Windows 7 support in oVirt -- depends on changes to vagrant winssh, the ovirt-plugin, and the basebox having SSH, puppet, and rsync -- possibly breaks old baseboxes that don't have these installed, but SSH is required rather than WinRM due to proxy limitations

lib/templates/Vagrantfile.erb

@@ -182,13 +182,16 @@ end
            <%= system.name %>.vm.provision 'shell', inline: "echo '' > /etc/environment"
           <% # Below string is used within testing, do not delete. -%>
           # ip_address_for_<%= system.name %>=<%= resolve_network(selected_module)%>
-          <%       # Static Virtualbox networking -%>
+<%         # Static Virtualbox networking -%>
 <%       elsif (@options.has_key? :ovirtuser) && (@options.has_key? :ovirtpass) && @ovirt_base_template && @ovirt_base_template =~ /win/ -%>
-<%        # Windows on oVirt -- change network on reboot via scheduled task%>
-          <%= system.name %>.vm.provision 'shell', inline: "schtasks /create /rl HIGHEST /ru system /sc ONSTART /tn \"network settings\" /tr \"netsh interface ip set address 'Local Area Connection' static <%= resolve_network(selected_module) %> 255.0.0.0\" < nul", upload_path: "c:/windows/temp/ipconf.bat"
+<%         # Windows on oVirt -- change network on reboot via scheduled task, so that it gets the new IP on reboot (not mid-provision)%>
+<%         # TODO: use some clever scripting to identify the network name : $interface = $(wmic.exe nic where "NetConnectionStatus=2" get NetConnectionID | findstr Local).Trim(); schtasks /create /rl HIGHEST /ru system /sc ONSTART /tn networksettings /f /tr "netsh interface ip set address '$interface' static IPADDRESS 255.0.0.0" %>
+          <%= system.name %>.vm.provision 'shell', inline: 'schtasks /create /rl HIGHEST /ru system /sc ONSTART /tn networksettings1 /f /tr "netsh interface ip set address \'Local Area Connection\' static <%= resolve_network(selected_module)%> 255.0.0.0\" '
+          <%= system.name %>.vm.provision 'shell', inline: 'schtasks /create /rl HIGHEST /ru system /sc ONSTART /tn networksettings2 /f /tr "netsh interface ip set address \'Local Area Connection 2\' static <%= resolve_network(selected_module)%> 255.0.0.0\" '
+          <%= system.name %>.vm.provision 'shell', inline: 'schtasks /create /rl HIGHEST /ru system /sc ONSTART /tn networksettings3 /f /tr "netsh interface ip set address \'Local Area Connection 3\' static <%= resolve_network(selected_module)%> 255.0.0.0\" '
 <%       else # not windows or not ovirt -%>
   <%= system.name %>.vm.network :<%= selected_module.attributes['type'].first %>, ip: "<%= resolve_network(selected_module)%>"
-       <% # Below string is used within testing, do not delete. -%>
+<%       # Below string is used within testing, do not delete. -%>
      # ip_address_for_<%= system.name %>=<%= resolve_network(selected_module)%>
 <%       end -%>
 <%     end -%>
@@ -217,7 +220,7 @@ end
         <%=module_name%>.environment = "production"
         <%=module_name%>.synced_folder_type = "rsync"
       <% end %>
-    <%=module_name%>.manifests_path = "<%="puppet/#{system.name}/modules/#{selected_module.module_path_end}"%>"
+      <%=module_name%>.manifests_path = "<%="puppet/#{system.name}/modules/#{selected_module.module_path_end}"%>"
       <%=module_name%>.manifest_file = "<%="#{selected_module.module_path_end}.pp"%>"
     end
 <%   end -%>

modules/bases/windows_7/secgen_metadata.xml

@@ -6,7 +6,7 @@
   <name>Windows 7, SSH, Puppet: OVIRT ONLY</name>
   <author>Z. Cliffe Schreuders</author>
   <module_license>GPLv3</module_license>
-  <description>Windows 7 with SSH and Puppet. CURRENTLY ONLY WORKS WITH OVIRT.</description>
+  <description>Windows 7 with OpenSSH, Chocolate, Rsync, and Puppet. CURRENTLY ONLY WORKS WITH OVIRT.</description>
   <cpu_word_size>64-bit</cpu_word_size>
   <type>desktop</type>
 
@@ -14,7 +14,7 @@
   <distro>7</distro>
   <url>http://TODO</url>
   <esxi_url></esxi_url>
-  <ovirt_template>win7-vagrant-8</ovirt_template>
+  <ovirt_template>win7-vagrant-11</ovirt_template>
 
   <software_license>various</software_license>
 

scenarios/examples/windows_7_scenario.xml

@@ -4,11 +4,49 @@
 	   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	   xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
 
-	<!-- an example remote storage system, with a remotely exploitable vulnerability that can then be escalated to root -->
 	<system>
 		<system_name>windows</system_name>
 		<base platform="windows" distro="7"/>
 
+		<utility module_path=".*parameterised_accounts" platform="windows">
+			<input into="accounts" into_datastore="accounts">
+				<generator type="account">
+					<input into="username">
+						<value>user1</value>
+					</input>
+					<input into="password">
+						<value>password1</value>
+					</input>
+					<input into="super_user">
+						<value>false</value>
+					</input>
+					<input into="strings_to_leak">
+						<value>This is a test</value>
+					</input>
+					<input into="leaked_filenames">
+						<value>test.txt</value>
+					</input>
+				</generator>
+				<generator type="account">
+					<input into="username">
+						<value>user2</value>
+					</input>
+					<input into="password">
+						<value>password2</value>
+					</input>
+					<input into="super_user">
+						<value>false</value>
+					</input>
+					<input into="strings_to_leak">
+						<value>Hello, world!</value>
+					</input>
+					<input into="leaked_filenames">
+						<value>test.txt</value>
+					</input>
+				</generator>
+			</input>
+		</utility>
+
 		<network type="private_network" range="dhcp"/>
 	</system>