diff --git a/.gitignore b/.gitignore
index 9a4aeb302..6e6d9d025 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,3 +15,4 @@ secgen.conf
modules/encoders/compression/huffman/tmp
.rakeTasks
modules/**/Gemfile.lock
+modules/generators/network/pcap/files/packet.pcap
\ No newline at end of file
diff --git a/modules/generators/network/pcap/manifests/.no_puppet b/modules/generators/network/pcap/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/network/pcap/pcap.pp b/modules/generators/network/pcap/pcap.pp
new file mode 100644
index 000000000..2cdc7c601
--- /dev/null
+++ b/modules/generators/network/pcap/pcap.pp
@@ -0,0 +1 @@
+require pcap::init
diff --git a/modules/generators/network/pcap/secgen_local/local.rb b/modules/generators/network/pcap/secgen_local/local.rb
new file mode 100644
index 000000000..b98b3b900
--- /dev/null
+++ b/modules/generators/network/pcap/secgen_local/local.rb
@@ -0,0 +1,122 @@
+#!/usr/bin/ruby
+$: << File.expand_path("../../lib", __FILE__)
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+require 'packetfu'
+require 'faker'
+require 'rubygems'
+
+class PcapGenerator < StringEncoder
+ attr_accessor :strings_to_leak
+
+ def initialize
+ super
+ self.module_name = 'PCAP Generator / Builder'
+ self.strings_to_leak = []
+ end
+
+ def packetgen(type, data)
+ if type == 'tcp'
+ # Create TCP Packet
+ pkt = PacketFu::TCPPacket.new
+ pkt.tcp_dst=rand(1..1023)
+ elsif type == 'udp'
+ # Create UDP Packet
+ pkt = PacketFu::UDPPacket.new
+ pkt.udp_dst=rand(1..1023)
+ end
+ # Create fake mac addresses for sender and receiver
+ pkt.eth_saddr=Faker::Internet.mac_address
+ pkt.eth_daddr=Faker::Internet.mac_address
+ # Create fake Public IP addresses for sender and receiver
+ pkt.ip_src=PacketFu::Octets.new.read_quad(Faker::Internet.ip_v4_address)
+ pkt.ip_dst=PacketFu::Octets.new.read_quad(Faker::Internet.ip_v4_address)
+ pkt.payload = data
+ pkt.recalc
+ end
+
+ def datagen
+ data_types = [
+ Faker::Dota.quote,
+ Faker::BackToTheFuture.quote,
+ Faker::BojackHorseman.quote,
+ Faker::ChuckNorris.fact,
+ Faker::DrWho.quote,
+ Faker::DumbAndDumber.quote,
+ Faker::FamilyGuy.quote,
+ Faker::Friends.quote,
+ Faker::GameOfThrones.quote,
+ Faker::HitchhikersGuideToTheGalaxy.quote,
+ Faker::HowIMetYourMother.quote,
+ Faker::Lebowski.quote,
+ Faker::MostInterestingManInTheWorld.quote,
+ Faker::RickAndMorty.quote,
+ Faker::Simpsons.quote,
+ Faker::StrangerThings.quote,
+ Faker::TheITCrowd.quote
+ ]
+ data_types.sample.dump.to_s
+ end
+
+ def encode_all
+ # Create an array of packets
+ random_number = rand (26..75)
+ count = 0
+ @pcaps = []
+
+ # Generate 25 initial packets
+ 25.times do
+ packet_type = ['tcp', 'udp'].sample
+ pkt = packetgen(packet_type, datagen)
+ @pcaps << pkt
+ count += 1
+ end
+
+ # Now generate random packets till we get to our random_number
+ while count < random_number
+ packet_type = ['tcp', 'udp'].sample
+ pkt = packetgen(packet_type, datagen)
+ @pcaps << pkt
+ count += 1
+ end
+
+ # Now add our strings_to_leak packet
+ strings = self.strings_to_leak.join("\n")
+ pkt = packetgen(packet_type, strings)
+ @pcaps << pkt
+ count += 1
+
+ # Finish generating packets till we have 100
+ while count < 101
+ packet_type = ['tcp', 'udp'].sample
+ pkt = packetgen(packet_type, datagen)
+ @pcaps << pkt
+ count += 1
+ end
+ # Put packets in pcap file and return contents.
