digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-22 19:58:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
288 Commits 38 Branches 0 Tags
25771b63444e7bb021aa244cbce23856ea6eb552
Commit Graph

140 Commits

Author SHA1 Message Date
thomashaw
3028e076d9 parameterise local root level vulnerabilities -- added strings_to_leak 2017-03-16 13:20:32 +00:00
thomashaw
53149f3fd5 Misc. changes / cleanup 2017-03-16 12:39:50 +00:00
thomashaw
7c4d21e942 generators/images/qr_code: creates a QR code out of a string(usually a flag) and outputs it as a .png represented as a base64 string. 2017-03-16 12:32:33 +00:00
thomashaw
638e87e571 generators/challenges/hidden_data_in_image_file: Appends strings_to_leak to a random image's raw data. 2017-03-16 12:22:03 +00:00
thomashaw
8d61097be5 encoders/string/hex: string to oct encoder - Encodes a string into each character's octal representation 2017-03-16 12:21:03 +00:00
thomashaw
8b83eb1ac3 encoders/string/hex: string to hex encoder - Encodes a string into hexadecimal 2017-03-16 12:18:11 +00:00
thomashaw
bb884e9ffc generators/image/random_image: Returns random image as a base64 string. leaks the image to the parameterised_website. Icons in the public domain - thanks to http://publicicons.org/ 2017-03-16 12:03:22 +00:00
thomashaw
895af9ae89 generators/challenges/bitwise_xor: input is a string_to_mask, output is 2 random bit streams that can, when bitwise xor'd together, reveal the string_to_mask. 2017-03-16 11:09:46 +00:00
thomashaw
5b76e04f9b Encoder: Morse Code. 'parentheses' mapped to [], { }, <> and () to cover as many varieties as we can. Any other character not represented in Morse Code is dropped. 2017-03-16 10:36:02 +00:00
thomashaw
253d983e01 encoders/string/dec: ASCII to DEC encoder - Encodes each character into DEC representation and concats the results 2017-03-16 10:31:01 +00:00
thomashaw
23fcdb626c encoders/string/binary: ASCII to Binary encoder 2017-03-16 10:29:07 +00:00
Z. Cliffe Schreuders
e48cd1b250 mark ascii_value_shift as being ascii_reversable 2017-03-14 17:34:44 +00:00
Z. Cliffe Schreuders
6a14c417c6 marker.xml for marking CTF flags and providing hints (which have IDs so we don't have to give the same hint twice), also updated organisation of scenarios 2017-03-14 17:30:33 +00:00
thomashaw
e73b0f3d58 Shift Cipher Encoders: caesar_shift and ascii_value_shift 2017-03-03 12:51:26 +00:00
thomashaw
32091ed0fe Special Character work + generator/encoder superclass refactor. 
The full Vagrantfile facter string has been encoded in b64 for now, would be nice to b64 the individual arguments rather than the whole string.
 2017-03-01 19:19:54 +00:00
thomashaw
e8f8dcece4 Team project work squashed + removed dead code 2017-02-17 14:59:07 +00:00
Z. Cliffe Schreuders
9466f26f8e security audit remit generator 2017-02-08 00:41:14 +00:00
thomashaw
43c02f220f Updated for post-parameterisation 2017-01-17 16:27:18 +00:00
thomashaw
f8a97b2842 Parameterised Cleanup Module 2017-01-17 16:11:50 +00:00
thomashaw
373b0bc5dc Parameterised Website using datastores. Loads of generators and encoders. Check out the example scenarios. 2017-01-15 19:56:13 +00:00
Z. Cliffe Schreuders
c6780f4a9e flag{generated_flag} format for flags 2017-01-15 16:12:08 +00:00
Z. Cliffe Schreuders
fcc4630187 desktop xfce 2017-01-08 01:20:04 +00:00
Z. Cliffe Schreuders
0548606f70 minor cleanup and directory restructuring 2017-01-07 21:55:26 +00:00
thomashaw
4d6fb601b7 Revert: Updated puppetforge/apache to latest version 2016-12-30 01:10:33 +00:00
thomashaw
f78e2fc404 Updated puppetforge/apache to latest version 2016-12-21 17:57:52 +00:00
thomashaw
2be095be6c Secure/patched version of chkrootkit vulnerability (utilities/unix/scanners/chkrootkit) 2016-12-20 16:09:06 +00:00
thomashaw
e7019afa86 Fixed shellshock 2016-12-20 15:26:21 +00:00
thomashaw
0d890ee535 Corrected proftpd_133c_backdoor as it gives you a root_rwx privilege, not user_rwx privilege, shell when exploiting this vulnerability. 2016-12-20 14:55:58 +00:00
thomashaw
ad49319447 Removed leftover comment 2016-12-14 13:50:49 +00:00
thomashaw
007863e05c weak_password_generator <type> added to the weak and common pw gens, fixed typo in account_hash_builder 2016-12-08 10:54:21 +00:00
thomashaw
17f425b37f Multiple leaked files, new secgen_functions module encapsulating the file_leak and overshare.erb logic. Updated old modules to use the new resource type. 2016-12-08 10:43:48 +00:00
thomashaw
2f58b35857 Temp fix: removed single quote from welcome_message generator 2016-12-06 18:56:45 +00:00
thomashaw
1595b4f3e3 NFS /etc/exports updated to allow all networks 2016-12-06 10:09:57 +00:00
thomashaw
7d7d2e2677 Rework: Moved hello_world to messages. Changed write_fact to output_type. Updated PATH constants to DIR. Changed string generators to more specific message_generator in strings_to_leak. 2016-12-05 17:15:55 +00:00
thomashaw
733c871072 Additional parameterisation. New modules: parameterised_accounts, generators and an account_encoder. Added plenty of parameters/default_inputs to currently existing vulnerability modules. 2016-11-30 18:09:22 +00:00
thomashaw
f724415cdf Privilege changes: More specific privilege levels. r, rw, rwx for root & user. 2016-11-14 14:34:04 +00:00
Tom
0920f6ef62 Merge pull request #79 from thomashaw/proftpd_service 
Service: ProFTPd
 2016-11-13 23:21:30 +00:00
thomashaw
0ff5f5ba04 Added a requirement for the accounts module. 2016-11-13 23:19:55 +00:00
thomashaw
9b797c7db2 Service: ProFTPd 
WIP: Renamed

