archive
/
PurpleDome
mirror of https://github.com/avast/PurpleDome
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
polishing2
presentation_gpn_2022
more_unit_tests
extending_page
main
caldera_4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ae3e2a1655'
${ noResults }
PurpleDome/plugins/base/vulnerability_plugin.py

83 lines
2.8 KiB
Python
Raw Blame History

#!/usr/bin/env python3
""" This is a specific plugin type that installs a vulnerability into a VM. This can be a vulnerable application or a configuration setting """
from typing import Optional, Any
from plugins.base.plugin_base import BasePlugin
class VulnerabilityPlugin(BasePlugin):
""" A plugin that installs a vulnerable application or does vulnerable configuration changes on the target VM
"""
# Boilerplate
# name: Optional[str] = None
# description: Optional[str] = None
ttp: Optional[str] = None #: The TTP of this vulnerability
references: Optional[list[str]] = None #: References (links) to external sources
# required_files: list[str] = []
def __init__(self) -> None:
super().__init__() # pylint:disable=useless-super-delegation
self.debugit = False
def start(self) -> None:
""" Starts the vulnerability on the machine. The most important method you can use here is "self.run_cmd" and execute a shell command.
This must be implemented by the plugin."""
# It is ok if install is empty. But this function here is the core. So implement it !
raise NotImplementedError
def stop(self) -> None:
""" Modifying the target machine and remove the vulnerability after the attacks ran.
This must be implemented by the plugin.
"""
# Must be implemented. If you want to leave a mess create an empty function and be honest :-)
raise NotImplementedError
def prime(self) -> bool:
""" *Optional* Early install phase.
Use this if install is not sufficient. This method is called int he first install phase and can reboot the tagret machine.
:return: True to reboot the machine after installation. False is the default
"""
return False
def install(self, machine_plugin: Optional[Any] = None) -> None:
""" *Optional* This installs the vulnerability.
If the modification is very small, you can also just do that during start.
This method is executed in the second install phase. It can **not** reboot the machine. Using install is preferred to using *prime*
:param machine_plugin: Optional: you can already set the machine to use
"""
if machine_plugin:
self.machine_plugin = machine_plugin
def get_ttp(self) -> Optional[str]:
""" Returns the ttp of the plugin, please set in boilerplate
:meta private:
"""
if self.ttp:
return self.ttp
raise NotImplementedError
def get_references(self) -> Optional[list[str]]:
""" Returns the references of the plugin, please set in boilerplate
:meta private:
"""
if self.references:
return self.references
raise NotImplementedError
Reference in New Issue View Git Blame Copy Permalink