digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 19:28:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • ae41400392 Parameterised port - vulnerability/vsftpd_backdoor thomashaw 2017-04-19 12:05:53 +01:00
  • 032de3f7d8 Merge branch 'master' into forensic_image_creation Jjk422 2017-05-20 10:50:29 +01:00
  • 8d426c6580 services/parameterised_webiste: Business facts can be blank. no manager / employee data will hide the contacts page. thomashaw 2017-05-14 23:04:47 +01:00
  • 0e1df49723 vulnerabilities/onlinestore: Uncommented cleanup thomashaw 2017-05-13 20:01:05 +01:00
  • 428d39a279 vulnerabilities/onlinestore: parameterised dealer_id / murderer_id / murdered_ids / murdered_on. Updated scenarios/../leeds_beckett_online_store.xml thomashaw 2017-05-13 20:00:32 +01:00
  • 5c24e13577 Date generator module_name fix thomashaw 2017-05-13 17:46:22 +01:00
  • 2686331510 encoders/string_selector_with_exclusions thomashaw 2017-05-13 16:29:36 +01:00
  • 034c2ec409 generators/date_generator: added mysql_datetime format thomashaw 2017-05-13 16:29:19 +01:00
  • 58907d171d parameterised online_store thomashaw 2017-05-11 15:02:28 +01:00
  • 577272aa61 generators/compression/zip: Added optional password to zip file generator thomashaw 2017-05-09 16:29:27 +01:00
  • 2f05fd4797 undo accidental removal of rot13 puppet files thomashaw 2017-05-09 16:21:31 +01:00
  • a15211822f changed vignere to vigenere thomashaw 2017-05-09 15:48:06 +01:00
  • 22cfa3027e removing special chars from b64 flag generator + changed qr code link thomashaw 2017-05-09 15:24:46 +01:00
  • 66aa51dd9d Updating hints thomashaw 2017-05-09 12:37:12 +01:00
  • e8d12deb0e parameterised_website: changed error message thomashaw 2017-05-08 13:11:00 +01:00
  • f2279534cd edge_hill_scenario.xml => nw_cyber_games.xml thomashaw 2017-05-05 14:21:38 +01:00
  • 366fe6cbdd Cleaning up some TODOs thomashaw 2017-05-04 11:46:39 +01:00
  • 342b64e481 hidden_zip_in_image_file: added example & now removes the archive from disk after storing it in memory thomashaw 2017-05-04 11:38:45 +01:00
  • 66893ee6cd generators/compression/zip (takes strings_to_leak) & generators/challenges/hidden_zip_in_image_file (takes a zip file + concats) thomashaw 2017-05-03 13:53:33 +01:00
  • 455907842b marker.xml now picks up <hint> tags. edited a couple of the <hints> thomashaw 2017-05-03 11:58:31 +01:00
  • 313773bd57 moved to parameterised_website from /webapp/ to /http/ thomashaw 2017-05-03 11:57:53 +01:00
  • 8db4c6ab81 Image Generators no longer select from readme_gifs. Moved png's into /misc directory. thomashaw 2017-05-02 16:54:59 +01:00
  • 943a614db7 Added hints to string encoders. Prepend leading 0's to decimal and octal encoders. thomashaw 2017-05-02 16:46:54 +01:00
  • 1dd5f400b3 spelling corrections: vignere to vigenere, _reversable to _reversible thomashaw 2017-05-02 14:45:27 +01:00
  • bacd0b5f78 Add <hint> links to generator and encoder challenge modules including schema change to include <hint> tags. Added exif_metadata scenario. thomashaw 2017-05-02 14:42:03 +01:00
  • 815a5915e6 moved parameterised_website from vulnerabilities to services thomashaw 2017-05-01 14:44:32 +01:00
  • 4d6d2a1ed1 null check on tab parameters thomashaw 2017-05-01 14:28:32 +01:00
  • f65d7a5d15 Moved js loading back to the to footer thomashaw 2017-05-01 14:27:17 +01:00
  • 288f70fbd2 Moved the images below the tabs thomashaw 2017-05-01 14:00:17 +01:00
