nc_backdoor modules: added explicit install for ncat package, as nmap no longer depends on it in Buster

2026-02-22 11:48:17 +00:00 · 2020-10-28 11:35:29 +00:00
parent 6b40a9afa0
commit 9064e847a1
4 changed files with 26 additions and 17 deletions
--- a/modules/utilities/unix/nc_message/manifests/install.pp
+++ b/modules/utilities/unix/nc_message/manifests/install.pp
@@ -1,11 +1,14 @@
 class nc_message::install {
-  package { 'nmap':
-    ensure => installed
-  }
-
  $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
  $port = $secgen_parameters['port'][0]

+  ensure_pacakge("nmap")
+  case $operatingsystemrelease {
+    /^(10).*/: { # do buster stuff
+      ensure_pacakge("ncat")
+    }
+  }
+
  # join all the strings to leak
  # escape single quotes and semicolons, so we can use echo
  # $strings_to_leak = regsubst(join($secgen_parameters['strings_to_leak'], ","), "'|;", "\\\\\0")
--- a/modules/vulnerabilities/unix/misc/nc_backdoor/manifests/install.pp
+++ b/modules/vulnerabilities/unix/misc/nc_backdoor/manifests/install.pp
@@ -1,14 +1,16 @@
 class nc_backdoor::install {
-  package { 'nmap':
-    ensure => installed
-  }
-
  $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
  $port = $secgen_parameters['port'][0]

  $strings_to_leak = $secgen_parameters['strings_to_leak']
  $leaked_filenames = $secgen_parameters['leaked_filenames']

+  ensure_pacakge("nmap")
+  case $operatingsystemrelease {
+    /^(10).*/: { # do buster stuff
+      ensure_pacakge("ncat")
+    }
+  }

  # run on each boot via cron
  cron { 'backdoor':
--- a/modules/vulnerabilities/unix/misc/nc_backdoor_chroot_esc/manifests/install.pp
+++ b/modules/vulnerabilities/unix/misc/nc_backdoor_chroot_esc/manifests/install.pp
@@ -1,15 +1,16 @@
 class nc_backdoor_chroot_esc::install {
-  #package { 'netcat-traditional':
-  #  ensure => installed
-  #}
-
  $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
  $port = $secgen_parameters['port'][0]

  $strings_to_leak = $secgen_parameters['strings_to_leak']
  $leaked_filenames = $secgen_parameters['leaked_filenames']

-
+  ensure_pacakge("nmap")
+  case $operatingsystemrelease {
+    /^(10).*/: { # do buster stuff
+      ensure_pacakge("ncat")
+    }
+  }
  # run on each boot via cron
  #cron { 'backdoor_chroot':
  #  command     => "sleep 90 && chroot /opt/chroot ncat -l -p $port -e /bin/bash -k &",
--- a/modules/vulnerabilities/unix/misc/nc_backdoor_docker_esc/manifests/install.pp
+++ b/modules/vulnerabilities/unix/misc/nc_backdoor_docker_esc/manifests/install.pp
@@ -1,14 +1,17 @@
 class nc_backdoor_docker_esc::install {
-  #package { 'netcat-traditional':
-  #  ensure => installed
-  #}
-
  $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
  $port = $secgen_parameters['port'][0]

  $strings_to_leak = $secgen_parameters['strings_to_leak']
  $leaked_filenames = $secgen_parameters['leaked_filenames']

+  ensure_pacakge("nmap")
+  case $operatingsystemrelease {
+    /^(10).*/: { # do buster stuff
+      ensure_pacakge("ncat")
+    }
+  }
+
  #docker::run { "docker$port":
  #  image   => 'debian:stretch',
  #  ports            => ["$port"],