From 8156c8bfb259456f0af6ceca5ee4f71ae76dbd74 Mon Sep 17 00:00:00 2001
From: ts <thomashaw@localhost.localdomain>
Date: Mon, 18 Feb 2019 13:52:54 +0000
Subject: [PATCH] added webapp_with_db type to select on for WNS assignment
 (excludes gitlist)

---
 .../unix/webapp/moinmoin_195/secgen_metadata.xml              | 1 +
 .../unix/webapp/wordpress_1x/secgen_metadata.xml              | 1 +
 .../unix/webapp/wordpress_2x/manifests/init.pp                | 2 ++
 .../unix/webapp/wordpress_2x/secgen_metadata.xml              | 1 +
 .../unix/webapp/wordpress_3x/secgen_metadata.xml              | 1 +
 .../unix/webapp/wordpress_4x/secgen_metadata.xml              | 1 +
 scenarios/security_audit/wns_assignment.xml                   | 4 ++--
 7 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/modules/vulnerabilities/unix/webapp/moinmoin_195/secgen_metadata.xml b/modules/vulnerabilities/unix/webapp/moinmoin_195/secgen_metadata.xml
index 659e017f1..c7d47b679 100644
--- a/modules/vulnerabilities/unix/webapp/moinmoin_195/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/webapp/moinmoin_195/secgen_metadata.xml
@@ -14,6 +14,7 @@
 
   <type>webapp</type>
   <type>in_the_wild</type>
+  <type>webapp_with_db</type>
   <privilege>user_rwx</privilege>
   <access>remote</access>
   <platform>linux</platform>
diff --git a/modules/vulnerabilities/unix/webapp/wordpress_1x/secgen_metadata.xml b/modules/vulnerabilities/unix/webapp/wordpress_1x/secgen_metadata.xml
index 6c0426f06..cfb972988 100644
--- a/modules/vulnerabilities/unix/webapp/wordpress_1x/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/webapp/wordpress_1x/secgen_metadata.xml
@@ -10,6 +10,7 @@
 
   <type>webapp</type>
   <type>in_the_wild</type>
+  <type>webapp_with_db</type>
   <privilege>various</privilege>
   <access>remote</access>
   <platform>linux</platform>
diff --git a/modules/vulnerabilities/unix/webapp/wordpress_2x/manifests/init.pp b/modules/vulnerabilities/unix/webapp/wordpress_2x/manifests/init.pp
index 580d07d52..e9a788ad8 100644
--- a/modules/vulnerabilities/unix/webapp/wordpress_2x/manifests/init.pp
+++ b/modules/vulnerabilities/unix/webapp/wordpress_2x/manifests/init.pp
@@ -69,4 +69,6 @@ class wordpress_2x {
     command => '/bin/bash /wordpress_conf.sh',
     minute => [0, 5,10,15,20,25,30,35,40,45,50,55]
   }
+
+  # ensure_resource('tidy','wp2 remove default site', {'path'=>'/etc/apache2/sites-enabled/000-default.conf'})
 }
diff --git a/modules/vulnerabilities/unix/webapp/wordpress_2x/secgen_metadata.xml b/modules/vulnerabilities/unix/webapp/wordpress_2x/secgen_metadata.xml
index ca1878788..a5c00cb64 100644
--- a/modules/vulnerabilities/unix/webapp/wordpress_2x/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/webapp/wordpress_2x/secgen_metadata.xml
@@ -9,6 +9,7 @@
   <description>wordpress</description>
 
   <type>webapp</type>
+  <type>webapp_with_db</type>
   <type>in_the_wild</type>
   <privilege>various</privilege>
   <access>remote</access>
diff --git a/modules/vulnerabilities/unix/webapp/wordpress_3x/secgen_metadata.xml b/modules/vulnerabilities/unix/webapp/wordpress_3x/secgen_metadata.xml
index eb120353b..dd623393a 100644
--- a/modules/vulnerabilities/unix/webapp/wordpress_3x/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/webapp/wordpress_3x/secgen_metadata.xml
@@ -9,6 +9,7 @@
   <description>wordpress</description>
 
   <type>webapp</type>
+  <type>webapp_with_db</type>
   <type>in_the_wild</type>
   <privilege>various</privilege>
   <access>remote</access>
diff --git a/modules/vulnerabilities/unix/webapp/wordpress_4x/secgen_metadata.xml b/modules/vulnerabilities/unix/webapp/wordpress_4x/secgen_metadata.xml
index 26f9309b2..e23a9a829 100644
--- a/modules/vulnerabilities/unix/webapp/wordpress_4x/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/webapp/wordpress_4x/secgen_metadata.xml
@@ -10,6 +10,7 @@
 
   <type>webapp</type>
   <type>in_the_wild</type>
+  <type>webapp_with_db</type>
   <privilege>various</privilege>
   <access>remote</access>
   <platform>linux</platform>
diff --git a/scenarios/security_audit/wns_assignment.xml b/scenarios/security_audit/wns_assignment.xml
index 6cb06f9d7..e4f0dd714 100644
--- a/scenarios/security_audit/wns_assignment.xml
+++ b/scenarios/security_audit/wns_assignment.xml
@@ -4,7 +4,7 @@
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
 
-  <!-- Security audit of an in the wild web application -->
+  <!-- Security audit of an in the wild web application that uses a database -->
   <system>
     <system_name>web_server</system_name>
     <base platform="linux" type="server" module_path=".*stretch.*"/>
@@ -13,7 +13,7 @@
       <value>172.16.0.2</value>
     </input>
 
-    <vulnerability type="in_the_wild" module_path=".*webapp.*">
+    <vulnerability type="webapp_with_db" module_path=".*webapp.*">
       <input into="IP_address">
         <datastore access="0">IP_addresses</datastore>
       </input>