Builds boxes now, puppet name changes

.gitignore

@@ -2,3 +2,4 @@ projects
 unusedcode
 .DS_Store
 .idea
+mount

.idea/SecGen.iml

@@ -1,10 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module type="RUBY_MODULE" version="4">
   <component name="ModuleRunConfigurationManager">
-    <configuration default="false" name="systemreader" type="RubyRunConfigurationType" factoryName="Ruby" temporary="true">
+    <configuration default="false" name="vulnerability_processor_tests" type="RubyRunConfigurationType" factoryName="Ruby" temporary="true">
       <module name="SecGen" />
       <RUBY_RUN_CONFIG NAME="RUBY_ARGS" VALUE="-e $stdout.sync=true;$stderr.sync=true;load($0=ARGV.shift)" />
-      <RUBY_RUN_CONFIG NAME="WORK DIR" VALUE="$MODULE_DIR$" />
+      <RUBY_RUN_CONFIG NAME="WORK DIR" VALUE="$MODULE_DIR$/tests/helper_tests" />
       <RUBY_RUN_CONFIG NAME="SHOULD_USE_SDK" VALUE="false" />
       <RUBY_RUN_CONFIG NAME="ALTERN_SDK_NAME" VALUE="" />
       <RUBY_RUN_CONFIG NAME="myPassParentEnvs" VALUE="true" />
@@ -16,7 +16,7 @@
           <PATTERN REGEXPS="/.rvm/" INCLUDED="false" />
         </COVERAGE_PATTERN>
       </EXTENSION>
-      <RUBY_RUN_CONFIG NAME="SCRIPT_PATH" VALUE="$MODULE_DIR$/lib/systemreader.rb" />
+      <RUBY_RUN_CONFIG NAME="SCRIPT_PATH" VALUE="$MODULE_DIR$/tests/helper_tests/vulnerability_processor_tests.rb" />
       <RUBY_RUN_CONFIG NAME="SCRIPT_ARGS" VALUE="" />
       <method />
     </configuration>
@@ -39,10 +39,10 @@
       <RUBY_RUN_CONFIG NAME="SCRIPT_ARGS" VALUE="-r" />
       <method />
     </configuration>
-    <configuration default="false" name="vulnerability_processor_tests" type="RubyRunConfigurationType" factoryName="Ruby" temporary="true">
+    <configuration default="false" name="systemreader" type="RubyRunConfigurationType" factoryName="Ruby" temporary="true">
       <module name="SecGen" />
       <RUBY_RUN_CONFIG NAME="RUBY_ARGS" VALUE="-e $stdout.sync=true;$stderr.sync=true;load($0=ARGV.shift)" />
-      <RUBY_RUN_CONFIG NAME="WORK DIR" VALUE="$MODULE_DIR$/tests/helpers" />
+      <RUBY_RUN_CONFIG NAME="WORK DIR" VALUE="$MODULE_DIR$" />
       <RUBY_RUN_CONFIG NAME="SHOULD_USE_SDK" VALUE="false" />
       <RUBY_RUN_CONFIG NAME="ALTERN_SDK_NAME" VALUE="" />
       <RUBY_RUN_CONFIG NAME="myPassParentEnvs" VALUE="true" />
@@ -54,7 +54,7 @@
           <PATTERN REGEXPS="/.rvm/" INCLUDED="false" />
         </COVERAGE_PATTERN>
       </EXTENSION>
-      <RUBY_RUN_CONFIG NAME="SCRIPT_PATH" VALUE="$MODULE_DIR$/tests/helpers/vulnerability_processor_tests.rb" />
+      <RUBY_RUN_CONFIG NAME="SCRIPT_PATH" VALUE="$MODULE_DIR$/lib/systemreader.rb" />
       <RUBY_RUN_CONFIG NAME="SCRIPT_ARGS" VALUE="" />
       <method />
     </configuration>
@@ -67,13 +67,13 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="library" name="stub [puppet module]" level="application" />
     <orderEntry type="library" scope="PROVIDED" name="bundler (v1.10.4, ruby-2.0.0-p645) [gem]" level="application" />
     <orderEntry type="library" scope="PROVIDED" name="mini_portile2 (v2.0.0, ruby-2.0.0-p645) [gem]" level="application" />
     <orderEntry type="library" scope="PROVIDED" name="minitest (v5.8.4, ruby-2.0.0-p645) [gem]" level="application" />
     <orderEntry type="library" scope="PROVIDED" name="nokogiri (v1.6.7.1, ruby-2.0.0-p645) [gem]" level="application" />
     <orderEntry type="library" scope="PROVIDED" name="rake (v10.5.0, ruby-2.0.0-p645) [gem]" level="application" />
     <orderEntry type="library" scope="PROVIDED" name="xml-simple (v1.1.5, ruby-2.0.0-p645) [gem]" level="application" />
+    <orderEntry type="library" name="stub [puppet module]" level="application" />
   </component>
   <component name="PuppetLibraryUpdateService" isEnabled="true" />
 </module>

