From 6fd9ceab0cfbd52bd554caa0d104ad68c2c0747f Mon Sep 17 00:00:00 2001
From: ts <thomashaw@localhost.localdomain>
Date: Fri, 12 Oct 2018 10:09:09 +0100
Subject: [PATCH] WiP: Working with scenario.

---
 lib/objects/local_string_generator.rb         |   9 +-
 .../manifests/create_directory.pp             |   4 +-
 .../secgen_functions/manifests/leak_files.pp  |  25 +++-
 .../cipher/braille/secgen_local/local.rb      |  19 ---
 .../cipher/braille/secgen_metadata.xml        |  28 ----
 .../compression/huffman/secgen_local/local.rb |  26 +++-
 .../compression/huffman/secgen_metadata.xml   |   5 +
 .../leaked_data/leaked_data.pp}               |   0
 .../leaked_data}/manifests/.no_puppet         |   0
 .../leaked_data/secgen_local/local.rb         |  59 ++++++++
 .../leaked_data/secgen_metadata.xml           |  28 ++++
 scenarios/ctf/encoding_challenges.xml         | 139 +++++++++++++-----
 12 files changed, 247 insertions(+), 95 deletions(-)
 delete mode 100644 modules/encoders/cipher/braille/secgen_local/local.rb
 delete mode 100644 modules/encoders/cipher/braille/secgen_metadata.xml
 rename modules/{encoders/cipher/braille/braille.pp => generators/structured_content/leaked_data/leaked_data.pp} (100%)
 rename modules/{encoders/cipher/braille => generators/structured_content/leaked_data}/manifests/.no_puppet (100%)
 create mode 100644 modules/generators/structured_content/leaked_data/secgen_local/local.rb
 create mode 100644 modules/generators/structured_content/leaked_data/secgen_metadata.xml

diff --git a/lib/objects/local_string_generator.rb b/lib/objects/local_string_generator.rb
index e1312a4b8..f342875ff 100644
--- a/lib/objects/local_string_generator.rb
+++ b/lib/objects/local_string_generator.rb
@@ -32,8 +32,10 @@ class StringGenerator
     # Get command line arguments
     begin
       args_array = []
-      ARGF.each_line do |arg|
-        args_array << arg.strip
+      ARGF.each do |arg|
+        arg.strip.split(' ').each do |split|
+          args_array << split
+        end
       end
       ARGV.unshift(*args_array)
     rescue
@@ -109,6 +111,9 @@ class StringGenerator
     end
 
     puts has_base64_inputs ? base64_encode_outputs : self.outputs
+
+    # TODO: Wrap data in {}
+
   end
 
   def base64_encode_outputs
diff --git a/modules/build/puppet/secgen_functions/manifests/create_directory.pp b/modules/build/puppet/secgen_functions/manifests/create_directory.pp
index 51eb1c6c0..64da91b00 100644
--- a/modules/build/puppet/secgen_functions/manifests/create_directory.pp
+++ b/modules/build/puppet/secgen_functions/manifests/create_directory.pp
@@ -1,5 +1,5 @@
-define secgen_functions::create_directory($path){
-  exec  { "secgen_create_directory_$path":
+define secgen_functions::create_directory($res='create-dir', $path){
+  exec  { "secgen_create_directory_$res":
     path => '/bin:/sbin:/usr/bin:/usr/sbin',
     command => "mkdir -p $path"
   }
diff --git a/modules/build/puppet/secgen_functions/manifests/leak_files.pp b/modules/build/puppet/secgen_functions/manifests/leak_files.pp
index 03decde9a..539f12e61 100644
--- a/modules/build/puppet/secgen_functions/manifests/leak_files.pp
+++ b/modules/build/puppet/secgen_functions/manifests/leak_files.pp
@@ -1,20 +1,37 @@
-define secgen_functions::leak_files($leaked_filenames=[], $storage_directory, $strings_to_leak=[], $data_to_leak=[], $images_to_leak=[], $owner = 'root', $group = 'root', $mode = '0660', $leaked_from) {
+define secgen_functions::leak_files (
+  $leaked_filenames = [],
+  $storage_directory,
+  $strings_to_leak  = [],
+  $data_to_leak     = [],
+  $images_to_leak   = [],
+  $owner            = 'root',
+  $group            = 'root',
+  $mode             = '0660',
+  $leaked_from
+) {
 
   # Have a check on $data_to_leak for whether the file is a string or json with {"secgen_leaked_data": {}}
   $data_to_leak.each |$i, $data_element| {
-    notice ('Looping through $data_to_leak ... ')
     if "secgen_leaked_data" in $data_element {
       $secgen_leaked_data = parsejson($data_element)
-      notice ("[$i] leaking secgen_leaked_data {} ... ")
 
