digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-20 13:50:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rework: Moved hello_world to messages. Changed write_fact to output_type. Updated PATH constants to DIR. Changed string generators to more specific message_generator in strings_to_leak.

Browse Source
This commit is contained in:
thomashaw
2016-12-05 17:15:55 +00:00
parent 733c871072
commit 7d7d2e2677
45 changed files with 81 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
documentation/yard/rakefile.rb
View File

@@ -16,7 +16,7 @@ task :yard do
t.options = [ t.options = [
"--title=SecGen #{VERSION_NUMBER} Documentation", "--title=SecGen #{VERSION_NUMBER} Documentation",
"--readme=#{ROOT_DIR}/README.md", "--readme=#{ROOT_DIR}/README.md",
"--output-dir #{DOCUMENTATION_PATH}" "--output-dir #{DOCUMENTATION_DIR}"
] # optional ] # optional
t.stats_options = ['--list-undoc'] # optional t.stats_options = ['--list-undoc'] # optional
end end
@@ -28,5 +28,5 @@ task :yard_clean do
# NEED TO FIND A BETTER WAY TO CLEAN FILES AS VULNERABILITIES IN 'rm_rf' # NEED TO FIND A BETTER WAY TO CLEAN FILES AS VULNERABILITIES IN 'rm_rf'
# Remove the documentation directory and all files in it # Remove the documentation directory and all files in it
rm_rf(DOCUMENTATION_PATH) rm_rf(DOCUMENTATION_DIR)
end end

30
lib/helpers/constants.rb
View File

@@ -1,4 +1,4 @@
## FILE / PATH CONSTANTS ## ## FILE / DIR CONSTANTS ##
# Root directory of SecGen file structure # Root directory of SecGen file structure
ROOT_DIR = File.expand_path('../../../',__FILE__) ROOT_DIR = File.expand_path('../../../',__FILE__)
@@ -21,25 +21,25 @@ BUILDS_SCHEMA_FILE = "#{ROOT_DIR}/lib/schemas/build_metadata_schema.xsd"
PROJECTS_DIR = "#{ROOT_DIR}/projects" PROJECTS_DIR = "#{ROOT_DIR}/projects"
# Path to environments directory # Path to environments directory
ENVIRONMENTS_PATH = "#{ROOT_DIR}/modules/build/environments" ENVIRONMENTS_DIR = "#{ROOT_DIR}/modules/build/environments"
# Path to modules directories # Path to modules directories
MODULES_PATH = "#{ROOT_DIR}/modules/" MODULES_DIR = "#{ROOT_DIR}/modules/"
VULNERABILITIES_PATH = "#{MODULES_PATH}vulnerabilities/" VULNERABILITIES_DIR = "#{MODULES_DIR}vulnerabilities/"
SERVICES_PATH = "#{MODULES_PATH}services/" SERVICES_DIR = "#{MODULES_DIR}services/"
UTILITIES_PATH = "#{MODULES_PATH}utilities/" UTILITIES_DIR = "#{MODULES_DIR}utilities/"
GENERATORS_PATH = "#{MODULES_PATH}generators/" GENERATORS_DIR = "#{MODULES_DIR}generators/"
ENCODERS_PATH = "#{MODULES_PATH}encoders/" ENCODERS_DIR = "#{MODULES_DIR}encoders/"
NETWORKS_PATH = "#{MODULES_PATH}networks/" NETWORKS_DIR = "#{MODULES_DIR}networks/"
BASES_PATH = "#{MODULES_PATH}bases/" BASES_DIR = "#{MODULES_DIR}bases/"
BUILDS_PATH = "#{MODULES_PATH}build/" BUILDS_DIR = "#{MODULES_DIR}build/"
MODULE_LOCAL_CALC_PATH = '/secgen_local/local.rb' MODULE_LOCAL_CALC_DIR = '/secgen_local/local.rb'
# Path to documentation (Make sure documentation directory is already deleted with rake yard_clean before changing this) # Path to documentation (Make sure documentation directory is already deleted with rake yard_clean before changing this)
DOCUMENTATION_PATH = "#{ROOT_DIR}/documentation/yard/doc" DOCUMENTATION_DIR = "#{ROOT_DIR}/documentation/yard/doc"
# Path to resources # Path to resources
WORDLISTS_PATH = "#{ROOT_DIR}/lib/resources/wordlists" WORDLISTS_DIR = "#{ROOT_DIR}/lib/resources/wordlists"
## VAGRANT FILE CONSTANTS ## ## VAGRANT FILE CONSTANTS ##
@@ -47,7 +47,7 @@ WORDLISTS_PATH = "#{ROOT_DIR}/lib/resources/wordlists"
ARRAY_STRINGIFY_SEPARATOR = '_~:~_' ARRAY_STRINGIFY_SEPARATOR = '_~:~_'
# Path to cleanup directory # Path to cleanup directory
PATH_TO_CLEANUP = "#{ROOT_DIR}/modules/build/puppet/" CLEANUP_DIR = "#{ROOT_DIR}/modules/build/puppet/"
# Path to Vagrantfile.erb file # Path to Vagrantfile.erb file
VAGRANT_TEMPLATE_FILE = "#{ROOT_DIR}/lib/templates/Vagrantfile.erb" VAGRANT_TEMPLATE_FILE = "#{ROOT_DIR}/lib/templates/Vagrantfile.erb"

