huffman coding (WIP - Fix the access_json issue first...)

.gitignore

@@ -9,6 +9,7 @@ batch/failed
 batch/successful
 lib/test/tmp
 modules/generators/challenges/exif/secgen_local/tmp.jpg
-modules/generators/challenges/compression/zip/secgen_local/archive.zip
+modules/generators/challenges/compression/zip/tmp
 modules/generators/challenges/image/random_jpg/secgen_local/tmp.jpg
-secgen.conf
+secgen.conf
+modules/encoders/compression/huffman/tmp

Gemfile

@@ -28,6 +28,9 @@ gem 'digest-whirlpool'
 gem 'digest-siphash'
 gem 'scrypt'
 gem 'braille', :git => "http://github.com/nicanor/braille.git"
+gem 'bases'
+gem 'huffman'
+gem 'ruby-graphviz'
 
 #development only gems go here
 group :test, :development do

Gemfile.lock

@@ -13,6 +13,13 @@ GIT
 GEM
   remote: https://rubygems.org/
   specs:
+    PriorityQueue (0.1.2)
+    activesupport (5.2.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    bases (1.0.2)
     bcrypt (3.1.12)
     chunky_png (1.3.10)
     cinch (2.3.4)
@@ -48,6 +55,10 @@ GEM
     hiera (3.4.5)
     hocon (1.2.5)
     httpclient (2.8.3)
+    huffman (0.0.1)
+      PriorityQueue
+      activesupport
+      ruby-graphviz
     i18n (1.1.0)
       concurrent-ruby (~> 1.0)
     json (2.1.0)
@@ -97,6 +108,7 @@ GEM
     rqrcode (0.10.1)
       chunky_png (~> 1.0)
     rsync (1.0.9)
+    ruby-graphviz (1.2.3)
     rubyzip (1.2.2)
     scrypt (3.0.6)
       ffi-compiler (>= 1.0, < 2.0)
@@ -107,6 +119,9 @@ GEM
     sshkey (1.9.0)
     text (1.3.1)
     thor (0.19.4)
+    thread_safe (0.3.6)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
     wordlist (0.1.1)
       spidr (~> 0.2)
     yard (0.9.16)
@@ -118,6 +133,7 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  bases
   bcrypt
   braille!
   cinch
@@ -128,6 +144,7 @@ DEPENDENCIES
   duplicate
   faker
   forgery
+  huffman
   librarian-puppet
   mini_exiftool_vendored
   minitest
@@ -143,6 +160,7 @@ DEPENDENCIES
   redcarpet
   rmagick
   rqrcode
+  ruby-graphviz
   scrypt
   smbhash
   sshkey

README.md

@@ -38,7 +38,7 @@ Install all the required packages:
 wget https://releases.hashicorp.com/vagrant/1.9.8/vagrant_1.9.8_x86_64.deb
 sudo apt install ./vagrant_1.9.8_x86_64.deb
 # install other required packages via repos
-sudo apt-get install ruby-dev zlib1g-dev liblzma-dev build-essential patch virtualbox ruby-bundler imagemagick libmagickwand-dev exiftool libpq-dev libcurl4-openssl-dev libxml2-dev
+sudo apt-get install ruby-dev zlib1g-dev liblzma-dev build-essential patch virtualbox ruby-bundler imagemagick libmagickwand-dev exiftool libpq-dev libcurl4-openssl-dev libxml2-dev graphviz-dev
 ```
 
 Copy SecGen to a directory of your choosing, such as */home/user/bin/SecGen*

modules/encoders/compression/huffman/secgen_local/local.rb

@@ -0,0 +1,25 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_encoder.rb'
+require 'huffman'
+
+class HuffmanEncoder < StringEncoder
+  attr_accessor :index
+
+  def initialize
+    super
+    self.module_name = 'Huffman Encoder'
+    self.strings_to_encode = []
+    self.index = 0
+    Dir.mkdir '../tmp/' unless Dir.exists? '../tmp/'
+  end
+
+  def encode(str)
+    tree_path = "../tmp/tree_#{index}"
+    result = Huffman.encode_text(str, tree_picture: true, tree_path: tree_path)
+    self.index += 1
+    # Return an array with the compressed string, and the tree png encoded in base64
+    [result.first, Base64.strict_encode64(File.binread("#{tree_path}.png"))]
+  end
+end
+
+HuffmanEncoder.new.run

modules/encoders/compression/huffman/secgen_metadata.xml

@@ -0,0 +1,28 @@
+<?xml version="1.0"?>
+
+<encoder xmlns="http://www.github/cliffe/SecGen/encoder"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://www.github/cliffe/SecGen/encoder">
+  <name>Huffman Encoder</name>
+  <author>Thomas Shaw</author>
+  <module_license>MIT</module_license>
+  <description>Encodes a string with Huffman compression. Outputs a huffman string and png.</description>
+
+  <type>huffman_encoder</type>
+  <type>ascii_reversible</type>
+  <type>string_encoder</type>
+  <platform>linux</platform>
+  <platform>windows</platform>
+
+  <reference>https://github.com/nicanor/braille</reference>
+
+  <solution>Braille decoders are available online e.g. https://www.dcode.fr/braille-alphabet</solution>
+
+  <read_fact>strings_to_encode</read_fact>
+
+  <default_input into="strings_to_encode">
+    <generator type="flag_generator"/>
+  </default_input>
+
+  <output_type>array</output_type>
+</encoder>

modules/generators/compression/zip/secgen_local/local.rb

@@ -14,10 +14,11 @@ class ZipGenerator < StringEncoder
     self.file_name = ''
     self.strings_to_leak = []
     self.password = ''
+    Dir.mkdir '../tmp/' unless Dir.exists? '../tmp/'
   end
 
   def encode_all
-    zip_file_path = GENERATORS_DIR + 'compression/zip/secgen_local/archive.zip'
+    zip_file_path = GENERATORS_DIR + 'compression/zip/tmp/archive.zip'
     file_contents = ''
     data = self.strings_to_leak.join("\n")
 

scenarios/examples/ctf_challenge_examples/huffman_challenge.xml

@@ -0,0 +1,31 @@
+<?xml version="1.0"?>
+
+<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
+	   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	   xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
+
+	<system>
+		<system_name>challenge_server</system_name>
+		<base platform="linux" type="server"/>
+
+		<input into_datastore="huffman_challenge">
+			<encoder type="huffman_encoder">
+				<input into="strings_to_encode">
+					<generator type="flag_generator"/>
+				</input>
+			</encoder>
+		</input>
+
+		<vulnerability read_fact="images_to_leak">
+			<input into="strings_to_leak">
+				<datastore access="0">huffman_challenge</datastore>
+			</input>
+			<input into="images_to_leak">
+				<datastore access="0">huffman_challenge</datastore>
+			</input>
+		</vulnerability>
+
+		<network type="private_network" range="dhcp" />
+	</system>
+
+</scenario>