       $data = $secgen_leaked_data['secgen_leaked_data']['data']
       $filename = $secgen_leaked_data['secgen_leaked_data']['filename']
       $ext = $secgen_leaked_data['secgen_leaked_data']['ext']
       $subdirectory = $secgen_leaked_data['secgen_leaked_data']['subdirectory']
 
-      $path_to_leak = "$storage_directory/$subdirectory/$filename.$ext"
+      $storage_dir = "$storage_directory/$subdirectory"
+      $path_to_leak = "$storage_dir/$filename.$ext"
       $leaked_file_resource = "$leaked_from-$path_to_leak"
 
+      unless $subdirectory == '' {
+        ::secgen_functions::create_directory { "create-$storage_dir-$i":
+          res => "create-$storage_dir-$i",
+          path   => $storage_dir,
+          notify => File[$path_to_leak]
+        }
+      }
+
       file { $path_to_leak:
         ensure  => present,
         owner   => $owner,
diff --git a/modules/encoders/cipher/braille/secgen_local/local.rb b/modules/encoders/cipher/braille/secgen_local/local.rb
deleted file mode 100644
index 63afe4925..000000000
--- a/modules/encoders/cipher/braille/secgen_local/local.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/usr/bin/ruby
-require_relative '../../../../../lib/objects/local_string_encoder.rb'
-require 'braille'
-require 'braille/translator'
-
-class BrailleEncoder < StringEncoder
-
-  def initialize
-    super
-    self.module_name = 'Braille Encoder'
-    self.strings_to_encode = []
-  end
-
-  def encode(str)
-    Braille::Translator.new.call(str)
-  end
-end
-
-BrailleEncoder.new.run
\ No newline at end of file
diff --git a/modules/encoders/cipher/braille/secgen_metadata.xml b/modules/encoders/cipher/braille/secgen_metadata.xml
deleted file mode 100644
index d81127dd8..000000000
--- a/modules/encoders/cipher/braille/secgen_metadata.xml
+++ /dev/null
@@ -1,28 +0,0 @@
-<?xml version="1.0"?>
-
-<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
-  <name>Braille Code Encoder</name>
-  <author>Thomas Shaw</author>
-  <module_license>MIT</module_license>
-  <description>Encodes a string into Braille.</description>
-
-  <type>braille_encoder</type>
-  <type>ascii_reversible</type>
-  <type>string_encoder</type>
-  <platform>linux</platform>
-  <platform>windows</platform>
-
-  <reference>https://github.com/nicanor/braille</reference>
-
-  <solution>Braille decoders are available online e.g. https://www.dcode.fr/braille-alphabet</solution>
-
-  <read_fact>strings_to_encode</read_fact>
-
-  <default_input into="strings_to_encode">
-    <generator type="flag_generator"/>
-  </default_input>
-
-  <output_type>encoded_strings</output_type>
-</encoder>
diff --git a/modules/encoders/compression/huffman/secgen_local/local.rb b/modules/encoders/compression/huffman/secgen_local/local.rb
index caa63af2a..c06e0df31 100644
--- a/modules/encoders/compression/huffman/secgen_local/local.rb
+++ b/modules/encoders/compression/huffman/secgen_local/local.rb
@@ -3,11 +3,12 @@ require_relative '../../../../../lib/objects/local_string_encoder.rb'
 require 'huffman'
 
 class HuffmanEncoder < StringEncoder
+  attr_accessor :subdirectory
 
   def initialize
     super
     self.module_name = 'Huffman Encoder'
-    self.strings_to_encode = []
+    self.subdirectory = ''
     Dir.mkdir '../tmp/' unless Dir.exists? '../tmp/'
   end
 
@@ -15,8 +16,27 @@ class HuffmanEncoder < StringEncoder
     tree_path = "../tmp/tree"
     result = Huffman.encode_text(strings_to_encode[0], tree_picture: true, tree_path: tree_path)
 
-    self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(result.first), :filename => 'cipher', :ext => 'txt', :subdir => ''}}.to_json
-    self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(File.binread("#{tree_path}.png")), :filename => 'tree', :ext => 'png', :subdir => ''}}.to_json
+    self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(result.first), :filename => 'cipher', :ext => 'txt', :subdirectory => self.subdirectory}}.to_json
+    self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(File.binread("#{tree_path}.png")), :filename => 'tree', :ext => 'png', :subdirectory => self.subdirectory}}.to_json
+  end
+
+  def process_options(opt, arg)
+    super
+    case opt
+      # Removes any non-alphabet characters
+      when '--subdirectory'
+        self.subdirectory << arg;
+    end
+  end
+
+  def get_options_array
+    super + [['--subdirectory', GetoptLong::REQUIRED_ARGUMENT]]
+  end
+
+
+  def encoding_print_string
+    'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
+    'subdirectory: ' + self.subdirectory.to_s
   end
 end
 
diff --git a/modules/encoders/compression/huffman/secgen_metadata.xml b/modules/encoders/compression/huffman/secgen_metadata.xml
index 9b0c584fe..6e7c27486 100644
--- a/modules/encoders/compression/huffman/secgen_metadata.xml
+++ b/modules/encoders/compression/huffman/secgen_metadata.xml
@@ -19,10 +19,15 @@
   <solution>Braille decoders are available online e.g. https://www.dcode.fr/braille-alphabet</solution>
 
