From def699940545db0795ebc414979683eada9fcf21 Mon Sep 17 00:00:00 2001
From: "Z. Cliffe Schreuders" <code.cliffe@schreuders.org>
Date: Mon, 23 Sep 2019 16:19:46 +0100
Subject: [PATCH] lab updates

---
 .../wordlists/top-20-common-SSH-passwords     |  21 +++
 .../secgen_metadata.xml                       |   2 +-
 .../bases/kali_light_msf/secgen_metadata.xml  |   4 +-
 .../introducing_attacks/1_intro_linux.xml     | 159 ++++++++++++++++++
 4 files changed, 183 insertions(+), 3 deletions(-)
 create mode 100644 lib/resources/wordlists/top-20-common-SSH-passwords
 create mode 100644 scenarios/labs/introducing_attacks/1_intro_linux.xml

diff --git a/lib/resources/wordlists/top-20-common-SSH-passwords b/lib/resources/wordlists/top-20-common-SSH-passwords
new file mode 100644
index 000000000..d3f83350a
--- /dev/null
+++ b/lib/resources/wordlists/top-20-common-SSH-passwords
@@ -0,0 +1,21 @@
+root
+toor
+raspberry
+dietpi
+test
+uploader
+password
+admin
+administrator
+marketing
+12345678
+1234
+12345
+qwerty
+webadmin
+webmaster
+maintaince
+techsupport
+letmein
+logon
+Passw@rd
diff --git a/modules/bases/debian_stretch_desktop_kde/secgen_metadata.xml b/modules/bases/debian_stretch_desktop_kde/secgen_metadata.xml
index 2e18ccb6d..845d9e52d 100644
--- a/modules/bases/debian_stretch_desktop_kde/secgen_metadata.xml
+++ b/modules/bases/debian_stretch_desktop_kde/secgen_metadata.xml
@@ -15,7 +15,7 @@
   <distro>Debian 9.5.0 Stretch amd64</distro>
   <url>https://app.vagrantup.com/secgen/boxes/debian_stretch_desktop_kde/versions/1.2/providers/virtualbox.box</url>
   <esxi_url>https://app.vagrantup.com/redwiz666/boxes/debian_stretch_desktop_kde/versions/1.0.0/providers/vmware.box</esxi_url>
-  <ovirt_template>stretch_desktop_kde_140319</ovirt_template>
+  <ovirt_template>stretch_desktop_kde_20190923</ovirt_template>
 
   <reference>https://atlas.hashicorp.com/puppetlabs</reference>
   <software_license>various</software_license>
diff --git a/modules/bases/kali_light_msf/secgen_metadata.xml b/modules/bases/kali_light_msf/secgen_metadata.xml
index bd1c772ec..561a21e15 100644
--- a/modules/bases/kali_light_msf/secgen_metadata.xml
+++ b/modules/bases/kali_light_msf/secgen_metadata.xml
@@ -16,8 +16,8 @@
   <distro>Kali Linux 2018.3</distro>
   <url>https://app.vagrantup.com/secgen/boxes/kali_light_msf/versions/1.0/providers/virtualbox.box</url>
   <esxi_url></esxi_url>
-  <ovirt_template>kali_linux_msf</ovirt_template>
-  
+  <ovirt_template>kali_linux_msf_20190923</ovirt_template>
+
 
