SecGen

mirror of https://github.com/cliffe/SecGen.git synced 2026-02-22 19:58:03 +00:00

Author	SHA1	Message	Date
thomashaw	0155018879	access control misconfiguration: readable /etc/shadow file	2017-05-22 12:45:45 +01:00
thomashaw	2b93c8c20d	access control misconfiguration: suid_root_nano	2017-05-22 11:53:25 +01:00
thomashaw	6e98c95504	Merge remote-tracking branch 'origin/randomise_service_ports'	2017-05-20 15:06:18 +01:00
thomashaw	05cd757f55	Fixed samba concat{} error with newer versions of puppet / stdlib	2017-05-20 14:02:22 +01:00
thomashaw	6b5c66f586	Parameterised port - vulnerabilities/unrealirc_3281_backdoor	2017-05-20 11:37:06 +01:00
thomashaw	bdc6c065de	Parameterised port - services/unrealirc	2017-05-20 11:37:06 +01:00
thomashaw	3c6e0a5a24	Parameterised port - vulnerabilities/proftpd_133c_backdoor	2017-05-20 11:37:06 +01:00
thomashaw	42966f4a43	Parameterised port - service/proftpd -- set default port to 21	2017-05-20 11:37:06 +01:00
thomashaw	3d4c0fa98a	Parameterised port - service/proftpd	2017-05-20 11:37:06 +01:00
thomashaw	e0a0e1f8d4	Parameterised port - service/vsftp -- fixed	2017-05-20 11:37:06 +01:00
thomashaw	a0949b57e5	Parameterised port - service/vsftp (WIP)	2017-05-20 11:37:06 +01:00
thomashaw	ae41400392	Parameterised port - vulnerability/vsftpd_backdoor	2017-05-20 11:37:06 +01:00
thomashaw	8d426c6580	services/parameterised_webiste: Business facts can be blank. no manager / employee data will hide the contacts page.	2017-05-14 23:04:47 +01:00
thomashaw	428d39a279	vulnerabilities/onlinestore: parameterised dealer_id / murderer_id / murdered_ids / murdered_on. Updated scenarios/../leeds_beckett_online_store.xml	2017-05-13 20:00:32 +01:00
thomashaw	5c24e13577	Date generator module_name fix	2017-05-13 17:46:22 +01:00
thomashaw	2686331510	encoders/string_selector_with_exclusions	2017-05-13 16:29:36 +01:00
thomashaw	034c2ec409	generators/date_generator: added mysql_datetime format	2017-05-13 16:29:19 +01:00
thomashaw	58907d171d	parameterised online_store	2017-05-11 15:02:56 +01:00
thomashaw	577272aa61	generators/compression/zip: Added optional password to zip file generator	2017-05-09 16:29:27 +01:00
thomashaw	2f05fd4797	undo accidental removal of rot13 puppet files	2017-05-09 16:21:31 +01:00
thomashaw	a15211822f	changed vignere to vigenere	2017-05-09 15:48:06 +01:00
thomashaw	22cfa3027e	removing special chars from b64 flag generator + changed qr code link	2017-05-09 15:24:46 +01:00
thomashaw	66aa51dd9d	Updating hints	2017-05-09 12:37:12 +01:00
thomashaw	e8d12deb0e	parameterised_website: changed error message	2017-05-08 13:11:00 +01:00
thomashaw	366fe6cbdd	Cleaning up some TODOs	2017-05-04 11:46:39 +01:00
thomashaw	342b64e481	hidden_zip_in_image_file: added example & now removes the archive from disk after storing it in memory	2017-05-04 11:38:45 +01:00
thomashaw	66893ee6cd	generators/compression/zip (takes strings_to_leak) & generators/challenges/hidden_zip_in_image_file (takes a zip file + concats)	2017-05-03 13:53:33 +01:00
thomashaw	455907842b	marker.xml now picks up <hint> tags. edited a couple of the <hints>	2017-05-03 11:58:31 +01:00
thomashaw	313773bd57	moved to parameterised_website from /webapp/ to /http/	2017-05-03 11:57:53 +01:00
thomashaw	8db4c6ab81	Image Generators no longer select from readme_gifs. Moved png's into /misc directory.	2017-05-02 16:54:59 +01:00
thomashaw	943a614db7	Added hints to string encoders. Prepend leading 0's to decimal and octal encoders.	2017-05-02 16:46:54 +01:00
thomashaw	1dd5f400b3	spelling corrections: vignere to vigenere, _reversable to _reversible	2017-05-02 14:45:27 +01:00
thomashaw	bacd0b5f78	Add <hint> links to generator and encoder challenge modules including schema change to include <hint> tags. Added exif_metadata scenario.	2017-05-02 14:42:03 +01:00
thomashaw	815a5915e6	moved parameterised_website from vulnerabilities to services	2017-05-01 14:44:32 +01:00
thomashaw	4d6d2a1ed1	null check on tab parameters	2017-05-01 14:28:32 +01:00
thomashaw	f65d7a5d15	Moved js loading back to the to footer	2017-05-01 14:27:17 +01:00
thomashaw	288f70fbd2	Moved the images below the tabs	2017-05-01 14:00:17 +01:00
thomashaw	c7047e4e12	Parameterised 'Start here!' tab	2017-05-01 13:21:25 +01:00
thomashaw	4d34a7a89d	Changed the tab position and updated the scenario.xml	2017-05-01 11:57:40 +01:00
thomashaw	f2df7485ba	Added hidden_tabs to parameterised website	2017-04-29 12:06:50 +01:00
thomashaw	fa88a0fc6b	Tabbed pane now displays in main_container.html.erb + generate the tab pages from new read_fact = visible_tabs. Also added read_fact = hidden_tabs which needs implementing next. The hidden tabs names should begin with tab_0.html, then increment from tab_(visible_tabs.length+1).html. The hidden tabs should not be indexed on the main page.	2017-04-27 20:02:43 +01:00
thomashaw	6f7b2f0edf	generators/html_snippet: input header and paragraphs, wrap them in <h3> and <p> tags.	2017-04-27 20:00:42 +01:00
thomashaw	9781976467	active tab changes on click	2017-04-27 13:48:40 +01:00
thomashaw	25e3065768	AJAX loading data into <div> from from html files.	2017-04-27 13:13:03 +01:00
thomashaw	a78af06f9b	Added JQuery + custom .js file, updated bootstrap / css	2017-04-27 12:28:28 +01:00
thomashaw	ce61074bf1	vulnerabilities/unix/webapp/onlinestore - db_password is now dynamically generated	2017-04-18 16:22:52 +01:00
thomashaw	0b99e58c27	CTF module - vulnerabilities/unix/webapp/onlinestore (by Meehein @ University of Birmingham)	2017-04-18 15:46:13 +01:00
thomashaw	398ca4df47	vulnerabilities/unix/system/symlinks - CTF module with symlink (TOCTTOU) vulnerability with binary setgid shadow + crackable weak password	2017-04-18 14:37:16 +01:00
thomashaw	ce9a6f3de7	CTF module - vulnerabilities/unix/system/two_shell_calls (by Meehein @ University of Birmingham)	2017-04-14 12:44:58 +01:00
thomashaw	07eaad8199	Project Vagrantfile's now use relative paths. This enables distribution of project's without having to mess with paths.	2017-04-11 11:46:44 +01:00

1 2 3 4 5

223 Commits