From 799d729f2cb57cc262e5bdd1926d4e0630248997 Mon Sep 17 00:00:00 2001
From: thomashaw <thomashaw@gmail.com>
Date: Wed, 16 Aug 2017 18:06:06 +0100
Subject: [PATCH] renamed guildford_event_basic_narrative.xml =>
 basic_narrative.xml

---
 ...c_narrative_v2.xml => basic_narrative.xml} |  47 +-
 .../ctf/guildford_event_basic_narrative.xml   | 543 ------------------
 2 files changed, 14 insertions(+), 576 deletions(-)
 rename scenarios/ctf/{guildford_event_basic_narrative_v2.xml => basic_narrative.xml} (91%)
 delete mode 100644 scenarios/ctf/guildford_event_basic_narrative.xml

diff --git a/scenarios/ctf/guildford_event_basic_narrative_v2.xml b/scenarios/ctf/basic_narrative.xml
similarity index 91%
rename from scenarios/ctf/guildford_event_basic_narrative_v2.xml
rename to scenarios/ctf/basic_narrative.xml
index c3c28d1f5..f83d009e9 100644
--- a/scenarios/ctf/guildford_event_basic_narrative_v2.xml
+++ b/scenarios/ctf/basic_narrative.xml
@@ -4,34 +4,12 @@
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
 
-  <!-- Single system narrative-based CTF challenge.
-
-   1) Start by visiting ip:80 and recieving a message to decode (another flag in html source code comments too)
-   2) Log onto the box with the credentials found in 1. Read directions in mail discussing store at ip:1337.
-   3) Second, password-less, user account. Another mail between acc2 and acc3.
-   4) Third account using SSH Leaked Keys.
-   5) Onlinestore module - get at the database. Included utilities/sqlmap to help with this.
-
-  -->
+  <!-- Single system narrative-based CTF challenge. -->
 
   <system>
     <system_name>system</system_name>
     <base platform="linux"/>
 
-    <!-- DATASTORE SETUP START -->
-
-    <!-- Store domain and port -->
-
-    <input into_datastore="store_domain">
-      <value>dangerous_store.co.uk</value>
-    </input>
-
-    <input into_datastore="store_port">
-      <value>1337</value>
-    </input>
-
-    <!-- Create @account's for user1, user2 and user3-->
-
     <input into_datastore="accounts">
       <!-- [0]: Entry account -->
       <generator type="account">
@@ -218,9 +196,7 @@
       </generator>
     </input>
 
-
-    <!-- DATASTORE SETUP END. -->
-
+    <!-- Scenario Modules -->
 
     <utility module_path=".*parameterised_accounts">
       <input into="accounts">
@@ -256,7 +232,7 @@
             <encoder type="caesar_cipher">
               <input into="strings_to_encode">
                 <value>Log into the server and check your mail.</value>
-                <value>Username: </value>
+                <value>Username:</value>
                 <datastore access="0" access_json="['username']">accounts</datastore>
                 <value>Password:</value>
                 <datastore access="0" access_json="['password']">accounts</datastore>
@@ -323,10 +299,15 @@
           <input into="content">
             <value>To whom this may concern,</value>
             <value>Now that you're on the server, we need your help with our investigation.</value>
-            <value>We've managed to hide this account on the server for you. Criminal activity has been taking place, particularly over port 1337.</value>
-            <value>Our initial examinations lead us to believe that the perpetrators use poor security practices.</value>
+            <value>We've managed to hide this account on the server for you. Criminal activity has been taking place,
+              particularly over port 1337.
+            </value>
+            <value>Our initial examinations lead us to believe that the perpetrators use poor security practices.
+            </value>
             <value>Find out if the suspects have user accounts on this server and see if you can break in.</value>
-            <value>We need all the evidence we can get. In the form of flags. The more you collect the stronger our case will be.</value>
+            <value>We need all the evidence we can get. In the form of flags. The more you collect the stronger our case
+              will be.
+            </value>
             <value>Godspeed,</value>
             <value>Detective Jones.</value>
           </input>
@@ -346,8 +327,8 @@
           <input into="sender_user">
             <datastore access="2" access_json="['username']">accounts</datastore>
           </input>
-          <input into="sender_domain">
-            <datastore>store_domain</datastore>
+          <input into="sender_domain" into_datastore="store_domain">
+            <value>dangerous_store.co.uk</value>
           </input>
           <input into="recipient_user">
             <datastore access="1" access_json="['username']">accounts</datastore>
@@ -412,7 +393,7 @@
 
