This commit is contained in:
Z. Cliffe Schreuders
2024-08-08 02:20:39 +01:00

View File

@@ -0,0 +1,237 @@
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>Malware Simulation environment</name>
<author>Thomas Shaw</author>
<description>An isolated environment for running malware simulations. A kali linux VM containing theZoo malware repository, as well as 2 blank debian VMS, 2 empty windows 7 VMs, and a windows server 2016, using an isolated network with no external access. Desktop usernames are random, with password: tiaspbiqe2r. Kali username: kali, password: toor. Windows server 2016 username: Administrator, password: tiaspbiqe2r!</description>
<type>simulation-environment</type>
<system>
<system_name>kali_linux</system_name>
<base distro="Kali" name="MSF"/>
<input into_datastore="IP_addresses">
<!-- 0 kali -->
<value>172.16.0.2</value>
<!-- 1 linux desktop -->
<value>172.16.0.3</value>
<!-- 2 linux desktop -->
<value>172.16.0.4</value>
<!-- 3 windows 7 -->
<value>172.16.0.5</value>
<!-- 4 windows 7 -->
<value>172.16.0.6</value>
<!-- 5 windows server 2016 w/ AD -->
<value>172.16.0.7</value>
</input>
<input into_datastore="user_accounts">
<!-- main user, sudoer -->
<generator type="account">
<input into="username">
<generator type="random_sanitised_word">
<input into="wordlist">
<value>mythical_creatures</value>
</input>
</generator>
</input>
<input into="password">
<value>tiaspbiqe2r</value>
</input>
<input into="super_user">
<value>true</value>
</input>
</generator>
</input>
<input into_datastore="spoiler_admin_pass">
<generator type="strong_password_generator"/>
</input>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<value>{"username":"kali","password":"kali","super_user":"true","strings_to_leak":[],"leaked_filenames":[]}</value>
</input>
</utility>
<utility module_path=".*/handy_cli_tools"/>
<utility module_path=".*/hash_tools"/>
<utility module_path=".*/nmap"/>
<utility module_path=".*/live_malware_samples"/>
<network type="private_network" >
<input into="IP_address">
<datastore access="0">IP_addresses</datastore>
</input>
</network>
<build type="cleanup">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</build>
</system>
<system>
<system_name>debian_10_desk_1</system_name>
<base distro="Debian 10" type="desktop" name="KDE"/>
<!--generate two accounts, YOU and someone else-->
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<datastore>user_accounts</datastore>
</input>
</utility>
<utility module_path=".*/kde_minimal">
<input into="accounts">
<datastore>user_accounts</datastore>
</input>
<input into="autostart_konsole">
<value>true</value>
</input>
</utility>
<utility module_path=".*/handy_cli_tools"/>
<utility module_path=".*/nmap"/>
<utility module_path=".*/hash_tools"/>
<utility module_path=".*/iceweasel">
<input into="accounts">
<datastore>user_accounts</datastore>
</input>
</utility>
<vulnerability module_path=".*/ssh_root_login">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</vulnerability>
<network type="private_network" >
<input into="IP_address">
<datastore access="1">IP_addresses</datastore>
</input>
</network>
<build type="cleanup">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</build>
</system>
<system>
<system_name>debian_10_desk_2</system_name>
<base distro="Debian 10" type="desktop" name="KDE"/>
<!--generate two accounts, YOU and someone else-->
<!--Create the users-->
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<datastore>user_accounts</datastore>
</input>
</utility>
<utility module_path=".*/kde_minimal">
<input into="accounts">
<datastore>user_accounts</datastore>
</input>
<input into="autostart_konsole">
<value>true</value>
</input>
</utility>
<utility module_path=".*/handy_cli_tools"/>
<utility module_path=".*/hash_tools"/>
<utility module_path=".*/nmap"/>
<utility module_path=".*/iceweasel">
<input into="accounts">
<datastore>user_accounts</datastore>
</input>
</utility>
<vulnerability module_path=".*/ssh_root_login">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</vulnerability>
<network type="private_network" >
<input into="IP_address">
<datastore access="2">IP_addresses</datastore>
</input>
</network>
<build type="cleanup">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</build>
</system>
<system>
<system_name>win7_desk_1</system_name>
<base platform="windows" distro="7"/>
<utility module_path=".*/parameterised_accounts" platform="windows">
<input into="accounts">
<datastore>user_accounts</datastore>
</input>
</utility>
<network type="private_network">
<input into="IP_address">
<datastore access="3">IP_addresses</datastore>
</input>
</network>
<build type="cleanup">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</build>
</system>
<system>
<system_name>win7_desk_2</system_name>
<base platform="windows" distro="7"/>
<utility module_path=".*/parameterised_accounts" platform="windows">
<input into="accounts">
<datastore>user_accounts</datastore>
</input>
</utility>
<network type="private_network">
<input into="IP_address">
<datastore access="4">IP_addresses</datastore>
</input>
</network>
<build type="cleanup">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</build>
</system>
<system>
<system_name>windows_2016_dc</system_name>
<base platform="windows" distro="server 2016"/>
<network type="private_network">
<input into="IP_address">
<datastore access="5">IP_addresses</datastore>
</input>
</network>
<build type="cleanup">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</build>
</system>
</scenario>