digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 19:28:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
309 Commits 38 Branches 0 Tags
03aaae2bc3a405628d059ae66dfd00459598e617
Commit Graph

152 Commits

Author SHA1 Message Date
thomashaw
03aaae2bc3 xfce desktop environment: extracted out auto login as root into vulnerability module 2017-03-24 15:30:30 +00:00
thomashaw
75056b8bc8 Adding images_to_leak to appropriate modules. Use ::secgen_functions::leak_files to leak one or more images. Updated parameterised_website to leak multiple images. Updated gitlist to create a git repo with leaked strings and images. 2017-03-23 20:58:35 +00:00
thomashaw
6918eb1d3e Minor fixes - parameterised_website leaks multiple strings_to_leak & metadata corrections 2017-03-21 11:44:17 +00:00
thomashaw
78b97bdeeb Vignere Cipher - Takes strings_to_encode and encryption_key, outputs: KEY_CIPHERTEXT 2017-03-21 11:44:07 +00:00
thomashaw
b9395ac69a Selecting default_inputs on specific generators rather than string_generator 2017-03-21 11:28:26 +00:00
thomashaw
94aa36cb2b strong_password_generator 2017-03-20 14:31:56 +00:00
Mihai Ordean
86192340d7 removed debian 8.2 2017-03-18 08:54:49 +00:00
Mihai Ordean
46827cd22c added ssh_leaked_keys module 2017-03-17 16:32:59 +00:00
Mihai Ordean
cb0f6ac289 Merge https://github.com/cliffe/SecGen 2017-03-16 14:04:00 +00:00
thomashaw
3028e076d9 parameterise local root level vulnerabilities -- added strings_to_leak 2017-03-16 13:20:32 +00:00
thomashaw
53149f3fd5 Misc. changes / cleanup 2017-03-16 12:39:50 +00:00
thomashaw
7c4d21e942 generators/images/qr_code: creates a QR code out of a string(usually a flag) and outputs it as a .png represented as a base64 string. 2017-03-16 12:32:33 +00:00
thomashaw
638e87e571 generators/challenges/hidden_data_in_image_file: Appends strings_to_leak to a random image's raw data. 2017-03-16 12:22:03 +00:00
thomashaw
8d61097be5 encoders/string/hex: string to oct encoder - Encodes a string into each character's octal representation 2017-03-16 12:21:03 +00:00
thomashaw
8b83eb1ac3 encoders/string/hex: string to hex encoder - Encodes a string into hexadecimal 2017-03-16 12:18:11 +00:00
thomashaw
bb884e9ffc generators/image/random_image: Returns random image as a base64 string. leaks the image to the parameterised_website. Icons in the public domain - thanks to http://publicicons.org/ 2017-03-16 12:03:22 +00:00
thomashaw
895af9ae89 generators/challenges/bitwise_xor: input is a string_to_mask, output is 2 random bit streams that can, when bitwise xor'd together, reveal the string_to_mask. 2017-03-16 11:09:46 +00:00
thomashaw
5b76e04f9b Encoder: Morse Code. 'parentheses' mapped to [], { }, <> and () to cover as many varieties as we can. Any other character not represented in Morse Code is dropped. 2017-03-16 10:36:02 +00:00
thomashaw
253d983e01 encoders/string/dec: ASCII to DEC encoder - Encodes each character into DEC representation and concats the results 2017-03-16 10:31:01 +00:00
thomashaw
23fcdb626c encoders/string/binary: ASCII to Binary encoder 2017-03-16 10:29:07 +00:00
Z. Cliffe Schreuders
e48cd1b250 mark ascii_value_shift as being ascii_reversable 2017-03-14 17:34:44 +00:00
Z. Cliffe Schreuders
6a14c417c6 marker.xml for marking CTF flags and providing hints (which have IDs so we don't have to give the same hint twice), also updated organisation of scenarios 2017-03-14 17:30:33 +00:00
Mihai Ordean
d9391d384f added check to verify if leaked files is empty 2017-03-13 15:10:17 +00:00
Mihai Ordean
6c97d81250 added gnome desktop env. for debian 2017-03-13 10:44:26 +00:00
Mihai Ordean
45543b2662 added debian 8.2 base 2017-03-13 10:43:16 +00:00
thomashaw
e73b0f3d58 Shift Cipher Encoders: caesar_shift and ascii_value_shift 2017-03-03 12:51:26 +00:00
thomashaw
32091ed0fe Special Character work + generator/encoder superclass refactor. 
