDIR
+ - Optional GPG check on repos
+ - Force pull on image tag 'latest'
+ - Add support for overlay2.override_kernel_check setting
+ - Add docker network fact
+ - Add pw hash for registry login idompodency
+ - Additional flags for creating a network
+ - Fixing incorrect repo url for redhat
+
+# Version 1.0.2
+Various fixes for Github issues
+ - 9
+ - 11
+ - 15
+ - 21
+Add tasks support for Docker Swarm
+
+# Version 1.0.1
+Updated metadata and CHANGELOG
+
+# Version 1.0.0
+Forked for garethr/docker v5.3.0
+Added support for:
+- Docker services within a swarm cluster
+- Swarm mode
+- Docker secrets
diff --git a/modules/utilities/unix/container/docker/CONTRIBUTING.md b/modules/utilities/unix/container/docker/CONTRIBUTING.md
new file mode 100644
index 000000000..9dfaa8caf
--- /dev/null
+++ b/modules/utilities/unix/container/docker/CONTRIBUTING.md
@@ -0,0 +1,89 @@
+This module has grown over time based on a range of contributions from
+people using it. If you follow these contributing guidelines your patch
+will likely make it into a release a little quicker.
+
+
+## Contributing
+
+1. Fork the repo.
+
+2. Run the tests. We only take pull requests with passing tests, and
+ it's great to know that you have a clean slate
+
+3. Add a test for your change. Only refactoring and documentation
+ changes require no new tests. If you are adding functionality
+ or fixing a bug, please add a test.
+
+4. Make the test pass.
+
+5. Push to your fork and submit a pull request.
+
+
+## Dependencies
+
+The testing and development tools have a bunch of dependencies,
+all managed by [bundler](http://bundler.io/) according to the
+[Puppet support matrix](http://docs.puppetlabs.com/guides/platforms.html#ruby-versions).
+By default the tests use a baseline version of Puppet.
+
+If you have Ruby 2.x or want a specific version of Puppet,
+you must set an environment variable such as:
+
+ export PUPPET_GEM_VERSION="~> 3.2.0"
+
+Install the dependencies like so...
+
+ bundle install
+
+...or promote reuse of bundled gems across projects by running:
+
+ bundle install --path=~/.bundle
+
+## Syntax and style
+
+The test suite will run [Puppet Lint](http://puppet-lint.com/) and
+[Puppet Syntax](https://github.com/gds-operations/puppet-syntax) to
+check various syntax and style things. You can run these locally with:
+
+ bundle exec rake lint
+ bundle exec rake syntax
+
+## Running the unit tests
+
+The unit test suite covers most of the code, as mentioned above please
+add tests if you're adding new functionality. If you've not used
+[rspec-puppet](http://rspec-puppet.com/) before then feel free to ask
+about how best to test your new feature. Running the test suite is done
+with:
+
+ bundle exec rake spec
+
+Note also you can run the syntax, style and unit tests in one go with:
+
+ bundle exec rake test
+
+## Integration tests
+
+The unit tests just check the code runs, not that it does exactly what
+we want on a real machine. For that we're using
+[Beaker](https://github.com/puppetlabs/beaker).
+This fires up a new virtual machine (using vagrant) and runs a series of
+simple tests against it after applying the module. You can run this
+with:
+
+ bundle exec rake acceptance
+
+This will run the tests on an Ubuntu 16.04 virtual machine. You can also
+run the integration tests against RHEL, CentOS and Debian.
