updated tests + team project

modules/services/unix/http/parameterised_website/secgen_test/parameterised_website.rb

@@ -2,6 +2,8 @@ require_relative '../../../../../lib/post_provision_test'
 require 'json'
 
 class ParamWebsiteTest < PostProvisionTest
+  attr_accessor :organisation
+
   def initialize
     self.module_name = 'parameterised_website'
     self.module_path = get_module_path(__FILE__)
@@ -12,32 +14,54 @@ class ParamWebsiteTest < PostProvisionTest
     super
     json_inputs = get_json_inputs
     test_service_up
+    test_html_returned_content("/css/#{json_inputs['theme'][0]}", 'Bootswatch v4.0.0')
     test_org_functionality(json_inputs)
     test_additional_page(json_inputs)
-    test_html_returned_content("/css/#{json_inputs['theme'][0]}", 'Bootswatch v4.0.0')
+    test_security_audit_remit(json_inputs)
+    test_acceptable_use_policy(json_inputs)
+  end
+
+  def get_organisation(json_inputs)
+    JSON.parse(json_inputs['organisation'][0])
   end
 
   def test_org_functionality(json_inputs)
     if json_inputs['organisation'] and
-       json_inputs['organisation'][0] and
-       json_inputs['organisation'][0] != ''
+        json_inputs['organisation'][0] and
+        json_inputs['organisation'][0] != ''
 
-      organisation = JSON.parse(json_inputs['organisation'][0])
+      organisation = get_organisation(json_inputs)
       employee_1 = organisation['employees'][0]
 
       test_html_returned_content('/index.html', organisation['business_name'])
-      test_html_returned_content('/contact.html', organisation['business_moto'])
+      test_html_returned_content('/contact.html', organisation['business_motto'])
       test_html_returned_content('/contact.html', employee_1['name'])
     end
   end
 
+  def test_security_audit_remit(json_inputs)
+    if json_inputs['security_audit'] and
+        json_inputs['security_audit'][0] and
+        json_inputs['security_audit'][0] != ''
+      test_html_returned_content('/security_audit_remit.html', "Security Audit Remit of #{get_organisation(json_inputs)['business_name']}")
+    end
+  end
+
+  def test_acceptable_use_policy(json_inputs)
+    if json_inputs['host_acceptable_use_policy'] and
+        json_inputs['host_acceptable_use_policy'][0] and
+        json_inputs['host_acceptable_use_policy'][0] == 'true'
+      test_html_returned_content('/acceptable_use_policy.html', "Acceptable Use Policy")
+      test_html_returned_content('/acceptable_use_policy.html', get_organisation(json_inputs)['business_name'])
+    end
+  end
 
   def test_additional_page(json_inputs)
     if json_inputs['additional_page_filenames'] and
-       json_inputs['additional_page_filenames'][0] and
-       json_inputs['additional_page_filenames'][0].include? 'html' and
-       json_inputs['additional_pages'] and
-       json_inputs['additional_pages'][0]
+        json_inputs['additional_page_filenames'][0] and
+        json_inputs['additional_page_filenames'][0].include? 'html' and
+        json_inputs['additional_pages'] and
+        json_inputs['additional_pages'][0]
 
       page_name = json_inputs['additional_page_filenames'][0]
       page_name = "/#{page_name}" if page_name.split[0] != '/'

modules/services/unix/ntp/ntp/secgen_test/ntp.rb

@@ -15,10 +15,21 @@ class NTPTest < PostProvisionTest
   end
 
   def test_ntp_query
-    begin
-      time_response = Net::NTP.get(system_ip, port).time
+    time_response = ''
+    retries = 5
+    while retries > 0
+      begin
+        time_response = Net::NTP.get(system_ip, port).time
+        break
+      rescue Errno::ECONNREFUSED, Timeout::Error
+        # do nothing
+      end
+      sleep 2
+      retries = -1
+    end
+    if time_response != ''
       self.outputs << "PASSED: NTP responded on UDP port #{port} with #{time_response}"
-    rescue Errno::ECONNREFUSED
+    else
       self.outputs << "FAILED: unable to connect to #{module_name} on UDP port #{port}"
       self.all_tests_passed = false
     end

modules/utilities/unix/system/parameterised_accounts/secgen_test/parameterised_accounts.rb

