Vignere Cipher - Takes strings_to_encode and encryption_key, outputs: KEY_CIPHERTEXT

modules/encoders/cipher/vignere/secgen_local/local.rb

@@ -0,0 +1,56 @@
+#!/usr/bin/ruby
+# Encryption algorithm code from http://rosettacode.org/wiki/Vigen%C3%A8re_cipher#Ruby
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+class VignereCipher < StringEncoder
+  attr_accessor :encryption_key
+
+  def initialize
+    super
+    self.module_name = 'Vignere Cipher Encoder'
+    self.encryption_key = ''
+  end
+
+  BASE = 'A'.ord
+  SIZE = 'Z'.ord - BASE + 1
+
+  def encrypt(text, key)
+    crypt(text, key, :+)
+  end
+
+  def decrypt(text, key)
+    crypt(text, key, :-)
+  end
+
+  def crypt(text, key, dir)
+    text = text.upcase.gsub(/[^A-Z]/, '')
+    key_iterator = key.upcase.gsub(/[^A-Z]/, '').chars.map{|c| c.ord - BASE}.cycle
+    text.each_char.inject('') do |ciphertext, char|
+      offset = key_iterator.next
+      ciphertext << ((char.ord - BASE).send(dir, offset) % SIZE + BASE).chr
+    end
+  end
+
+  def encode(str)
+    self.encryption_key + '_' + encrypt(str, self.encryption_key)
+  end
+
+  def process_options(opt, arg)
+    super
+    case opt
+      # Removes any non-alphabet characters
+      when '--encryption_key'
+        self.encryption_key << arg.upcase.gsub(/[^A-Z]/, '');
+    end
+  end
+
+  def get_options_array
+    super + [['--encryption_key', GetoptLong::REQUIRED_ARGUMENT]]
+  end
+
+  def encoding_print_string
+    'strings_to_encode: ' + self.strings_to_encode.to_s + ',
+    encryption_key: ' + self.encryption_key.to_s
+  end
+end
+
+VignereCipher.new.run

modules/encoders/cipher/vignere/secgen_metadata.xml

@@ -0,0 +1,37 @@
+<?xml version="1.0"?>
+
+<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+  <name>Vignere Cipher</name>
+  <author>Thomas Shaw</author>
+  <module_license>MIT</module_license>
+  <description>The Vignere cipher is a type of polyalphabetic cipher, a square table of alphabets shifted 1 space on
+    each row (aka a 'tabula recta').
+
+    The encryption key is repeated for the length of the string being encoded. To encrypt, select the column with the
+    letter to encode and pick the row which the corresponds with the current position in the encryption key and find
+    where they intercept.
+  </description>
+
+  <type>vignere_cipher</type>
+  <type>alpha_reversable</type>
+  <type>cipher_encoder</type>
+  <platform>linux</platform>
+  <platform>windows</platform>
+
+  <reference>http://www.cs.mtu.edu/~shene/NSF-4/Tutorial/VIG/Vig-Base.html</reference>
+  <reference>http://rosettacode.org/wiki/Vigen%C3%A8re_cipher#Ruby</reference>
+
+  <read_fact>strings_to_encode</read_fact>
+  <read_fact>encryption_key</read_fact>
+
+  <default_input into="strings_to_encode">
+    <generator type="flag_generator"/>
+  </default_input>
+  <default_input into="encryption_key">
+    <generator type="random_word.*"/>
+  </default_input>
+
+  <output_type>encoded_strings_and_keys</output_type>
+</encoder>

scenarios/examples/parameterised_examples/encoder_examples/vignere_cipher.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0"?>
+
+<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
+	   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	   xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
+
+	<system>
+		<system_name>example_server</system_name>
+		<base platform="linux"/>
+
+		<!--select a vulnerability that leaks strings-->
+		<vulnerability read_fact="strings_to_leak">
+			<input into="strings_to_leak">
+				<encoder type="vignere_cipher"/>
+			</input>
+		</vulnerability>
+		<network type="private_network" range="dhcp"/>
+	</system>
+
+</scenario>