WiP: Working with scenario.

2026-02-20 13:50:45 +00:00 · 2018-10-12 10:09:09 +01:00
parent 61f7320add
commit 6fd9ceab0c
12 changed files with 247 additions and 95 deletions
--- a/lib/objects/local_string_generator.rb
+++ b/lib/objects/local_string_generator.rb
@@ -32,8 +32,10 @@ class StringGenerator
    # Get command line arguments
    begin
      args_array = []
-      ARGF.each_line do |arg|
-        args_array << arg.strip
+      ARGF.each do |arg|
+        arg.strip.split(' ').each do |split|
+          args_array << split
+        end
      end
      ARGV.unshift(*args_array)
    rescue
@@ -109,6 +111,9 @@ class StringGenerator
    end

    puts has_base64_inputs ? base64_encode_outputs : self.outputs
+
+    # TODO: Wrap data in {}
+
  end

  def base64_encode_outputs
--- a/modules/build/puppet/secgen_functions/manifests/create_directory.pp
+++ b/modules/build/puppet/secgen_functions/manifests/create_directory.pp
@@ -1,5 +1,5 @@
-define secgen_functions::create_directory($path){
-  exec  { "secgen_create_directory_$path":
+define secgen_functions::create_directory($res='create-dir', $path){
+  exec  { "secgen_create_directory_$res":
    path => '/bin:/sbin:/usr/bin:/usr/sbin',
    command => "mkdir -p $path"
  }
--- a/modules/build/puppet/secgen_functions/manifests/leak_files.pp
+++ b/modules/build/puppet/secgen_functions/manifests/leak_files.pp
@@ -1,20 +1,37 @@
-define secgen_functions::leak_files($leaked_filenames=[], $storage_directory, $strings_to_leak=[], $data_to_leak=[], $images_to_leak=[], $owner = 'root', $group = 'root', $mode = '0660', $leaked_from) {
+define secgen_functions::leak_files (
+  $leaked_filenames = [],
+  $storage_directory,
+  $strings_to_leak  = [],
+  $data_to_leak     = [],
+  $images_to_leak   = [],
+  $owner            = 'root',
+  $group            = 'root',
+  $mode             = '0660',
+  $leaked_from
+) {

  # Have a check on $data_to_leak for whether the file is a string or json with {"secgen_leaked_data": {}}
  $data_to_leak.each |$i, $data_element| {
-    notice ('Looping through $data_to_leak ... ')
    if "secgen_leaked_data" in $data_element {
      $secgen_leaked_data = parsejson($data_element)
-      notice ("[$i] leaking secgen_leaked_data {} ... ")

      $data = $secgen_leaked_data['secgen_leaked_data']['data']
      $filename = $secgen_leaked_data['secgen_leaked_data']['filename']
      $ext = $secgen_leaked_data['secgen_leaked_data']['ext']
      $subdirectory = $secgen_leaked_data['secgen_leaked_data']['subdirectory']

-      $path_to_leak = "$storage_directory/$subdirectory/$filename.$ext"
+      $storage_dir = "$storage_directory/$subdirectory"
+      $path_to_leak = "$storage_dir/$filename.$ext"
      $leaked_file_resource = "$leaked_from-$path_to_leak"

+      unless $subdirectory == '' {
+        ::secgen_functions::create_directory { "create-$storage_dir-$i":
+          res => "create-$storage_dir-$i",
+          path   => $storage_dir,
+          notify => File[$path_to_leak]
+        }
+      }
+
      file { $path_to_leak:
        ensure  => present,
        owner   => $owner,
--- a/modules/encoders/cipher/braille/secgen_local/local.rb
+++ b/modules/encoders/cipher/braille/secgen_local/local.rb
@@ -1,19 +0,0 @@
-#!/usr/bin/ruby
-require_relative '../../../../../lib/objects/local_string_encoder.rb'
-require 'braille'
-require 'braille/translator'
-
-class BrailleEncoder < StringEncoder
-
-  def initialize
-    super
-    self.module_name = 'Braille Encoder'
-    self.strings_to_encode = []
-  end
-
-  def encode(str)
-    Braille::Translator.new.call(str)
-  end
-end
-
-BrailleEncoder.new.run
--- a/modules/encoders/cipher/braille/secgen_metadata.xml
+++ b/modules/encoders/cipher/braille/secgen_metadata.xml
@@ -1,28 +0,0 @@
-<?xml version="1.0"?>
-
-<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
-  <name>Braille Code Encoder</name>
-  <author>Thomas Shaw</author>
-  <module_license>MIT</module_license>
-  <description>Encodes a string into Braille.</description>
-
-  <type>braille_encoder</type>
-  <type>ascii_reversible</type>
-  <type>string_encoder</type>
-  <platform>linux</platform>
-  <platform>windows</platform>
-
-  <reference>https://github.com/nicanor/braille</reference>
-
-  <solution>Braille decoders are available online e.g. https://www.dcode.fr/braille-alphabet</solution>
-
-  <read_fact>strings_to_encode</read_fact>
-
-  <default_input into="strings_to_encode">
-    <generator type="flag_generator"/>
-  </default_input>
-
-  <output_type>encoded_strings</output_type>
-</encoder>
--- a/modules/encoders/compression/huffman/secgen_local/local.rb
+++ b/modules/encoders/compression/huffman/secgen_local/local.rb
@@ -3,11 +3,12 @@ require_relative '../../../../../lib/objects/local_string_encoder.rb'
 require 'huffman'

 class HuffmanEncoder < StringEncoder
+  attr_accessor :subdirectory

  def initialize
    super
    self.module_name = 'Huffman Encoder'
-    self.strings_to_encode = []
+    self.subdirectory = ''
    Dir.mkdir '../tmp/' unless Dir.exists? '../tmp/'
  end

