digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-22 11:48:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
271 Commits 38 Branches 0 Tags
c_code
Commit Graph

59 Commits

Author SHA1 Message Date
thomashaw
e8f8dcece4 Team project work squashed + removed dead code 2017-02-17 14:59:07 +00:00
thomashaw
373b0bc5dc Parameterised Website using datastores. Loads of generators and encoders. Check out the example scenarios. 2017-01-15 19:56:13 +00:00
thomashaw
4d6fb601b7 Revert: Updated puppetforge/apache to latest version 2016-12-30 01:10:33 +00:00
thomashaw
f78e2fc404 Updated puppetforge/apache to latest version 2016-12-21 17:57:52 +00:00
thomashaw
17f425b37f Multiple leaked files, new secgen_functions module encapsulating the file_leak and overshare.erb logic. Updated old modules to use the new resource type. 2016-12-08 10:43:48 +00:00
thomashaw
733c871072 Additional parameterisation. New modules: parameterised_accounts, generators and an account_encoder. Added plenty of parameters/default_inputs to currently existing vulnerability modules. 2016-11-30 18:09:22 +00:00
thomashaw
0ff5f5ba04 Added a requirement for the accounts module. 2016-11-13 23:19:55 +00:00
thomashaw
9b797c7db2 Service: ProFTPd 
WIP: Renamed

proftpd service module cont.
 2016-11-13 22:53:21 +00:00
thomashaw
2cf329eeef Vulnerability: Gitlist 0.4.0 webapp with RCE 2016-11-13 22:43:47 +00:00
Z. Cliffe Schreuders
4421c7d99c Merge branch 'parameterisation' 2016-10-18 21:25:17 +01:00
Z. Cliffe Schreuders
e63aa00e0a parameterisation 2016-10-18 21:19:47 +01:00
Jjk422
772b96436e Changed service module samba directory from file_share to smb. 
Changed scenario files that used the module.
Also changed the secgen.xml for samba vulnerabilities that required the module.

service::samba::secgen_metadata.xml:
Changed type in SecGen metadata for samba service module from file_share to smb, also added author.
Removed unneeded comments, changed comment from apache to samba.
scenarios::samba_service.xml
Changed comment to represent samba.

Tested and seems to be fully working for all modules/scenarios that require it.
 2016-09-13 11:10:59 +01:00
thomashaw
d3194f4d56 Fix: Added a file resource for the /usr/lib/cgi-bin/ directory. 2016-09-06 13:21:00 +01:00
thomashaw
60cd05536d Vulnerability: Shellshock in bash & Service: apache server with cgi hosting a bash script 
New scenario combines the two & is exploitable with msf module: exploit/multi/http/apache_mod_cgi_bash_env_exec
 2016-09-04 22:15:28 +01:00
thomashaw
e997c545f0 Removed 'Modulefile' as when unrealirc was selected puppet-librarian caused errors (as it tries to parse Modulefile's contents) 2016-09-03 00:31:47 +01:00
Tom
50e0c5d683 Merge pull request #62 from thomashaw/unreal_rework 
unrealirc_3281_backdoor vulnerability refactored.
 2016-08-31 15:08:02 +01:00
thomashaw
b8cc50b549 separated the vulnerable code out and used require to manipulate order 2016-08-18 20:58:04 +01:00
thomashaw
535017058a unrealirc_3281_backdoor vulnerability refactored. 
Vulnerable code now held within the service module and conditionally run based on whether the unrealirc_3281_backdoor class has been included. Reduced duplicate code.

