Updates to fix commando on bookworm

lib/output/xml_marker_generator.rb

@@ -42,7 +42,7 @@ class XmlMarkerGenerator
                     system.module_selections.each { |search_module|
                       if search_module.unique_id == selected_module.write_to_module_with_id
                         # special case check for flag that's fed into a parameter that isn't defined within the receiving module
-                        if search_module.attributes["read_fact"].include? selected_module.write_output_variable
+                        if search_module.attributes["read_fact"]&.include? selected_module.write_output_variable
                           xml.flag(output_value)
                         else
                           Print.warn "Ignoring flag generated but fed into a fact that the module doesn't read: #{selected_module.write_to_module_with_id}.#{selected_module.write_output_variable} #{output_value}"

modules/services/unix/database/mysql_stretch_compatible/mysql/mysql.pp

@@ -1,2 +1,13 @@
-include '::mysql::server'
-include '::mysql::client'
+class { '::mysql::server':
+  override_options => {
+    'mysqld' => {
+      'ssl'         => undef,
+      'ssl-ca'      => undef,
+      'ssl-cert'    => undef,
+      'ssl-key'     => undef,
+      'ssl-disable' => true
+    }
+  }
+}
+
+include '::mysql::client'

modules/services/unix/database/mysql_stretch_compatible/mysql/secgen_metadata.xml

@@ -25,9 +25,9 @@
   </conflict>
 
   <!--Cannot co-exist with other MySQL installations-->
-  <conflict>
+  <!-- <conflict>
     <software_name>mysql</software_name>
-  </conflict>
+  </conflict> -->
 
   <requires>
     <module_path>.*/puppet_module/cron.*</module_path>

modules/vulnerabilities/unix/webapp/commando/manifests/apache.pp

@@ -4,7 +4,7 @@ class commando::apache {
   $db_password = $secgen_parameters['db_password'][0]
 
   # essential packages for commando to function
-  package { ['php', 'php-mysqli', 'php-gd', 'libapache2-mod-php','mysql-server']:
+  package { ['php', 'php-gd', 'libapache2-mod-php']:
     ensure => installed,
   }
 
@@ -19,9 +19,9 @@ class commando::apache {
     docroot => '/var/www/commando',
   } ->
 
-  # enabling of the php7.0 module so functions on app work
-  exec { 'a2enmod php7.0':
-    command  => "/usr/sbin/a2enmod php7.0",
+  # enabling of the php5.6 module so functions on app work
+  exec { 'a2enmod php5.6':
+    command  => "/usr/sbin/a2enmod php5.6",
     require => Class['::apache']
   }
 

modules/vulnerabilities/unix/webapp/commando/secgen_metadata.xml

@@ -72,12 +72,12 @@ WARNING: This module needs some further testing, and may not work without input
   <generator module_path=".*users_table_name" />
 </default_input>
 
-<conflict>
-	<module_path>.*commando</module_path>
-</conflict>
+<requires>
+  <module_path>.*apache.*compatible.*</module_path>
+</requires>
 
 <requires>
-  <module_path>.*/apache.*</module_path>
+  <module_path>.*php.*compatible.*</module_path>
 </requires>
 <requires>
   <module_path>.*mysql.*compatible.*</module_path>

scenarios/ctf/rand_webapp.xml

@@ -30,7 +30,7 @@
 
   <system>
     <system_name>web_server</system_name>
-    <base distro="Debian 10" type="desktop" name="KDE"/>
+    <base distro="Debian 12" type="desktop" name="KDE"/>
 
     <input into_datastore="IP_addresses">
       <value>172.10.0.2</value>