   <read_fact>strings_to_encode</read_fact>
+  <read_fact>subdirectory</read_fact>
 
   <default_input into="strings_to_encode">
     <generator type="flag_generator"/>
   </default_input>
 
+  <default_input into="subdirectory">
+    <value>challenges</value>
+  </default_input>
+
   <output_type>array</output_type>
 </encoder>
diff --git a/modules/encoders/cipher/braille/braille.pp b/modules/generators/structured_content/leaked_data/leaked_data.pp
similarity index 100%
rename from modules/encoders/cipher/braille/braille.pp
rename to modules/generators/structured_content/leaked_data/leaked_data.pp
diff --git a/modules/encoders/cipher/braille/manifests/.no_puppet b/modules/generators/structured_content/leaked_data/manifests/.no_puppet
similarity index 100%
rename from modules/encoders/cipher/braille/manifests/.no_puppet
rename to modules/generators/structured_content/leaked_data/manifests/.no_puppet
diff --git a/modules/generators/structured_content/leaked_data/secgen_local/local.rb b/modules/generators/structured_content/leaked_data/secgen_local/local.rb
new file mode 100644
index 000000000..fed2f3966
--- /dev/null
+++ b/modules/generators/structured_content/leaked_data/secgen_local/local.rb
@@ -0,0 +1,59 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+require 'base64'
+
+class LeakedDataGenerator < StringEncoder
+  attr_accessor :data
+  attr_accessor :filename
+  attr_accessor :ext
+  attr_accessor :subdirectory
+
+  def initialize
+    super
+    self.module_name = 'SecGen Leaked Data Wrapper'
+    self.data = ''
+    self.filename = ''
+    self.ext = ''
+    self.subdirectory = ''
+  end
+
+  def encode_all
+    data_hash = {:secgen_leaked_data => {}}
+    data_hash[:secgen_leaked_data]['data'] = Base64.strict_encode64(self.data)
+    data_hash[:secgen_leaked_data]['filename'] = self.filename
+    data_hash[:secgen_leaked_data]['ext'] = self.ext
+    data_hash[:secgen_leaked_data]['subdirectory'] = self.subdirectory
+
+    self.outputs << data_hash.to_json
+  end
+
+  def get_options_array
+    super + [['--data', GetoptLong::OPTIONAL_ARGUMENT],
+             ['--filename', GetoptLong::OPTIONAL_ARGUMENT],
+             ['--ext', GetoptLong::REQUIRED_ARGUMENT],
+             ['--subdirectory', GetoptLong::REQUIRED_ARGUMENT]]
+  end
+
+  def process_options(opt, arg)
+    super
+    case opt
+      when '--data'
+        self.data << arg;
+      when '--filename'
+        self.filename << arg;
+      when '--ext'
+        self.ext << arg;
+      when '--subdirectory'
+        self.subdirectory << arg;
+    end
+  end
+
+  def encoding_print_string
+    'data: ' + self.data.to_s + print_string_padding +
+    'filename: ' + self.filename.to_s  + print_string_padding +
+    'ext: ' + self.ext.to_s + print_string_padding +
+    'subdirectory: ' + self.subdirectory.to_s
+  end
+end
+
+LeakedDataGenerator.new.run
diff --git a/modules/generators/structured_content/leaked_data/secgen_metadata.xml b/modules/generators/structured_content/leaked_data/secgen_metadata.xml
new file mode 100644
index 000000000..e4bd976e0
--- /dev/null
+++ b/modules/generators/structured_content/leaked_data/secgen_metadata.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0"?>
+
+<generator xmlns="http://www.github/cliffe/SecGen/generator"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://www.github/cliffe/SecGen/generator">
+  <name>Leaked Data Generator</name>
+  <author>Thomas Shaw</author>
+  <module_license>MIT</module_license>
+  <description>TODO:
+  </description>
+
+  <type>leaked_data</type>
+  <platform>linux</platform>
+
+  <read_fact>data</read_fact>
+  <read_fact>filename</read_fact>
+  <read_fact>ext</read_fact>
+  <read_fact>subdirectory</read_fact>
+
+  <default_input into="filename">
+    <value>leaked_file</value>
+  </default_input>
+  <default_input into="ext">
+    <value>txt</value>
+  </default_input>
+
+  <output_type>hash</output_type>
+</generator>
diff --git a/scenarios/ctf/encoding_challenges.xml b/scenarios/ctf/encoding_challenges.xml
index c0965e7b2..c09c8a66e 100644
--- a/scenarios/ctf/encoding_challenges.xml
+++ b/scenarios/ctf/encoding_challenges.xml
@@ -31,6 +31,45 @@
     <!--5: random encoder double encoded -->
     <!--6: random high difficulty encoder -->
 
