#!/usr/bin/env python3 """ This is a specific plugin type that installs a vulnerability into a VM. This can be a vulnerable application or a configuration setting """ from typing import Optional from plugins.base.plugin_base import BasePlugin class VulnerabilityPlugin(BasePlugin): """ A plugin that installs a vulnerable application or does vulnerable configuration changes on the target VM """ # Boilerplate name: Optional[str] = None description: Optional[str] = None ttp: Optional[str] = None references = None required_files: list[str] = [] def __init__(self): super().__init__() # pylint:disable=useless-super-delegation self.debugit = False def prime(self): """ Early install. Can reboot the machine if it returns True after installation. """ return False def install(self, machine_plugin=None): """ This is setting up everything up to the point where the machine itself would be modified. But system modification is done by start @param machine_plugin: Optional: you can already set the machine to use """ if machine_plugin: self.machine_plugin = machine_plugin def start(self): """ Modifying the target machine and add the vulnerability """ # It is ok if install is empty. But this function here is the core. So implement it ! raise NotImplementedError def stop(self): """ Modifying the target machine and remove the vulnerability """ # Must be implemented. If you want to leave a mess create an empty function and be honest :-) raise NotImplementedError def get_ttp(self): """ Returns the ttp of the plugin, please set in boilerplate """ if self.ttp: return self.ttp raise NotImplementedError def get_references(self): """ Returns the references of the plugin, please set in boilerplate """ if self.references: return self.references raise NotImplementedError