digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 11:18:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Difficulty cont.

Browse Source
This commit is contained in:
thomashaw
2018-08-10 15:46:59 +01:00
committed by ts
parent 41183db7ef
commit b9f56bbe10
13 changed files with 13 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/vulnerabilities/unix/ctf/programming/math_challenge/manifests/install.pp
View File

@@ -5,7 +5,7 @@ class math_challenge::install {
::secgen_functions::install_setgid_script { $challenge_name:
source_module_name => $module_name,
challenge_name => $challenge_name,
script_name => "$challenge_name .rb",
script_name => "$challenge_name.rb",
script_data => $secgen_params['script_data'],
group => $secgen_params['group'],
account => $secgen_params['account'],

2
modules/vulnerabilities/unix/ftp/proftpd_133c_backdoor/secgen_metadata.xml
View File

@@ -15,6 +15,7 @@
<privilege>root_rwx</privilege>
<access>remote</access>
<platform>linux</platform>
<difficulty>low</difficulty>
<read_fact>server_name</read_fact>
<read_fact>strings_to_leak</read_fact>
@@ -42,7 +43,6 @@
</default_input>
<!--optional vulnerability details-->
<difficulty>low</difficulty>
<!--<cve></cve>-->
<cvss_base_score>10</cvss_base_score>
<cvss_vector>AV:N/AC:L/Au:N/C:C/I:C/A:C</cvss_vector>

2
modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/secgen_metadata.xml
View File

@@ -15,6 +15,7 @@
<privilege>root_rwx</privilege>
<access>remote</access>
<platform>linux</platform>
<difficulty>low</difficulty>
<read_fact>anonymous_ftp</read_fact>
<read_fact>ftpd_banner</read_fact>
@@ -36,7 +37,6 @@
</default_input>
<!--optional vulnerability details-->
<difficulty>low</difficulty>
<!--<cve></cve>-->
<cvss_base_score>10</cvss_base_score>
<cvss_vector>AV:N/AC:L/Au:N/C:C/I:C/A:C</cvss_vector>

2
modules/vulnerabilities/unix/irc/unrealirc_3281_backdoor/secgen_metadata.xml
View File

@@ -14,6 +14,7 @@
<privilege>user_rwx</privilege>
<access>remote</access>
<platform>linux</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_leak</read_fact>
<read_fact>leaked_filenames</read_fact>
@@ -72,7 +73,6 @@
</default_input>
<!--optional vulnerability details-->
<difficulty>low</difficulty>
<!--<cve></cve>-->
<cvss_base_score>10</cvss_base_score>
<cvss_vector>AV:N/AC:L/Au:N/C:C/I:C/A:C</cvss_vector>

2
modules/vulnerabilities/unix/local/chkrootkit/secgen_metadata.xml
View File

@@ -15,6 +15,7 @@
<privilege>root_rwx</privilege>
<access>local</access>
<platform>linux</platform>
<difficulty>high</difficulty>
<read_fact>strings_to_leak</read_fact>
<read_fact>leaked_filenames</read_fact>
@@ -34,7 +35,6 @@
</default_input>
<!--optional vulnerability details-->
<difficulty>high</difficulty>
<cve>CVE-2014-0476</cve>
<cvss_base_score>3.7</cvss_base_score>
<reference>https://www.rapid7.com/db/modules/exploit/unix/local/chkrootkit</reference>

4
modules/vulnerabilities/unix/local/setuid_nmap/secgen_metadata.xml
View File

@@ -12,6 +12,7 @@
<privilege>root_rwx</privilege>
<access>local</access>
<platform>linux</platform>
<difficulty>medium</difficulty>
<read_fact>strings_to_leak</read_fact>
<read_fact>leaked_filenames</read_fact>
@@ -23,9 +24,6 @@
<generator type="filename_generator"/>
</default_input>
<!--optional vulnerability details-->
<difficulty>medium</difficulty>
<requires>
<module_path>modules/utilities/unix/audit_tools/scanners/nmap</module_path>
</requires>