  • c7047e4e12 Parameterised 'Start here!' tab thomashaw 2017-05-01 13:21:25 +01:00
  • 4d34a7a89d Changed the tab position and updated the scenario.xml thomashaw 2017-05-01 11:57:40 +01:00
  • f2df7485ba Added hidden_tabs to parameterised website thomashaw 2017-04-29 12:06:50 +01:00
  • fa88a0fc6b Tabbed pane now displays in main_container.html.erb + generate the tab pages from new read_fact = visible_tabs. thomashaw 2017-04-27 20:02:43 +01:00
  • 6f7b2f0edf generators/html_snippet: input header and paragraphs, wrap them in <h3> and <p> tags. thomashaw 2017-04-27 20:00:42 +01:00
  • 9781976467 active tab changes on click thomashaw 2017-04-27 13:48:40 +01:00
  • 25e3065768 AJAX loading data into <div> from from html files. thomashaw 2017-04-27 13:13:03 +01:00
  • a78af06f9b Added JQuery + custom .js file, updated bootstrap / css thomashaw 2017-04-27 12:28:28 +01:00
  • 35fc36a204 edge_hill_scenario initial commit thomashaw 2017-04-24 13:54:02 +01:00
  • 88a98bf5e9 Merge pull request #95 from SecGen/master Cliffe 2017-04-24 10:58:16 +01:00
  • 9383eef84b Added VM configuration options to help so machines can be provisioned to a faster extent if the host computer is powerful enough. Jjk422 2017-04-23 00:28:56 +01:00
  • 7e26b365af New encoding module example. Encoding generators for hashes added: String input: MD5, SHA1, SHA256, SHA384, SHA512 File (path) input: MD5, SHA1 Jjk422 2017-04-20 23:59:12 +01:00
  • d33b4f8430 Added registry module to add registry keys and registry key values. Also added access data registry viewer install module to view registry, although regedit.exe can be used instead. Jjk422 2017-04-20 23:48:04 +01:00
  • 7c2e7f6be4 no_files file added to ensure makeshift puppet module files directory is synced to GitHub Jjk422 2017-04-20 23:37:53 +01:00
  • 812ba7dab8 Merge pull request #6 from cliffe/master Cliffe 2017-04-20 09:02:29 +01:00
  • 36f7bf4e49 Merge branch 'master' of https://github.com/cliffe/SecGen Z. Cliffe Schreuders 2017-04-19 00:13:19 +01:00
  • 4b6c3c2d37 update to work with newer versions of vagrant (where the gem exists but doesn't execute) and update readme with more information and with gifs Z. Cliffe Schreuders 2017-04-19 00:12:46 +01:00
  • aba2e2b028 Fixed error caused by total_memory option whereby the wrong type was not changed to the right type for a calculation in the packerfile (string -> int) Jjk422 2017-04-18 23:13:07 +01:00
  • 004c740ccd Added .no_puppet module to ensure manifests directory is uploaded to GitHub to avoid error. Jjk422 2017-04-18 21:54:33 +01:00
  • b95c96c3bc Added powershell local requires to SecGen metadata of all modules that require powershell. Also added manifests directory that was not commited to remote branch with initial module commit. Jjk422 2017-04-18 21:50:50 +01:00
  • ce61074bf1 vulnerabilities/unix/webapp/onlinestore - db_password is now dynamically generated thomashaw 2017-04-18 16:22:52 +01:00
  • 0b99e58c27 CTF module - vulnerabilities/unix/webapp/onlinestore (by Meehein @ University of Birmingham) thomashaw 2017-04-18 15:46:13 +01:00
  • 398ca4df47 vulnerabilities/unix/system/symlinks - CTF module with symlink (TOCTTOU) vulnerability with binary setgid shadow + crackable weak password thomashaw 2017-04-18 14:37:16 +01:00
  • 00e1f78aa9 Added scenario files to showcase some forensic modules and a chrome history example scenario file. Jjk422 2017-04-16 23:36:24 +01:00