18
lib/readers/module_reader.rb
View File

@@ -8,42 +8,42 @@ class ModuleReader
# reads in all bases # reads in all bases
def self.read_bases def self.read_bases
return read_modules('base', BASES_PATH, BASE_SCHEMA_FILE, false) return read_modules('base', BASES_DIR, BASE_SCHEMA_FILE, false)
end end
# reads in all build modules # reads in all build modules
def self.read_builds def self.read_builds
return read_modules('build', BUILDS_PATH, BUILDS_SCHEMA_FILE, false) #Continue this tomorrow return read_modules('build', BUILDS_DIR, BUILDS_SCHEMA_FILE, false) #Continue this tomorrow
end end
# reads in all vulnerability modules # reads in all vulnerability modules
def self.read_vulnerabilities def self.read_vulnerabilities
return read_modules('vulnerability', VULNERABILITIES_PATH, VULNERABILITY_SCHEMA_FILE, true) return read_modules('vulnerability', VULNERABILITIES_DIR, VULNERABILITY_SCHEMA_FILE, true)
end end
# reads in all services # reads in all services
def self.read_services def self.read_services
return read_modules('service', SERVICES_PATH, SERVICE_SCHEMA_FILE, true) return read_modules('service', SERVICES_DIR, SERVICE_SCHEMA_FILE, true)
end end
# reads in all utilities # reads in all utilities
def self.read_utilities def self.read_utilities
return read_modules('utility', UTILITIES_PATH, UTILITY_SCHEMA_FILE, true) return read_modules('utility', UTILITIES_DIR, UTILITY_SCHEMA_FILE, true)
end end
# reads in all utilities # reads in all utilities
def self.read_generators def self.read_generators
return read_modules('generator', GENERATORS_PATH, GENERATOR_SCHEMA_FILE, true) return read_modules('generator', GENERATORS_DIR, GENERATOR_SCHEMA_FILE, true)
end end
# reads in all utilities # reads in all utilities
def self.read_encoders def self.read_encoders
return read_modules('encoder', ENCODERS_PATH, ENCODER_SCHEMA_FILE, true) return read_modules('encoder', ENCODERS_DIR, ENCODER_SCHEMA_FILE, true)
end end
# reads in all networks # reads in all networks
def self.read_networks def self.read_networks
return read_modules('network', NETWORKS_PATH, NETWORK_SCHEMA_FILE, false) return read_modules('network', NETWORKS_DIR, NETWORK_SCHEMA_FILE, false)
end end
# reads in xml files to create modules # reads in xml files to create modules
@@ -99,7 +99,7 @@ class ModuleReader
new_module.puppet_other_path = "#{ROOT_DIR}/#{module_path}/manifests" new_module.puppet_other_path = "#{ROOT_DIR}/#{module_path}/manifests"
# save executable path of any pre-calculation for outputs # save executable path of any pre-calculation for outputs
local = "#{module_path}#{MODULE_LOCAL_CALC_PATH}" local = "#{module_path}#{MODULE_LOCAL_CALC_DIR}"
if File.file?(local) if File.file?(local)
new_module.local_calc_file = local new_module.local_calc_file = local
end end