+
+ bundle exec rake acceptance:pooler:centos7
+ bundle exec rake acceptance:pooler:rhel7
+ bundle exec rake acceptance:pooler:ubuntu-1404
+ bundle exec rake acceptance:pooler:ubuntu-1604
+ bundle exec rake acceptance:pooler:ubuntu-1610
+ bundle exec rake acceptance:pooler:win-2016
+ bundle exec rake acceptance:vagrant:centos-70-x64
+ bundle exec rake acceptance:vagrant:debian-81-x64
+ bundle exec rake acceptance:vagrant:ubuntu-1404-x64
+ bundle exec rake acceptance:vagrant:ubuntu-1604-x64
+
diff --git a/modules/utilities/unix/container/docker/CONTRIBUTORS.md b/modules/utilities/unix/container/docker/CONTRIBUTORS.md
new file mode 100644
index 000000000..d35fd3f96
--- /dev/null
+++ b/modules/utilities/unix/container/docker/CONTRIBUTORS.md
@@ -0,0 +1,186 @@
+ 554 Gareth Rushgrove
+ 25 Kyle Anderson
+ 14 Jo Vandeginste
+ 14 Andrew Teixeira
+ 11 Javier Bértoli
+ 10 Justin Dray
+ 10 Nikita Tarasov
+ 10 Vahram Sukyas
+ 9 Patrick Hemmer
+ 9 rafael_chicoli
+ 8 Jonathan Tripathy
+ 8 n0coast
+ 8 James Carr
+ 8 pandrew
+ 8 jfarrell
+ 7 Lars van de Kerkhof
+ 7 Lukas Waslowski
+ 7 Jean-Francois Roche
+ 7 Cornel Foltea
+ 7 Elias Probst
+ 6 Paul Morgan
+ 6 Alex Hornung
+ 6 Joshua Hoblitt
+ 6 Tomas Doran
+ 6 Scott Coulton
+ 5 Casper Bruun
+ 5 Camille Mougey
+ 5 paschdan
+ 5 Fredrik Thulin
+ 4 Cristian Falcas
+ 4 Janos Feher
+ 4 scott coulton
+ 4 Christophe Fonteyne
+ 4 Clayton O'Neill
+ 4 Vilmos Nebehaj
+ 4 Brandon Rochon
+ 4 Ben Langfeld
+ 4 Frank Kleine
+ 4 Bradley Cicenas
+ 4 Wim Bonthuis
+ 3 Edward Midolo
+ 3 Greg Hardy
+ 3 Jonathan Sokolowski
+ 3 hcguersoy
+ 3 Hylke Stapersma
+ 3 James Edwards
+ 3 Vikraman Choudhury
+ 3 Brian Johnson
+ 3 Thomas Krille
+ 3 Bryan Jen
+ 3 Terry Zink
+ 3 Ryan Fowler
+ 3 Rasmus Johansson
+ 3 Rafael Chicoli
+ 3 Daniel Platt
+ 3 Mason Malone
+ 3 Markus Frosch
+ 3 Darren Coxall
+ 3 Andrew Stangl
+ 3 David Schmitt
+ 3 Marji Cermak
+ 2 Sam Grimee
+ 2 Alex Crowe
+ 2 Alexandre RAOUL
+ 2 Benjamin Pineau
+ 2 Bill Simon
+ 2 Bob Potter
+ 2 Caleb Tomlinson
+ 2 Carles Amigó
+ 2 Daniel Panteleit
+ 2 David Danzilio
+ 2 Dominic Becker
+ 2 Hal Deadman
+ 2 Hunter Haugen
+ 2 Ilya Kalinin
+ 2 Jo Vanvoorden
+ 2 Joaquin
+ 2 Josh Samuelson
+ 2 Marc Schaer
+ 2 Mickaël PERRIN
+ 2 Nikita
+ 2 Paul Otto
+ 2 Reser, Ben
+ 2 Rhommel Lamas
+ 2 Ricardo Oliveira
+ 2 Ricky Cook
+ 2 Rob Terhaar
+ 2 Salimane Adjao Moustapha
+ 2 William Leese
+ 2 Wouter Scheele
+ 2 Zsolt Keseru
+ 2 bcicen
+ 2 coreone
+ 2 krall
+ 2 sebastian cole
+ 1 Felix Bechstein
+ 1 Justin Stoller
+ 1 Kasumi Hanazuki
+ 1 Keith Thornhill
+ 1 Eugene Malihins
+ 1 Elliot Huffman
+ 1 Dylan Cochran
+ 1 Maarten Claes
+ 1 Aron Parsons
+ 1 Mario Weigel
+ 1 Dmitriy Myaskovskiy
+ 1 Mark Kusch
+ 1 Darragh Bailey
+ 1 Martin Dietze
+ 1 Martin Prebio
+ 1 Daniel Werdermann
+ 1 Michael Gorsuch
+ 1 Michael Hackner
+ 1 Michael Wells
+ 1 Mick Pollard
+ 1 Mickaël FORTUNATO
+ 1 kasisnu
+ 1 Mike Terzo
+ 1 Nathan Flynn
+ 1 Nathan R Valentine
+ 1 Neil Parley
+ 1 keith
+ 1 Daniel Lawrence
+ 1 Oriol Fitó
+ 1 Daniel Klockenkämper
+ 1 Daniel Holz
+ 1 will vuong
+ 1 Pierre Radermecker
+ 1 Povilas Daukintis
+ 1 Colin Hebert
+ 1 Chris Wendt
+ 1 ladoe00
+ 1 mh
+ 1 mujiburger
+ 1 Andreas de Pretis
+ 1 Alexander Dudko
+ 1 Robin Westin Larsson
+ 1 Chris Hoffman
+ 1 Alex Elman
+ 1 Adam Stephens
+ 1 Sam Grimee (BDB)
+ 1 Sam Weston
+ 1 Saverio Proto
+ 1 Chris Crewdson
+ 1 Sean Sube
+ 1 Tassilo Schweyer
+ 1 Chadwick Banning
+ 1 Bryan Belanger
+ 1 Tim Bishop
+ 1 Tim Hartmann
+ 1 Tim Sharpe
+ 1 Tom De Vylder
+ 1 Tom Mast
+ 1 Bruno Léon
+ 1 Tomasz Tarczynski
+ 1 Brandon Weeks
+ 1 Vebjorn Ljosa
+ 1 Brad Cowie
+ 1 Benjamin Merot
+ 1 Adriaan Peeters
+ 1 Ben Ford
+ 1 sauce@freenode
+ 1 Adam Yohrling
+ 1 andygodwin
+ 1 willpayne
+ 1 bob
+ 1 James Abley
+ 1 James Green
+ 1 Jakub Husak
+ 1 Huaqing Zheng
+ 1 Harald Skoglund
+ 1 Jing Dong
+ 1 Hane, Jason
+ 1 ssube
+ 1 fluential
+ 1 Joaquin Henriquez
+ 1 Jonas Renggli
+ 1 HIngst, Arne-Kristian
+ 1 Grcic Ivan GEOINFO