lib/constants.rb

@@ -6,6 +6,8 @@ VULN_XML = "#{ROOT_DIR}/xml/vulns.xml"
 SERVICES_XML = "#{ROOT_DIR}/xml/services.xml"
 BASE_XML = "#{ROOT_DIR}/xml/bases.xml"
 MOUNT_DIR = "#{ROOT_DIR}/mount/"
+BUILD_DIR = "#{ROOT_DIR}/modules/build/"
+MOUNT_PUPPET_DIR = "#{ROOT_DIR}/mount/puppet"
 
 #PATH CONSTANTS
 MODULES_PATH = "#{ROOT_DIR}/modules/"
@@ -16,3 +18,6 @@ VULN_NOT_FOUND = "Matching vulnerability was not found please check the xml scen
 
 #RUNTIME_CONSTANTS
 AVAILABLE_CVE_NUMBERS = []
+
+#VAGRANT_FILE_CONSTANTS
+PATH_TO_CLEANUP = "#{ROOT_DIR}/modules/build/puppet/"

lib/filecreator.rb

@@ -22,7 +22,9 @@ class FileCreator
 
 
 		puts "The system is now creating the Project#{build_number}"
-		Dir::mkdir("#{PROJECTS_DIR}/Project#{build_number}") unless File.exists?("#{PROJECTS_DIR}/#{build_number}") 
+		Dir::mkdir("#{PROJECTS_DIR}/Project#{build_number}") unless File.exists?("#{PROJECTS_DIR}/#{build_number}")
+		puts 'Creating the projects mount directory'
+		Dir::mkdir("#{PROJECTS_DIR}/Project#{build_number}/mount") unless File.exists?("#{PROJECTS_DIR}/Project#{build_number}/mount")
 		
 		# initialises box before creation
 		command = "cd #{PROJECTS_DIR}/Project#{build_number}/; vagrant init"

lib/helpers/bootstrap.rb

@@ -0,0 +1,51 @@
+class Bootstrap
+
+  def bootstrap
+    puts 'Bootstrapping application..'
+    #if mount doesnt exist create the directory structure
+    if !Dir.exists?("#{ROOT_DIR}/mount")
+      create_directory_structure
+      move_vulnerability_puppet_files
+      move_secure_service_puppet_files
+    else #if mount does exist, purge the puppet directory and copy the files
+      purge_puppet_files
+      move_secure_service_puppet_files
+      move_vulnerability_puppet_files
+    end
+    puts 'Application Bootstrapped'
+  end
+
+  private
+
+  def create_directory_structure
+    print 'Mount directory not present, creating..'
+    Dir.mkdir("#{ROOT_DIR}/mount")
+    puts ' Complete'
+    print 'Creating Puppet directory..'
+    Dir.mkdir("#{ROOT_DIR}/mount/puppet")
+    puts ' Complete'
+  end
+
+  def move_vulnerability_puppet_files
+    puts 'Moving vulnerabilities'
+    Dir.glob("#{ROOT_DIR}/modules/vulnerabilities/**/**/puppet/**/*.pp").each do |puppet_file|
+      puts "Moving #{puppet_file} to mount/puppet."
+      FileUtils.copy(puppet_file, "#{ROOT_DIR}/mount/puppet")
+    end
+  end
+
+  def move_secure_service_puppet_files
+    puts 'Moving secure services'
+    Dir.glob("#{ROOT_DIR}/modules/services/**/**/puppet/**/*.pp").each do |puppet_file|
+      puts "Moving #{puppet_file} to mount/puppet."
+      FileUtils.copy(puppet_file, "#{ROOT_DIR}/mount/puppet")
+    end
+  end
+
+  def purge_puppet_files
+    puts 'Purging puppets directory.'
+    Dir.glob("#{ROOT_DIR}/mount/puppet/*.pp").each do |puppet_file|
+    File.delete(puppet_file)
+    end
+  end
+end