+ file_contents = ''
+ pfile = PacketFu::PcapFile.new
+ pcap_file_path = GENERATORS_DIR + 'network/pcap/files/packet.pcap'
+ res = pfile.array_to_file(:filename => pcap_file_path, :array => @pcaps, :append => true)
+ file_contents = File.binread(pcap_file_path)
+ File.delete(pcap_file_path)
+ self.outputs << Base64.strict_encode64(file_contents)
+ end
+
+ def get_options_array
+ super + [['--strings_to_leak', GetoptLong::OPTIONAL_ARGUMENT]]
+ end
+
+ def process_options(opt, arg)
+ super
+ case opt
+ when '--strings_to_leak'
+ self.strings_to_leak << arg;
+ end
+ end
+
+ def encoding_print_string
+ 'strings_to_leak: ' + self.strings_to_leak.to_s
+ end
+end
+
+PcapGenerator.new.run
\ No newline at end of file
diff --git a/modules/generators/network/pcap/secgen_metadata.xml b/modules/generators/network/pcap/secgen_metadata.xml
new file mode 100644
index 000000000..9ad75b600
--- /dev/null
+++ b/modules/generators/network/pcap/secgen_metadata.xml
@@ -0,0 +1,24 @@
+
+
+
+ pcap File Generator
+ Jason Zeller
+ MIT
+ pcap generator. Wraps strings_to_leak (commonly used with a flag generators for CTF) in an Ethernet
+ packet. Output is a base64 encoded file.
+
+
+
+ pcap_generator
+ linux
+
+ strings_to_leak
+
+
+
+
+
+ base64_pcap_file
+
diff --git a/modules/utilities/unix/system/leak_to_file/leak_to_file.pp b/modules/utilities/unix/system/leak_to_file/leak_to_file.pp
new file mode 100644
index 000000000..07f9b6a34
--- /dev/null
+++ b/modules/utilities/unix/system/leak_to_file/leak_to_file.pp
@@ -0,0 +1 @@
+require leak_to_file::init
diff --git a/modules/utilities/unix/system/leak_to_file/manifests/init.pp b/modules/utilities/unix/system/leak_to_file/manifests/init.pp
new file mode 100644
index 000000000..fd031dfdd
--- /dev/null
+++ b/modules/utilities/unix/system/leak_to_file/manifests/init.pp
@@ -0,0 +1,23 @@
+class leak_to_file::init {
+ $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
+
+ $leaked_filename = $secgen_parameters['leaked_filename'][0]
+ $base64_file = $secgen_parameters['base64_file'][0]
+
+ if $secgen_parameters['account'] and $secgen_parameters['account'] != '' {
+ $account = $secgen_parameters['account'][0]
+ $username = $account['username']
+ $storage_directory = "/home/$username/"
+ } else {
+ $username = 'root'
+ $storage_directory = $secgen_parameters['storage_directory'][0]
+ }
+
+ leak_to_file::leak_file { '$storage_directory/$leaked_filename':
+ leaked_filename => $leaked_filename,
+ storage_directory => $storage_directory,
+ base64_file => $base64_file,
+ owner => $username,
+ group => $username,
+ }
+}
\ No newline at end of file
diff --git a/modules/utilities/unix/system/leak_to_file/manifests/leak_file.pp b/modules/utilities/unix/system/leak_to_file/manifests/leak_file.pp
new file mode 100644
index 000000000..5798930b7
--- /dev/null
+++ b/modules/utilities/unix/system/leak_to_file/manifests/leak_file.pp
@@ -0,0 +1,21 @@
+define leak_to_file::leak_file($leaked_filename, $storage_directory, $base64_file, $owner = 'root', $group = 'root', $mode = '0660', $leaked_from = '' ) {
+ if ($leaked_filename != ''){
+ $path_to_leak = "$storage_directory/$leaked_filename"
+
+ # create the directory tree, incase the file name has extra layers of directories
+ exec { "$leaked_from-$path_to_leak-mkdir":
+ path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'],
+ command => "mkdir -p `dirname $path_to_leak`;chown $owner. `dirname $path_to_leak`",
+ provider => shell,
+ }
+
+ # Create file.