+    <input into_datastore="challenges" unique_module_list="unique_encoders">
+
+      <encoder type="ascii_reversible">
+        <input into="strings_to_encode">
+          <generator type="flag_generator"/>
+        </input>
+      </encoder>
+
+      <encoder type="alpha_reversible">
+        <input into="strings_to_encode">
+          <generator type="flag_generator"/>
+        </input>
+      </encoder>
+
+      <encoder type="ascii_reversible">
+        <input into="strings_to_encode">
+          <generator type="flag_generator"/>
+        </input>
+      </encoder>
+
+      <encoder type="ascii_reversible">
+        <input into="strings_to_encode">
+          <generator type="flag_generator"/>
+        </input>
+      </encoder>
+
+
+      <encoder type="ascii_reversible">
+        <input into="strings_to_encode">
+          <encoder type="ascii_reversible">
+            <input into="strings_to_encode">
+              <generator type="flag_generator"/>
+            </input>
+          </encoder>
+        </input>
+      </encoder>
+
+    </input>
+
     <!-- Either remote file storage system OR local challenges -->
     <utility module_path=".*parameterised_accounts">
       <input into="accounts">
@@ -47,49 +86,75 @@
           <input into="leaked_filenames">
             <value>ciphertext</value>
           </input>
-          <input into="data_to_leak" unique_module_list="unique_encoders">
-            <!---->
-            <!--<encoder type="ascii_reversible">-->
-              <!--<input into="strings_to_encode">-->
-                <!--<generator type="flag_generator"/>-->
-              <!--</input>-->
-            <!--</encoder>-->
-            <!---->
-            <!--<encoder type="alpha_reversible">-->
-              <!--<input into="strings_to_encode">-->
-                <!--<generator type="flag_generator"/>-->
-              <!--</input>-->
-            <!--</encoder>-->
-            <!---->
-            <!--<encoder type="ascii_reversible">-->
-              <!--<input into="strings_to_encode">-->
-                <!--<generator type="flag_generator"/>-->
-              <!--</input>-->
-            <!--</encoder>-->
-            <!---->
-            <!--<encoder type="ascii_reversible">-->
-              <!--<input into="strings_to_encode">-->
-                <!--<generator type="flag_generator"/>-->
-              <!--</input>-->
-            <!--</encoder>-->
-            <!---->
-            <!--<encoder type="ascii_reversible">-->
-              <!--<input into="strings_to_encode">-->
-                <!--<encoder type="ascii_reversible">-->
-                  <!--<input into="strings_to_encode">-->
-                    <!--<generator type="flag_generator"/>-->
-                  <!--</input>-->
-                <!--</encoder>-->
-              <!--</input>-->
-            <!--</encoder>-->
-            <!---->
+          <input into="data_to_leak">
+            <generator type="leaked_data">
+              <input into="data">
+                <datastore access="0">challenges</datastore>
+              </input>
+              <input into="filename">
+                <value>cipher</value>
+              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_1</value>
+              </input>
+            </generator>
+
+            <generator type="leaked_data">
+              <input into="data">
+                <datastore access="1">challenges</datastore>
+              </input>
+              <input into="filename">
+                <value>cipher</value>
+              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_2</value>
+              </input>
+            </generator>
+
+            <generator type="leaked_data">
+              <input into="data">
+                <datastore access="2">challenges</datastore>
+              </input>
+              <input into="filename">
+                <value>cipher</value>
+              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_3</value>
+              </input>
+            </generator>
+
+            <generator type="leaked_data">
+              <input into="data">
+                <datastore access="3">challenges</datastore>
+              </input>
+              <input into="filename">
+                <value>cipher</value>
+              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_4</value>
+              </input>
+            </generator>
+
+            <generator type="leaked_data">
+              <input into="data">
+                <datastore access="4">challenges</datastore>
+              </input>
+              <input into="filename">
+                <value>cipher</value>
+              </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_5</value>
+              </input>
+            </generator>
 
             <encoder difficulty="high">
               <input into="strings_to_encode">
                 <generator type="flag_generator"/>
               </input>
+              <input into="subdirectory">
+                <value>challenges/challenge_6</value>
+              </input>
             </encoder>
-
           </input>
         </generator>
       </input>