lib/objects/vulnerability.rb

@@ -1,7 +1,7 @@
 require_relative('../constants.rb')
 
 class Vulnerability
-    attr_accessor :type, :privilege, :access ,:puppets, :details, :ports, :cve, :files, :scripts
+    attr_accessor :type, :privilege, :access ,:puppets, :details, :ports, :name, :cve, :files, :scripts
 
     def eql? other
       # checks if type matches vulns.xml from scenario.xml
@@ -27,7 +27,7 @@ class Vulnerability
     end
 
     def vulnerability_path
-      return "#{ROOT_DIR}/modules/#{@platform}/#{@type}/#{@name}"
+      return "#{ROOT_DIR}/modules/vulnerabilities/#{@platform}/#{@type}/#{@name}"
     end
 
     def puppet_path

lib/templates/vagrantbase.erb

@@ -5,51 +5,47 @@
 VAGRANTFILE_API_VERSION = "2"
 
 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
-<% systems.each do |s| %>
-    config.vm.define "<%=s.id%>" do |<%=s.id%>|
-      <%=s.id%>.vm.box = "<%=s.basebox%>"
-      <%=s.id%>.vm.box_url = "<%=s.url%>"
-<% s.networks.each do |n| %>
-<%grab_system_number = s.id.gsub(/[^0-9]/i, "") %>
-<% n.range[9..9] = grab_system_number %>  
-      <%=s.id%>.vm.network :public_network        
-      <%=s.id%>.vm.network :private_network, :ip => "<%=n.range%>0"
-<% end %>
-      <%=s.id%>.vm.synced_folder "<%=MOUNT_DIR%>", "/mount"
+<% systems.each do |systems| %>
+    config.vm.define "<%= systems.id %>" do |<%= systems.id %>|
+    <%= systems.id %>.vm.box = "<%= systems.basebox %>"
+    <%= systems.id %>.vm.box_url = "<%= systems.url %>"
+    <% systems.networks.each do |n| %>
+        <% grab_system_number = systems.id.gsub(/[^0-9]/i, "") %>
+        <% n.range[9..9] = grab_system_number %>
+        <%= systems.id %>.vm.network :public_network
+        <%= systems.id %>.vm.network :private_network, :ip => "<%= n.range %>0"
+    <% end %>
+    <%= systems.id %>.vm.synced_folder "<%= MOUNT_DIR %>", "/mount"
     end
-
     config.vm.provision :shell, :inline => "apt-get update --fix-missing"
 
+
     # Add secure services
-<%s.services.each do |v|%>
-<%v.puppets.each do |p|%>
-    config.vm.provision "puppet" do |<%=p["puppet"][0]%>|
-      <%=p%>.module_path = <%="#{v.puppet_path}modules"%>
-      <%=p%>.manifests_path = "<%="#{v.puppet_path}manifest"%>
-      <%=p%>.manifest_file = "<%=p%>.pp"
-    end
-<% end %>
-<% end %>
+
 
     # Add vulnerabilities
-<%s.vulns.each do |v|%>
-<%v.puppets.each do |p|%>
-    config.vm.provision "puppet" do |<%=p%>|
-      <%=p%>.manifest_path= <%="#{v.puppet_path}manifest"%>
-      <%=p%>.manifest_file = "<%p%>.pp"
-    end
-<% end %>
-<% end %>
+
+    #a vulnerability has 1 or many puppets
+    <% systems.vulns.each do |vulnerability| %>
+
+        <% vulnerability.puppets.each do |puppet| %>
+            <% vulnerability_name = vulnerability.name %>
+            config.vm.provision "puppet" do | <%=vulnerability_name%> |
+            <%=vulnerability_name%>.manifests_path= "<%="#{vulnerability.puppet_path}/manifest" %>"
+            <%=vulnerability_name%>.manifest_file = "<%=vulnerability_name%>.pp"
+            end
+        <% end %>
+    <% end %>
 
