digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 11:18:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #296 from JD2344/web_network_security

Browse Source 
Web and network security, security shepherd and scenarios
This commit is contained in:
Cliffe
2024-01-17 12:21:27 +00:00
committed by GitHub
parent 7a6e9e25fd 83b0547154
commit 7438fd3929
12 changed files with 770 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
modules/generators/structured_content/ss_modules/secgen_local/local.rb
View File

@@ -1,6 +1,7 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_string_generator.rb'
require 'fileutils'
require 'json'
class SSModuleListGenerator < StringGenerator
attr_accessor :filter
@@ -12,22 +13,37 @@ class SSModuleListGenerator < StringGenerator
super
self.module_name = 'Security Shepherd Module Generator'
self.filter = []
self.filter = ''
end
def generate
modules = File.new(TEMPLATE_PATH)
modules_file = File.new(TEMPLATE_PATH)
if not self.filter.empty?
self.filter.each { |criteria|
IO.foreach(modules) { |line|
# Very basic filter to capture matches based on a filter string
if "#{line}".match(criteria)
# Returns string based around the format (search_term)(\s\d)+
self.filter.split(/,/).each { |filter_term|
words = filter_term.match(/[^\d|\n]+/).to_s.strip;
filter_nos = filter_term.split(/\s+/).select!{|item| item.to_s.match?(/\d/)};
modules_file = File.new(TEMPLATE_PATH)
modules_file.each { |line|
if line.include?(words) && filter_nos.size == 0
self.outputs << "#{line}".strip
elsif filter_nos.size > 0
filter_nos.each { |number|
if line.include?(words) && line.include?(number)
self.outputs << "#{line}".strip
end
}
end
}
modules_file.close;
}
else
modules.each { |line| self.outputs << "#{line}".strip}
modules_file.each { |line|
self.outputs << "#{line}".strip;
}
modules_file.close;
end
end
@@ -50,7 +66,7 @@ class SSModuleListGenerator < StringGenerator
OPTIONS:
--filter [String]
"
"
exit
end
end

BIN
modules/vulnerabilities/unix/web_training/security_shepherd/files/ROOT.war
View File

Binary file not shown.

29
modules/vulnerabilities/unix/web_training/security_shepherd/manifests/install.pp
View File

@@ -4,17 +4,16 @@ class security_shepherd::install {
Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }
ensure_packages(['tomcat9', 'mariadb-server', 'openjdk-11-jdk'], {ensure => installed})
service { 'tomcat9':
ensure => running,
name => 'tomcat9',
enable => true,
hasrestart => true,
subscribe => [
File['/var/lib/tomcat9/webapps/ROOT.war'],
],
# Temp fix. Seemed to not be able to generate this...
file { '/etc/ssl/certs/java/':
ensure => directory,
}
-> package { 'install-ca-certs':
name => 'ca-certificates-java',
ensure => installed,
}
ensure_packages(['tomcat9', 'mariadb-server', 'openjdk-11-jdk'], {ensure => installed})
exec { 'remove-default-site':
command => 'rm -rf /var/lib/tomcat9/webapps/*',
@@ -46,4 +45,14 @@ class security_shepherd::install {
source => 'puppet:///modules/security_shepherd/my.cnf',
replace => true,
}
service { 'tomcat9':
ensure => running,
name => 'tomcat9',
enable => true,
hasrestart => true,
subscribe => [
File['/var/lib/tomcat9/webapps/ROOT.war'],
],
}
}

9
modules/vulnerabilities/unix/web_training/security_shepherd/manifests/mariadb.pp
View File

@@ -37,20 +37,17 @@ class security_shepherd::mariadb {
command => "mysql -u ${user} -p${db_pass} < moduleSchemas.sql",
}
file { '/var/lib/tomcat9/webapps/ROOT/WEB-INF/classes/flags':
ensure => present,
ensure => file,
content => template('security_shepherd/flags.erb'),
replace => true,
}
-> file { '/var/lib/tomcat9/webapps/ROOT/WEB-INF/classes/active-modules':
ensure => present,
ensure => file,
content => template('security_shepherd/active-modules.erb'),
replace => true,
notify => Service['tomcat9']
}
# This needs updating? Weird chicanery happens if not used this way
-> exec { 'restart-tom':
exec { 'restart-tom':
command => 'systemctl restart tomcat9',
}
}