+ 1 Jos Houtman
+ 1 Josef Johansson
+ 1 Josh Brown
+ 1 Arran Walker
+ 1 Geoff Meakin
+ 1 Joshua Spence
+ 1 Justin Riley
diff --git a/modules/utilities/unix/container/docker/Gemfile b/modules/utilities/unix/container/docker/Gemfile
new file mode 100755
index 000000000..7daea0500
--- /dev/null
+++ b/modules/utilities/unix/container/docker/Gemfile
@@ -0,0 +1,46 @@
+source ENV["GEM_SOURCE"] || "https://rubygems.org"
+
+group :test do
+ gem "rake", "~> 10.0"
+ if puppet_gem_version = ENV['PUPPET_GEM_VERSION']
+ gem "puppet", puppet_gem_version
+ elsif puppet_git_url = ENV['PUPPET_GIT_URL']
+ gem "puppet", :git => puppet_git_url
+ else
+ gem "puppet", "5.5.6"
+ end
+ gem "puppet-lint", "2.3.3"
+ gem "puppet-lint-unquoted_string-check", "0.3.0"
+ gem "rspec-puppet"
+ gem "puppet-syntax"
+ gem "puppetlabs_spec_helper"
+ gem "metadata-json-lint", "1.1.0"
+ gem "rspec"
+ gem "rspec-retry"
+ gem "simplecov", ">= 0.11.0"
+ gem "simplecov-console"
+ gem 'parallel_tests' # requires at least Ruby 1.9.3
+ gem "json_pure", "<= 2.0.1" # 2.0.2 requires Ruby 2+
+ gem 'rspec_junit_formatter', '~> 0.2.3'
+ gem "puppet-lint-i18n"
+ gem "puppet_pot_generator"
+ gem 'rubocop-i18n', '~> 1.2.0'
+ gem 'gettext-setup'
+ gem 'rubocop-rspec'
+end
+
+group :system_tests do
+ gem "beaker-puppet_install_helper", :require => false
+ gem "beaker-rspec"
+ gem "beaker", "~> 3.13"
+end
+
+group :development do
+ gem "travis"
+ gem "travis-lint"
+ gem "puppet-blacksmith"
+ gem "guard-rake"
+ gem "pry"
+ gem "yard"
+ gem 'rubocop', :require => false # requires at least Ruby 1.9.2
+end
diff --git a/modules/utilities/unix/container/docker/Guardfile b/modules/utilities/unix/container/docker/Guardfile
new file mode 100644
index 000000000..f590e4941
--- /dev/null
+++ b/modules/utilities/unix/container/docker/Guardfile
@@ -0,0 +1,23 @@
+notification :off
+
+scope group: :spec
+
+group :spec do
+ guard :rake, :task => 'test' do
+ watch(%r{^lib\/.+\.rb$})
+ watch(%r{^spec\/.+\.rb$})
+ watch(%r{^manifests\/.+\.pp$})
+ end
+end
+
+group :acceptance do
+ guard :rake, :task => 'acceptance' do
+ watch(%r{^spec\/acceptance\/.+\.rb$})
+ end
+end
+
+group :acceptance_swarm do
+ guard :rake, :task => 'acceptance_swarm' do
+ watch(%r{^spec\/acceptance_swarm\/.+\.rb$})
+ end
+end
\ No newline at end of file
diff --git a/modules/utilities/unix/container/docker/LICENSE b/modules/utilities/unix/container/docker/LICENSE
new file mode 100644
index 000000000..bf023233a
--- /dev/null
+++ b/modules/utilities/unix/container/docker/LICENSE
@@ -0,0 +1,207 @@
+Apache License
+Version 2.0, January 2004
+http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction, and
+ distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by the
+ copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all other
+ entities that control, are controlled by, or are under common control with
+ that entity. For the purposes of this definition, "control" means (i) the
+ power, direct or indirect, to cause the direction or management of such
+ entity, whether by contract or otherwise, or (ii) ownership of
+ fifty percent (50%) or more of the outstanding shares, or (iii) beneficial
+ ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity exercising
+ permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation source,
+ and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical transformation
+ or translation of a Source form, including but not limited to compiled
+ object code, generated documentation, and conversions to
+ other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or Object
+ form, made available under the License, as indicated by a copyright notice
+ that is included in or attached to the work (an example is provided in the
+ Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object form,
+ that is based on (or derived from) the Work and for which the editorial
+ revisions, annotations, elaborations, or other modifications represent,