proftpd service module cont.
 2016-11-13 22:53:21 +00:00
thomashaw
b1ba6700d4 Vulnerability: chkrootkit 0.49 local privilege escalation 2016-11-13 22:48:21 +00:00
thomashaw
2cf329eeef Vulnerability: Gitlist 0.4.0 webapp with RCE 2016-11-13 22:43:47 +00:00
Z. Cliffe Schreuders
03b739592b README update and some code cleanup 2016-11-08 23:28:52 +00:00
Z. Cliffe Schreuders
9ff06fce7e default values for parameters (modules and literal values) 2016-11-08 00:28:33 +00:00
Z. Cliffe Schreuders
601362a12d random selection between inputs 2016-10-19 19:49:30 +01:00
Z. Cliffe Schreuders
4421c7d99c Merge branch 'parameterisation' 2016-10-18 21:25:17 +01:00
Z. Cliffe Schreuders
e282dde855 Merge branch 'master' of https://github.com/cliffe/SecGen 2016-10-18 21:23:02 +01:00
Z. Cliffe Schreuders
e63aa00e0a parameterisation 2016-10-18 21:19:47 +01:00
Tom
7c5991e03f Merge pull request #76 from Jjk422/new_smbclient_service_module 
Smbclient utility module.
 2016-09-20 09:05:52 +01:00
Jjk422
880b42e200 Requested changes have been made: 
secgen_metadata.xml:7 :: Removed line
smbclient_utility.xml:8 :: Corrected smbclinet_utility to smbclient_utility.
 2016-09-20 08:53:24 +01:00
Jjk422
eb55b69dff Smbclient utility module. 
Scenario file found at '/home/user/RubymineProjects/SecGen/scenarios/simple_examples/smbclient_utility.xml'
 2016-09-13 12:05:08 +01:00