6
modules/vulnerabilities/unix/web_training/security_shepherd/templates/coreSchema.sql.erb
View File

@@ -1740,12 +1740,16 @@ CALL cheatSheetCreate('08b3dffd4b837ebe53d52e53b5bbbabf4a4ca9ae', '08b3dffd4b837
COMMIT;
-- Add a secgen class
--call classCreate('secgen1', '2023');
-- Default admin user
-- Use password shepherd-admin
call userCreate(null, 'admin', '$argon2i$v=19$m=65535,t=10,p=1$Z05BaG5SdTZaQ3l2OUJvbA$SN7TyTDF/gd07wi7T96RK8pYgQ', 'admin', null, 'admin@securityShepherd.org', 'login', false, false);
-- Generate a user account
call userCreate(null, '<%= @unix_username %>', '$argon2i$v=19$m=65536,t=10,p=1$7oxgR8QkdOd4tsHFieFKrw$eOy0TCxhY1bQIAbLQcLr9Sz2+4q9DhPTz1frsytgtTk', 'player', null, '<%= @unix_username %> @securityShepherd.org', 'login', true, false);
-- Default password to tiaspbiqe2r
call userCreate(null, '<%= @unix_username %>', '$argon2i$v=19$m=65535,t=10,p=1$c2hlcGhlcmQ$HiyZr2J5J5dRM6HQoHw15A', 'player', null, '<%= @unix_username %>@securityShepherd.org', 'login', true, false);
-- Enable backup script

110
scenarios/labs/web_network_security/WNS_1.xml Normal file
View File

@@ -0,0 +1,110 @@
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>WNS Intro</name>
<author>James Davis</author>
<description>Web and Network Security - Introducing Web security</description>
<type>lab-environment</type>
<type>ctf-lab</type>
<system>
<system_name>wns_server</system_name>
<base distro="Debian 10 Buster amd64" />
<input into_datastore="IP_addresses">
<!-- 0 developer_desktop -->
<value>172.16.0.2</value>
<!-- 1 server -->
<value>172.16.0.3</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<generator type="account">
<input into="username">
<value>shepherd</value>
</input>
<input into="password">
<value>tiaspbiqe2r</value>
</input>
<input into="super_user">
<value>false</value>
</input>
</generator>
</input>
</utility>
<vulnerability module_path=".*/security_shepherd">
<input into="modules">
<generator type="ss_modules">
<input into="filter">
<value>Insecure Direct Object References</value>
</input>
</generator>
</input>
<input into="unix_username">
<value>shepherd</value>
</input>
<input into="flag_store" into_datastore="flag_store">
<generator type="flag_generator">
<input into="iterations">
<value>1</value>
</input>
</generator>
</input>
</vulnerability>
<network type="private_network">
<input into="IP_address">
<datastore access="0">IP_addresses</datastore>
</input>
</network>
</system>
<system>
<system_name>wns_attack</system_name>
<base distro="Kali" name="MSF" />
<input into_datastore="kali_account">
<value>
{"username":"kali","password":"kali","super_user":"true","strings_to_leak":[],"leaked_filenames":[]}</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
</utility>
<vulnerability module_path=".*/webgoat">
<input into="port">
<value>8085</value>
</input>
</vulnerability>
<utility module_path=".*/kali_web" />
<utility module_path=".*/iceweasel">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
<input into="autostart">
<value>true</value>
</input>
<input into="start_page">
<value>http://localhost:8085/WebGoat</value>
</input>
</utility>
<network type="private_network">
<input into="IP_address">
<datastore access="1">IP_addresses</datastore>
</input>
</network>
</system>
</scenario>