+ as a whole, an original work of authorship. For the purposes of this
+ License, Derivative Works shall not include works that remain separable
+ from, or merely link (or bind by name) to the interfaces of, the Work and
+ Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including the original
+ version of the Work and any modifications or additions to that Work or
+ Derivative Works thereof, that is intentionally submitted to Licensor for
+ inclusion in the Work by the copyright owner or by an individual or
+ Legal Entity authorized to submit on behalf of the copyright owner.
+ For the purposes of this definition, "submitted" means any form of
+ electronic, verbal, or written communication sent to the Licensor or its
+ representatives, including but not limited to communication on electronic
+ mailing lists, source code control systems, and issue tracking systems
+ that are managed by, or on behalf of, the Licensor for the purpose of
+ discussing and improving the Work, but excluding communication that is
+ conspicuously marked or otherwise designated in writing by the copyright
+ owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity on
+ behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+2. Grant of Copyright License.
+
+ Subject to the terms and conditions of this License, each Contributor
+ hereby grants to You a perpetual, worldwide, non-exclusive, no-charge,
+ royalty-free, irrevocable copyright license to reproduce, prepare
+ Derivative Works of, publicly display, publicly perform, sublicense,
+ and distribute the Work and such Derivative Works in
+ Source or Object form.
+
+3. Grant of Patent License.
+
+ Subject to the terms and conditions of this License, each Contributor
+ hereby grants to You a perpetual, worldwide, non-exclusive, no-charge,
+ royalty-free, irrevocable (except as stated in this section) patent
+ license to make, have made, use, offer to sell, sell, import, and
+ otherwise transfer the Work, where such license applies only to those
+ patent claims licensable by such Contributor that are necessarily
+ infringed by their Contribution(s) alone or by combination of their
+ Contribution(s) with the Work to which such Contribution(s) was submitted.
+ If You institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work or a
+ Contribution incorporated within the Work constitutes direct or
+ contributory patent infringement, then any patent licenses granted to
+ You under this License for that Work shall terminate as of the date such
+ litigation is filed.
+
+4. Redistribution.
+
+ You may reproduce and distribute copies of the Work or Derivative Works
+ thereof in any medium, with or without modifications, and in Source or
+ Object form, provided that You meet the following conditions:
+
+ 1. You must give any other recipients of the Work or Derivative Works a
+ copy of this License; and
+
+ 2. You must cause any modified files to carry prominent notices stating
+ that You changed the files; and
+
+ 3. You must retain, in the Source form of any Derivative Works that You
+ distribute, all copyright, patent, trademark, and attribution notices from
+ the Source form of the Work, excluding those notices that do not pertain
+ to any part of the Derivative Works; and
+
+ 4. If the Work includes a "NOTICE" text file as part of its distribution,
+ then any Derivative Works that You distribute must include a readable copy
+ of the attribution notices contained within such NOTICE file, excluding
+ those notices that do not pertain to any part of the Derivative Works,
+ in at least one of the following places: within a NOTICE text file
+ distributed as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or, within a
+ display generated by the Derivative Works, if and wherever such
+ third-party notices normally appear. The contents of the NOTICE file are
+ for informational purposes only and do not modify the License.
