Dan Carley dcarley

## extlookup.pp
# Expect extlookup data to be parallel to manifest directory.
$extlookup_datadir      = inline_template("<%= File.join(File.dirname(scope.lookupvar('settings::manifest')), '..', 'extdata') -%>")
$extlookup_precedence   = ["%{fqdn}", "domain_%{domain}", "base"]

## Apache mod_proxy_ajp
Server Software:
Server Hostname:        japp0.labs
Server Port:            81

Document Path:          /aim/account/registration
Document Length:        5391 bytes

Concurrency Level:      10
Time taken for tests:   29.054 seconds
Complete requests:      10000

## Work workstation working
top - 10:08:36 up 48 days, 23:54, 12 users,  load average: 3.02, 2.68, 2.58
Tasks: 528 total,   1 running, 527 sleeping,   0 stopped,   0 zombie
Cpu0  :  0.0%us, 12.1%sy,  8.4%ni, 79.4%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu1  :  0.9%us,  8.1%sy,  4.5%ni, 86.5%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu2  :  0.9%us, 11.8%sy,  8.2%ni, 79.1%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu3  :  0.0%us, 74.5%sy,  2.8%ni, 22.6%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu4  :  0.0%us,  6.6%sy,  4.7%ni, 88.7%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu5  :  1.0%us,  8.6%sy,  1.9%ni, 88.6%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu6  :  0.9%us, 14.8%sy,  1.9%ni, 82.4%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu7  :  0.0%us, 11.1%sy,  0.0%ni, 88.9%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st

## rabbitmq-server-plugins.spec
Name            : rabbitmq-server-plugins
Version         : 2.6.1
Release         : 2
Summary         : Plugins for RabbitMQ server
Group           : Development/Libraries

Source0         : http://www.rabbitmq.com/releases/plugins/v%{version}/amqp_client-%{version}.ez
Source1         : http://www.rabbitmq.com/releases/plugins/v%{version}/rabbitmq_stomp-%{version}.ez
Source2         : http://www.rabbitmq.com/releases/plugins/v%{version}/rabbitmq_management_agent-%{version}.ez
Source3         : http://www.rabbitmq.com/releases/plugins/v%{version}/rabbitmq_management-%{version}.jquery-fix.ez

## mcollective-plugins.spec
%define giturl git://github.com/puppetlabs/mcollective-plugins.git
%define gitrev d9305be
%define gituser puppetlabs

%define plugindir %{_libexecdir}/mcollective/mcollective
%define agents puppetd nettest service package filemgr nrpe puppetca puppetral

Name            : mcollective-plugins
Version         : 0.0.1
Release         : 3.%{gitrev}

## collectd-carbon.spec
%define giturl git://github.com/indygreg/collectd-carbon.git
%define gitrev e20819b
%define gituser indygreg

Name            : collectd-carbon
Version         : 0.0.2
Release         : 1.%{gitrev}
Summary         : Carbon plugin for collectd
Group           : System Environment/Daemons

## gist:1025231
{
   "timestamp":1308067638,
   "status":200,
   "request":{
      "type":"list"
   },
   "value":{
      "Users":{
         "database=UserDatabase,rolename=manager,type=Role":{
            "desc":"Security role from a user database",

## gist:1153679
diff --git a/lib/facter/virtual.rb b/lib/facter/virtual.rb
index a583995..a38b0a7 100644
--- a/lib/facter/virtual.rb
+++ b/lib/facter/virtual.rb
@@ -158,10 +158,10 @@ Facter.add("is_virtual") do
     confine :kernel => %w{Linux FreeBSD OpenBSD SunOS HP-UX Darwin GNU/kFreeBSD}

     setcode do
-        if Facter.value(:virtual) != "physical" && Facter.value(:virtual) != "xen0"
-            "true"

## puppet-0.25.txt
notice: Scope(Class[main]): puppet version: 0.25.5
notice: Scope(Class[main]): conditional string: sensitive
notice: Scope(Class[main]): conditional regex: sensitive
notice: Scope(Class[main]): selector string: insensitive
notice: Scope(Class[main]): selector regex: sensitive
notice: Scope(Class[main]): case string: insensitive
notice: Scope(Class[main]): case regex: sensitive