+ file { $path_to_leak:
+ ensure => present,
+ owner => $owner,
+ group => $group,
+ mode => $mode,
+ content => base64('decode', $base64_file)
+ }
+ }
+ }
diff --git a/modules/utilities/unix/system/leak_to_file/secgen_metadata.xml b/modules/utilities/unix/system/leak_to_file/secgen_metadata.xml
new file mode 100644
index 000000000..cc06edbf3
--- /dev/null
+++ b/modules/utilities/unix/system/leak_to_file/secgen_metadata.xml
@@ -0,0 +1,35 @@
+
+
+
+ Leak base64 to file
+ Puppet Labs
+ Jason Zeller
+ MIT
+ Leak base64 to a file where specified by storage_directory.
+
+ system
+ linux
+
+
+ https://forge.puppet.com/puppetlabs/accounts
+
+ leaked_filename
+ base64_file
+ storage_directory
+ account
+
+
+
+
+
+
+
+
+
+
+ /var/log
+
+
+
\ No newline at end of file
diff --git a/modules/vulnerabilities/unix/ctf/pcap_file/manifests/init.pp b/modules/vulnerabilities/unix/ctf/pcap_file/manifests/init.pp
new file mode 100644
index 000000000..2ff895b28
--- /dev/null
+++ b/modules/vulnerabilities/unix/ctf/pcap_file/manifests/init.pp
@@ -0,0 +1,23 @@
+class pcap_file::init {
+ $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
+
+ $leaked_filename = $secgen_parameters['leaked_filename'][0]
+ $base64_file = $secgen_parameters['base64_file'][0]
+
+ if $secgen_parameters['account'] and $secgen_parameters['account'] != '' {
+ $account = parsejson($secgen_parameters['account'][0])
+ $username = $account['username']
+ $storage_directory = "/home/$username/"
+ } else {
+ $username = 'root'
+ $storage_directory = $secgen_parameters['storage_directory'][0]
+ }
+
+ leak_to_file::leak_file { $leaked_filename:
+ leaked_filename => $leaked_filename,
+ storage_directory => $storage_directory,
+ base64_file => $base64_file,
+ owner => $username,
+ group => $username,
+ }
+}
\ No newline at end of file
diff --git a/modules/vulnerabilities/unix/ctf/pcap_file/pcap_file.pp b/modules/vulnerabilities/unix/ctf/pcap_file/pcap_file.pp
new file mode 100644
index 000000000..d8f18550a
--- /dev/null
+++ b/modules/vulnerabilities/unix/ctf/pcap_file/pcap_file.pp
@@ -0,0 +1 @@
+require pcap_file::init
diff --git a/modules/vulnerabilities/unix/ctf/pcap_file/secgen_metadata.xml b/modules/vulnerabilities/unix/ctf/pcap_file/secgen_metadata.xml
new file mode 100644
index 000000000..c4b9243d1
--- /dev/null
+++ b/modules/vulnerabilities/unix/ctf/pcap_file/secgen_metadata.xml
@@ -0,0 +1,42 @@
+
+
+
+ pcap file
+ Jason Zeller
+ MIT
+ Release a pcap file with a flag generated somewhere.
+
+ pcap
+ system
+ none
+ local
+ linux
+
+
+ base64_file
+ leaked_filename
+ account
+ storage_directory
+
+
+
+
+
+
+ capture.pcap
+
+
+
+ /var/log
+
+
+ A pcap file has been leaked with a message inside a packet.
+ Use sftp to copy file to Kali. Then, use Wireshark to find message/flag.
+
+
+ utilities/unix/system/leak_to_file
+
+
+
\ No newline at end of file