     # clean up script which clears history from the VMs and clobs files together
     config.vm.provision "puppet" do |cleanup|
-      cleanup.module_path = "<%=ROOT_DIR%>/mount/puppet/modules"
-      cleanup.manifests_path = "<%=ROOT_DIR%>/mount/puppet/manifests"
-      cleanup.manifest_file = "cleanup.pp"
+    cleanup.module_path = "<%="#{PATH_TO_CLEANUP}module"%>"
+    cleanup.manifests_path = "<%="#{PATH_TO_CLEANUP}manifest"%>"
+    cleanup.manifest_file = "cleanup.pp"
     end
 
     config.vm.provision :shell, :inline => "history -c && history -w"
     config.vm.provision :shell, :inline => "umount /mount/"
 
+    end
 <% end %>
-end

modules/build/puppet/manifest/default.pp

@@ -0,0 +1 @@
+

modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/puppet/manifest/ftpbackdoor.pp

@@ -1 +0,0 @@
-include vsftpdbackdoor::install

modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/puppet/manifest/vsftpd_234_backdoor.pp

@@ -0,0 +1 @@
+include vsftpd_234_backdoor::install

modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/puppet/module/install.pp

@@ -1,5 +1,5 @@
   #copies and unpacks vsftpd_234_backdoor saves it to usr/local/sbin and executes it for startup
-  class vsftpdbackdoor::install {  
+  class vsftpd_234_backdoor::install {
     exec { 'unzip-vsftpd':
 		command     => 'tar xzf vsftpd-2.3.4.tar.gz && mv vsftpd-2.3.4 /home/vagrant/vsftpd-2.3.4',
 		path => '/bin',

modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/secgen_metadata.xml

@@ -4,10 +4,11 @@
         privilege="user"
         access="remote"
         details="ftpbackdoor smiley face backdoor exploit"
-        platform="unix">
+        platform="unix"
+        name="vsftpd_234_backdoor">
   <puppets>
-    <puppet>install.pp</puppet>
-    <puppet>ftpbackdoor.pp</puppet>
+    <puppet>install</puppet>
+    <puppet>ftpbackdoor</puppet>
   </puppets>
   <files>
     <file>vsftpd-2.3.4.tar.gz</file>

modules/vulnerabilities/unix/misc/distcc_exec/puppet/manifest/distcc.pp

@@ -1 +0,0 @@
-include distcc::config

modules/vulnerabilities/unix/misc/distcc_exec/puppet/manifest/distcc_exec.pp

@@ -0,0 +1 @@
+include distcc_exec::config

modules/vulnerabilities/unix/misc/distcc_exec/puppet/module/config.pp

@@ -1,4 +1,4 @@
-class distcc::config {
+class distcc_exec::config {
 
   package { 'distcc':
       ensure => installed

modules/vulnerabilities/unix/misc/distcc_exec/secgen_metadata.xml

@@ -1,12 +1,13 @@
 <vulnerability
-        type="distcc"
+        type="misc"
         cve="CVE-2004-2687"
         privilege="user"
         access="remote"
         details="distcc can be exploited by exploit/unix/misc/distcc_exec"
-        platform="unix">
+        platform="unix"
+        name="distcc_exec">
   <puppets>
-    <puppet>distcc.pp</puppet>
+    <puppet>distcc_exec</puppet>
   </puppets>
   <files>
     <file>distcc.erb</file>

modules/vulnerabilities/unix/other/mountable_nfs/puppet/manifest/nfs.pp

@@ -0,0 +1 @@
+include nfs::config

modules/vulnerabilities/unix/other/mountable_nfs/puppet/module/config.pp

@@ -1,4 +1,4 @@
-class nfslewis::config {
+class nfs::config {
 
   package { ['nfs-kernel-server', 'nfs-common', 'portmap']:
       ensure => installed