2
lib/schemas/encoder_metadata_schema.xsd
View File

@@ -38,7 +38,7 @@
<!--I/O: an encoder writes it's output to one fact, and reads from one or more--> <!--I/O: an encoder writes it's output to one fact, and reads from one or more-->
<xs:element name="read_fact" type="xs:string" minOccurs="1" maxOccurs="unbounded"/> <xs:element name="read_fact" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
<xs:element name="write_fact" type="xs:string" minOccurs="1" maxOccurs="1"/> <xs:element name="output_type" type="xs:string" minOccurs="1" maxOccurs="1"/>
<!-- cannot co-exist with a system matching ALL of the optionally specified values (can be repeated for OR)--> <!-- cannot co-exist with a system matching ALL of the optionally specified values (can be repeated for OR)-->
<xs:element name="conflict" minOccurs="0" maxOccurs="unbounded"> <xs:element name="conflict" minOccurs="0" maxOccurs="unbounded">

2
lib/schemas/generator_metadata_schema.xsd
View File

@@ -37,7 +37,7 @@
<xs:element name="software_license" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> <xs:element name="software_license" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
<!--I/O: a generator writes it's output to one fact--> <!--I/O: a generator writes it's output to one fact-->
<xs:element name="write_fact" type="xs:string" minOccurs="1" maxOccurs="1"/> <xs:element name="output_type" type="xs:string" minOccurs="1" maxOccurs="1"/>
<!-- cannot co-exist with a system matching ALL of the optionally specified values (can be repeated for OR)--> <!-- cannot co-exist with a system matching ALL of the optionally specified values (can be repeated for OR)-->
<xs:element name="conflict" minOccurs="0" maxOccurs="unbounded"> <xs:element name="conflict" minOccurs="0" maxOccurs="unbounded">

4
lib/templates/Vagrantfile.erb
View File

@@ -57,7 +57,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
} }
<% end -%> <% end -%>
<%=module_name%>.module_path = "<%="puppet/#{system.name}/modules"%>" <%=module_name%>.module_path = "<%="puppet/#{system.name}/modules"%>"
<%=module_name%>.environment_path = "<%="#{ENVIRONMENTS_PATH}"%>" <%=module_name%>.environment_path = "<%="#{ENVIRONMENTS_DIR}"%>"
<%=module_name%>.environment = "production" <%=module_name%>.environment = "production"
<%=module_name%>.manifests_path = "<%="#{ROOT_DIR}/#{selected_module.module_path}/"%>" <%=module_name%>.manifests_path = "<%="#{ROOT_DIR}/#{selected_module.module_path}/"%>"
<%=module_name%>.manifest_file = "<%="#{selected_module.module_path_end}.pp"%>" <%=module_name%>.manifest_file = "<%="#{selected_module.module_path_end}.pp"%>"
@@ -69,7 +69,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# # clean up script which clears history from the VMs and clobs files together # # clean up script which clears history from the VMs and clobs files together
# <%= system.name %>.vm.provision "puppet" do |cleanup| # <%= system.name %>.vm.provision "puppet" do |cleanup|
# cleanup.module_path = "<%="#{ROOT_DIR}/mount/puppet/module"%>" # cleanup.module_path = "<%="#{ROOT_DIR}/mount/puppet/module"%>"
# cleanup.environment_path = "<%="#{ENVIRONMENTS_PATH}"%>" # cleanup.environment_path = "<%="#{ENVIRONMENTS_DIR}"%>"
# cleanup.environment = "production" # cleanup.environment = "production"
# cleanup.manifests_path = "<%="#{ROOT_DIR}/mount/puppet/manifest"%>" # cleanup.manifests_path = "<%="#{ROOT_DIR}/mount/puppet/manifest"%>"
# cleanup.manifest_file = "cleanup.pp" # cleanup.manifest_file = "cleanup.pp"

2
modules/encoders/account/account_hash_builder/secgen_metadata.xml
View File

@@ -21,5 +21,5 @@
<!-- TODO: This encoder should have default values so that we can omit a default input --> <!-- TODO: This encoder should have default values so that we can omit a default input -->
<write_fact>account</write_fact> <output_type>account</output_type>
</encoder> </encoder>

2
modules/encoders/selector/random_string_selector/secgen_metadata.xml
View File

@@ -15,5 +15,5 @@
<read_fact>strings_to_encode</read_fact> <read_fact>strings_to_encode</read_fact>
<write_fact>selected_string</write_fact> <output_type>selected_string</output_type>
</encoder> </encoder>

