Improve documentation of example-crypto.go

aeacus-src/aeacus.go

@@ -102,7 +102,7 @@ func main() {
 					mc := metaConfig{c, teamID, dirPath, scoringChecks{}}
 					decryptedData, err := tryDecodeString(readData(&mc))
 					if err != nil {
-						return errors.New("Error in reading scoring.dat!")
+						return errors.New("error in reading scoring.dat")
 					}
 					parseConfig(&mc, decryptedData)
 					infoPrint("Config looks good! Decryption successful.")
@@ -152,7 +152,6 @@ func main() {
 					fmt.Println("=== aeacus ===")
 					fmt.Println("version", aeacusVersion)
 					return nil
-					return nil
 				},
 			},
 			{

aeacus-src/checks_windows.go

@@ -275,7 +275,9 @@ func UserRights(userOrGroup string, privilege string) (bool, error) {
 	// domain support is untested, it should be easy to add a domain
 	// flag in the config though. then just make sure you're not getting
 	// invalid local policies instead of gpo
+
 	seceditOutput, err := getSecedit()
+	// TODO: only get section of users -- this can also falsely score correct for other secedit fields (like LegalNoticeText)
 	if err != nil {
 		return false, err
 	}

aeacus-src/scoring.go

@@ -68,7 +68,7 @@ func scoreChecks(mc *metaConfig, id *imageData) {
 			for i := 0; id.TotalPoints < 100; id.TotalPoints++ {
 				mc.Config.Check[pointlessChecks[i]].Points++
 				i++
-				if i > len(pointlessChecks) - 1 {
+				if i > len(pointlessChecks)-1 {
 					i = 0
 				}
 			}

examples/example-crypto.go

@@ -1,3 +1,16 @@
+// example-crypto.go provides basic cryptography functions for aeacus
+//
+// This file is not a shining example for cryptographically secure operations.
+//
+// Practically, it is more important that your implemented solution is
+// different than the example, to make reverse engineering much more difficult.
+//
+// You could radically change the crypto.go file each time you release an
+// image, which would make things very difficult for a would-be hacker.
+//
+// At the very least, edit some strings. Add some ciphers and operations if
+// you're feeling spicy.
+
 package main
 
 import (
@@ -13,15 +26,26 @@ import (
 	"os"
 )
 
+// These hashes are used for XORing the plaintext. Again-- not
+// cryptographically genius.
+var randomHashOne = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+var randomHashTwo = "NowThatsWhatICallARandomString"
+
+// writeCryptoConfig takes the metaConfig (context) and writes to the hardcoded
+// file `scoring.dat`, in the DirPath specified in the metaConfig.
+// writeCryptoConfig is used to create the encrypted `scoring.dat` from the
+// plaintext configuration `scoring.conf`.
 func writeCryptoConfig(mc *metaConfig) string {
 
+	// Open the hardcoded file path to the plaintext configuration.
 	configFile, err := os.Open(mc.DirPath + "scoring.conf")
 	if err != nil {
 		fmt.Println(err)
 		os.Exit(1)
 	}
 	defer configFile.Close()
 
+	// Read the file into a buffer.
 	info, _ := configFile.Stat()
 	var size int64 = info.Size()
 	configBuffer := make([]byte, size)
@@ -32,116 +56,134 @@ func writeCryptoConfig(mc *metaConfig) string {
 		infoPrint("Encrypting configuration...")
 	}
 
-	randomHash := "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-	key := xor(randomHash, "ThatsASecureStringLol")
+	// Generate key by XORing two strings.
+	key := xor(randomHashOne, randomHashTwo)
 
-	// zlib compress
+	// Compress the file with zlib.
 	var encryptedFile bytes.Buffer
 	writer := zlib.NewWriter(&encryptedFile)
 	writer.Write(configBuffer)
 	writer.Close()
 
-	// apply xor key
+	// XOR the encrypted file with our key.
 	return xor(key, encryptedFile.String())
 
 }
 
+// readCryptoConfig is used to decrypt the `scoring.dat` file, which contains
+// the configuration for aeacus.
 func readCryptoConfig(mc *metaConfig) string {
+
+	// Read in the encrypted configuration file.
 	dataFile, err := readFile(mc.DirPath + "scoring.dat")
 	if err != nil {
 		failPrint("Data file not found.")
 		os.Exit(1)
 	}
 
-	randomHash := "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-	key := xor(randomHash, "ThatsASecureStringLol")
+	// Create our key by XORing two strings.
+	key := xor(randomHashOne, randomHashTwo)
 