## cve-2011-3192.py
#!/usr/bin/env python
"""
Test the probabilty of a URL being vulnerable to CVE-2011-3192

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192

Both this test and real PoC are largely dependent on the content being
served. Dynamic content rendered by mod_php and mod_wsgi is unlikely to be
affected, whereas static or proxied content from the same VirtualHost or
Apache instance may still be vulnerable. For this reason it is worth testing
	# Expect extlookup data to be parallel to manifest directory.
	$extlookup_datadir = inline_template("<%= File.join(File.dirname(scope.lookupvar('settings::manifest')), '..', 'extdata') -%>")
	$extlookup_precedence = ["%{fqdn}", "domain_%{domain}", "base"]
	Server Software:
	Server Hostname: japp0.labs
	Server Port: 81

	Document Path: /aim/account/registration
	Document Length: 5391 bytes

	Concurrency Level: 10
	Time taken for tests: 29.054 seconds
	Complete requests: 10000
	top - 10:08:36 up 48 days, 23:54, 12 users, load average: 3.02, 2.68, 2.58
	Tasks: 528 total, 1 running, 527 sleeping, 0 stopped, 0 zombie
	Cpu0 : 0.0%us, 12.1%sy, 8.4%ni, 79.4%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
	Cpu1 : 0.9%us, 8.1%sy, 4.5%ni, 86.5%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
	Cpu2 : 0.9%us, 11.8%sy, 8.2%ni, 79.1%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
	Cpu3 : 0.0%us, 74.5%sy, 2.8%ni, 22.6%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
	Cpu4 : 0.0%us, 6.6%sy, 4.7%ni, 88.7%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
	Cpu5 : 1.0%us, 8.6%sy, 1.9%ni, 88.6%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
	Cpu6 : 0.9%us, 14.8%sy, 1.9%ni, 82.4%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
	Cpu7 : 0.0%us, 11.1%sy, 0.0%ni, 88.9%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
	Name : rabbitmq-server-plugins
	Version : 2.6.1
	Release : 2
	Summary : Plugins for RabbitMQ server
	Group : Development/Libraries

	Source0 : http://www.rabbitmq.com/releases/plugins/v%{version}/amqp_client-%{version}.ez
	Source1 : http://www.rabbitmq.com/releases/plugins/v%{version}/rabbitmq_stomp-%{version}.ez
	Source2 : http://www.rabbitmq.com/releases/plugins/v%{version}/rabbitmq_management_agent-%{version}.ez
	Source3 : http://www.rabbitmq.com/releases/plugins/v%{version}/rabbitmq_management-%{version}.jquery-fix.ez
	%define giturl git://github.com/puppetlabs/mcollective-plugins.git
	%define gitrev d9305be
	%define gituser puppetlabs

	%define plugindir %{_libexecdir}/mcollective/mcollective
	%define agents puppetd nettest service package filemgr nrpe puppetca puppetral

	Name : mcollective-plugins
	Version : 0.0.1
	Release : 3.%{gitrev}
	%define giturl git://github.com/indygreg/collectd-carbon.git
	%define gitrev e20819b
	%define gituser indygreg

	Name : collectd-carbon
	Version : 0.0.2
	Release : 1.%{gitrev}
	Summary : Carbon plugin for collectd
	Group : System Environment/Daemons
	{
	"timestamp":1308067638,
	"status":200,
	"request":{
	"type":"list"
	},
	"value":{
	"Users":{
	"database=UserDatabase,rolename=manager,type=Role":{
	"desc":"Security role from a user database",
	diff --git a/lib/facter/virtual.rb b/lib/facter/virtual.rb
	index a583995..a38b0a7 100644
	--- a/lib/facter/virtual.rb
	+++ b/lib/facter/virtual.rb
	@@ -158,10 +158,10 @@ Facter.add("is_virtual") do
	confine :kernel => %w{Linux FreeBSD OpenBSD SunOS HP-UX Darwin GNU/kFreeBSD}

	setcode do
	- if Facter.value(:virtual) != "physical" && Facter.value(:virtual) != "xen0"
	- "true"
	notice: Scope(Class[main]): puppet version: 0.25.5
	notice: Scope(Class[main]): conditional string: sensitive
	notice: Scope(Class[main]): conditional regex: sensitive
	notice: Scope(Class[main]): selector string: insensitive
	notice: Scope(Class[main]): selector regex: sensitive
	notice: Scope(Class[main]): case string: insensitive
	notice: Scope(Class[main]): case regex: sensitive
	#!/usr/bin/env python
	"""
	Test the probabilty of a URL being vulnerable to CVE-2011-3192

	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192

	Both this test and real PoC are largely dependent on the content being
	served. Dynamic content rendered by mod_php and mod_wsgi is unlikely to be
	affected, whereas static or proxied content from the same VirtualHost or
	Apache instance may still be vulnerable. For this reason it is worth testing