Priming vulnerabilities

pull/11/head
Thorsten Sick 3 years ago
parent 8645b79472
commit 11206f6aee

@ -67,7 +67,8 @@ class Experiment():
pass
target_1.install_caldera_service()
target_1.up()
needs_reboot = target_1.prime_sensors()
needs_reboot = target_1.prime_vulnerabilities()
needs_reboot |= target_1.prime_sensors()
if needs_reboot:
target_1.reboot()
self.attack_logger.vprint(f"{CommandlineColors.OKGREEN}Target is up: {tname} {CommandlineColors.ENDC}", 1)

@ -262,6 +262,31 @@ class Machine():
############
def prime_vulnerabilities(self):
""" Prime vulnerabilities from plugins (hard core installs that could require a reboot)
A machine can have several vulnerabilities. Those are defined in a list in the config.
"""
reboot = False
for plugin in self.plugin_manager.get_plugins(VulnerabilityPlugin, self.config.vulnerabilities()):
name = plugin.get_name()
self.attack_logger.vprint(f"{CommandlineColors.OKBLUE}Priming vulnerability: {name}{CommandlineColors.ENDC}", 2)
syscon = {"abs_machinepath_internal": self.abs_machinepath_internal,
"abs_machinepath_external": self.abs_machinepath_external,
}
plugin.set_sysconf(syscon)
plugin.set_machine_plugin(self.vm_manager)
plugin.process_config({}) # plugin specific configuration
plugin.setup()
reboot |= plugin.prime()
self.vulnerabilities.append(plugin)
self.attack_logger.vprint(f"{CommandlineColors.OKGREEN}Primed vulnerability: {name}{CommandlineColors.ENDC}", 2)
return reboot
def install_vulnerabilities(self):
""" Install vulnerabilities from plugins: The machine is not yet modified ! For that call start_vulnerabilities next
@ -280,7 +305,7 @@ class Machine():
plugin.set_machine_plugin(self.vm_manager)
plugin.setup()
plugin.install(self.vm_manager)
self.vulnerabilities.append(plugin)
# self.vulnerabilities.append(plugin)
def get_vulnerabilities(self) -> [VulnerabilityPlugin]:
""" Returns a list of installed vulnerabilities """

@ -30,7 +30,9 @@ def generate(jfile, outfile):
if __name__ == "__main__":
# generate("loot/2021_07_19___16_28_45/attack.json", "tools/human_readable_documentation/contents.rst") # Working example for a short run
# generate("loot/2021_07_20___08_26_33/attack.json", "tools/human_readable_documentation/contents.rst") # FIN 7 #1
generate("loot/2021_07_20___10_07_36/attack.json", "tools/human_readable_documentation/contents.rst") # FIN 7 #2
# generate("loot/2021_07_20___10_07_36/attack.json", "tools/human_readable_documentation/contents.rst") # FIN 7 #2 The one Fabrizio got
generate("loot/2021_07_28___12_09_00/attack.json",
"tools/human_readable_documentation/contents.rst") # FIN 7 The last minute locally generated thing
# generate("loot/2021_07_19___15_10_45/attack.json", "tools/human_readable_documentation/contents.rst")
# generate("removeme.json", "tools/human_readable_documentation/contents.rst")

@ -21,6 +21,11 @@ class VulnerabilityPlugin(BasePlugin):
super().__init__() # pylint:disable=useless-super-delegation
self.debugit = False
def prime(self):
""" Early install. Can reboot the machine if it returns True after installation. """
return False
def install(self, machine_plugin=None):
""" This is setting up everything up to the point where the machine itself would be modified. But system
modification is done by start

Loading…
Cancel
Save