+ You may add Your own attribution notices within Derivative Works that You
+ distribute, alongside or as an addendum to the NOTICE text from the Work,
+ provided that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and may
+ provide additional or different license terms and conditions for use,
+ reproduction, or distribution of Your modifications, or for any such
+ Derivative Works as a whole, provided Your use, reproduction, and
+ distribution of the Work otherwise complies with the conditions
+ stated in this License.
+
+5. Submission of Contributions.
+
+ Unless You explicitly state otherwise, any Contribution intentionally
+ submitted for inclusion in the Work by You to the Licensor shall be under
+ the terms and conditions of this License, without any additional
+ terms or conditions. Notwithstanding the above, nothing herein shall
+ supersede or modify the terms of any separate license agreement you may
+ have executed with Licensor regarding such Contributions.
+
+6. Trademarks.
+
+ This License does not grant permission to use the trade names, trademarks,
+ service marks, or product names of the Licensor, except as required for
+ reasonable and customary use in describing the origin of the Work and
+ reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty.
+
+ Unless required by applicable law or agreed to in writing, Licensor
+ provides the Work (and each Contributor provides its Contributions)
+ on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ either express or implied, including, without limitation, any warranties
+ or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS
+ FOR A PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any risks
+ associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability.
+
+ In no event and under no legal theory, whether in tort
+ (including negligence), contract, or otherwise, unless required by
+ applicable law (such as deliberate and grossly negligent acts) or agreed
+ to in writing, shall any Contributor be liable to You for damages,
+ including any direct, indirect, special, incidental, or consequential
+ damages of any character arising as a result of this License or out of
+ the use or inability to use the Work (including but not limited to damages
+ for loss of goodwill, work stoppage, computer failure or malfunction,
+ or any and all other commercial damages or losses), even if such
+ Contributor has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability.
+
+ While redistributing the Work or Derivative Works thereof, You may choose
+ to offer, and charge a fee for, acceptance of support, warranty,
+ indemnity, or other liability obligations and/or rights consistent with
+ this License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf of any
+ other Contributor, and only if You agree to indemnify, defend, and hold
+ each Contributor harmless for any liability incurred by, or claims
+ asserted against, such Contributor by reason of your accepting any such
+ warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work
+
+ To apply the Apache License to your work, attach the following boilerplate
+ notice, with the fields enclosed by brackets "[]" replaced with your own
+ identifying information. (Don't include the brackets!) The text should be
+ enclosed in the appropriate comment syntax for the file format. We also
+ recommend that a file or class name and description of purpose be included
+ on the same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright 2013 Gareth Rushgrove
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ or implied. See the License for the specific language governing
+ permissions and limitations under the License.
diff --git a/modules/utilities/unix/container/docker/README.md b/modules/utilities/unix/container/docker/README.md
new file mode 100755
index 000000000..c8e84fe54
--- /dev/null
+++ b/modules/utilities/unix/container/docker/README.md
@@ -0,0 +1,1507 @@
+[](https://travis-ci.org/puppetlabs/puppetlabs-docker)
+[](https://forge.puppetlabs.com/puppetlabs/docker)
+[](https://forge.puppetlabs.com/puppetlabs/docker)
+[](https://forge.puppetlabs.com/puppetlabs/docker)
+
+
+# Docker
+
+#### Table of Contents
+
+1. [Description](#description)
+2. [Setup](#setup)
+3. [Usage - Configuration options and additional functionality](#usage)
+ * [Images](#images)
+ * [Containers](#containers)
+ * [Networks](#networks)
+ * [Volumes](#volumes)
+ * [Compose](#compose)
+ * [Swarm mode](#swarmmode)
+ * [Tasks](#tasks)
+ * [Docker services](#dockerservices)
+ * [Private registries](#privateregistries)
+ * [Exec](#exec)
+ * [Plugins](#plugins)
+4. [Reference - An under-the-hood peek at what the module is doing and how](#reference)
+ * [Classes](#classes)
+ * [Defined types](#definedtypes)
+ * [Types](#types)
+ * [Parameters](#parameters)
+5. [Limitations - OS compatibility, etc.](#limitations)
+6. [Development - Guide for contributing to the module](#development)
+
+## Overview
+
+The Puppet docker module installs, configures, and manages [Docker](https://github.com/docker/docker) from the [Docker repository](https://docs.docker.com/installation/). It supports the latest [Docker CE (Community Edition)](https://www.docker.com/community-edition) for Linux based distributions and [Docker EE(Enterprise Edition)](https://www.docker.com/enterprise-edition) for Windows and Linux as well as legacy releases.