   <reference>https://app.vagrantup.com/secgen</reference>
   <software_license>various</software_license>
diff --git a/scenarios/labs/introducing_attacks/1_intro_linux.xml b/scenarios/labs/introducing_attacks/1_intro_linux.xml
new file mode 100644
index 000000000..184a9bef3
--- /dev/null
+++ b/scenarios/labs/introducing_attacks/1_intro_linux.xml
@@ -0,0 +1,159 @@
+<?xml version="1.0"?>
+
+<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
+		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+		xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
+
+	<name>Introduction to Linux and Security lab</name>
+  <author>Z. Cliffe Schreuders</author>
+  <description>
+# Introduction
+This topic covers lots of ground regarding fundamentals of Linux and free open source software (FOSS).
+
+# Lecture
+[Slides here](http://z.cliffe.schreuders.org/presentations/slides/DSL_DS_OSPT_Lectures_1_Intro_to_Unix_FOSS_and_Linux.html)
+
+# Reading
+[Chapters 1 "Introduction" and 2 "Unix History and Lineage": Garfinkel, S. and Spafford, G. and Schwartz, A. (2003), Practical Unix and Internet Security, O'Reilly. (ISBN-10: 0596003234)](http://www.dawsonera.com.ezproxy.leedsbeckett.ac.uk/depp/reader/protected/external/AbstractView/S9781449310325)
+
+Suggested:
+
+Chapter 1 "An Overview of Computer Security": Bishop, M. (2005), Introduction to Computer Security, Addison-Wesley. (ISBN-10: 0321247442)
+
+# Lab
+[Lab sheet here](https://docs.google.com/document/d/1vA_Ev_GPqPg3cGZblgVclWmTU-sUEEBqwYpFH09mQjg/edit?usp=sharing).
+	</description>
+
+  <type>ctf-lab</type>
+  <type>lab-sheet</type>
+  <difficulty>easy</difficulty>
+
+	<system>
+		<system_name>desktop</system_name>
+		<base distro="Debian 9" type="desktop" name="KDE"/>
+
+		<input into_datastore="IP_addresses">
+			<!-- 0 desktop -->
+			<value>172.16.0.2</value>
+			<!-- 1 kali -->
+			<value>172.16.0.3</value>
+		</input>
+
+
+		<!-- accounts on the desktop, with the main user as a normal user, a victim user with a crackable password (via ssh) with a flag and sudo access, and a bystander with a flag which the victim superuser can access via sudo -->
+		<input into_datastore="user_accounts_desktop">
+			<!-- main user, sudoer -->
+			<generator type="account">
+				<input into="username">
+					<generator type="random_word_generator">
+						<input into="wordlist">
+							<value>mythical_creatures</value>
+						</input>
+					</generator>
+				</input>
+				<input into="password">
+					<value>tiaspbiqe2r</value>
+				</input>
+				<input into="super_user">
+					<value>false</value>
+				</input>
+			</generator>
+			<!-- victim user, with a weak password, and a flag -->
+			<generator type="account">
+				<input into="username">
+					<value>victim</value>
+				</input>
+				<input into="password">
+					<generator type="random_word_generator">
+						<input into="wordlist">
+							<value>top-20-common-SSH-passwords</value>
+						</input>
+					</generator>
+				</input>
+				<input into="super_user">
+					<value>true</value>
+				</input>
+				<input into="leaked_filenames">
+					<value>flag</value>
+				</input>
+				<input into="strings_to_leak">
+					<generator type="flag_generator" />
+				</input>
+			</generator>
+			<generator type="account">
+				<input into="username">
+					<value>bystander</value>
+				</input>
+				<input into="password">
+					<generator type="strong_password_generator"/>
+				</input>
+				<input into="super_user">
+					<value>false</value>
+				</input>
+				<input into="leaked_filenames">
+					<value>flag</value>
+				</input>
+				<input into="strings_to_leak">
+					<generator type="flag_generator" />
+				</input>
+			</generator>
+		</input>
+
+		<input into_datastore="desktop_root_password">
+			<generator type="strong_password_generator"/>
+		</input>
+
+		<!--Create the users-->
+		<utility module_path=".*parameterised_accounts">
+			<input into="accounts">
+				<datastore>user_accounts_desktop</datastore>
+			</input>
+		</utility>
+
+		<utility module_path=".*kde_minimal">
+			<input into="autologin_user">
+				<datastore access="0" access_json="['username']">user_accounts_desktop</datastore>
+			</input>
+			<input into="accounts">
+				<datastore>user_accounts_desktop</datastore>
+			</input>
+			<input into="autostart_konsole">
+				<value>true</value>
+			</input>
+		</utility>
+		<utility module_path=".*handy_cli_tools"/>
+
+		<vulnerability module_path=".*ssh_root_login">
+			<input into="root_password">
+				<datastore>desktop_root_password</datastore>
+			</input>
+		</vulnerability>
+
+		<network type="private_network">
+			<input into="IP_address">
+				<datastore access="0">IP_addresses</datastore>
+			</input>
+		</network>
+	</system>
+
+	<system>
+		<system_name>kali</system_name>
+		<base distro="Kali" name="MSF"/>
+
+		<input into_datastore="kali_root_account">
+			<value>{"username":"root","password":"toor","super_user":"","strings_to_leak":[],"leaked_filenames":[]}</value>
+		</input>
+
+		<utility module_path=".*kali_pwtools"/>
+		<utility module_path=".*metasploit_framework"/>
+		<utility module_path=".*handy_cli_tools"/>
+		<utility module_path=".*nmap"/>
+
+		<network type="private_network" >
+			<input into="IP_address">
+				<datastore access="1">IP_addresses</datastore>
+			</input>
+		</network>
+	</system>
+
+</scenario>