2
modules/encoders/string/1337/secgen_metadata.xml
View File

@@ -14,6 +14,6 @@
<read_fact>strings_to_encode</read_fact> <read_fact>strings_to_encode</read_fact>
<write_fact>encoded_strings</write_fact> <output_type>encoded_strings</output_type>
</encoder> </encoder>

8
modules/encoders/string/base64/secgen_metadata.xml
View File

@@ -32,14 +32,8 @@
<!--valid_match="retain_caps|lower|upper" default_value="retain_caps"--> <!--valid_match="retain_caps|lower|upper" default_value="retain_caps"-->
<read_fact>base64_options</read_fact> <read_fact>base64_options</read_fact>
<write_fact>encoded_strings</write_fact> <output_type>encoded_strings</output_type>
<!-- ensure a module has prepared input -->
<!-- <require>
<write_fact>strings_to_encode</write_fact>
</require>-->
<!--Cannot co-exist with other installations--> <!--Cannot co-exist with other installations-->
<!-- <conflict> <!-- <conflict>
<software_name>proftpd</software_name> <software_name>proftpd</software_name>

8
modules/encoders/string/rot13/secgen_metadata.xml
View File

@@ -33,14 +33,8 @@
<!--valid_match="retain_caps|lower|upper" default_value="retain_caps"--> <!--valid_match="retain_caps|lower|upper" default_value="retain_caps"-->
<read_fact>rot13_options</read_fact> <read_fact>rot13_options</read_fact>
<write_fact>encoded_strings</write_fact> <output_type>encoded_strings</output_type>
<!-- ensure a module has prepared input -->
<!-- <require>
<write_fact>strings_to_encode</write_fact>
</require>-->
<!--Cannot co-exist with other installations--> <!--Cannot co-exist with other installations-->
<!-- <conflict> <!-- <conflict>
<software_name>proftpd</software_name> <software_name>proftpd</software_name>

2
modules/generators/filenames/leaked_filename/secgen_metadata.xml
View File

@@ -14,5 +14,5 @@
<platform>linux</platform> <platform>linux</platform>
<platform>windows</platform> <platform>windows</platform>
<write_fact>generated_strings</write_fact> <output_type>generated_strings</output_type>
</generator> </generator>

2
modules/generators/filenames/storage_directory/secgen_metadata.xml
View File

@@ -14,5 +14,5 @@
<platform>linux</platform> <platform>linux</platform>
<platform>windows</platform> <platform>windows</platform>
<write_fact>generated_strings</write_fact> <output_type>generated_strings</output_type>
</generator> </generator>

2
modules/generators/flag/flag_base64/secgen_metadata.xml
View File

@@ -15,6 +15,6 @@
<reference>http://ruby-doc.org/stdlib-2.2.2/libdoc/securerandom/rdoc/SecureRandom.html#method-c-base64</reference> <reference>http://ruby-doc.org/stdlib-2.2.2/libdoc/securerandom/rdoc/SecureRandom.html#method-c-base64</reference>
<write_fact>generated_strings</write_fact> <output_type>generated_strings</output_type>
</generator> </generator>

2
modules/generators/flag/flag_hex/secgen_metadata.xml
View File

@@ -15,6 +15,6 @@
<reference>http://ruby-doc.org/stdlib-2.2.2/libdoc/securerandom/rdoc/SecureRandom.html#method-c-hex</reference> <reference>http://ruby-doc.org/stdlib-2.2.2/libdoc/securerandom/rdoc/SecureRandom.html#method-c-hex</reference>
<write_fact>generated_strings</write_fact> <output_type>generated_strings</output_type>
</generator> </generator>

2
modules/generators/flag/flag_words/secgen_metadata.xml
View File

@@ -16,6 +16,6 @@
<reference>https://github.com/sophsec/wordlist</reference> <reference>https://github.com/sophsec/wordlist</reference>
<reference>http://wordlist.sourceforge.net/</reference> <reference>http://wordlist.sourceforge.net/</reference>
<write_fact>generated_strings</write_fact> <output_type>generated_strings</output_type>
</generator> </generator>

0
modules/generators/hello_world/hello_world.pp → modules/generators/messages/hello_world/hello_world.pp
View File

0
modules/generators/hello_world/lib/facter/generated_strings.rb → modules/generators/messages/hello_world/lib/facter/generated_strings.rb
View File

0
modules/generators/hello_world/manifests/.no_puppet → modules/generators/messages/hello_world/manifests/.no_puppet
View File

