added check to verify if leaked files is empty

2026-02-21 11:18:06 +00:00 · 2017-03-13 15:10:17 +00:00
parent 6c97d81250
commit d9391d384f
5 changed files with 29 additions and 19 deletions
--- a/lib/.DS_Store
+++ b/lib/.DS_Store
--- a/lib/templates/.DS_Store
+++ b/lib/templates/.DS_Store
--- a/modules/build/puppet/secgen_functions/manifests/leak_file.pp
+++ b/modules/build/puppet/secgen_functions/manifests/leak_file.pp
@@ -1,20 +1,22 @@
 define secgen_functions::leak_file($leaked_filename, $storage_directory, $strings_to_leak, $owner = 'root', $group = 'root', $mode = '0777', $leaked_from = '' ) {
-  $path_to_leak = "$storage_directory/$leaked_filename"
+  if ($leaked_filename != ''){
+    $path_to_leak = "$storage_directory/$leaked_filename"

-  # If the file already exists append to it, otherwise create it.
-  if (defined(File[$path_to_leak])){
-    notice("File with that name already defined, appending leaked strings instead...")
-    exec { "$leaked_from-$path_to_leak":
-      path    => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'],
-      command => "echo $strings_to_leak >> $path_to_leak",
-    }
-  } else {
-    file { $path_to_leak:
-      ensure   => present,
-      owner    => $owner,
-      group    => $group,
-      mode     => $mode,
-      content  => template('secgen_functions/overshare.erb')
+    # If the file already exists append to it, otherwise create it.
+    if (defined(File[$path_to_leak])){
+      notice("File with that name already defined, appending leaked strings instead...")
+      exec { "$leaked_from-$path_to_leak":
+        path    => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'],
+        command => "echo $strings_to_leak >> $path_to_leak",
+      }
+    } else {
+      file { $path_to_leak:
+        ensure   => present,
+        owner    => $owner,
+        group    => $group,
+        mode     => $mode,
+        content  => template('secgen_functions/overshare.erb')
+      }
    }
  }
 }
--- a/modules/generators/content/name_based_username/secgen_local/local.rb
+++ b/modules/generators/content/name_based_username/secgen_local/local.rb
@@ -13,7 +13,7 @@ class NameBasedUsernameGenerator < StringEncoder

  # Generate a username based on a random adjective and a random noun
  def encode_all
-    self.outputs << Faker::Internet.user_name(self.name, %w(- _))
+    self.outputs << Faker::Internet.user_name(self.name, %w(nil _))
  end

  def get_options_array
--- a/scenarios/parameterised_examples/encoder_examples/parameterised_accounts.xml
+++ b/scenarios/parameterised_examples/encoder_examples/parameterised_accounts.xml
@@ -6,10 +6,18 @@
 	<!-- an example remote storage system, with a remotely exploitable vulnerability that can then be escalated to root -->
 	<system>
 		<system_name>storage_server</system_name>
-		<base platform="linux"/>
-
-		<vulnerability module_path=".*parameterised_accounts"/>
+		<base platform="linux" distro="Debian 7.8"/>

+		<vulnerability module_path=".*parameterised_accounts">
+			<input into="accounts">
+				<generator type="account">
+					<input into="username">
+						<value>example_username</value>
+					</input>
+				</generator>
+			</input>
+		</vulnerability>
+		
 		<network type="private_network" range="dhcp"/>
 	</system>
 </scenario>