2
modules/vulnerabilities/unix/misc/distcc_exec/secgen_metadata.xml
View File

@@ -12,6 +12,7 @@
<privilege>user_rwx</privilege>
<access>remote</access>
<platform>unix</platform>
<difficulty>medium</difficulty>
<read_fact>strings_to_leak</read_fact>
<read_fact>leaked_filenames</read_fact>
@@ -27,7 +28,6 @@
</default_input>
<!--optional vulnerability details-->
<difficulty>medium</difficulty>
<cve>CVE-2004-2687</cve>
<cvss_base_score>9.3</cvss_base_score>
<cvss_vector>AV:N/AC:M/Au:N/C:C/I:C/A:C</cvss_vector>

2
modules/vulnerabilities/unix/nfs/nfs_overshare/secgen_metadata.xml
View File

@@ -12,6 +12,7 @@
<privilege>info_leak</privilege>
<access>remote</access>
<platform>linux</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_leak</read_fact>
<read_fact>images_to_leak</read_fact>
@@ -55,7 +56,6 @@
<!--</encoder>-->
<!--</default_input>-->
<!--optional vulnerability details-->
<difficulty>low</difficulty>
<!--<cve></cve>-->
<cvss_base_score>4.3</cvss_base_score>
<cvss_vector>AV:N/AC:M/Au:N/C:P/I:N/A:N</cvss_vector>

2
modules/vulnerabilities/unix/nfs/nfs_rootshare/secgen_metadata.xml
View File

@@ -12,6 +12,7 @@
<privilege>root_rw</privilege>
<access>remote</access>
<platform>linux</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_leak</read_fact>
<read_fact>images_to_leak</read_fact>
@@ -37,7 +38,6 @@
</default_input>
<!--optional vulnerability details-->
<difficulty>low</difficulty>
<!--<cve></cve>-->
<cvss_base_score>9.3</cvss_base_score>
<cvss_vector>AV:N/AC:M/Au:N/C:C/I:C/A:C</cvss_vector>

4
modules/vulnerabilities/unix/smb/samba_public_writable_share/secgen_metadata.xml
View File

@@ -13,6 +13,7 @@
<privilege>info_leak</privilege>
<access>remote</access>
<platform>linux</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_leak</read_fact>
<read_fact>leaked_filenames</read_fact>
@@ -63,9 +64,6 @@
<value>true</value>
</default_input>
<!--optional vulnerability details-->
<difficulty>low</difficulty>
<!--optional details-->
<reference>http://allarsblog.com/2015/11/07/Setting-Up-Samba-No-Security/</reference>
<software_name>smbd</software_name>

4
modules/vulnerabilities/unix/smb/samba_symlink_traversal/secgen_metadata.xml
View File

@@ -13,6 +13,7 @@
<privilege>user_rw</privilege>
<access>remote</access>
<platform>linux</platform>
<difficulty>low</difficulty>
<read_fact>strings_to_leak</read_fact>
<read_fact>leaked_filenames</read_fact>
@@ -57,9 +58,6 @@
<value>true</value>
</default_input>
<!--optional vulnerability details-->
<difficulty>low</difficulty>
<!--optional details-->
<reference>https://www.samba.org/samba/news/symlink_attack.html</reference>
<reference>https://www.rapid7.com/db/modules/auxiliary/admin/smb/samba_symlink_traversal</reference>

2
modules/vulnerabilities/unix/webapp/gitlist_040/secgen_metadata.xml
View File

@@ -17,6 +17,7 @@
<privilege>user_rwx</privilege>
<access>remote</access>
<platform>linux</platform>
<difficulty>low</difficulty>
<read_fact>port</read_fact>
<read_fact>strings_to_leak</read_fact>
@@ -39,7 +40,6 @@
</default_input>
<!--optional vulnerability details-->
<difficulty>low</difficulty>
<cve>CVE-2014-4511</cve>
<cvss_base_score>7.5</cvss_base_score>

2
modules/vulnerabilities/unix/webapp/moinmoin_195/secgen_metadata.xml
View File

@@ -17,6 +17,7 @@
<privilege>user_rwx</privilege>
<access>remote</access>
<platform>linux</platform>
<difficulty>medium</difficulty>
<read_fact>port</read_fact>
<read_fact>strings_to_leak</read_fact>
@@ -49,7 +50,6 @@
</default_input>
<!--optional vulnerability details-->
<difficulty>medium</difficulty>
<cve>CVE-2012-6080</cve>
<cve>CVE-2012-6081</cve>