  • 3029312cd1 Ensured all modules done previously could accept input values by adding process_options and get_options_array methods to the generator modules. Jjk422 2017-04-16 23:34:19 +01:00
  • d1152d09d1 Added Sqlite browser install module Jjk422 2017-04-16 23:32:11 +01:00
  • 1649f39756 Chrome Internet history module Allows for the insertion of the chrome History file with choice of number of generic and cybercrime urls with inputted time range. Jjk422 2017-04-16 17:55:02 +01:00
  • 6fb49684e9 Illegal image module cat Allows for the placing of cat images (represent illegal images). May have some difficulty with multiple cat images due to framework placing all base64 inputs and outputs into a single hash, this may need to be resolved for multiple modules Jjk422 2017-04-16 10:15:05 +01:00
  • 6600bd1269 Timestamp scenario module Created timestamp scenario example for all main timestamp modules Jjk422 2017-04-15 20:41:19 +01:00
  • c99c12ea5c Basic timestamp modules Now all timestamp modules have default randomisation. May need to fix specifying values manually. Jjk422 2017-04-15 20:20:06 +01:00
  • 4acc43323a Basic timestamp modules Jjk422 2017-04-15 18:25:26 +01:00
  • ce9a6f3de7 CTF module - vulnerabilities/unix/system/two_shell_calls (by Meehein @ University of Birmingham) thomashaw 2017-04-14 12:44:58 +01:00
  • d64ea06f4d Merge branch 'master-forensics' into master-forensics-new Jjk422 2017-04-13 17:01:16 +01:00
  • 4f89b1f32a Merge branch 'forensic_image_creation' into master-forensics-new Jjk422 2017-04-13 16:08:04 +01:00
  • 820e3233e8 Merge branch 'packer_build_from_iso' into master-forensics-new icense. Will download ISO from microsoft site, will then build basebox (storing in VAGRANT_BASEBOX_STORAGE) and will then build with vagrant. If Basebox is not present SecGen will prompt whether to use packer (requires download from packer website in README.md and for the binary to be in the system path) to build the Basebox. Jjk422 2017-04-13 16:05:55 +01:00
  • a62983a465 Fixing: generated scenario.xml in projects are now re-runnable thomashaw 2017-04-12 20:28:38 +01:00
  • 07eaad8199 Project Vagrantfile's now use relative paths. This enables distribution of project's without having to mess with paths. thomashaw 2017-04-11 11:46:44 +01:00
  • d437d839df Provisioning via rsync rather than VirtualBox Shared Folders due to giving away selected modules thomashaw 2017-04-11 11:14:39 +01:00
  • e472c51f99 readme update Z. Cliffe Schreuders 2017-04-06 23:20:43 +01:00
  • ef85d3615c readme update Z. Cliffe Schreuders 2017-04-06 23:17:45 +01:00
  • 407acf4a9f moved datastore example Z. Cliffe Schreuders 2017-04-06 18:46:57 +01:00
  • c673bb900d some pseudo code comments to help explain how modules chain together Z. Cliffe Schreuders 2017-04-06 18:34:01 +01:00
  • b245a168e5 leaked_filename reduced chance of clashes + consolidated both random filename modules into 1 thomashaw 2017-04-04 22:27:57 +01:00
  • f4a0f54758 symlink traversal, better handling of 1 flag thomashaw 2017-04-04 21:53:36 +01:00
  • f0802b88e7 Merge branch 'unpick_ctf_mess' thomashaw 2017-04-04 20:42:35 +01:00
  • 24bfe960ad Merge branch 'master' of https://github.com/cliffe/SecGen thomashaw 2017-04-04 20:41:14 +01:00
  • 5e852da39b word flag generator name update thomashaw 2017-04-04 16:58:28 +01:00
