digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-22 11:48:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
817 Commits 38 Branches 0 Tags
ids_test
Commit Graph

154 Commits

Author SHA1 Message Date
ts
c5db8da1c9 Adding samba conflicts 2018-10-19 13:46:50 +01:00
ts
fdeb28e246 Stretch update merge: mysql & php for stretch, module conflicts and general cleanup 2018-10-19 13:46:50 +01:00
ts
f0bb2a26e1 Testing script, stretch fixes + code review 2018-10-19 13:46:49 +01:00
Z. Cliffe Schreuders
dd86385c43 lab updates 2018-10-19 11:30:55 +01:00
Z. Cliffe Schreuders
3736d0096d update repo 2018-10-16 13:20:01 +01:00
ts
5208ae5cc7 Squashed WNS + IRI DL work 2018-09-21 12:34:26 +01:00
Z. Cliffe Schreuders
a49793a4cb merge dvwa into master 2018-02-19 23:48:22 +00:00
Z. Cliffe Schreuders
4219937aa3 improved error handling and cleanup 2018-02-19 23:39:23 +00:00
Z. Cliffe Schreuders
25d19b983f dvwa module 2018-02-19 23:36:17 +00:00
ts
512d6ee03d Merge fix - updating apache scenario references and requires to .*apache 2018-02-15 12:23:53 +00:00
thomashaw
6045c1f187 hackerbot merge - includes lots of other changes 2018-02-08 13:14:22 +00:00
Cliffe
a0325f6c3d Desktop root requires "physical" access (not shell) 2018-01-25 15:21:51 +00:00
thomashaw
be454cc8bd ssh_leaked_keys, no longer requires user_rw. param website doesn't drop a flag by default, additions to .gitignore 2017-11-17 16:45:40 +00:00
thomashaw
24ce91af38 cleanup: removed reference to <breadcrumb> 2017-09-20 22:21:38 +01:00
thomashaw
b5bb17ee59 minor improvements to leaked_file permissions, metadata, and scenarios 2017-09-20 22:08:40 +01:00
thomashaw
8b2a92915e vulnerabilities/vsftpd_234_backdoor: now uses organisations 2017-08-19 13:44:16 +01:00
thomashaw
458eb3be81 vulnerabilities/proftpd_133c_backdoor: now uses organisations 2017-08-19 13:19:36 +01:00
thomashaw
71794e13a1 vulnerabilities/unrealirc_3281: now uses organisations 2017-08-19 12:50:02 +01:00
thomashaw
aa23500fdd vulnerabilities/moinmoin_195: now uses organisations 2017-08-19 12:23:25 +01:00
thomashaw
7a115e2340 vulnerabilities/samba_symlink: updated comment 2017-08-16 19:18:43 +01:00
thomashaw
d445c3bdc1 vulnerabilities/samba_symlink: now uses organisations 2017-08-16 19:17:33 +01:00
thomashaw
c6ee0316a1 vulnerabilities/samba_pws: now uses organisations 2017-08-16 19:09:05 +01:00
Z. Cliffe Schreuders
246443bb5e ssh root login vulnerability, and some other code cleanup 2017-08-03 22:39:43 +01:00
thomashaw
22aaf7fbb4 updating scenario.xml's which refer to old username generators via module_path 2017-06-29 15:51:13 +01:00
thomashaw
a853bf8db5 ssh_leaked_keys + onlinestore: added hints 2017-06-23 23:28:11 +01:00
thomashaw
6a98deae3e hidden_file, now uses different filename than the account + strings_to_leak instead of flag 2017-06-23 15:30:35 +01:00
thomashaw
58c53269ad Hints: hidden_file, onlinestore, passwordless_account 2017-06-21 22:35:01 +01:00
thomashaw
22f72a0b38 onlinestore: added functionality to have killed_on support multiple different dates 2017-06-21 20:37:58 +01:00
thomashaw
7ad35cbafd new module: vulnerabilities/unix/system/passwordless_user_account 2017-06-20 11:08:32 +01:00
thomashaw
f98d73f02a 2 apaches: onlinestore updates 2017-06-20 11:07:33 +01:00
thomashaw
eec0423443 access_control_misconfigurations/readable_shadow: fixed typo 2017-06-20 10:33:53 +01:00
thomashaw
e973d89f90 2 apaches instances: parameterised_website + gitlist port changes 2017-06-15 17:18:06 +01:00
thomashaw
e7b777eb9a 2 apache instances: metadata updates 2017-06-15 17:17:12 +01:00
thomashaw
210f5cdfbe new module: ctf/hidden_file - drops a hidden linux file prepended with a dot, containing a flag, into either the provided account's home directory OR the provided storage_directory 2017-06-08 11:24:23 +01:00
thomashaw
f59c18adf0 new module: ctf/java_decompile - based on picoctf-2013 2017-06-06 20:49:21 +01:00
thomashaw
875524afc6 dc16_feedme: Reversing / pwnable module from defcon 2016 qualifiers 2017-06-06 16:20:24 +01:00
thomashaw
a4226665aa dc16_b3s23: Reversing / programming module from defcon 2016 qualifiers 2017-06-06 15:02:18 +01:00
thomashaw
4e25e6a85c dc16_amadhj: using new install_setuid_root_binary 2017-06-06 15:01:06 +01:00
thomashaw
ada45e9420 New function: secgen_functions::install_setuid_root_binary 
Updated dc16_amadhj to use this function
 2017-06-06 11:26:34 +01:00
thomashaw
88265a1271 defcon16_amadhj: installing and has correct permissions -- refactor installation of setuid binary challenges into a secgen_function 2017-06-05 13:19:49 +01:00
thomashaw
03172d955c WIP:: implementing defcon qualifier challenges -- amadhj (reversing challenge, leak a binary + expose a pwnable service running the binary) 2017-05-30 12:28:42 +01:00
thomashaw
2dc7d93d33 utilities/parameterised_accounts: adds an account with a strong password by default 
vulnerabilities/crackable_user_account: adds an account with a weak password by default
 2017-05-30 11:23:58 +01:00
thomashaw
5e7689316b vulnerabilities/parameterised_accounts => utilities/parameterised_accounts 2017-05-24 13:01:42 +01:00
thomashaw
0b875871e0 uid_less_root/uid_vi_root: updating metadata 2017-05-24 09:58:43 +01:00
thomashaw
15d594144d access control misconfigurations: uid_bash_root 2017-05-24 09:57:50 +01:00
thomashaw
48385db779 access control misconfiguration: writable_passwd -- enforced the order in accounts::users w/ multiple ac misconfigs at same time 2017-05-23 17:51:27 +01:00
thomashaw
c39ec63434 Enforce run order of parameterised_accounts and writable_groups 2017-05-22 16:47:24 +01:00
thomashaw
09abd74235 access control misconfiguration: readable shadow 2017-05-22 13:31:24 +01:00
thomashaw
152f59e3f1 access control misconfiguration: writable groups 2017-05-22 13:30:23 +01:00
thomashaw
e283775ed3 access control misconfiguration: writable shadow 2017-05-22 13:29:46 +01:00