From f1997dda09856e4c13f231a752a2e7d36664455f Mon Sep 17 00:00:00 2001
From: smarkusfeld <118601688+smarkusfeld@users.noreply.github.com>
Date: Sun, 26 Feb 2023 17:41:35 +0000
Subject: [PATCH] UPDATE: Changed database variable from strings to leak to
 strings to preleak

TODO:
1. Team Testing
2. Remove Testing Variables
---
 .../unix/http/apache_couchdb/manifests/configure.pp         | 1 +
 .../unix/http/apache_couchdb/manifests/install.pp           | 6 +++---
 .../unix/http/apache_couchdb/secgen_metadata.xml            | 1 +
 .../http/apache_couchdb/templates/sampledata.json.erb.json  | 3 +--
 4 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/modules/vulnerabilities/unix/http/apache_couchdb/manifests/configure.pp b/modules/vulnerabilities/unix/http/apache_couchdb/manifests/configure.pp
index e9397f728..c4e2441df 100644
--- a/modules/vulnerabilities/unix/http/apache_couchdb/manifests/configure.pp
+++ b/modules/vulnerabilities/unix/http/apache_couchdb/manifests/configure.pp
@@ -7,6 +7,7 @@ class apache_couchdb::configure {
 	$jsondb = 'sampledata' ##TODO secgen
 	$strings_to_leak = ["this is a list of strings that are secrets / flags","another secret"]##$secgen_parameters['strings_to_leak']
 	$leaked_filenames = ["flagtest"]##$secgen_parameters['leaked_filenames']
+	$strings_to_preleak = ["preleak"]##$secgen_parameters['strings_to_pre_leak'], 
 	
 	Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }
 	
diff --git a/modules/vulnerabilities/unix/http/apache_couchdb/manifests/install.pp b/modules/vulnerabilities/unix/http/apache_couchdb/manifests/install.pp
index c7291f658..1b5801210 100644
--- a/modules/vulnerabilities/unix/http/apache_couchdb/manifests/install.pp
+++ b/modules/vulnerabilities/unix/http/apache_couchdb/manifests/install.pp
@@ -2,7 +2,7 @@ class apache_couchdb::install {
 
 	$responsefile= 'installresponse'
 	$packagename = 'couchdb_3.2.1_buster_amd64'
-	$jsondb = 'sampledata.json'
+	$jsondb = 'sampledata'
 	ensure_packages(['build-essential','pkg-config', 'erlang','libicu-dev', 'libmozjs-60-dev','libcurl4-openssl-dev', 'gnupg'])
 	Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }
 	
@@ -16,9 +16,9 @@ class apache_couchdb::install {
 		 ensure => file,
 		 content => template("apache_couchdb/${responsefile}.erb"),
 	}->
-	file { "/usr/bin/${jsondb}" :
+	file { "/usr/bin/${jsondb}.json" :
 		 ensure => file,
-		 content => template("apache_couchdb/${jsondb}.erb"),
+		 content => template("apache_couchdb/${jsondb}.json"),
 	}->
 	#install couch db from deb file
 	package {'couchdb-install':
diff --git a/modules/vulnerabilities/unix/http/apache_couchdb/secgen_metadata.xml b/modules/vulnerabilities/unix/http/apache_couchdb/secgen_metadata.xml
index e216143af..2ce5fc322 100644
--- a/modules/vulnerabilities/unix/http/apache_couchdb/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/http/apache_couchdb/secgen_metadata.xml
@@ -23,6 +23,7 @@
    <read_fact>known_username</read_fact>
     <read_fact>known_password</read_fact>
    <read_fact>strings_to_leak</read_fact>
+     <read_fact>strings_to_preleak</read_fact>
    <read_fact>leaked_filenames</read_fact>
    
    <default_input into="port">
diff --git a/modules/vulnerabilities/unix/http/apache_couchdb/templates/sampledata.json.erb.json b/modules/vulnerabilities/unix/http/apache_couchdb/templates/sampledata.json.erb.json
index a2a74b0f3..388189a8c 100644
--- a/modules/vulnerabilities/unix/http/apache_couchdb/templates/sampledata.json.erb.json
+++ b/modules/vulnerabilities/unix/http/apache_couchdb/templates/sampledata.json.erb.json
@@ -42,8 +42,7 @@
      },
      {  
       "id": 7, 
-      "leaked_filenames": "<%=@leaked_filenames%>",  
-	  "strings_to_leak": "<%=@strings_to_leak%>", 
+      "name": "<%=@strings_to_pre_leak%>",  
      }