modules/vulnerabilities/unix/other/mountable_nfs/secgen_metadata.xml

@@ -0,0 +1,12 @@
+<vulnerability
+        type="other"
+        cve=""
+        privilege="user"
+        access="remote"
+        details="Misconfigured to be mountable from anyone that can interact with it"
+        platform="unix"
+        name="nfs">
+  <puppets>
+    <puppet>nfs</puppet>
+  </puppets>
+</vulnerability>

modules/vulnerabilities/unix/other/writable_shadow/puppet/module/config.pp

@@ -1,4 +1,4 @@
-class writeableshadow::config {
+class writableshadow::config {
 
   file { '/etc/shadow':
     ensure  => present,

mount/files/web/commandinjection/list-filter.php

@@ -1,16 +0,0 @@
-<html>
-
-<body>
-
-	<b>File in path are: </b><br><pre>
-	<?php 
-
-		$cmd = "ls -alh ".str_replace(';', ' ', $_REQUEST['path']);
-		passthru($cmd);
-
-	?></pre>
-</body>
-
-</html>
-
-

mount/files/web/commandinjection/list-filter2.php

@@ -1,16 +0,0 @@
-<html>
-
-<body>
-
-	<b>File in path are: </b><br><pre>
-	<?php 
-
-		$cmd = "ls -alh ".escapeshellarg($_REQUEST['path']);
-		passthru($cmd);
-
-	?></pre>
-</body>
-
-</html>
-
-

mount/files/web/commandinjection/list.php

@@ -1,16 +0,0 @@
-<html>
-
-<body>
-
-	<b>File in path are: </b><br><pre>
-	<?php 
-
-		$cmd = "ls -alh ".$_REQUEST['path'];
-		passthru($cmd);
-
-	?></pre>
-</body>
-
-</html>
-
-

mount/files/web/sqlinjection/blog.php

@@ -1,118 +0,0 @@
-
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="utf-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta name="description" content="">
-    <meta name="author" content="">
-    <link rel="shortcut icon" href="../../../Downloads/bootstrap-3.0.0/assets/ico/favicon.png">
-
-    <title>Welcome to the first challenge!</title>
-
-    <!-- Bootstrap core CSS -->
-    <link href="static/css/bootstrap.css" rel="stylesheet">
-    <!-- Custom styles for this template -->
-    <link href="navbar.css" rel="stylesheet">
-
-   
-</head>
-
-<body>
-
-<!--<script type="text/javascript">
-    $(document).ready(function() {
-        $("body").css("display", "none");
-
-        $("body").fadeIn(2000);
-
-        $("a").click(function(event){
-            event.preventDefault();
-            linkLocation = this.href;
-            $("body").fadeOut(1000, redirectPage);
-        });
-
-        function redirectPage() {
-            window.location = linkLocation;
-        }
-    });
-</script>-->
-
-<div class="container">
-
-    <!-- Static navbar -->
-    <div class="navbar navbar-default">
-        <div class="navbar-header">
-            <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
-                <span class="icon-bar"></span>
-                <span class="icon-bar"></span>
-                <span class="icon-bar"></span>
-            </button>
-            <a class="navbar-brand" href="index.php">Wowe</a>
-        </div>
-        <div class="navbar-collapse collapse">
-            <ul class="nav navbar-nav navbar-right">
-                <li class="active"><a href="doge.php">Such</a></li>
-                <li><a href="doge.php">Dead</a></li>
-                <li><a href="doge.php">Hrefs</a></li>
-                <li><a href="doge.php">Many</a></li>
-                <li><a href="doge.php">Sadness</a></li>
-            </ul>
-        </div><!--/.nav-collapse -->
-    </div>
-
-   
-    <div class="jumbotron">
-        <p>Please enter your user ID so you can read/make blog posts
-        
-       </p>
-      <p></p>   
-       <p>
-            <b>CHALLENGE TWO:</b><br/>
-            <br><pre>
-       <form method="GET"> 
-	
-		
-		<input type="text" class="form-control" name="id">
-                <input type="submit" value="submit" name="Submit"></input>
-       </form>
-         <?php
-    if(isset($_GET['Submit'])){
-	$id = $_GET['id'];
-
-	$con = mysql_connect("localhost","root","");
-        mysql_select_db("ctf");
-
-	$getid = "SELECT name FROM flag WHERE id = '$id'";
-
-	$result = mysql_query($getid) or die('<pre>' . mysql_error(). '</pre>');
-
-	$num = mysql_numrows($result);
-	$i = 0;
-
-	
-	while ($i < $num){
-	$first = mysql_result($result,$i,'name');
-        echo '<pre>';  
-	echo 'ID : ' . $id . ' <br>Flag : ' . $first .' ';
-	echo '</pre>';
-	
-	$i++;
-
-
-}
-}
-?>   
-   </pre>
-    </div>
-</div>
-
-<!--
-================================================== -->
-<!-- Placed at the end of the document so the pages load faster -->
-<script src="../../../Downloads/bootstrap-3.0.0/assets/js/jquery.js"></script>
-<script src="static/js/bootstrap.min.js"></script>
-<script src="static/js/background.js" type="text/javascript"></script>
-</body>
-</html>
-

