digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 11:18:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

shell before and after login banners

Browse Source
This commit is contained in:
Z. Cliffe Schreuders
2019-07-01 22:58:10 +01:00
parent cf6098bf3b
commit ae3f523587
10 changed files with 146 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Gemfile
View File

@@ -36,6 +36,7 @@ gem 'digest-sha3', :git => "http://github.com/izetex/digest-sha3-ruby"
gem 'packetfu'
gem 'net-ntp'
gem 'CFPropertyList'
gem 'artii'
#development only gems go here
group :test, :development do

2
Gemfile.lock
View File

@@ -26,6 +26,7 @@ GEM
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
artii (2.1.2)
bases (1.0.2)
bcrypt (3.1.13)
chunky_png (1.3.11)
@@ -151,6 +152,7 @@ PLATFORMS
DEPENDENCIES
CFPropertyList
artii
bases
bcrypt
braille!

0
modules/encoders/format/ascii_art/ascii_art.pp Normal file
View File

0
modules/encoders/format/ascii_art/manifests/.no_puppet Normal file
View File

37
modules/encoders/format/ascii_art/secgen_local/local.rb Normal file
View File

@@ -0,0 +1,37 @@
#!/usr/bin/ruby
require_relative '../../../../../lib/objects/local_string_encoder.rb'
require 'artii'
class ASCIIArtEncoder < StringEncoder
attr_accessor :font
def initialize
super
self.module_name = 'Ascii Art Encoder'
self.font = []
end
def encode(str)
# if more than one font is specified, randomly choose one for every string that is encoded
artii = Artii::Base.new :font => self.font.sample
artii.asciify(str)
end
def process_options(opt, arg)
super
case opt
# Removes any non-alphabet characters
when '--font'
self.font << arg
else
# do nothing
end
end
def get_options_array
super + [['--font', GetoptLong::OPTIONAL_ARGUMENT]]
end
end
ASCIIArtEncoder.new.run

61
modules/encoders/format/ascii_art/secgen_metadata.xml Normal file
View File

@@ -0,0 +1,61 @@
<?xml version="1.0"?>
<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
<name>Text to ASCII Art</name>
<author>Z. Cliffe Schreuders</author>
<module_license>MIT</module_license>
<description>Outputs an ASCII art version of the text. Works best with short strings.
</description>
<type>string_format_encoder</type>
<platform>linux</platform>
<platform>windows</platform>
<read_fact>strings_to_encode</read_fact>
<read_fact>font</read_fact>
<!-- Select one of the clearer ascii fonts -->
<default_input into="font">
<encoder type="string_selector">
<input into="strings_to_encode">
<value>banner</value>
<value>big</value>
<value>bubble</value>
<value>bulbhead</value>
<value>contessa</value>
<value>doom</value>
<value>drpepper</value>
<value>fourtops</value>
<value>invita</value>
<value>italic</value>
<value>larry3d</value>
<value>maxfour</value>
<value>mini</value>
<value>moscow</value>
<value>ntgreek</value>
<value>ogre</value>
<value>pawp</value>
<value>pebbles</value>
<value>puffy</value>
<value>rectangles</value>
<value>serifcap</value>
<value>short</value>
<value>slant</value>
<value>slscript</value>
<value>small</value>
<value>smisome1</value>
<value>smslant</value>
<value>speed</value>
<value>standard</value>
<value>straight</value>
<value>twopoint</value>
</input>
</encoder>
</default_input>
<!-- TODO default fonts, random, and read in local.rb -->
<output_type>encoded_strings</output_type>
</encoder>

10
modules/utilities/unix/system/after_login_message/manifests/init.pp
View File

@@ -1,11 +1,11 @@
class after_login_message::init {
$secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
$leaked_strings = join($secgen_parameters['$leaked_strings'], "/n")
file_line { "$leaked_strings leak login":
path => '/etc/bashrc',
line => "cat <<'EOF'\n$leaked_strings\nEOF",
$strings_to_leak = join($secgen_parameters['strings_to_leak'], "\n")
file_line { "$strings_to_leak leak login":
path => '/etc/bash.bashrc',
line => "cat <<'EOF'\n$strings_to_leak\nEOF",
}
}

4
modules/utilities/unix/system/after_login_message/secgen_metadata.xml
View File

@@ -11,9 +11,9 @@
<type>system</type>
<platform>linux</platform>
<read_fact>leaked_strings</read_fact>
<read_fact>strings_to_leak</read_fact>
<default_input into="leaked_strings">
<default_input into="strings_to_leak">
<value/>
</default_input>

12
modules/utilities/unix/system/before_login_message/manifests/init.pp
View File

@@ -1,14 +1,14 @@
class before_login_message::init {
$secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
$leaked_strings = join($secgen_parameters['$leaked_strings'], "/n")
file_line { "$leaked_strings leak":
$strings_to_leak = join($secgen_parameters['strings_to_leak'], "\n")
file_line { "$strings_to_leak leak":
path => '/etc/issue',
line => $leaked_strings,
line => $strings_to_leak,
}
file_line { "$leaked_strings net leak":
file_line { "$strings_to_leak net leak":
path => '/etc/issue.net',
line => $leaked_strings,
line => $strings_to_leak,
}
}

32
scenarios/examples/services_utilities_examples/shell_login_messages.xml Normal file
View File

@@ -0,0 +1,32 @@
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<system>
<system_name>system</system_name>
<base platform="linux" type="server"/>
<utility module_path=".*before_login_message">
<input into="strings_to_leak">
<encoder type="string_format_encoder">
<input into="strings_to_encode">
<value>Hacktivity</value>
</input>
</encoder>
<value>You are logged out</value>
</input>
</utility>
<utility module_path=".*after_login_message">
<input into="strings_to_leak">
<encoder type="string_format_encoder">
<input into="strings_to_encode">
<value>SecGen</value>
</input>
</encoder>
<value>Welcome! You are logged in.</value>
</input>
</utility>
</system>
</scenario>