108
scenarios/labs/web_network_security/WNS_2.xml Normal file
View File

@@ -0,0 +1,108 @@
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>WNS Intro</name>
<author>James Davis</author>
<description>Web and Network Security - Introducing Web security</description>
<type>lab-environment</type>
<type>ctf-lab</type>
<system>
<system_name>wns_server</system_name>
<base distro="Debian 10 Buster amd64" />
<input into_datastore="IP_addresses">
<!-- 0 developer_desktop -->
<value>172.16.0.2</value>
<!-- 1 server -->
<value>172.16.0.3</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<generator type="account">
<input into="username">
<value>shepherd</value>
</input>
<input into="password">
<value>tiaspbiqe2r</value>
</input>
<input into="super_user">
<value>false</value>
</input>
</generator>
</input>
</utility>
<vulnerability module_path=".*/security_shepherd">
<input into="modules">
<generator type="ss_modules">
<input into="filter">
<value>Session Management 1 2 3 4 5,Valid, Mis</value>
</input>
</generator>
</input>
<input into="unix_username">
<value>shepherd</value>
</input>
<input into="flag_store" into_datastore="flag_store">
<generator type="flag_generator">
<input into="iterations">
<value>10</value>
</input>
</generator>
</input>
</vulnerability>
<network type="private_network">
<input into="IP_address">
<datastore access="0">IP_addresses</datastore>
</input>
</network>
</system>
<system>
<system_name>wns_2</system_name>
<base distro="Kali Linux Rolling" />
<input into_datastore="kali_account">
<value>
{"username":"kali","password":"kali","super_user":"true","strings_to_leak":[],"leaked_filenames":[]}</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
</utility>
<vulnerability module_path=".*/dvwa" />
<vulnerability module_path=".*/webgoat">
<input into="port">
<value>8085</value>
</input>
</vulnerability>
<utility module_path=".*/kali_web" />
<utility module_path=".*/iceweasel">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
<input into="autostart">
<value>true</value>
</input>
<input into="start_page">
<value>http://localhost:8085/WebGoat|http://localhost/</value>
</input>
</utility>
<network type="private_network" range="dhcp" />
</system>
</scenario>

108
scenarios/labs/web_network_security/WNS_3.xml Normal file
View File

@@ -0,0 +1,108 @@
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>WNS Intro</name>
<author>James Davis</author>
<description>Web and Network Security - Cross-Site Scripting</description>
<type>lab-environment</type>
<type>ctf-lab</type>
<system>
<system_name>wns_server</system_name>
<base distro="Debian 10 Buster amd64" />
<input into_datastore="IP_addresses">
<!-- 0 developer_desktop -->
<value>172.16.0.2</value>
<!-- 1 server -->
<value>172.16.0.3</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<generator type="account">
<input into="username">
<value>shepherd</value>
</input>
<input into="password">
<value>tiaspbiqe2r</value>
</input>
<input into="super_user">
<value>false</value>
</input>
</generator>
</input>
</utility>
<vulnerability module_path=".*/security_shepherd">
<input into="modules">
<generator type="ss_modules">
<input into="filter">
<value>Cross 1 2 3 4 5 6</value>
</input>
</generator>
</input>
<input into="unix_username">
<value>shepherd</value>
</input>
<input into="flag_store" into_datastore="flag_store">
<generator type="flag_generator">
<input into="iterations">
<value>6</value>
</input>
</generator>
</input>
</vulnerability>
<network type="private_network">
<input into="IP_address">
<datastore access="0">IP_addresses</datastore>
</input>
</network>
</system>
<system>
<system_name>wns_3</system_name>
<base distro="Kali Linux Rolling" />
<input into_datastore="kali_account">
<value>
{"username":"kali","password":"kali","super_user":"true","strings_to_leak":[],"leaked_filenames":[]}</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
</utility>
<vulnerability module_path=".*/dvwa" />
<vulnerability module_path=".*/webgoat">
<input into="port">
<value>8085</value>
</input>
</vulnerability>
<utility module_path=".*/kali_web" />
<utility module_path=".*/iceweasel">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
<input into="autostart">
<value>true</value>
</input>
<input into="start_page">
<value>http://localhost:8085/WebGoat|http://localhost/</value>
</input>
</utility>
<network type="private_network" range="dhcp" />
</system>
</scenario>

