From 21069b1fc2d38ffd11fcc1907ba327bb5968b149 Mon Sep 17 00:00:00 2001
From: "Z. Cliffe Schreuders" <code.cliffe@schreuders.org>
Date: Tue, 8 Dec 2020 12:05:41 +0000
Subject: [PATCH] lab updates

---
 .../hacker_vs_hackerbot_2/templates/lab.xml.erb                | 3 ++-
 .../hacker_vs_hackerbot_2/templates/snort_rule_3.xml.erb       | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_2/templates/lab.xml.erb b/modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_2/templates/lab.xml.erb
index a2e67dc30..458a47282 100644
--- a/modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_2/templates/lab.xml.erb
+++ b/modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_2/templates/lab.xml.erb
@@ -130,11 +130,12 @@ Randomised instance generated by [SecGen](http://github.com/cliffe/SecGen) (<%=
 %>
 <%= ERB.new(File.read self.templates_path + $permission_attacks.pop ).result(self.get_binding) %>
 
-<!-- 1x random integrity attack-->
+<!-- 2x random integrity attack-->
 <%
   $integrity_attacks = ['integrity_attack1.xml.erb', 'integrity_attack2.xml.erb', 'integrity_attack3.xml.erb', 'integrity_attack4.xml.erb', 'integrity_attack5.xml.erb', 'integrity_attack6.xml.erb', 'integrity_attack7.xml.erb'].shuffle
 %>
 <%= ERB.new(File.read self.templates_path + $integrity_attacks.pop ).result(self.get_binding) %>
+<%= ERB.new(File.read self.templates_path + $integrity_attacks.pop ).result(self.get_binding) %>
 
 <!--1x network monitoring-->
 <%
diff --git a/modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_2/templates/snort_rule_3.xml.erb b/modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_2/templates/snort_rule_3.xml.erb
index 3962212f0..56251b531 100644
--- a/modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_2/templates/snort_rule_3.xml.erb
+++ b/modules/generators/structured_content/hackerbot_config/hacker_vs_hackerbot_2/templates/snort_rule_3.xml.erb
@@ -8,7 +8,7 @@
 		<get_shell>false</get_shell>
 		<post_command></post_command>
 
-		<prompt>Create a Snort rule that detects any unencrypted POP3 email *user authentication attempt* (someone trying to log in), to a mail server on <%= $web_server_ip %>. The alert must include the message "<%= $rand_alert4 %>". Up to three flags will be awarded, based on the quality of the rule.</prompt>
+		<prompt>Create a Snort rule that detects any unencrypted POP3 email *user authentication attempt* (someone trying to log in), to a mail server on <%= $web_server_ip %>. The alert must include the message "<%= $rand_alert4 %>". One flags will be awarded, based on the quality of the rule.</prompt>
 
 		<condition>
 			<output_matches>^--1</output_matches>