  • eac3b86674 fixed word flag generator: remove non alpha-numerical characters from flag (umlauts were being interpreted incorrectly) thomashaw 2017-04-04 16:49:36 +01:00
  • a0af1a5fef fixed random boolean conversion error thomashaw 2017-04-04 16:38:53 +01:00
  • 0d87be643d updated scenario thomashaw 2017-04-01 22:52:08 +01:00
  • 57a7dc69f6 ssh_leaked_keys - dynamically generated key thomashaw 2017-04-04 16:01:05 +01:00
  • d93d3fdfed samba symlink traversal, fixed the permissions error(cherry picked from commit b62a06f) thomashaw 2017-04-02 15:21:11 +01:00
  • f068d698d0 leaked_file privilege changes (cherry picked from commit 3f4ddad) thomashaw 2017-04-02 13:00:29 +01:00
  • a1dbc66009 adding dependency of imagemagick to readme.md thomashaw 2017-04-01 22:52:08 +01:00
  • 8977559f8a exif metadata challenge + jpg converter/generator (cherry picked from commit e51347f) thomashaw 2017-04-01 22:52:08 +01:00
  • aad46803ca fixes / modifications - strong pw generator strip illegal characters, gitlist_040 changed leak flag position thomashaw 2017-04-01 22:52:01 +01:00
  • ac41834e82 Moved over ForGen internet history module need to modify into SecGen structure Jjk422 2017-04-03 11:45:20 +01:00
  • f6b7cc41cf removing final name="" from fortress thomashaw 2017-03-31 21:29:06 +01:00
  • 04399470f2 updated scenarios, metadata changes + updated qr code thomashaw 2017-03-31 19:21:36 +01:00
  • 839a69f5e1 FIX ME after the event: needed to comment out this exit due to github.com/cliffe/secgen/issues/94 thomashaw 2017-03-31 16:30:58 +01:00
  • bf8d15e395 added a flag drop in root directory to samba_symlink_traversal thomashaw 2017-03-31 14:57:06 +01:00
  • 464d266bfe Revert: adding breakthenet xss web vulnerability -- Now registers the mysql db + allows www-data to connect with password 'example', change this! register.php claims that registration was successful but logging in does not work... investigate further. thomashaw 2017-03-31 14:12:14 +01:00
  • 590e797219 ctf scenario updates - added alpha reversible, ssh_leaked_keys, static networks, vignere thomashaw 2017-03-31 13:32:55 +01:00
  • 42ac95b3ab ssh_leaked_keys: adding strings_to_leak flag read_fact thomashaw 2017-03-31 13:31:35 +01:00
  • 39586af9a3 exif metadata module (WIP - needs some jpg files rather than png) thomashaw 2017-03-31 13:29:50 +01:00
  • 98cc8aa5c8 Fixing metadata thomashaw 2017-03-31 13:28:49 +01:00
  • fa10962295 adding breakthenet xss web vulnerability -- Now registers the mysql db + allows www-data to connect with password 'example', change this! register.php claims that registration was successful but logging in does not work... investigate further. thomashaw 2017-03-30 11:21:33 +01:00
  • 9f41e42381 vsftpd_backdoor: updated metadata, is actually root_rwx not user_rwx thomashaw 2017-03-29 12:09:23 +01:00
  • c09341188b gitlist_040 fixed, removed bootstrap repo + added a hyperlink to /gitlist thomashaw 2017-03-29 12:00:04 +01:00
  • 18620f1ab3 some public domain messages and stories for flavour Z. Cliffe Schreuders 2017-03-28 14:39:50 +01:00
  • 241e83a7a9 generators/random/random_hex: added number_of_lines and line_length params generators/challenges/encoded_diff: encodes a flag in hex, generates random_hex, shuffles the ordering, inserts a flag in a random position. accounts for line length vs flag length with random hex padding. secgen_functions::leak_file.pp: Added division between data leaked to the same file thomashaw 2017-03-28 10:51:57 +01:00