2
modules/generators/hello_world/secgen_local/local.rb → modules/generators/messages/hello_world/secgen_local/local.rb
View File

@@ -1,5 +1,5 @@
#!/usr/bin/ruby #!/usr/bin/ruby
require_relative '../../../../lib/objects/local_string_generator.rb' require_relative '../../../../../lib/objects/local_string_generator.rb'
class HelloWorldGenerator < StringGenerator class HelloWorldGenerator < StringGenerator
def initialize def initialize
super super

2
modules/generators/hello_world/secgen_metadata.xml → modules/generators/messages/hello_world/secgen_metadata.xml
View File

@@ -14,6 +14,6 @@
<platform>linux</platform> <platform>linux</platform>
<platform>windows</platform> <platform>windows</platform>
<write_fact>generated_strings</write_fact> <output_type>generated_strings</output_type>
</generator> </generator>

2
modules/generators/messages/welcome_message/secgen_metadata.xml
View File

@@ -14,5 +14,5 @@
<platform>linux</platform> <platform>linux</platform>
<platform>windows</platform> <platform>windows</platform>
<write_fact>generated_strings</write_fact> <output_type>generated_strings</output_type>
</generator> </generator>

2
modules/generators/random/random_base64/secgen_metadata.xml
View File

@@ -15,6 +15,6 @@
<reference>http://ruby-doc.org/stdlib-2.2.2/libdoc/securerandom/rdoc/SecureRandom.html#method-c-base64</reference> <reference>http://ruby-doc.org/stdlib-2.2.2/libdoc/securerandom/rdoc/SecureRandom.html#method-c-base64</reference>
<write_fact>generated_strings</write_fact> <output_type>generated_strings</output_type>
</generator> </generator>

2
modules/generators/random/random_boolean/secgen_metadata.xml
View File

@@ -13,6 +13,6 @@
<platform>linux</platform> <platform>linux</platform>
<platform>windows</platform> <platform>windows</platform>
<write_fact>generated_boolean</write_fact> <output_type>generated_boolean</output_type>
</generator> </generator>

2
modules/generators/random/random_common_password/secgen_local/local.rb
View File

@@ -8,7 +8,7 @@ class CommonPasswordGenerator < StringGenerator
end end
def generate def generate
self.outputs << File.readlines("#{WORDLISTS_PATH}/10_million_password_list_top_100").sample.chomp self.outputs << File.readlines("#{WORDLISTS_DIR}/10_million_password_list_top_100").sample.chomp
end end
end end

2
modules/generators/random/random_common_password/secgen_metadata.xml
View File

@@ -17,6 +17,6 @@
<reference>https://github.com/danielmiessler/SecLists</reference> <reference>https://github.com/danielmiessler/SecLists</reference>
<write_fact>generated_passwords</write_fact> <output_type>generated_passwords</output_type>
</generator> </generator>

2
modules/generators/random/random_hex/secgen_metadata.xml
View File

@@ -15,6 +15,6 @@
<reference>http://ruby-doc.org/stdlib-2.2.2/libdoc/securerandom/rdoc/SecureRandom.html#method-c-hex</reference> <reference>http://ruby-doc.org/stdlib-2.2.2/libdoc/securerandom/rdoc/SecureRandom.html#method-c-hex</reference>
<write_fact>generated_strings</write_fact> <output_type>generated_strings</output_type>
</generator> </generator>

8
modules/generators/random/random_medium_password/secgen_local/local.rb
View File

@@ -8,10 +8,10 @@ class MediumPasswordGenerator < StringGenerator
end end
def generate def generate
nouns = File.readlines("#{WORDLISTS_PATH}/nouns") nouns = File.readlines("#{WORDLISTS_DIR}/nouns")
adjectives = File.readlines("#{WORDLISTS_PATH}/adjectives") adjectives = File.readlines("#{WORDLISTS_DIR}/adjectives")
male_names = File.readlines("#{WORDLISTS_PATH}/top_usa_male_names") male_names = File.readlines("#{WORDLISTS_DIR}/top_usa_male_names")
female_names = File.readlines("#{WORDLISTS_PATH}/top_usa_female_names") female_names = File.readlines("#{WORDLISTS_DIR}/top_usa_female_names")
all_words = adjectives + nouns + male_names + female_names all_words = adjectives + nouns + male_names + female_names

