diff --git a/doc/source/usage/caldera_control_cli.rst b/doc/source/usage/caldera_control_cli.rst deleted file mode 100644 index e69de29..0000000 diff --git a/plugins/default/adversary_emulations/FIN7/local_experiment_config.yaml b/plugins/default/adversary_emulations/FIN7/local_experiment_config.yaml new file mode 100644 index 0000000..f2bebc8 --- /dev/null +++ b/plugins/default/adversary_emulations/FIN7/local_experiment_config.yaml @@ -0,0 +1,171 @@ + +### +# Caldera configuration +caldera: + ### + # API key for caldera. See caldera configuration. Default is ADMIN123 + apikey: ADMIN123 + +### +# Attacks configuration +attackers: + ### + # Configuration for the first attacker. One should normally be enough + attacker: + + ### + # Defining VM controller settings for this machine + vm_controller: + ### + # Type of the VM controller, Options are "vagrant" + type: vagrant + ### + # # path where the vagrantfile is in + vagrantfilepath: systems + + ### + # Name of machine in Vagrantfile + vm_name: attacker + + ### + # machinepath is a path where the machine specific files and logs are stored. Relative to the Vagrantfile path + # and will be mounted internally as /vagrant/ + # If machinepath is not set PurpleDome will try "vm_name" + machinepath: attacker1 + + ### + # OS of the VM guest. Options are so far "windows", "linux" + os: linux + + ### + # Do not destroy/create the machine: Set this to "yes". + use_existing_machine: yes + +### +# List of targets +targets: + + target2: + #root: systems/target1 + vm_controller: + type: vagrant + vagrantfilepath: systems + + ### + # simple switch if targets is used in attack simulation. Default is true. If set to false the machine will not be started + active: yes + + vm_name: target2 + os: windows + paw: target2w + group: red_windows + + machinepath: target2w + + # Do not destroy/create the machine: Set this to "yes". + use_existing_machine: yes + ### + # Optional setting to activate force when halting the machine. Windows guests sometime get stuck + halt_needs_force: yes + + ### + # If SSH without vagrant support is used (Windows !) we need a user name (uppercase) + ssh_user: ATTACKX + + ### + # If SSH without vagrant support is used (Windows !) we maybe need a password + ssh_password: AttackX + + ### + # For non-vagrant ssh connections a ssh keyfile stored in the machinepath is required. + ssh_keyfile: systems/target2w/id_rsa.3 + + ### + # The folder all the implants will be installed into + # Windows can only use default playground at the moment ! + # playground: C:\\Users\\AttackX + + # Sensors to run on this machine + sensors: + - windows_idp + + vulnerabilities: + - weak_user_passwords + - rdp_config_vul + + +### +# General sensor config config +sensors: + ### + # Windows IDP plugin configuration + windows_idp: + ### + # Name of the dll to use. Must match AV version + # dll_name: aswidptestdll.dll + dll_name: aswidptestdll.dll_21_1_B + + ### + # Folder where the IDP tool is located + idp_tool_folder: C:\\capture + +### +# General attack config +attacks: + ### + # configure the seconds the system idles between the attacks. Makes it slower. But attack and defense logs will be simpler to match + nap_time: 5 + + +### +# Configuration for caldera +caldera_conf: + ### + # The obfuscator to use between the implant and the server. Not all obfuscators are supported by all implants. Existing obfuscators: + # plain-text, base64, base64jumble, caesar, base64noPadding, steganography + obfuscator: plain-text + + ### + # Jitter settings for the implant. it is min/max seconds. The first number has to be smaller. Default is 4/8 + jitter: 4/8 + + + +### +# Kali tool based attacks. Will result in kali commandline tools to be called. Currently supported are: "hydra" +kali_attacks: + ### + # Linux specific attacks, a list + linux: + ### + # Windows specific attacks, a list + windows: + - fin7_1 + +### +# Configuration for the kali attack tools +kali_conf: + ### + # Hydra configuration + hydra: + ### + # A list of protocols to brute force against. Supported: "ssh" + protocols: + - ssh + - rdp + #- ftps + ### + # A file containing potential user names + userfile: users.txt + ### + # A file containing potential passwords + pwdfile: passwords.txt + nmap: + + +### +# Settings for the results being harvested +results: + ### + # The directory the loot will be in + loot_dir: loot