mount/puppet/manifests/commandinjection.pp

@@ -1,16 +0,0 @@
- class { 'apache': mpm_module => 'prefork'  }
-    apache::vhost { 'localhost':
-      port    => '80',
-      docroot => '/var/www/commandinjection',
-    }   
-include apache::mod::php
-package { ['php5', 'libapache2-mod-php5']:
-      ensure => installed,
-      notify => Service["apache2"]
-  }
-
-file { "/var/www/commandinjection":
-    ensure => directory,
-    recurse => true,
-    source => "/mount/files/web/commandinjection/"
-}

mount/puppet/manifests/default.pp

@@ -1,44 +0,0 @@
-class { 'vsftpd':
-  anonymous_enable  => 'YES',
-  write_enable      => 'YES',
-  ftpd_banner       => 'Marmotte FTP Server',
-  chroot_local_user => 'YES',
-}
-
-include vsftpd
-
-class { 'samba::server':
-  workgroup            => 'EXAMPLE',
-  server_string        => 'Example File Server 01',
-  netbios_name         => 'F01',
-  interfaces           => [ 'lo', 'eth0' ],
-  hosts_allow          => [ '127.', '192.168.' ],
-  local_master         => 'yes',
-  map_to_guest         => 'Bad User',
-  os_level             => '50',
-  preferred_master     => 'yes',
-  extra_global_options => [
-    'printing = BSD',
-    'printcap name = /dev/null',
-  ],
-  shares => {
-    'homes' => [
-      'comment = Home Directories',
-      'browseable = no',
-      'writable = yes',
-    ],
-    'pictures' => [
-      'comment = Pictures',
-      'path = /srv/pictures',
-      'browseable = yes',
-      'writable = yes',
-      'guest ok = yes',
-      'available = yes',
-    ],
-  },
-  selinux_enable_home_dirs => true,
-}
-
-include samba::server
-
-include nfslewis::config

mount/puppet/manifests/ftpbackdoor.pp

@@ -1 +0,0 @@
-include vsftpdbackdoor::install

mount/puppet/manifests/nfs.pp

@@ -1 +0,0 @@
-include nfslewis::config

mount/puppet/manifests/samba.pp

@@ -1,33 +0,0 @@
-class { 'samba::server':
-  workgroup            => 'EXAMPLE',
-  server_string        => 'Example File Server 01',
-  netbios_name         => 'F01',
-  interfaces           => [ 'lo', 'eth0' ],
-  hosts_allow          => [ '127.', '192.168.' ],
-  local_master         => 'yes',
-  map_to_guest         => 'Bad User',
-  os_level             => '50',
-  preferred_master     => 'yes',
-  extra_global_options => [
-    'printing = BSD',
-    'printcap name = /dev/null',
-  ],
-  shares => {
-    'homes' => [
-      'comment = Home Directories',
-      'browseable = no',
-      'writable = yes',
-    ],
-    'pictures' => [
-      'comment = Pictures',
-      'path = /srv/pictures',
-      'browseable = yes',
-      'writable = yes',
-      'guest ok = yes',
-      'available = yes',
-    ],
-  },
-  selinux_enable_home_dirs => true,
-}
-
-include samba::server