2
modules/generators/random/random_medium_password/secgen_metadata.xml
View File

@@ -15,6 +15,6 @@
<reference>https://github.com/danielmiessler/SecLists</reference> <reference>https://github.com/danielmiessler/SecLists</reference>
<write_fact>generated_passwords</write_fact> <output_type>generated_passwords</output_type>
</generator> </generator>

2
modules/generators/random/random_strong_password/secgen_metadata.xml
View File

@@ -13,6 +13,6 @@
<platform>linux</platform> <platform>linux</platform>
<platform>windows</platform> <platform>windows</platform>
<write_fact>generated_passwords</write_fact> <output_type>generated_passwords</output_type>
</generator> </generator>

4
modules/generators/random/random_username/secgen_local/local.rb
View File

@@ -10,8 +10,8 @@ class WordGenerator < StringGenerator
# Generate a username based on a random adjective and a random noun # Generate a username based on a random adjective and a random noun
def generate def generate
# Load adjectives + nouns # Load adjectives + nouns
adjectives = File.readlines("#{WORDLISTS_PATH}/adjectives") adjectives = File.readlines("#{WORDLISTS_DIR}/adjectives")
nouns = File.readlines("#{WORDLISTS_PATH}/nouns") nouns = File.readlines("#{WORDLISTS_DIR}/nouns")
# Maximum length username: 20 characters # Maximum length username: 20 characters
max_username_length = 20 max_username_length = 20

2
modules/generators/random/random_username/secgen_metadata.xml
View File

@@ -16,6 +16,6 @@
<reference>https://github.com/aaronbassett/Pass-phrase/adjectives.txt</reference> <reference>https://github.com/aaronbassett/Pass-phrase/adjectives.txt</reference>
<reference>https://github.com/aaronbassett/Pass-phrase/nouns.txt</reference> <reference>https://github.com/aaronbassett/Pass-phrase/nouns.txt</reference>
<write_fact>generated_username</write_fact> <output_type>generated_username</output_type>
</generator> </generator>

6
modules/generators/random/random_weak_password/secgen_local/local.rb
View File

@@ -8,9 +8,9 @@ class WeakPasswordGenerator < StringGenerator
end end
def generate def generate
nouns = File.readlines("#{WORDLISTS_PATH}/nouns") nouns = File.readlines("#{WORDLISTS_DIR}/nouns")
male_names = File.readlines("#{WORDLISTS_PATH}/top_usa_male_names") male_names = File.readlines("#{WORDLISTS_DIR}/top_usa_male_names")
female_names = File.readlines("#{WORDLISTS_PATH}/top_usa_female_names") female_names = File.readlines("#{WORDLISTS_DIR}/top_usa_female_names")
all_words = nouns + male_names + female_names all_words = nouns + male_names + female_names

2
modules/generators/random/random_weak_password/secgen_metadata.xml
View File

@@ -15,6 +15,6 @@
<reference>https://github.com/danielmiessler/SecLists</reference> <reference>https://github.com/danielmiessler/SecLists</reference>
<write_fact>generated_passwords</write_fact> <output_type>generated_passwords</output_type>
</generator> </generator>

2
modules/generators/random/random_word/secgen_local/local.rb
View File

@@ -8,7 +8,7 @@ class WordGenerator < StringGenerator
end end
def generate def generate
self.outputs << File.readlines("#{WORDLISTS_PATH}/wordlist").sample.chomp self.outputs << File.readlines("#{WORDLISTS_DIR}/wordlist").sample.chomp
end end
end end

2
modules/generators/random/random_word/secgen_metadata.xml
View File

@@ -16,6 +16,6 @@
<reference>https://github.com/sophsec/wordlist</reference> <reference>https://github.com/sophsec/wordlist</reference>
<reference>http://wordlist.sourceforge.net/</reference> <reference>http://wordlist.sourceforge.net/</reference>
<write_fact>generated_strings</write_fact> <output_type>generated_strings</output_type>
</generator> </generator>

4
modules/vulnerabilities/unix/ftp/proftpd_133c_backdoor/secgen_metadata.xml
View File

@@ -25,8 +25,8 @@
</default_input> </default_input>
<default_input into="strings_to_leak"> <default_input into="strings_to_leak">
<generator type="string_generator"/> <generator type="message_generator"/>
<generator type="string_generator"/> <generator type="message_generator"/>
</default_input> </default_input>
<default_input into="welcome_msg"> <default_input into="welcome_msg">