+
+
+## Description
+
+This module install, configures, and manages [Docker](https://github.com/docker/docker).
+
+Due to the new naming convention for Docker packages, this module prefaces any params that refer to the release with `_ce` or `_engine`. Examples of these are documented in this README.
+
+## Setup
+
+To create the Docker hosted repository and install the Docker package, add a single class to the manifest file:
+
+```puppet
+include 'docker'
+```
+
+To configure package sources independently and disable automatically including sources, add the following code to the manifest file:
+
+```puppet
+class { 'docker':
+ use_upstream_package_source => false,
+}
+```
+
+The latest Docker [repositories](https://docs.docker.com/engine/installation/linux/docker-ce/debian/#set-up-the-repository) are now the default repositories for version 17.06 and above. If you are using an older version, the repositories are still configured based on the version number passed into the module.
+
+To ensure the module configures the latest repositories, add the following code to the manifest file:
+
+```puppet
+class { 'docker':
+ version => '17.09.0~ce-0~debian',
+}
+```
+
+Using a version prior to 17.06, configures and installs from the old repositories:
+
+```puppet
+class { 'docker':
+ version => '1.12.0-0~wheezy',
+}
+```
+
+Docker provides a enterprise addition of the [Docker Engine](https://www.docker.com/enterprise-edition), called Docker EE. To install Docker EE on Debian systems, add the following code to the manifest file:
+
+```puppet
+class { 'docker':
+ docker_ee => true,
+ docker_ee_source_location => 'https://',
+ docker_ee_key_source => 'https://',
+ docker_ee_key_id => '',
+}
+```
+
+To install Docker EE on RHEL/CentOS:
+
+```puppet
+class { 'docker':
+ docker_ee => true,
+ docker_ee_source_location => 'https://',
+ docker_ee_key_source => 'https://',
+}
+```
+
+For CentOS distributions, the docker module requires packages from the extras repository which is enabled by default on CentOS. For more information, see the official [CentOS documentation](https://wiki.centos.org/AdditionalResources/Repositories) and the official [Docker documentation](https://docs.docker.com/install/linux/docker-ce/centos/).
+
+For Red Hat Enterprise Linux (RHEL) based distributions, the docker module uses the upstream repositories. To continue using the legacy distribution packages in the CentOS extras repository, add the following code to the manifest file:
+
+```puppet
+class { 'docker':
+ use_upstream_package_source => false,
+ service_overrides_template => false,
+ docker_ce_package_name => 'docker',
+}
+```
+
+To use the CE packages, add the following code to the manifest file:
+
+```puppet
+class { 'docker':
+ use_upstream_package_source => false,
+ repo_opt => '',
+}
+```
+
+By default, the Docker daemon binds to a unix socket at `/var/run/docker.sock`. To change this parameter and update the binding parameter to a tcp socket, add the following code to the manifest file:
+
+```puppet
+class { 'docker':
+ tcp_bind => ['tcp://127.0.0.1:4243','tcp://10.0.0.1:4243'],
+ socket_bind => 'unix:///var/run/docker.sock',
+ ip_forward => true,
+ iptables => true,
+ ip_masq => true,
+ bridge => br0,
+ fixed_cidr => '10.20.1.0/24',
+ default_gateway => '10.20.0.1',
+}
+```
+
+When setting up TLS, upload the related files (CA certificate, server certificate, and key) and include their paths in the manifest file:
+
+```puppet
+class { 'docker':
+ tcp_bind => ['tcp://0.0.0.0:2376'],
+ tls_enable => true,
+ tls_cacert => '/etc/docker/tls/ca.pem',
+ tls_cert => '/etc/docker/tls/cert.pem',
+ tls_key => '/etc/docker/tls/key.pem',
+}
+```
+
+To specify which Docker rpm package to install, add the following code to the manifest file:
+
+```puppet
+class { 'docker' :
+ manage_package => true,
+ use_upstream_package_source => false,
+ package_engine_name => 'docker-engine'
+ package_source_location => 'https://get.docker.com/rpm/1.7.0/centos-6/RPMS/x86_64/docker-engine-1.7.0-1.el6.x86_64.rpm',
+ prerequired_packages => [ 'glibc.i686', 'glibc.x86_64', 'sqlite.i686', 'sqlite.x86_64', 'device-mapper', 'device-mapper-libs', 'device-mapper-event-libs', 'device-mapper-event' ]
+}
+```
+
