digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 11:18:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

ssh_leaked_keys, no longer requires user_rw. param website doesn't drop a flag by default, additions to .gitignore

Browse Source
This commit is contained in:
thomashaw
2017-11-17 16:45:40 +00:00
parent 2dddfc42e3
commit be454cc8bd
3 changed files with 5 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@@ -3,4 +3,6 @@ unusedcode
.DS_Store
.idea
mount
log
log
batch/failed/
batch/successful/

3
modules/services/unix/http/parameterised_website/secgen_metadata.xml
View File

@@ -11,6 +11,7 @@
<type>http</type>
<platform>linux</platform>
<!-- Strings are leaked in index.html source code comments -->
<read_fact>strings_to_leak</read_fact>
<read_fact>images_to_leak</read_fact>
<read_fact>organisation</read_fact>
@@ -34,7 +35,7 @@
</default_input>
<default_input into="strings_to_leak">
<generator type="flag_generator"/>
<generator type="message_generator"/>
<generator type="message_generator"/>
</default_input>

4
modules/vulnerabilities/unix/system/ssh_leaked_keys/secgen_metadata.xml
View File

@@ -47,8 +47,4 @@
<module_path>utilities/unix/system/accounts</module_path>
</requires>
<!--to exploit the attacker needs user write access-->
<requires>
<privilege>user_rw</privilege>
</requires>
</vulnerability>