4
modules/vulnerabilities/unix/irc/unrealirc_3281_backdoor/secgen_metadata.xml
View File

@@ -26,8 +26,8 @@
<read_fact>motd</read_fact> <read_fact>motd</read_fact>
<default_input into="strings_to_leak"> <default_input into="strings_to_leak">
<generator type="string_generator"/> <generator type="message_generator"/>
<generator type="string_generator"/> <generator type="message_generator"/>
</default_input> </default_input>
<default_input into="leaked_filename"> <default_input into="leaked_filename">

4
modules/vulnerabilities/unix/local/writeable_shadow/secgen_metadata.xml
View File

@@ -23,4 +23,8 @@
<hint>An access control misconfiguration</hint> <hint>An access control misconfiguration</hint>
<solution>Edit the shadow file to set a password for root</solution> <solution>Edit the shadow file to set a password for root</solution>
<conflict>
<name>Writeable Shadow File</name>
<author>Lewis Ardern</author>
</conflict>
</vulnerability> </vulnerability>

4
modules/vulnerabilities/unix/misc/distcc_exec/secgen_metadata.xml
View File

@@ -17,8 +17,8 @@
<read_fact>leaked_filename</read_fact> <read_fact>leaked_filename</read_fact>
<default_input into="strings_to_leak"> <default_input into="strings_to_leak">
<generator type="string_generator"/> <generator type="message_generator"/>
<generator type="string_generator"/> <generator type="message_generator"/>
</default_input> </default_input>
<default_input into="leaked_filename"> <default_input into="leaked_filename">

4
modules/vulnerabilities/unix/nfs/nfs_overshare/templates/exports.erb
View File

@@ -5,8 +5,8 @@
# to NFS clients. See exports(5). # to NFS clients. See exports(5).
# #
# Example for NFSv2 and NFSv3: # Example for NFSv2 and NFSv3:
<%=$storage_directory %> 172.0.0.0/8(rw,sync,no_subtree_check) <%=$storage_directory %> 0.0.0.0/8(rw,sync,no_subtree_check)
<%=$storage_directory %> 192.0.0.0/8(rw,sync,no_subtree_check) #TODO: DO NOT MERGE :: Test this first :)
# #
# Example for NFSv4: # Example for NFSv4:
# /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) # /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)

4
modules/vulnerabilities/unix/system/parameterised_accounts/secgen_metadata.xml
View File

@@ -29,8 +29,8 @@
<generator type="boolean_generator"/> <generator type="boolean_generator"/>
</input> </input>
<input into="strings_to_leak"> <input into="strings_to_leak">
<generator type="string_generator"/> <generator type="message_generator"/>
<generator type="string_generator"/> <generator type="message_generator"/>
</input> </input>
<input into="leaked_filename"> <input into="leaked_filename">
<generator module_path="generators/filenames/leaked_filename"/> <generator module_path="generators/filenames/leaked_filename"/>

4
modules/vulnerabilities/unix/webapp/gitlist_040/secgen_metadata.xml
View File

@@ -22,8 +22,8 @@
<read_fact>github_repository</read_fact> <read_fact>github_repository</read_fact>
<default_input into="strings_to_leak"> <default_input into="strings_to_leak">
<generator type="string_generator"/> <generator type="message_generator"/>
<generator type="string_generator"/> <generator type="message_generator"/>
</default_input> </default_input>
<default_input into="leaked_filename"> <default_input into="leaked_filename">

2
modules/vulnerabilities/unix/webapp/moinmoin_195/secgen_metadata.xml
View File

@@ -23,7 +23,7 @@
<default_input into="strings_to_leak"> <default_input into="strings_to_leak">
<value>This is some leaked data.</value> <value>This is some leaked data.</value>
<generator type="string_generator"/> <generator type="message_generator"/>
</default_input> </default_input>
<default_input into="site_name"> <default_input into="site_name">

2
scenarios/parameterised_examples/parameterised_accounts.xml
View File

@@ -22,7 +22,7 @@
<generator type="boolean_generator"/> <generator type="boolean_generator"/>
</input> </input>
<input into="strings_to_leak"> <input into="strings_to_leak">
<generator type="string_generator"/> <generator type="message_generator"/>
</input> </input>
<input into="leaked_filename"> <input into="leaked_filename">
<generator module_path="generators/filenames/leaked_filename"/> <generator module_path="generators/filenames/leaked_filename"/>