digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 19:28:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,371 Commits 38 Branches 0 Tags
s2progress
Commit Graph

35 Commits

Author SHA1 Message Date
Z. Cliffe Schreuders
c573d13699 lab updates 2019-02-08 22:31:13 +00:00
Z. Cliffe Schreuders
59af7ba1d9 groups 2019-02-07 21:51:53 +00:00
thomashaw
559c414f3b Task 9: CTF challenge directory structure which matches the categories 2018-11-16 10:19:08 +00:00
thomashaw
9a4c167a62 Task 8: Metadata additions for challenge_type and challenge_subtype 2018-11-16 10:19:08 +00:00
ts
b645916da9 WiP: Script container and script generator tracer code - need to build the shebang into the module and finish implementing setuid script function 2018-11-16 10:19:08 +00:00
ts
45e5ad0646 Install setgid binary 2018-11-16 10:19:08 +00:00
ts
fdeb28e246 Stretch update merge: mysql & php for stretch, module conflicts and general cleanup 2018-10-19 13:46:50 +01:00
ts
f0bb2a26e1 Testing script, stretch fixes + code review 2018-10-19 13:46:49 +01:00
Z. Cliffe Schreuders
3736d0096d update repo 2018-10-16 13:20:01 +01:00
ts
5eda7c5d34 Merge branch 'team_project' into team_project_merge 
# Conflicts:
#	.gitignore
#	modules/services/unix/http/parameterised_website/secgen_metadata.xml
 2018-02-07 15:47:48 +00:00
thomashaw
be454cc8bd ssh_leaked_keys, no longer requires user_rw. param website doesn't drop a flag by default, additions to .gitignore 2017-11-17 16:45:40 +00:00
Z. Cliffe Schreuders
ce502abcdb Hackerbot, labs, and associated changes 2017-09-28 16:35:28 +01:00
thomashaw
24ce91af38 cleanup: removed reference to <breadcrumb> 2017-09-20 22:21:38 +01:00
thomashaw
b5bb17ee59 minor improvements to leaked_file permissions, metadata, and scenarios 2017-09-20 22:08:40 +01:00
Z. Cliffe Schreuders
246443bb5e ssh root login vulnerability, and some other code cleanup 2017-08-03 22:39:43 +01:00
thomashaw
22aaf7fbb4 updating scenario.xml's which refer to old username generators via module_path 2017-06-29 15:51:13 +01:00
thomashaw
a853bf8db5 ssh_leaked_keys + onlinestore: added hints 2017-06-23 23:28:11 +01:00
thomashaw
58c53269ad Hints: hidden_file, onlinestore, passwordless_account 2017-06-21 22:35:01 +01:00
thomashaw
7ad35cbafd new module: vulnerabilities/unix/system/passwordless_user_account 2017-06-20 11:08:32 +01:00
thomashaw
2dc7d93d33 utilities/parameterised_accounts: adds an account with a strong password by default 
vulnerabilities/crackable_user_account: adds an account with a weak password by default
 2017-05-30 11:23:58 +01:00
thomashaw
5e7689316b vulnerabilities/parameterised_accounts => utilities/parameterised_accounts 2017-05-24 13:01:42 +01:00
thomashaw
48385db779 access control misconfiguration: writable_passwd -- enforced the order in accounts::users w/ multiple ac misconfigs at same time 2017-05-23 17:51:27 +01:00
thomashaw
c39ec63434 Enforce run order of parameterised_accounts and writable_groups 2017-05-22 16:47:24 +01:00
thomashaw
398ca4df47 vulnerabilities/unix/system/symlinks - CTF module with symlink (TOCTTOU) vulnerability with binary setgid shadow + crackable weak password 2017-04-18 14:37:16 +01:00
thomashaw
ce9a6f3de7 CTF module - vulnerabilities/unix/system/two_shell_calls (by Meehein @ University of Birmingham) 2017-04-14 12:44:58 +01:00
thomashaw
57a7dc69f6 ssh_leaked_keys - dynamically generated key 
(cherry picked from commit b3e248c)
 2017-04-04 16:30:52 +01:00
thomashaw
42ac95b3ab ssh_leaked_keys: adding strings_to_leak flag read_fact 2017-03-31 13:31:35 +01:00
Mihai Ordean
46827cd22c added ssh_leaked_keys module 2017-03-17 16:32:59 +00:00
thomashaw
32091ed0fe Special Character work + generator/encoder superclass refactor. 
The full Vagrantfile facter string has been encoded in b64 for now, would be nice to b64 the individual arguments rather than the whole string.
 2017-03-01 19:19:54 +00:00
thomashaw
e8f8dcece4 Team project work squashed + removed dead code 2017-02-17 14:59:07 +00:00
thomashaw
373b0bc5dc Parameterised Website using datastores. Loads of generators and encoders. Check out the example scenarios. 2017-01-15 19:56:13 +00:00
thomashaw
007863e05c weak_password_generator <type> added to the weak and common pw gens, fixed typo in account_hash_builder 2016-12-08 10:54:21 +00:00
thomashaw
17f425b37f Multiple leaked files, new secgen_functions module encapsulating the file_leak and overshare.erb logic. Updated old modules to use the new resource type. 2016-12-08 10:43:48 +00:00
thomashaw
7d7d2e2677 Rework: Moved hello_world to messages. Changed write_fact to output_type. Updated PATH constants to DIR. Changed string generators to more specific message_generator in strings_to_leak. 2016-12-05 17:15:55 +00:00
thomashaw
733c871072 Additional parameterisation. New modules: parameterised_accounts, generators and an account_encoder. Added plenty of parameters/default_inputs to currently existing vulnerability modules. 2016-11-30 18:09:22 +00:00