encoder/simple_ssh wip

2026-02-21 19:28:02 +00:00 · 2018-11-12 13:51:43 +00:00
parent d0be593f2c
commit 5cc6dbcdd8
5 changed files with 134 additions and 0 deletions
--- a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/manifests/.no_puppet
+++ b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/manifests/.no_puppet
--- a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_local/local.rb
+++ b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_local/local.rb
@@ -0,0 +1,93 @@
+#!/usr/bin/ruby
+require_relative '../../../../../../lib/objects/local_string_encoder.rb'
+require 'json'
+require 'open3'
+require 'fileutils'
+require 'openssl'
+
+class SimpleSSHDecrypt < StringEncoder
+  attr_accessor :ssh_key_pair
+  attr_accessor :tmp_path
+  attr_accessor :subdirectory
+
+  def initialize
+    super
+    self.module_name = 'Simple SSH Decryption Challenge'
+    self.subdirectory = ''
+    self.ssh_key_pair = {}
+    self.tmp_path = File.expand_path(File.dirname(__FILE__)).split("/")[0...-1].join('/') + '/tmp/'
+    Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
+    self.tmp_path += Time.new.strftime("%Y%m%d_%H%M%S")
+    Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
+  end
+
+  def encode_all
+    begin
+      public_ascii = self.ssh_key_pair['public']
+      private_ascii = self.ssh_key_pair['private']
+
+
+      # save strings_to_encode to a file
+      File.open("#{self.tmp_path}/ciphertext", "w+") do |file|
+        self.strings_to_encode.each do |line|
+          file.write(line + "\n")
+        end
+        file.close
+      end
+
+      # Save ascii pubkey to file
+      File.open("#{self.tmp_path}/pub_key", "w+") do |file|
+        file.write(public_ascii)
+      end
+
+      # Convert public key to PEM so OpenSSL can consume it
+      #
+      stdout, stderr, status = Open3.capture3("ssh-keygen -f #{self.tmp_path}/pub_key -e -m pem > #{self.tmp_path}/pub_key.pem")
+
+
+
+      public_key = OpenSSL::PKey::RSA.new(File.read("#{self.tmp_path}/pub_key.pem"))
+      encrypted_string = Base64.encode64(public_key.public_encrypt(self.strings_to_encode.join("\n")))
+
+
+      # # generate a binary key file from our ascii input and save it in ../tmp/binary_pub.key.
+      # _, _, _ = Open3.capture3("gpg --dearmor #{self.tmp_path}/pub_key")
+      #
+      # # Use the binary key to encode some cipher text
+      # _, _, _ = Open3.capture3("gpg --no-default-keyring --keyring #{self.tmp_path}/pub_key.gpg --trust-model always -ear secgen@localhost  #{self.tmp_path}/ciphertext")
+
+      # Read the ciphertext.asc file in and feed it into the outputs
+      ciphertext = File.read("#{self.tmp_path}/ciphertext.asc")
+
+      self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(ciphertext), :filename => 'cipher', :ext => 'txt', :subdirectory => self.subdirectory}}.to_json
+      self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(private_ascii), :filename => 'private', :ext => 'key', :subdirectory => self.subdirectory}}.to_json
+    ensure
+      # Delete the local key files to avoid batch clashes
+      # FileUtils.rm_r self.tmp_path
+    end
+  end
+
+  def process_options(opt, arg)
+    super
+    case opt
+    when '--subdirectory'
+      self.subdirectory << arg;
+    when '--ssh_key_pair'
+      self.ssh_key_pair = JSON.parse(arg);
+    end
+  end
+
+  def get_options_array
+    super + [['--subdirectory', GetoptLong::REQUIRED_ARGUMENT],
+             ['--ssh_key_pair', GetoptLong::REQUIRED_ARGUMENT]]
+  end
+
+
+  def encoding_print_string
+    'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
+    'subdirectory: ' + self.subdirectory.to_s + print_string_padding +
+    'ssh_key_pair: ' + self.ssh_key_pair.to_json
+  end
+end
+
+SimpleSSHDecrypt.new.run
--- a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_metadata.xml
+++ b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_metadata.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0"?>
+
+<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+  <name>Simple SSH Decryption Challenge</name>
+  <author>Thomas Shaw</author>
+  <module_license>MIT</module_license>
+  <description>Returns a private key and some encrypted ciphertext.</description>
+
+  <type>asymmetric</type>
+  <type>challenge_generator</type>
+  <type>crypto_challenge_generator</type>
+  <type>local_calculation</type>
+  <platform>linux</platform>
+  <platform>windows</platform>
+
+  <difficulty>low</difficulty>
+
+  <read_fact>strings_to_encode</read_fact>
+  <read_fact>ssh_key_pair</read_fact>
+  <read_fact>subdirectory</read_fact>
+
+  <default_input into="strings_to_encode">
+    <generator type="flag_generator"/>
+    <generator type="message_generator"/>
+    <generator type="message_generator"/>
+    <generator type="message_generator"/>
+  </default_input>
+
+  <default_input into="ssh_key_pair">
+    <generator type="ssh_key_pair"/>
+  </default_input>
+
+  <default_input into="subdirectory">
+    <generator type="challenges"/>
+  </default_input>
+
+  <output_type>array</output_type>
+</encoder>
--- a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/simple_ssh.pp
+++ b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/simple_ssh.pp
--- a/modules/generators/key/ssh_key_pair/secgen_metadata.xml
+++ b/modules/generators/key/ssh_key_pair/secgen_metadata.xml
@@ -9,6 +9,7 @@
  <description>Generates a pair of RSA 2048 ssh keys.</description>

  <type>ssh_key_generator</type>
+  <type>ssh_key_pair</type>
  <platform>linux</platform>

  <output_type>ssh_key_pair</output_type>