@@ -0,0 +1,24 @@
+require_relative '../../../../../lib/post_provision_test'
+
+class ParameterisedAccountsTest < PostProvisionTest
+  def initialize
+    self.module_name = 'parameterised_accounts'
+    self.module_path = get_module_path(__FILE__)
+    super
+  end
+
+  def test_module
+    super
+    test_accounts_exist
+  end
+
+  def test_accounts_exist
+    get_json_inputs['accounts'].each do |account|
+      account = JSON.parse(account)
+      username = account['username']
+      test_local_command("#{username} account exists?", 'cat /etc/passwd', username)
+    end
+  end
+end
+
+ParameterisedAccountsTest.new.run

modules/vulnerabilities/unix/access_control_misconfigurations/suid_root_bash/secgen_metadata.xml

@@ -15,4 +15,8 @@
 
   <hint>Shell permission misconfiguration</hint>
   <solution>Bash shell running with root permissions due to suid bit set (try /bin/bash -cp "some_command")</solution>
+
+  <conflict>
+    <module_path>.*shellshock.*</module_path>
+  </conflict>
 </vulnerability>

modules/vulnerabilities/unix/access_control_misconfigurations/suid_root_bash/secgen_test/suid_root_bash.rb

@@ -1,19 +1,19 @@
 require_relative '../../../../../lib/post_provision_test'
 
 
-class SUIDNanoTest < PostProvisionTest
+class SUIDBashTest < PostProvisionTest
   def initialize
-    self.module_name = 'suid_root_nano'
+    self.module_name = 'suid_root_bash'
     self.module_path = get_module_path(__FILE__)
     super
   end
 
   def test_module
     super
-    test_local_command('nano suid bit set?','sudo ls -la /bin/nano', '-rwsrwxrwx')
-    test_local_command('nano runs?','/bin/nano --version', 'GNU nano')
+    test_local_command('bash suid bit set?','sudo ls -la /bin/bash', '-rwsrwxrwx')
+    test_local_command('bash runs?','/bin/bash --version', 'GNU bash')
   end
 
 end
 
-SUIDNanoTest.new.run
+SUIDBashTest.new.run

modules/vulnerabilities/unix/bash/shellshock/secgen_test/shellshock.rb

@@ -0,0 +1,18 @@
+require_relative '../../../../../lib/post_provision_test'
+
+
+class ShellshockTest < PostProvisionTest
+  def initialize
+    self.module_name = 'shellshock'
+    self.module_path = get_module_path(__FILE__)
+    super
+  end
+
+  def test_module
+    super
+    test_local_command('correct /bin/bash version?','/bin/bash --version', 'version 4.1')
+  end
+
+end
+
+ShellshockTest.new.run

modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/secgen_test/vsftpd_234_backdoor.rb

@@ -2,7 +2,6 @@ require_relative '../../../../../lib/post_provision_test'
 
 class Vsftpd234BackdoorTest < PostProvisionTest
   def initialize
-    super
     self.module_name = 'vsftpd_234_backdoor'
     self.module_path = get_module_path(__FILE__)
     super

modules/vulnerabilities/unix/webapp/moinmoin_195/secgen_test/moinmoin_195.rb

@@ -10,6 +10,7 @@ class MoinMoin195Test < PostProvisionTest
   def test_module
     super
     test_service_up
+    test_html_returned_content('/index.html','<script type="text/javascript" src="/moin_static195/common/js/common.js"></script>')
   end
 end
 

scenarios/security_audit/team_project.xml

@@ -19,7 +19,7 @@
   <!-- Web Server on NIC1 and NIC2 -->
   <system>
     <system_name>web</system_name>
-    <base platform="linux" distro="Debian 7.8" type="server"/>
+    <base platform="linux" type="server"/>
 
     <input into_datastore="IP_addresses">
       <value>172.10.0.2</value>

scenarios/tests/test_scenario.xml

@@ -10,7 +10,7 @@
     <vulnerability module_path=".*dirtycow.*"/>
 
     <input into_datastore="IP_addresses">
-      <value>172.16.0.12</value>
+      <value>172.16.0.14</value>
     </input>
 
     <network type="private_network">