digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-23 12:18:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

lab updates

Browse Source
This commit is contained in:
Z. Cliffe Schreuders
2019-10-15 09:52:43 +01:00
parent f90a87fba3
commit 0fd4c4fff8
4 changed files with 4 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_1/templates/integrity_attack2.xml.erb
View File

@@ -2,7 +2,7 @@
<attack>
<!-- topic: Detecting changes to resources using backups-->
<prompt>An attempt to edit a config file is coming, let it happen. But first make sure you have a backup of the /etc/ directory at /home/<%= $main_user %>/backups/etc/.</prompt>
<post_command>changedf=`find /etc/ -name '*.sh' | sort -R | head -n 1`; echo '# <%= $flags.pop %>' >> $changedf; echo $changedf</post_command>
<post_command>changedf=`find /etc/ -name '*.sh' -type f | sort -R | head -n 1`; echo '# <%= $flags.pop %>' >> $changedf; echo $changedf</post_command>
<suppress_command_output_feedback />
<condition>
<output_matches>/etc/</output_matches>
@@ -17,4 +17,3 @@
<message>:( Something was not right... We are trying to write to /etc/</message>
</else_condition>
</attack>

2
modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_1/templates/integrity_attack3.xml.erb
View File

@@ -2,7 +2,7 @@
<attack>
<!-- topic: Detecting changes to resources using backups-->
<prompt>An attempt to edit a config file is coming, let it happen. But first make sure you have a backup of the /etc/ directory at /home/<%= $main_user %>/backups/etc/.</prompt>
<post_command>changedf=`find /home/<%= $main_user %>/backups/etc/ -name '*.sh' | sort -R | head -n 1`; echo '# <%= $flags.pop %>' >> $changedf; echo $changedf</post_command>
<post_command>changedf=`find /home/<%= $main_user %>/backups/etc/ -name '*.sh' -type f | sort -R | head -n 1`; echo '# <%= $flags.pop %>' >> $changedf; echo $changedf</post_command>
<suppress_command_output_feedback />
<condition>
<output_matches>/home/<%= $main_user %>/backups/</output_matches>

3
modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_2/templates/integrity_attack2.xml.erb
View File

@@ -2,7 +2,7 @@
<attack>
<!-- topic: Detecting changes to resources using backups-->
<prompt>An attempt to edit a config file is coming, let it happen. But first make sure you have a backup of the /etc/ directory at /home/<%= $main_user %>/backups/etc/.</prompt>
<post_command>changedf=`find /etc/ -name '*.sh' | sort -R | head -n 1`; echo '# <%= $flags.pop %>' >> $changedf; echo $changedf</post_command>
<post_command>changedf=`find /etc/ -name '*.sh' -type f | sort -R | head -n 1`; echo '# <%= $flags.pop %>' >> $changedf; echo $changedf</post_command>
<suppress_command_output_feedback />
<condition>
<output_matches>/etc/</output_matches>
@@ -17,4 +17,3 @@
<message>:( Something was not right... We are trying to write to /etc/</message>
</else_condition>
</attack>

2
modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_2/templates/integrity_attack3.xml.erb
View File

@@ -2,7 +2,7 @@
<attack>
<!-- topic: Detecting changes to resources using backups-->
<prompt>An attempt to edit a config file is coming, let it happen. But first make sure you have a backup of the /etc/ directory at /home/<%= $main_user %>/backups/etc/.</prompt>
<post_command>changedf=`find /home/<%= $main_user %>/backups/etc/ -name '*.sh' | sort -R | head -n 1`; echo '# <%= $flags.pop %>' >> $changedf; echo $changedf</post_command>
<post_command>changedf=`find /home/<%= $main_user %>/backups/etc/ -name '*.sh' -type f | sort -R | head -n 1`; echo '# <%= $flags.pop %>' >> $changedf; echo $changedf</post_command>
<suppress_command_output_feedback />
<condition>
<output_matches>/home/<%= $main_user %>/backups/</output_matches>