-	// decrypt with xor key
+	// Apply the XOR key to decrypt the zlib-compressed data.
+	//
+	// XOR is special in that when you apply it twice, you get the original data
+	// as long as the key was the same.
 	dataFile = xor(key, dataFile)
 
-	// zlib decompress
+	// Decompress zlib data.
 	reader, err := zlib.NewReader(bytes.NewReader([]byte(dataFile)))
 	if err != nil {
 		failPrint("Error decrypting scoring.dat. You naughty little competitor. Commencing self destruct...")
 		destroyImage(mc)
 		os.Exit(1)
 	}
 	defer reader.Close()
-
 	dataBuffer := bytes.NewBuffer(nil)
 	io.Copy(dataBuffer, reader)
 
 	return string(dataBuffer.Bytes())
 }
 
-func encryptString(password string, plaintext string) string {
+// encryptString takes a password and a plaintext and returns an encrypted byte
+// sequence (as a string). It uses AES-GCM with a 12-byte IV (as is
+// recommended). The IV is prefixed to the string.
+//
+// This function is used in aeacus to encrypt reported vulnerability data to
+// the remote scoring endpoint (ex. minos).
+func encryptString(password, plaintext string) string {
 
+	// Create a sha256sum hash of the password provided.
 	hasher := sha256.New()
 	hasher.Write([]byte(password))
 	key := hasher.Sum(nil)
 
-	// Pad plaintext to be a 16-byte block
+	// Pad plaintext to be a 16-byte block.
 	paddingArray := make([]byte, (aes.BlockSize - len(plaintext)%aes.BlockSize))
 	for char := range paddingArray {
-		paddingArray[char] = 0x20
+		paddingArray[char] = 0x20 // Padding with space character.
 	}
 	plaintext = plaintext + string(paddingArray)
 	if len(plaintext)%aes.BlockSize != 0 {
 		panic("Plaintext is not a multiple of block size!")
 	}
 
-	// Create cipher block with key
+	// Create cipher block with key.
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		panic(err)
 	}
 
-	// Generate nonce
+	// Generate nonce.
 	nonce := make([]byte, 12)
 	if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
 		panic(err.Error())
 	}
 
-	// Create NewGCM cipher
+	// Create NewGCM cipher.
 	aesgcm, err := cipher.NewGCM(block)
 	if err != nil {
 		panic(err.Error())
 	}
 
-	// Encrypt and seal plaintext
+	// Encrypt and seal plaintext.
 	ciphertext := aesgcm.Seal(nil, nonce, []byte(plaintext), nil)
 	ciphertext = []byte(fmt.Sprintf("%s%s", nonce, ciphertext))
 
 	return string(ciphertext)
 }
 
-func decryptString(password string, ciphertext string) string {
+// decryptString takes a password and a ciphertext and returns a decrypted byte sequence (as a string). The function uses typical AES-GCM.
+func decryptString(password, ciphertext string) string {
 
+	// Create a sha256sum hash of the password provided.
 	hasher := sha256.New()
 	hasher.Write([]byte(password))
 	key := hasher.Sum(nil)
 
+	// Grab the IV from the first 12 bytes of the file.
 	iv := []byte(ciphertext[:12])
 	ciphertext = ciphertext[12:]
 
+	// Create the AES block object.
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		failPrint(err.Error())
 		return ""
 	}
 
+	// Create the AES-GCM cipher with the generated block.
 	aesgcm, err := cipher.NewGCM(block)
 	if err != nil {
 		failPrint(err.Error())
 		return ""
 	}
 
+	// Decrypt (and check validity, since it's GCM) of ciphertext.
 	plaintext, err := aesgcm.Open(nil, iv, []byte(ciphertext), nil)
 	if err != nil {
 		failPrint(err.Error())
 		return ""
 	}
 
 	return string(plaintext)
-
 }

examples/windows-weeb-box.conf

@@ -2,7 +2,7 @@ name = 'WEEB-BOX'
 title = 'DSU Windows Practice Round'
 user = 'kirito'
 password = 'nohackpls'
-remote = 'https://worker.sourque.dev/' 
+remote = 'https://remote-endpoint-here'
 os = 'Windows Server 2016'
 local = 'no'
 
@@ -173,5 +173,3 @@ arg1='Remote Desktop Services'
 [[check.pass]]
 type='ScheduledTaskExistsNot'
 arg1='MalwareTask'
-
-

phocus-src/phocus_linux.go

@@ -1,8 +1,8 @@
 package main
 
 import (
-	"log"
 	"fmt"
+	"log"
 	"math/rand"
 	"os"
 	"runtime"