The full Vagrantfile facter string has been encoded in b64 for now, would be nice to b64 the individual arguments rather than the whole string.
 2017-03-01 19:19:54 +00:00
thomashaw
e8f8dcece4 Team project work squashed + removed dead code 2017-02-17 14:59:07 +00:00
Z. Cliffe Schreuders
9466f26f8e security audit remit generator 2017-02-08 00:41:14 +00:00
thomashaw
43c02f220f Updated for post-parameterisation 2017-01-17 16:27:18 +00:00
thomashaw
f8a97b2842 Parameterised Cleanup Module 2017-01-17 16:11:50 +00:00
thomashaw
373b0bc5dc Parameterised Website using datastores. Loads of generators and encoders. Check out the example scenarios. 2017-01-15 19:56:13 +00:00
Z. Cliffe Schreuders
c6780f4a9e flag{generated_flag} format for flags 2017-01-15 16:12:08 +00:00
Z. Cliffe Schreuders
fcc4630187 desktop xfce 2017-01-08 01:20:04 +00:00
Z. Cliffe Schreuders
0548606f70 minor cleanup and directory restructuring 2017-01-07 21:55:26 +00:00
thomashaw
4d6fb601b7 Revert: Updated puppetforge/apache to latest version 2016-12-30 01:10:33 +00:00
thomashaw
f78e2fc404 Updated puppetforge/apache to latest version 2016-12-21 17:57:52 +00:00
thomashaw
2be095be6c Secure/patched version of chkrootkit vulnerability (utilities/unix/scanners/chkrootkit) 2016-12-20 16:09:06 +00:00
thomashaw
e7019afa86 Fixed shellshock 2016-12-20 15:26:21 +00:00
thomashaw
0d890ee535 Corrected proftpd_133c_backdoor as it gives you a root_rwx privilege, not user_rwx privilege, shell when exploiting this vulnerability. 2016-12-20 14:55:58 +00:00
thomashaw
ad49319447 Removed leftover comment 2016-12-14 13:50:49 +00:00
thomashaw
007863e05c weak_password_generator <type> added to the weak and common pw gens, fixed typo in account_hash_builder 2016-12-08 10:54:21 +00:00
thomashaw
17f425b37f Multiple leaked files, new secgen_functions module encapsulating the file_leak and overshare.erb logic. Updated old modules to use the new resource type. 2016-12-08 10:43:48 +00:00
thomashaw
2f58b35857 Temp fix: removed single quote from welcome_message generator 2016-12-06 18:56:45 +00:00
thomashaw
1595b4f3e3 NFS /etc/exports updated to allow all networks 2016-12-06 10:09:57 +00:00
thomashaw
7d7d2e2677 Rework: Moved hello_world to messages. Changed write_fact to output_type. Updated PATH constants to DIR. Changed string generators to more specific message_generator in strings_to_leak. 2016-12-05 17:15:55 +00:00
thomashaw
733c871072 Additional parameterisation. New modules: parameterised_accounts, generators and an account_encoder. Added plenty of parameters/default_inputs to currently existing vulnerability modules. 2016-11-30 18:09:22 +00:00
thomashaw
f724415cdf Privilege changes: More specific privilege levels. r, rw, rwx for root & user. 2016-11-14 14:34:04 +00:00
Tom
0920f6ef62 Merge pull request #79 from thomashaw/proftpd_service 
Service: ProFTPd
 2016-11-13 23:21:30 +00:00
thomashaw
0ff5f5ba04 Added a requirement for the accounts module. 2016-11-13 23:19:55 +00:00