112
scenarios/labs/web_network_security/WNS_4.xml Normal file
View File

@@ -0,0 +1,112 @@
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>WNS Intro</name>
<author>James Davis</author>
<description>Web and Network Security - SQL</description>
<type>lab-environment</type>
<type>ctf-lab</type>
<system>
<system_name>wns_server</system_name>
<base distro="Debian 10 Buster amd64" />
<input into_datastore="IP_addresses">
<!-- 0 developer_desktop -->
<value>172.16.0.2</value>
<!-- 1 server -->
<value>172.16.0.3</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<generator type="account">
<input into="username">
<value>shepherd</value>
</input>
<input into="password">
<value>tiaspbiqe2r</value>
</input>
<input into="super_user">
<value>false</value>
</input>
</generator>
</input>
</utility>
<vulnerability module_path=".*/security_shepherd">
<input into="modules">
<generator type="ss_modules">
<input into="filter">
<value>Session 6 7 8,SQL 1 2 3 4 5 6 7,Escaping</value>
</input>
</generator>
</input>
<input into="unix_username">
<value>shepherd</value>
</input>
<input into="flag_store" into_datastore="flag_store">
<generator type="flag_generator">
<input into="iterations">
<value>11</value>
</input>
</generator>
</input>
</vulnerability>
<network type="private_network">
<input into="IP_address">
<datastore access="0">IP_addresses</datastore>
</input>
</network>
</system>
<system>
<system_name>wns_intro</system_name>
<base distro="Kali" name="MSF" />
<input into_datastore="kali_account">
<value>
{"username":"kali","password":"kali","super_user":"true","strings_to_leak":[],"leaked_filenames":[]}</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
</utility>
<vulnerability module_path=".*/dvwa" />
<vulnerability module_path=".*/webgoat">
<input into="port">
<value>8085</value>
</input>
</vulnerability>
<utility module_path=".*/kali_web" />
<utility module_path=".*/iceweasel">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
<input into="autostart">
<value>true</value>
</input>
<input into="start_page">
<value>http://localhost:8085/WebGoat</value>
</input>
</utility>
<network type="private_network">
<input into="IP_address">
<datastore access="1">IP_addresses</datastore>
</input>
</network>
</system>
</scenario>

112
scenarios/labs/web_network_security/WNS_5.xml Normal file
View File

@@ -0,0 +1,112 @@
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>WNS Intro</name>
<author>James Davis</author>
<description>Web and Network Security - Advanced Injection</description>
<type>lab-environment</type>
<type>ctf-lab</type>
<system>
<system_name>wns_server</system_name>
<base distro="Debian 10 Buster amd64" />
<input into_datastore="IP_addresses">
<!-- 0 developer_desktop -->
<value>172.16.0.2</value>
<!-- 1 server -->
<value>172.16.0.3</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<generator type="account">
<input into="username">
<value>shepherd</value>
</input>
<input into="password">
<value>tiaspbiqe2r</value>
</input>
<input into="super_user">
<value>false</value>
</input>
</generator>
</input>
</utility>
<vulnerability module_path=".*/security_shepherd">
<input into="modules">
<generator type="ss_modules">
<input into="filter">
<value>Failure</value>
</input>
</generator>
</input>
<input into="unix_username">
<value>shepherd</value>
</input>
<input into="flag_store" into_datastore="flag_store">
<generator type="flag_generator">
<input into="iterations">
<value>4</value>
</input>
</generator>
</input>
</vulnerability>
<network type="private_network">
<input into="IP_address">
<datastore access="0">IP_addresses</datastore>
</input>
</network>
</system>
<system>
<system_name>wns_intro</system_name>
<base distro="Kali" name="MSF" />
<input into_datastore="kali_account">
<value>
{"username":"kali","password":"kali","super_user":"true","strings_to_leak":[],"leaked_filenames":[]}</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
</utility>
<vulnerability module_path=".*/dvwa" />
<vulnerability module_path=".*/webgoat">
<input into="port">
<value>8085</value>
</input>
</vulnerability>
<utility module_path=".*/kali_web" />
<utility module_path=".*/iceweasel">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
<input into="autostart">
<value>true</value>
</input>
<input into="start_page">
<value>http://localhost:8085/WebGoat</value>
</input>
</utility>
<network type="private_network">
<input into="IP_address">
<datastore access="1">IP_addresses</datastore>
</input>
</network>
</system>
</scenario>