Going to follow this pattern for misconfiguration vulnerabilities as modifying the same resources from different classes/namespaces within puppet causes issues.
 2016-08-17 16:04:28 +01:00
Jjk422
c63369f81f Fix for the samba module, merge of legacy code into Cliffe/master left module broken. 
Removed all legacy and non samba related code.
Tested and seems to be working.
 2016-08-15 17:19:39 +01:00
thomashaw
8b32a8dc62 Feature: Utilities - extracted services which do not run on a network socket e.g. package manager update, firewall rules, java etc. into utilities 2016-08-01 18:55:50 +01:00
thomashaw
e14a0f75df post-dependencies tidy up 2016-08-01 18:13:30 +01:00
Tom
29b58b325f Merge pull request #55 from cliffe/module_dependencies 
Module dependencies
 2016-07-30 11:45:29 +01:00
thomashaw
e9f1b87774 Removed testing comments 2016-07-30 11:45:06 +01:00
Z. Cliffe Schreuders
6e6df008b9 Module dependencies 2016-07-27 09:51:13 +01:00
Tom
d0c464019f Merge pull request #50 from Jjk422/new_nginx_service_module 
Nginx service module, should be fully working and secure.
 2016-07-25 06:46:54 +01:00
Jjk422
8c7c2bac60 Changes: 
config/scenario.xml - old scenario file deleted
secgen_metadata.xml:18: removed comment from tag on this line
 2016-07-23 09:52:22 +01:00
Tom
d0e0a3c68c Merge pull request #46 from Jjk422/new_vsftpd_service_module 
Secure vsftpd module
 2016-07-23 08:59:07 +01:00
Tom
7d842e14f8 Merge pull request #40 from Jjk422/new_java_service_module 
Java install module
 2016-07-23 08:58:45 +01:00
Jjk422
4cc2e6b31c Nginx service module, should be fully working and secure. 
Default index.html file and directory used.
Can connect via browser on host machine via nginx_service.xml file.
 2016-07-22 11:26:07 +01:00
Jjk422
6b09463f8a A few minor changes to comments: 
secgen_metadata.xml:20 - removed comment as not apache installation so not needed.
 java.pp:1-3 - update step removed here and example I used in #49 followed to allow for dependencies code to be used in the future.
java_service.xml:7 updated comment to reflect that the service is a java language installation
 2016-07-21 11:30:22 +01:00
Jjk422
24f4d4046d A few minor changes to comments: 
Removed secgen_metadata.xml line 20 comment as not apache installation so not needed.
Updated the vsftpd_service.xml line 7 comment to reflect that the service is a secure ftp service.
 2016-07-21 10:23:51 +01:00
thomashaw
6fd6de8aff Firewall merge small changes to demonstrate scenario creation pre-dependencies. 2016-07-19 15:01:51 +01:00
Tom
a3afb7e036 Merge pull request #38 from Jjk422/new_firewall_service_module 
Iptables firewall configure
 2016-07-19 14:34:23 +01:00
Jjk422
b36fe6070a Spelling mistake in file secgen_metadata.xml 
Spelling mistake in file secgen_metadata.xml, to small to warrant a pull request.
 2016-06-28 10:52:21 +01:00
Jjk422
98e9e2fd39 Secure vsftpd module. Login currently is via username:user and password:user. Has 2 test files and one test directory, shouldn't be able to log in as root or access root files .e.g '/etc/shadow'. 2016-06-23 11:33:36 +01:00
Connor Wilson
bc687a8cd6 Merge pull request #42 from Jjk422/new_ntp_service_module 
Ntp service module confirmed installed and running post-restart.
 2016-06-19 13:11:42 +01:00
thomashaw
c12ff5c270 Service: UnrealIRCd module 2016-06-18 19:58:45 +01:00
Jjk422
69fb1494e5 Ntp service module. 2016-06-15 09:08:33 +01:00
Tom
69af83625a Merge pull request #36 from Jjk422/new_samba_module_secure_service 
Samba secure service module
 2016-06-15 02:53:49 +01:00
Jjk422
c0ed9b92b5 Java language install module and java system scenario file. Will use unix_update if/when dependencies added. 2016-06-14 20:05:21 +01:00
Jjk422
c8c0976283 Changed secgen_metadata for firewall module to include author, and remove software name as module configures the iptable software without installing it. 2016-06-14 15:26:15 +01:00
Jjk422
e19cdf3160 Reverted the samba_config module, should be added in a pull request by itself. 2016-06-14 11:51:22 +01:00
Jjk422
29360d504d Fully completed firewall module and scenario file. Update code built into module, to be removed if/when dependency code is added. 2016-06-14 11:21:10 +01:00
Jjk422
c2e0e510dd Added update exec in module so it can function as a standalone module without the need for unix_update. However this can be removed if/when dependencies code is added. 2016-06-14 08:35:45 +01:00
thomashaw
52f7230e16 PR 33: Minor changes 2016-06-13 18:45:19 +01:00
Jjk422
824abed680 Samba secure service module and example scenario file. Requires update module to function and requires samba install module. 2016-06-13 16:14:40 +01:00
Jjk422
7a9edc68c2 Samba secure service module and example scenario file. Requires update module to function. 2016-06-13 16:08:50 +01:00
Jjk422
b9086a48f2 Update service that performs the repository update for the created vm. Should be machine independent other then selecting whether windows or unix. Commands in the unix_update module need to be modified for different systems to be absolute paths. Added windows services directory and included a puppetforge module to control auto-updates within windows. 2016-06-10 10:52:09 +01:00
Z. Cliffe Schreuders
b5b19fe1c5 Major overhaul of code base! 2016-06-09 00:03:04 +01:00
Connor Wilson
d6b3ed18ab Relates to SG-11 : adds missing puppet module 2016-03-28 21:16:17 +01:00