From 1fc034e9ef69f6b92e890e8da16f8eb141cb90bc Mon Sep 17 00:00:00 2001
From: thomashaw <thomashaw@gmail.com>
Date: Thu, 3 Feb 2022 19:00:42 +0000
Subject: [PATCH] WebActioner generation update: updated string generation

---
 .../xml_alertaction_config_generator.rb       |  21 +++-
 scenarios/tests/test_scenario.xml             | 117 +++++++++++++++++-
 2 files changed, 130 insertions(+), 8 deletions(-)

diff --git a/lib/output/xml_alertaction_config_generator.rb b/lib/output/xml_alertaction_config_generator.rb
index 37dfa0e21..de6c223f9 100644
--- a/lib/output/xml_alertaction_config_generator.rb
+++ b/lib/output/xml_alertaction_config_generator.rb
@@ -71,17 +71,19 @@ class XmlAlertActionConfigGenerator
   end
 
   def all_goal_flags_to_hacktivity(aa_conf)
+    auto_grader_hostname
+
     @systems.each do |system|
       if system.goals != []
-        @alert_actions = @alert_actions + get_web_alertactions(aa_conf, system.name, system.goals, $datastore['goal_flags'], system.hostname)
+        @alert_actions = @alert_actions + get_web_alertactions(aa_conf, system.name, system.goals, $datastore['goal_flags'], system.hostname, auto_grader_hostname)
       end
       system.module_selections.each do |module_selection|
-        @alert_actions = @alert_actions + get_web_alertactions(aa_conf, module_selection.module_path_end, module_selection.goals, module_selection.received_inputs['goal_flags'], system.hostname)
+        @alert_actions = @alert_actions + get_web_alertactions(aa_conf, module_selection.module_path_end, module_selection.goals, module_selection.received_inputs['goal_flags'], system.hostname, auto_grader_hostname)
       end
     end
   end
 
-  def get_web_alertactions(aa_conf, name, goals, goal_flags, hostname)
+  def get_web_alertactions(aa_conf, name, goals, goal_flags, hostname, auto_grader_hostname)
     alert_actions = []
 
     # Validate whether there are an equal number of goals and goal_flags + warn / error here if not...
@@ -102,7 +104,8 @@ class XmlAlertActionConfigGenerator
                              'action_type' => 'WebAction',
                              'target' => aa_conf['target'],
                              'request_type' => 'POST',
-                             'data' => goal_flags[i]
+                             'data' => "vm_name=" + auto_grader_hostname + "&amp;flag=" + goal_flags[i] # TODO: test if this works
+                             # 'data' => goal_flags[i] # TODO: Update this to the correct format
           }
         end
       end
@@ -152,4 +155,14 @@ class XmlAlertActionConfigGenerator
     end
     builder.to_xml
   end
+
+  def auto_grader_hostname
+    ag_hostname = ''
+    @systems.each do |system|
+      if system.hostname.include? 'grading'
+        ag_hostname = system.hostname
+      end
+    end
+    ag_hostname
+  end
 end
diff --git a/scenarios/tests/test_scenario.xml b/scenarios/tests/test_scenario.xml
index 7ecb78760..c496db25d 100644
--- a/scenarios/tests/test_scenario.xml
+++ b/scenarios/tests/test_scenario.xml
@@ -4,16 +4,81 @@
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
 
-  <name>Thomas Shaw</name>
+  <name>Experiment: Auto Grading</name>
   <author>Thomas Shaw</author>
-  <description>Test Scenario - param accs: Pass group in vs not</description>
-  <type>AGT / AAA scenario</type>
+  <description>
+  </description>
+
+  <type>ctf</type>
   <difficulty>easy</difficulty>
 
+  <!-- 4 user account level challenges: -->
+  <!-- Distcc                    [x] -->
+  <!-- Readable shadow file      [x] -->
+  <!-- Hidden file               [x] -->
+  <!-- Password Cracking         [x]
+       (user account, via readable shadow) -->
+
+  <!-- 2 systems: -->
+  <!-- Kali -->
+  <!-- Debian victim -->
+
   <system>
     <system_name>hackme_desktop</system_name>
     <base distro="Debian 10" type="desktop"/>
 
+    <input into_datastore="IP_addresses">
+      <!-- 0 attack_vm -->
+      <value>172.16.0.2</value>
+      <!-- 1 hackme_server -->
+      <value>172.16.0.3</value>
+      <!-- 2 auto_grading_server -->
+      <value>172.16.0.4</value>
+    </input>
+
+    <input into_datastore="aaa_config">
+      <generator type="aaa_config">
+        <input into="server_ip">
+          <datastore access="0">IP_addresses</datastore>
+        </input>
+        <input into="client_ips">
+          <datastore access="1">IP_addresses</datastore>
+        </input>
+        <input into="elasticsearch_port">
+          <value>9200</value>
+        </input>
+        <input into="logstash_port">
+          <value>5044</value>
+        </input>
+        <input into="kibana_port">
+          <value>5601</value>
+        </input>
+        <input into="aa_configs">
+          <!--          <generator type="alert_actioner_config" module_path=".*goal_flag_hacktivity.*"/>-->
+          <generator type="alert_actioner_config" module_path=".*goal_message_host.*">
+            <input into="host">
+              <datastore access="1">IP_addresses</datastore>
+            </input>
+            <input into="message_header">
+              <value>Well done!</value>
+            </input>
+            <input into="message_subtext">
+              <value>Here is some subtext from the scenario.</value>
+            </input>
+            <input into="sender">
+              <value>root</value>
+            </input>
+            <input into="password">
+              <value>test</value>
+            </input>
+            <input into="recipient">
+              <value>challenger</value>
+            </input>
+          </generator>
+        </input>
+      </generator>
+    </input>
+
     <utility module_path=".*/parameterised_accounts">
       <input into="accounts" into_datastore="account">
         <!-- Default account -->
@@ -38,7 +103,12 @@
       </input>
     </utility>
 
-    <vulnerability module_path="vulnerabilities/unix/misc/distcc_exec"/>
+    <utility module_path=".*analysis_alert_action_client">
+      <input into="aaa_config">
+        <datastore access="0">aaa_config</datastore>
+      </input>
+    </utility>
+
     <vulnerability module_path="vulnerabilities/unix/access_control_misconfigurations/readable_shadow"/>
     <vulnerability module_path=".*/hidden_file">
       <input into="account">
@@ -48,5 +118,44 @@
         <generator type="message_generator"/>
       </input>
     </vulnerability>
+
+    <network type="private_network">
+      <input into="IP_address">
+        <datastore access="1">IP_addresses</datastore>
+      </input>
+    </network>
+  </system>
+
+  <system>
+    <system_name>auto_grading_server</system_name>
+    <base distro="Debian 10" />
+
+    <input into_datastore="goal_flags">
+      <value>flag{static_flag_1}</value>
+      <value>flag{static_flag_2}</value>
+      <value>flag{static_flag_3}</value>
+      <value>flag{static_flag_4}</value>
+      <value>flag{static_flag_5}</value>
+    </input>
+
+    <utility module_path=".*handy_cli_tools.*"/>
+
+    <service module_path=".*analysis_alert_action_server">
+      <input into="aaa_config">
+        <datastore access="0">aaa_config</datastore>
+      </input>
+    </service>
+
+    <network type="private_network">
+      <input into="IP_address">
+        <datastore access="2">IP_addresses</datastore>
+      </input>
+    </network>
+
+    <build type="cleanup">
+      <input into="root_password">
+        <value>test</value>
+      </input>
+    </build>
   </system>
 </scenario>
\ No newline at end of file