112
scenarios/labs/web_network_security/WNS_6.xml Normal file
View File

@@ -0,0 +1,112 @@
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>WNS Intro</name>
<author>James Davis</author>
<description>Web and Network Security - Cross-Site Request Forgery</description>
<type>lab-environment</type>
<type>ctf-lab</type>
<system>
<system_name>wns_server</system_name>
<base distro="Debian 10 Buster amd64" />
<input into_datastore="IP_addresses">
<!-- 0 developer_desktop -->
<value>172.16.0.2</value>
<!-- 1 server -->
<value>172.16.0.3</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<generator type="account">
<input into="username">
<value>shepherd</value>
</input>
<input into="password">
<value>tiaspbiqe2r</value>
</input>
<input into="super_user">
<value>false</value>
</input>
</generator>
</input>
</utility>
<vulnerability module_path=".*/security_shepherd">
<input into="modules">
<generator type="ss_modules">
<input into="filter">
<value>CSRF</value>
</input>
</generator>
</input>
<input into="unix_username">
<value>shepherd</value>
</input>
<input into="flag_store" into_datastore="flag_store">
<generator type="flag_generator">
<input into="iterations">
<value>8</value>
</input>
</generator>
</input>
</vulnerability>
<network type="private_network">
<input into="IP_address">
<datastore access="0">IP_addresses</datastore>
</input>
</network>
</system>
<system>
<system_name>wns_intro</system_name>
<base distro="Kali" name="MSF" />
<input into_datastore="kali_account">
<value>
{"username":"kali","password":"kali","super_user":"true","strings_to_leak":[],"leaked_filenames":[]}</value>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
</utility>
<vulnerability module_path=".*/dvwa" />
<vulnerability module_path=".*/webgoat">
<input into="port">
<value>8085</value>
</input>
</vulnerability>
<utility module_path=".*/kali_web" />
<utility module_path=".*/iceweasel">
<input into="accounts">
<datastore>kali_account</datastore>
</input>
<input into="autostart">
<value>true</value>
</input>
<input into="start_page">
<value>http://localhost:8085/WebGoat</value>
</input>
</utility>
<network type="private_network">
<input into="IP_address">
<datastore access="1">IP_addresses</datastore>
</input>
</network>
</system>
</scenario>

57
scenarios/labs/web_network_security/WNS_8.xml Normal file
View File

@@ -0,0 +1,57 @@
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>WNS Intro</name>
<author>James Davis</author>
<description>Web and Network Security - Packet analysis, firewalls and VPNs</description>
<type>lab-environment</type>
<type>ctf-lab</type>
<system>
<system_name>wns_server</system_name>
<base distro="Debian 10 Buster amd64" />
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<generator type="account">
<input into="username">
<value>shepherd</value>
</input>
<input into="password">
<value>tiaspbiqe2r</value>
</input>
<input into="super_user">
<value>false</value>
</input>
</generator>
</input>
</utility>
<vulnerability module_path=".*/security_shepherd">
<input into="modules">
<generator type="ss_modules">
<input into="filter">
<value>Insecure C 1 2 3,Unv</value>
</input>
</generator>
</input>
<input into="unix_username">
<value>shepherd</value>
</input>
<input into="flag_store" into_datastore="flag_store">
<generator type="flag_generator">
<input into="iterations">
<value>4</value>
</input>
</generator>
</input>
</vulnerability>
<network type="private_network" range="dhcp" />
</system>
</scenario>