mount/puppet/manifests/sqlinjection.pp

@@ -1,27 +0,0 @@
- class { 'apache': mpm_module => 'prefork'  }
-    apache::vhost { 'localhost':
-      port    => '80',
-      docroot => '/var/www/sqlinjection',
-    }   
-include apache::mod::php
-package { ['php5', 'libapache2-mod-php5']:
-      ensure => installed,
-      notify => Service["apache2"]
-  }
-
-  class { '::mysql::server':
-  root_password    => 'strongpassword',
-  override_options => { 'mysqld' => { 'max_connections' => '1024' } }
-
-}
-  mysql_database { 'flag':
-  ensure  => 'present',
-  charset => 'latin1',
-  collate => 'latin1_swedish_ci',
-}
-
-file { "/var/www/sqlinjection":
-    ensure => directory,
-    recurse => true,
-    source => "/mount/files/web/sqlinjection/"
-}

mount/puppet/manifests/webserver.pp

@@ -1,6 +0,0 @@
- class { 'apache': }
-    apache::vhost { 'first.example.com':
-      port    => '80',
-      docroot => '/var/www/commandinjection',
-    }
-

secgen.rb

@@ -4,12 +4,13 @@ require_relative 'lib/constants'
 require_relative 'lib/filecreator.rb'
 require_relative 'lib/systemreader.rb'
 require_relative 'lib/vagrant.rb'
+require_relative 'lib/helpers/bootstrap'
 
 puts 'SecGen - Creates virtualised security scenarios'
 puts 'Licensed GPLv3 2014-16'
 
 def usage
-	puts 'Usage:
+  puts 'Usage:
    ' + $0 + ' [options]
 
    OPTIONS:
@@ -18,30 +19,30 @@ def usage
    --build-vms, -v: builds VMs from previously generated vagrant config
    --help, -h: shows this usage information
 '
-	exit
+  exit
 end
 
 def build_config
-	puts 'Reading configuration file for virtual machines you want to create'
+  puts 'Reading configuration file for virtual machines you want to create'
 
-	# uses nokogoiri to grab all the system information from scenario.xml
-	systems = SystemReader.new(SCENARIO_XML).systems
-	  
-	puts 'Creating vagrant file'
-	# create's vagrant file / report a starts the vagrant installation'
-	create_files = FileCreator.new(systems)
-	build_number = create_files.generate(systems)
-	return build_number
+  # uses nokogoiri to grab all the system information from scenario.xml
+  systems = SystemReader.new(SCENARIO_XML).systems
+
+  puts 'Creating vagrant file'
+  # create's vagrant file / report a starts the vagrant installation'
+  create_files = FileCreator.new(systems)
+  build_number = create_files.generate(systems)
+  return build_number
 end
 
 def build_vms(build_number)
-	vagrant = VagrantController.new
-	vagrant.vagrant_up(build_number)
+  vagrant = VagrantController.new
+  vagrant.vagrant_up(build_number)
 end
 
 def run
-	build_number = build_config()
-	build_vms(build_number)
+  build_number = build_config()
+  build_vms(build_number)
 end
 
 if ARGV.length < 1
@@ -61,7 +62,9 @@ opts.each do |opt, arg|
 	case opt
 		when '--help'
 			usage
-		when '--run'
+    when '--run'
+      application_bootstrapper = Bootstrap.new
+      application_bootstrapper.bootstrap
 			run
 		when '--build-config'
 			build_config()
@@ -71,3 +74,7 @@ opts.each do |opt, arg|
 end
 
 
+
+
+
+

tests/helper_tests/vulnerability_processor_tests.rb

@@ -44,7 +44,7 @@ class VulnerabilityProcessorTests < MiniTest::Test
     assert(result.is_a?(Array), msg = 'The returned value is not an array')
     assert_equal(result.count, 1, msg= 'The returned count is less than 1')
     assert(result[0].is_a?(Vulnerability), msg = 'The first value is not a type of vulnerability')
-    assert_equal(result[0].type, 'distcc', msg= 'The type is not distcc')
+    assert_equal(result[0].type, 'misc', msg= 'The type is not distcc')
     assert_equal(result[0].access, 'remote', msg= 'The access is not remote')
   end