diff --git a/modules/vulnerabilities/unix/wifi_mouse_linux/files/mouseserver-sourcecode-Linux.zip b/modules/vulnerabilities/unix/wifi_mouse_linux/files/mouseserver-sourcecode-Linux.zip new file mode 100644 index 000000000..1cbb0616a Binary files /dev/null and b/modules/vulnerabilities/unix/wifi_mouse_linux/files/mouseserver-sourcecode-Linux.zip differ diff --git a/modules/vulnerabilities/unix/wifi_mouse_linux/files/wifi_mouse.service b/modules/vulnerabilities/unix/wifi_mouse_linux/files/wifi_mouse.service new file mode 100644 index 000000000..b3f83d2fb --- /dev/null +++ b/modules/vulnerabilities/unix/wifi_mouse_linux/files/wifi_mouse.service @@ -0,0 +1,8 @@ +[Unit] +Description=Vulnerable remote mouse software. + +[Service] +ExecStart=/usr/bin/mouseserver + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/modules/vulnerabilities/unix/wifi_mouse_linux/manifests/install.pp b/modules/vulnerabilities/unix/wifi_mouse_linux/manifests/install.pp new file mode 100644 index 000000000..780675ed4 --- /dev/null +++ b/modules/vulnerabilities/unix/wifi_mouse_linux/manifests/install.pp @@ -0,0 +1,48 @@ +class wifi_mouse_linux::install { + Exec { + path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] + } + + exec {'apt-update': + command => 'apt update', + } -> + exec {'install-requirements': + command => 'apt install -y build-essential cmake libavahi-client-dev libgtk-3-dev libglade2-dev', + } -> + file {'/root/mouseserver-sourcecode-Linux.zip': + source => 'puppet:///modules/wifi_mouse_linux/mouseserver-sourcecode-Linux.zip', + } -> + exec {'extract-remote-mouse-source': + command => 'unzip /root/mouseserver-sourcecode-Linux.zip; rm mouseserver-sourcecode-Linux.zip', + cwd => '/root', + creates => '/root/mouseserver-sourcecode-Linux', + } -> + exec {'configure-remote-mouse-build': + command => 'bash -c "export CFLAGS=$(pkg-config --cflags --libs gtk+-3.0 pango); export CXXFLAGS=$(pkg-config --cflags --libs gtk+-3.0 pango); cmake ."', + cwd => '/root/mouseserver-sourcecode-Linux', + } -> + exec {'build-remote-mouse-build': + command => 'make', + cwd => '/root/mouseserver-sourcecode-Linux', + } -> + exec {'install-remote-mouse-build': + command => 'make install', + cwd => '/root/mouseserver-sourcecode-Linux', + } -> + file { '/etc/systemd/system/wifi_mouse.service': + source => 'puppet:///modules/wifi_mouse_linux/wifi_mouse.service' + } -> + exec {'enable-wifi-mouse-service': + command => 'systemctl enable --now wifi_mouse' + } + + $leaked_filenames = ["wifi_mouse_linux_flag.txt"] + $strings_to_leak = ["that's one insecure remote"] + + ::secgen_functions::leak_files { 'wifi_mouse_linux': + storage_directory => "/root", + leaked_filenames => $leaked_filenames, + strings_to_leak => $strings_to_leak, + leaked_from => 'wifi_mouse_linux', + } +} diff --git a/modules/vulnerabilities/unix/wifi_mouse_linux/secgen_metadata.xml b/modules/vulnerabilities/unix/wifi_mouse_linux/secgen_metadata.xml new file mode 100644 index 000000000..d8b20cf6a --- /dev/null +++ b/modules/vulnerabilities/unix/wifi_mouse_linux/secgen_metadata.xml @@ -0,0 +1,28 @@ + + + WiFi Mouse Linux + Harry J. Hall + MIT + The Linux version of WiFi Mouse 1.7.8.5 which contains an authentication vulnerability. + WiFi Mouse is a tool for controlling a computer using a smartphone. + + Remote control software + user_rwx + remote + linux + hard + + server_name + strings_to_leak + leaked_filenames + + + + + + + + + \ No newline at end of file diff --git a/modules/vulnerabilities/unix/wifi_mouse_linux/wifi_mouse_linux.pp b/modules/vulnerabilities/unix/wifi_mouse_linux/wifi_mouse_linux.pp new file mode 100644 index 000000000..a56f48859 --- /dev/null +++ b/modules/vulnerabilities/unix/wifi_mouse_linux/wifi_mouse_linux.pp @@ -0,0 +1 @@ +include wifi_mouse_linux::install