+To track the latest version of Docker, add the following code to the manifest file:
+
+```puppet
+class { 'docker':
+ version => 'latest',
+}
+```
+
+To install docker from a test or edge channel, add the following code to the manifest file:
+
+```puppet
+class { 'docker':
+ docker_ce_channel => 'test'
+}
+```
+
+To allocate a dns server to the Docker daemon, add the following code to the manifest file:
+
+```puppet
+class { 'docker':
+ dns => '8.8.8.8',
+}
+```
+
+To add users to the Docker group, add the following array to the manifest file:
+
+```puppet
+class { 'docker':
+ docker_users => ['user1', 'user2'],
+}
+```
+
+To add daemon labels, add the following array to the manifest file:
+
+```puppet
+class { 'docker':
+ labels => ['storage=ssd','stage=production'],
+}
+```
+
+To uninstall docker, add the following to the manifest file:
+
+```puppet
+class { 'docker':
+ ensure => absent
+}
+```
+
+Only Docker EE is supported on Windows. To install docker on Windows 2016 and above the `docker_ee` parameter must be specified:
+```puppet
+class { 'docker':
+ docker_ee => true
+}
+```
+
+### Proxy on Windows
+To use docker through a proxy on Windows, a System Environment Variable HTTP_PROXY/HTTPS_PROXY must be set. See [Docker Engine on Windows](https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon#proxy-configuration)
+This can be done using a different puppet module such as the puppet-windows_env module. After setting the variable, the docker service must be restarted.
+```puppet
+windows_env { 'HTTP_PROXY'
+ value => 'http://1.2.3.4:80',
+ notify => Service['docker'],
+}
+windows_env { 'HTTPS_PROXY'
+ value => 'http://1.2.3.4:80',
+ notify => Service['docker'],
+}
+service { 'docker'
+ ensure => 'running',
+}
+````
+
+## Usage
+
+### Images
+
+Each image requires a unique name; otherwise, the installation fails when a duplicate name is detected.
+
+To install a Docker image, add the `docker::image` defined type to the manifest file:
+
+```puppet
+docker::image { 'base': }
+```
+
+The code above is equivalent to running the `docker pull base` command. However, it removes the default five-minute execution timeout.
+
+To include an optional parameter for installing image tags that is the equivalent to running `docker pull -t="precise" ubuntu`, add the following code to the manifest file:
+
+```puppet
+docker::image { 'ubuntu':
+ image_tag => 'precise'
+}
+```
+
+Including the `docker_file` parameter is equivalent to running the `docker build -t ubuntu - < /tmp/Dockerfile` command. To add or build an image from a dockerfile that includes the `docker_file` parameter, add the following code to the manifest file:
+
+```puppet
+docker::image { 'ubuntu':
+ docker_file => '/tmp/Dockerfile'
+}
+```
+
+Including the `docker_dir` parameter is equivalent to running the `docker build -t ubuntu /tmp/ubuntu_image` command. To add or build an image from a dockerfile that includes the `docker_dir` parameter, add the following code to the manifest file:
+
+```puppet
+docker::image { 'ubuntu':
+ docker_dir => '/tmp/ubuntu_image'
+}
+```
+
+To rebuild an image, subscribe to external events such as Dockerfile changes by adding the following code to the manifest file:
+
+```puppet
+docker::image { 'ubuntu':
+ docker_file => '/tmp/Dockerfile'
+ subscribe => File['/tmp/Dockerfile'],
+}
+
+file { '/tmp/Dockerfile':
+ ensure => file,
+ source => 'puppet:///modules/someModule/Dockerfile',
+}
+```
+
+To remove an image, add the following code to the manifest file:
+
+```puppet
+docker::image { 'base':
+ ensure => 'absent'
+}
+
+docker::image { 'ubuntu':
+ ensure => 'absent',
+ image_tag => 'precise'
+}
+```
+
+To configure the `docker::images` class when using Hiera, add the following code to the manifest file:
+
+```yaml
+---
+ classes:
+ - docker::images
+
+docker::images::images:
+ ubuntu:
+ image_tag: 'precise'
+```
+
+### Containers
+
+To launch containers, add the following code to the manifest file:
+
+```puppet
+docker::run { 'helloworld':
+ image => 'base',
+ command => '/bin/sh -c "while true; do echo hello world; sleep 1; done"',
+}
+```
+
+This is equivalent to running the `docker run -d base /bin/sh -c "while true; do echo hello world; sleep 1; done"` command to launch a Docker container managed by the local init system.