@@ -15,8 +16,27 @@ class HuffmanEncoder < StringEncoder
    tree_path = "../tmp/tree"
    result = Huffman.encode_text(strings_to_encode[0], tree_picture: true, tree_path: tree_path)

-    self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(result.first), :filename => 'cipher', :ext => 'txt', :subdir => ''}}.to_json
-    self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(File.binread("#{tree_path}.png")), :filename => 'tree', :ext => 'png', :subdir => ''}}.to_json
+    self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(result.first), :filename => 'cipher', :ext => 'txt', :subdirectory => self.subdirectory}}.to_json
+    self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(File.binread("#{tree_path}.png")), :filename => 'tree', :ext => 'png', :subdirectory => self.subdirectory}}.to_json
+  end
+
+  def process_options(opt, arg)
+    super
+    case opt
+      # Removes any non-alphabet characters
+      when '--subdirectory'
+        self.subdirectory << arg;
+    end
+  end
+
+  def get_options_array
+    super + [['--subdirectory', GetoptLong::REQUIRED_ARGUMENT]]
+  end
+
+
+  def encoding_print_string
+    'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
+    'subdirectory: ' + self.subdirectory.to_s
  end
 end

--- a/modules/encoders/compression/huffman/secgen_metadata.xml
+++ b/modules/encoders/compression/huffman/secgen_metadata.xml
@@ -19,10 +19,15 @@
  <solution>Braille decoders are available online e.g. https://www.dcode.fr/braille-alphabet</solution>

  <read_fact>strings_to_encode</read_fact>
+  <read_fact>subdirectory</read_fact>

  <default_input into="strings_to_encode">
    <generator type="flag_generator"/>
  </default_input>

+  <default_input into="subdirectory">
+    <value>challenges</value>
+  </default_input>
+
  <output_type>array</output_type>
 </encoder>
--- a/modules/generators/structured_content/leaked_data/leaked_data.pp
+++ b/modules/generators/structured_content/leaked_data/leaked_data.pp
--- a/modules/generators/structured_content/leaked_data/manifests/.no_puppet
+++ b/modules/generators/structured_content/leaked_data/manifests/.no_puppet
--- a/modules/generators/structured_content/leaked_data/secgen_local/local.rb
+++ b/modules/generators/structured_content/leaked_data/secgen_local/local.rb
@@ -0,0 +1,59 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+require 'base64'
+
+class LeakedDataGenerator < StringEncoder
+  attr_accessor :data
+  attr_accessor :filename
+  attr_accessor :ext
+  attr_accessor :subdirectory
+
+  def initialize
+    super
+    self.module_name = 'SecGen Leaked Data Wrapper'
+    self.data = ''
+    self.filename = ''
+    self.ext = ''
+    self.subdirectory = ''
+  end
+
+  def encode_all
+    data_hash = {:secgen_leaked_data => {}}
+    data_hash[:secgen_leaked_data]['data'] = Base64.strict_encode64(self.data)
+    data_hash[:secgen_leaked_data]['filename'] = self.filename
+    data_hash[:secgen_leaked_data]['ext'] = self.ext
+    data_hash[:secgen_leaked_data]['subdirectory'] = self.subdirectory
+
+    self.outputs << data_hash.to_json
+  end
+
+  def get_options_array
+    super + [['--data', GetoptLong::OPTIONAL_ARGUMENT],
+             ['--filename', GetoptLong::OPTIONAL_ARGUMENT],
+             ['--ext', GetoptLong::REQUIRED_ARGUMENT],
+             ['--subdirectory', GetoptLong::REQUIRED_ARGUMENT]]
+  end
+
+  def process_options(opt, arg)
+    super
+    case opt
+      when '--data'
+        self.data << arg;
+      when '--filename'
+        self.filename << arg;
+      when '--ext'
+        self.ext << arg;
+      when '--subdirectory'
+        self.subdirectory << arg;
+    end
+  end
+
+  def encoding_print_string
+    'data: ' + self.data.to_s + print_string_padding +
+    'filename: ' + self.filename.to_s  + print_string_padding +
+    'ext: ' + self.ext.to_s + print_string_padding +
+    'subdirectory: ' + self.subdirectory.to_s
+  end
+end
+
+LeakedDataGenerator.new.run
--- a/modules/generators/structured_content/leaked_data/secgen_metadata.xml
+++ b/modules/generators/structured_content/leaked_data/secgen_metadata.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0"?>
+
+<generator xmlns="http://www.github/cliffe/SecGen/generator"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://www.github/cliffe/SecGen/generator">
+  <name>Leaked Data Generator</name>
+  <author>Thomas Shaw</author>
+  <module_license>MIT</module_license>
+  <description>TODO:
+  </description>
+
+  <type>leaked_data</type>
+  <platform>linux</platform>
+
+  <read_fact>data</read_fact>
+  <read_fact>filename</read_fact>
+  <read_fact>ext</read_fact>
+  <read_fact>subdirectory</read_fact>
+
+  <default_input into="filename">
+    <value>leaked_file</value>
+  </default_input>
+  <default_input into="ext">
+    <value>txt</value>
+  </default_input>
+
+  <output_type>hash</output_type>
+</generator>
--- a/scenarios/ctf/encoding_challenges.xml
+++ b/scenarios/ctf/encoding_challenges.xml
@@ -31,6 +31,45 @@
    <!--5: random encoder double encoded -->
    <!--6: random high difficulty encoder -->

