digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-22 03:38:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
563 Commits 38 Branches 0 Tags
ids_lab
Commit Graph

142 Commits

Author SHA1 Message Date
Z. Cliffe Schreuders
ce502abcdb Hackerbot, labs, and associated changes 2017-09-28 16:35:28 +01:00
thomashaw
24ce91af38 cleanup: removed reference to <breadcrumb> 2017-09-20 22:21:38 +01:00
thomashaw
b5bb17ee59 minor improvements to leaked_file permissions, metadata, and scenarios 2017-09-20 22:08:40 +01:00
thomashaw
8b2a92915e vulnerabilities/vsftpd_234_backdoor: now uses organisations 2017-08-19 13:44:16 +01:00
thomashaw
458eb3be81 vulnerabilities/proftpd_133c_backdoor: now uses organisations 2017-08-19 13:19:36 +01:00
thomashaw
71794e13a1 vulnerabilities/unrealirc_3281: now uses organisations 2017-08-19 12:50:02 +01:00
thomashaw
aa23500fdd vulnerabilities/moinmoin_195: now uses organisations 2017-08-19 12:23:25 +01:00
thomashaw
7a115e2340 vulnerabilities/samba_symlink: updated comment 2017-08-16 19:18:43 +01:00
thomashaw
d445c3bdc1 vulnerabilities/samba_symlink: now uses organisations 2017-08-16 19:17:33 +01:00
thomashaw
c6ee0316a1 vulnerabilities/samba_pws: now uses organisations 2017-08-16 19:09:05 +01:00
Z. Cliffe Schreuders
246443bb5e ssh root login vulnerability, and some other code cleanup 2017-08-03 22:39:43 +01:00
thomashaw
22aaf7fbb4 updating scenario.xml's which refer to old username generators via module_path 2017-06-29 15:51:13 +01:00
thomashaw
a853bf8db5 ssh_leaked_keys + onlinestore: added hints 2017-06-23 23:28:11 +01:00
thomashaw
6a98deae3e hidden_file, now uses different filename than the account + strings_to_leak instead of flag 2017-06-23 15:30:35 +01:00
thomashaw
58c53269ad Hints: hidden_file, onlinestore, passwordless_account 2017-06-21 22:35:01 +01:00
thomashaw
22f72a0b38 onlinestore: added functionality to have killed_on support multiple different dates 2017-06-21 20:37:58 +01:00
thomashaw
7ad35cbafd new module: vulnerabilities/unix/system/passwordless_user_account 2017-06-20 11:08:32 +01:00
thomashaw
f98d73f02a 2 apaches: onlinestore updates 2017-06-20 11:07:33 +01:00
thomashaw
eec0423443 access_control_misconfigurations/readable_shadow: fixed typo 2017-06-20 10:33:53 +01:00
thomashaw
e973d89f90 2 apaches instances: parameterised_website + gitlist port changes 2017-06-15 17:18:06 +01:00
thomashaw
e7b777eb9a 2 apache instances: metadata updates 2017-06-15 17:17:12 +01:00
thomashaw
210f5cdfbe new module: ctf/hidden_file - drops a hidden linux file prepended with a dot, containing a flag, into either the provided account's home directory OR the provided storage_directory 2017-06-08 11:24:23 +01:00
thomashaw
f59c18adf0 new module: ctf/java_decompile - based on picoctf-2013 2017-06-06 20:49:21 +01:00
thomashaw
875524afc6 dc16_feedme: Reversing / pwnable module from defcon 2016 qualifiers 2017-06-06 16:20:24 +01:00
thomashaw
a4226665aa dc16_b3s23: Reversing / programming module from defcon 2016 qualifiers 2017-06-06 15:02:18 +01:00
thomashaw
4e25e6a85c dc16_amadhj: using new install_setuid_root_binary 2017-06-06 15:01:06 +01:00
thomashaw
ada45e9420 New function: secgen_functions::install_setuid_root_binary 
Updated dc16_amadhj to use this function
 2017-06-06 11:26:34 +01:00
thomashaw
88265a1271 defcon16_amadhj: installing and has correct permissions -- refactor installation of setuid binary challenges into a secgen_function 2017-06-05 13:19:49 +01:00
thomashaw
03172d955c WIP:: implementing defcon qualifier challenges -- amadhj (reversing challenge, leak a binary + expose a pwnable service running the binary) 2017-05-30 12:28:42 +01:00
thomashaw
2dc7d93d33 utilities/parameterised_accounts: adds an account with a strong password by default 
vulnerabilities/crackable_user_account: adds an account with a weak password by default
 2017-05-30 11:23:58 +01:00
thomashaw
5e7689316b vulnerabilities/parameterised_accounts => utilities/parameterised_accounts 2017-05-24 13:01:42 +01:00
thomashaw
0b875871e0 uid_less_root/uid_vi_root: updating metadata 2017-05-24 09:58:43 +01:00
thomashaw
15d594144d access control misconfigurations: uid_bash_root 2017-05-24 09:57:50 +01:00
thomashaw
48385db779 access control misconfiguration: writable_passwd -- enforced the order in accounts::users w/ multiple ac misconfigs at same time 2017-05-23 17:51:27 +01:00
thomashaw
c39ec63434 Enforce run order of parameterised_accounts and writable_groups 2017-05-22 16:47:24 +01:00
thomashaw
09abd74235 access control misconfiguration: readable shadow 2017-05-22 13:31:24 +01:00
thomashaw
152f59e3f1 access control misconfiguration: writable groups 2017-05-22 13:30:23 +01:00
thomashaw
e283775ed3 access control misconfiguration: writable shadow 2017-05-22 13:29:46 +01:00
thomashaw
0155018879 access control misconfiguration: readable /etc/shadow file 2017-05-22 12:45:45 +01:00
thomashaw
2b93c8c20d access control misconfiguration: suid_root_nano 2017-05-22 11:53:25 +01:00
thomashaw
6e98c95504 Merge remote-tracking branch 'origin/randomise_service_ports' 2017-05-20 15:06:18 +01:00
thomashaw
05cd757f55 Fixed samba concat{} error with newer versions of puppet / stdlib 2017-05-20 14:02:22 +01:00
thomashaw
6b5c66f586 Parameterised port - vulnerabilities/unrealirc_3281_backdoor 2017-05-20 11:37:06 +01:00
thomashaw
3c6e0a5a24 Parameterised port - vulnerabilities/proftpd_133c_backdoor 2017-05-20 11:37:06 +01:00
thomashaw
ae41400392 Parameterised port - vulnerability/vsftpd_backdoor 2017-05-20 11:37:06 +01:00
thomashaw
428d39a279 vulnerabilities/onlinestore: parameterised dealer_id / murderer_id / murdered_ids / murdered_on. Updated scenarios/../leeds_beckett_online_store.xml 2017-05-13 20:00:32 +01:00
thomashaw
58907d171d parameterised online_store 2017-05-11 15:02:56 +01:00
thomashaw
815a5915e6 moved parameterised_website from vulnerabilities to services 2017-05-01 14:44:32 +01:00
thomashaw
4d6d2a1ed1 null check on tab parameters 2017-05-01 14:28:32 +01:00
thomashaw
f65d7a5d15 Moved js loading back to the to footer 2017-05-01 14:27:17 +01:00