+
+`run` includes a number of optional parameters:
+
+```puppet
+docker::run { 'helloworld':
+ image => 'base',
+ detach => true,
+ service_prefix => 'docker-',
+ command => '/bin/sh -c "while true; do echo hello world; sleep 1; done"',
+ ports => ['4444', '4555'],
+ expose => ['4666', '4777'],
+ links => ['mysql:db'],
+ net => 'my-user-def-net',
+ disable_network => false,
+ volumes => ['/var/lib/couchdb', '/var/log'],
+ volumes_from => '6446ea52fbc9',
+ memory_limit => '10m', # (format: '', where unit = b, k, m or g)
+ cpuset => ['0', '3'],
+ username => 'example',
+ hostname => 'example.com',
+ env => ['FOO=BAR', 'FOO2=BAR2'],
+ env_file => ['/etc/foo', '/etc/bar'],
+ labels => ['com.example.foo="true"', 'com.example.bar="false"'],
+ dns => ['8.8.8.8', '8.8.4.4'],
+ restart_service => true,
+ privileged => false,
+ pull_on_start => false,
+ before_stop => 'echo "So Long, and Thanks for All the Fish"',
+ before_start => 'echo "Run this on the host before starting the Docker container"',
+ after => [ 'container_b', 'mysql' ],
+ depends => [ 'container_a', 'postgres' ],
+ stop_wait_time => 0,
+ read_only => false,
+ extra_parameters => [ '--restart=always' ],
+}
+```
+
+You can specify the `ports`, `expose`, `env`, `dns`, and `volumes` values with a single string or an array.
+
+To pull the image before it starts, specify the `pull_on_start` parameter.
+
+To execute a command before the container stops, specify the `before_stop` parameter.
+
+Adding the container name to the `after` parameter to specify which containers start first, affects the generation of the `init.d/systemd` script.
+
+Add container dependencies to the `depends` parameter. The container starts before this container and stops before the depended container. This affects the generation of the `init.d/systemd` script. Use the `depend_services` parameter to specify dependencies for general services, which are not Docker related, that start before this container.
+
+The `extra_parameters` parameter, which contains an array of command line arguments to pass to the `docker run` command, is useful for adding additional or experimental options that the docker module currently does not support.
+
+By default, automatic restarting of the service on failure is enabled by the service file for systemd based systems.
+
+It's recommended that an image tag is used at all times with the `docker::run` define type. If not, the latest image ise used, whether it be in a remote registry or installed on the server already by the `docker::image` define type.
+
+NOTE: As of v3.0.0, if the latest tag is used, the image will be the latest at the time the of the initial puppet run. Any subsequent puppet runs will always reference the latest local image. For this this reason it highly recommended that an alternative tag be used, or the image be removed before pulling latest again.
+
+To use an image tag, add the following code to the manifest file:
+
+```puppet
+docker::run { 'helloworld':
+ image => 'ubuntu:precise',
+ command => '/bin/sh -c "while true; do echo hello world; sleep 1; done"',
+}
+```
+
+By default, when the service stops or starts, the generated init scripts remove the container, but not the associated volumes. To change this behaviour, add the following code to the manifest file:
+
+```puppet
+docker::run { 'helloworld':
+ remove_container_on_start => true,
+ remove_volume_on_start => false,
+ remove_container_on_stop => true,
+ remove_volume_on_stop => false,
+}
+```
+
+If using Hiera, you can configure the `docker::run_instance` class:
+
+```yaml
+---
+ classes:
+ - docker::run_instance
+
+ docker::run_instance::instance:
+ helloworld:
+ image: 'ubuntu:precise'
+ command: '/bin/sh -c "while true; do echo hello world; sleep 1; done"'
+```
+
+To remove a running container, add the following code to the manifest file. This also removes the systemd service file associated with the container.
+
+```puppet
+docker::run { 'helloworld':
+ ensure => absent,
+}
+```
+
+To enable the restart of an unhealthy container, add the following code to the manifest file. In order to set the health check interval time set the optional health_check_interval parameter, the default health check interval is 30 seconds.
+
+```puppet
+docker::run { 'helloworld':
+ image => 'base',
+ command => 'command',
+ health_check_cmd => '',
+ restart_on_unhealthy => true,
+ health_check_interval => '