From dbb78104e71595b38360665fd3b5eb39260ba6c8 Mon Sep 17 00:00:00 2001
From: aviio <connorwilson1@googlemail.com>
Date: Thu, 12 May 2016 18:13:56 +0100
Subject: [PATCH] Fixes distcc vulnerability issue and removes environment
 warnings

---
 config/scenario.xml                           |  8 +++----
 lib/helpers/vulnerability_processor.rb        |  2 +-
 .../environments/production/environment.conf  |  1 -
 .../unix/misc/distcc_exec/distcc_exec.pp      |  4 +++-
 .../distcc_exec/manifests/config.pp           | 10 ++++++++
 .../distcc_exec/manifests/distcc_config.pp    | 23 -------------------
 .../distcc_exec/manifests/install.pp          |  5 ++++
 .../distcc_exec/manifests/service.pp          |  5 ++++
 8 files changed, 27 insertions(+), 31 deletions(-)
 create mode 100644 modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/config.pp
 delete mode 100644 modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/distcc_config.pp
 create mode 100644 modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/install.pp
 create mode 100644 modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/service.pp

diff --git a/config/scenario.xml b/config/scenario.xml
index d4e890ed9..89d087f66 100644
--- a/config/scenario.xml
+++ b/config/scenario.xml
@@ -2,19 +2,17 @@
 	<!-- an example remote storage system, with a remotely exploitable vulnerability that can then be escalated to root -->
 	<system id="storageserver" os="linux" basebox="debian-puppet-64" url="" >
 		<vulnerabilities>
-
+			<vulnerability type="misc"/>
 		</vulnerabilities>
 		<!-- secure services will be provided, if matching insecure ones have not been selected -->
+
 		<services>
-			<service name="lamp" type="lamp"></service>
+
 		</services>-->
 		<networks>
 			<network name="homeonly"></network>
 		</networks>
 
-		<sites>
-			<site type="blog"></site>
-		</sites>
 	</system>
 
 	<!-- an example remote web server, with a remotely exploitable root vulnerability -->
diff --git a/lib/helpers/vulnerability_processor.rb b/lib/helpers/vulnerability_processor.rb
index b19737625..f1a9ee321 100644
--- a/lib/helpers/vulnerability_processor.rb
+++ b/lib/helpers/vulnerability_processor.rb
@@ -59,7 +59,7 @@ class VulnerabilityProcessor
         # use from the top of the top of the randomised list
         return_vulns[vulnerability_query.id] = search_list[0]
         if search_list[0].type.length > 0
-          puts "Selected vulnerability : " + search_list[0].type
+          puts "Selected vulnerability : " + search_list[0].name
         end
 
         # enforce only one of any vulnerability type (remove from available)
diff --git a/modules/environments/production/environment.conf b/modules/environments/production/environment.conf
index 3263144d3..e69de29bb 100644
--- a/modules/environments/production/environment.conf
+++ b/modules/environments/production/environment.conf
@@ -1 +0,0 @@
-default_manifest = "../../mount/puppet/manifest"
\ No newline at end of file
diff --git a/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec.pp b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec.pp
index 2a56b1716..0d8288bc4 100644
--- a/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec.pp
+++ b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec.pp
@@ -1 +1,3 @@
-include distcc_exec::config
\ No newline at end of file
+include distcc_exec::install
+include distcc_exec::config
+include distcc_exec::service
\ No newline at end of file
diff --git a/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/config.pp b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/config.pp
new file mode 100644
index 000000000..f386bf1d8
--- /dev/null
+++ b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/config.pp
@@ -0,0 +1,10 @@
+class distcc_exec::config{
+  file { '/etc/default/distcc':
+    require => Package['distcc'],
+    ensure  => present,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0777',
+    content  => template('distcc_exec/distcc.erb')
+  }
+}
\ No newline at end of file
diff --git a/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/distcc_config.pp b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/distcc_config.pp
deleted file mode 100644
index 3930a6ec0..000000000
--- a/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/distcc_config.pp
+++ /dev/null
@@ -1,23 +0,0 @@
-class distcc_exec::distcc_config {
-
-  package { 'distcc':
-      ensure => installed
-  }
-
-
-  file { '/etc/default/distcc':
-    require => Package['distcc'],
-    ensure  => present,
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0777',
-    content  => template('distcc.erb')
-  }
-
-
-  service { 'distcc':
-    ensure => running
-}
-}
-
-
diff --git a/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/install.pp b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/install.pp
new file mode 100644
index 000000000..7089b6b12
--- /dev/null
+++ b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/install.pp
@@ -0,0 +1,5 @@
+class distcc_exec::install{
+  package { 'distcc':
+    ensure => installed
+  }
+}
\ No newline at end of file
diff --git a/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/service.pp b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/service.pp
new file mode 100644
index 000000000..9bfbc5616
--- /dev/null
+++ b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/service.pp
@@ -0,0 +1,5 @@
+class distcc_exec::service{
+  service { 'distcc':
+    ensure => running
+  }
+}
\ No newline at end of file