+    <input into_datastore="challenges" unique_module_list="unique_encoders">
+
+      <encoder type="ascii_reversible">
+        <input into="strings_to_encode">
+          <generator type="flag_generator"/>
+        </input>
+      </encoder>
+
+      <encoder type="alpha_reversible">
+        <input into="strings_to_encode">
+          <generator type="flag_generator"/>
+        </input>
+      </encoder>
+
+      <encoder type="ascii_reversible">
+        <input into="strings_to_encode">
+          <generator type="flag_generator"/>
+        </input>
+      </encoder>
+
+      <encoder type="ascii_reversible">
+        <input into="strings_to_encode">
+          <generator type="flag_generator"/>
+        </input>
+      </encoder>
+
+
+      <encoder type="ascii_reversible">
+        <input into="strings_to_encode">
+          <encoder type="ascii_reversible">
+            <input into="strings_to_encode">
+              <generator type="flag_generator"/>
+            </input>
+          </encoder>
+        </input>
+      </encoder>
+
+    </input>
+
    <!-- Either remote file storage system OR local challenges -->
    <utility module_path=".*parameterised_accounts">
      <input into="accounts">
@@ -47,49 +86,75 @@
          <input into="leaked_filenames">
            <value>ciphertext</value>
          </input>
-          <input into="data_to_leak" unique_module_list="unique_encoders">
-            <!---->
-            <!--<encoder type="ascii_reversible">-->
-              <!--<input into="strings_to_encode">-->
-                <!--<generator type="flag_generator"/>-->
-              <!--</input>-->
-            <!--</encoder>-->
-            <!---->
-            <!--<encoder type="alpha_reversible">-->
-              <!--<input into="strings_to_encode">-->
-                <!--<generator type="flag_generator"/>-->
-              <!--</input>-->
-            <!--</encoder>-->
-            <!---->
-            <!--<encoder type="ascii_reversible">-->
-              <!--<input into="strings_to_encode">-->
-                <!--<generator type="flag_generator"/>-->
-              <!--</input>-->
-            <!--</encoder>-->
-            <!---->
-            <!--<encoder type="ascii_reversible">-->
-              <!--<input into="strings_to_encode">-->
-                <!--<generator type="flag_generator"/>-->
-              <!--</input>-->
-            <!--</encoder>-->
-            <!---->
-            <!--<encoder type="ascii_reversible">-->
-              <!--<input into="strings_to_encode">-->
-                <!--<encoder type="ascii_reversible">-->
-                  <!--<input into="strings_to_encode">-->
-                    <!--<generator type="flag_generator"/>-->
-                  <!--</input>-->
-                <!--</encoder>-->
-              <!--</input>-->
-            <!--</encoder>-->
-            <!---->
+          <input into="data_to_leak">
+            <generator type="leaked_data">
+              <input into="data">
+                <datastore access="0">challenges</datastore>
+              </input>
+              <input into="filename">
+                <value>cipher</value>
+              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_1</value>
+              </input>
+            </generator>
+
+            <generator type="leaked_data">
+              <input into="data">
+                <datastore access="1">challenges</datastore>
+              </input>
+              <input into="filename">
+                <value>cipher</value>
+              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_2</value>
+              </input>
+            </generator>
+
+            <generator type="leaked_data">
+              <input into="data">
+                <datastore access="2">challenges</datastore>
+              </input>
+              <input into="filename">
+                <value>cipher</value>
+              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_3</value>
+              </input>
+            </generator>
+
+            <generator type="leaked_data">
+              <input into="data">
+                <datastore access="3">challenges</datastore>
+              </input>
+              <input into="filename">
+                <value>cipher</value>
+              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_4</value>
+              </input>
+            </generator>
+
+            <generator type="leaked_data">
+              <input into="data">
+                <datastore access="4">challenges</datastore>
+              </input>
+              <input into="filename">
+                <value>cipher</value>
+              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_5</value>
+              </input>
+            </generator>

            <encoder difficulty="high">
              <input into="strings_to_encode">
                <generator type="flag_generator"/>
              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_6</value>
+              </input>
            </encoder>
-
          </input>
        </generator>
      </input>