     <vulnerability module_path=".*onlinestore.*">
       <input into="port">
-        <datastore>store_port</datastore>
+        <value>1337</value>
       </input>
       <input into="domain">
         <datastore>store_domain</datastore>
diff --git a/scenarios/ctf/guildford_event_basic_narrative.xml b/scenarios/ctf/guildford_event_basic_narrative.xml
deleted file mode 100644
index f522fde54..000000000
--- a/scenarios/ctf/guildford_event_basic_narrative.xml
+++ /dev/null
@@ -1,543 +0,0 @@
-<?xml version="1.0"?>
-
-<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
-          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-          xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
-
-  <!-- Single system narrative-based CTF challenge.
-
-   1) Start by visiting ip:80 and recieving a message to decode (another flag in html source code comments too)
-   2) Log onto the box with the credentials found in 1. Read directions in mail discussing store at ip:1337.
-   3) Second, password-less, user account. Another mail between acc2 and acc3.
-   4) Third account using SSH Leaked Keys.
-   5) Onlinestore module - get at the database. Included utilities/sqlmap to help with this.
-
-  -->
-
-  <system>
-    <system_name>system</system_name>
-    <base platform="linux"/>
-
-    <!-- DATASTORE SETUP START -->
-
-    <!-- Store domain and port -->
-
-    <input into_datastore="store_domain">
-      <value>dangerous_store.co.uk</value>
-    </input>
-
-    <input into_datastore="store_port">
-      <value>1337</value>
-    </input>
-
-    <!-- Account Username and Passwords -->
-
-    <input into_datastore="1_username">
-      <value>ceaseless_daughter</value>
-      <!--<generator type="username_generator"/>-->
-    </input>
-    <input into_datastore="1_password">
-      <generator type="password_generator"/>
-    </input>
-    <input into_datastore="2_username">
-      <!--<generator type="username_generator"/>-->
-      <value>creepy_fly</value>
-    </input>
-    <input into_datastore="3_username">
-      <!--<generator type="username_generator"/>-->
-      <value>icky-company</value>
-    </input>
-
-    <!-- Create @account's for user1, user2 and user3-->
-
-    <input into_datastore="1_account">
-      <generator type="account">
-        <input into="username">
-          <datastore>1_username</datastore>
-        </input>
-        <input into="password">
-          <datastore>1_password</datastore>
-        </input>
-        <input into="leaked_filenames">
-          <value>missing_persons_report</value>
-        </input>
-        <input into="strings_to_leak">
-          <value>*** Missing Persons Report ***</value>
-          <value>Two individuals are missing. No names or dates attached to the report.</value>
-          <value>If you can find out who has gone missing and when, you will be rewarded for your efforts.</value>
-          <value>Enter their names in the format flag{Firstname Lastname YYYY-MM-DD HH:MM:SS}</value>
-          <value>If you find any more evidence, such as the name of a suspect, use the format flag{Firstname Lastname}</value>
-        </input>
-      </generator>
-    </input>
-
-    <input into_datastore="2_account">
-      <generator type="account">
-        <input into="username">
-          <datastore>2_username</datastore>
-        </input>
-        <input into="password">
-          <value/>
-        </input>
-        <input into="strings_to_leak">
-          <generator type="flag_generator"/>
-        </input>
-      </generator>
-    </input>
-
-    <input into_datastore="3_account">
-      <generator type="account">
-        <input into="username">
-          <datastore>3_username</datastore>
-        </input>
-        <input into="strings_to_leak">
-          <value/>
-        </input>
-      </generator>
-    </input>
-
-    <!-- Create @person's for user2 and user3 and the 3 other store_person db entries -->
-
-    <input into_datastore="2_person">
-      <generator type="person">
-        <input into="account">
-          <datastore>2_account</datastore>
-        </input>
-        <input into="name" into_datastore="2_person_name">
-          <generator type="name_generator"/>
-        </input>
-      </generator>
-    </input>
-
-    <input into_datastore="3_person">
-      <generator type="person">
-        <input into="account">
-          <datastore>3_account</datastore>
-        </input>
-        <input into="name" into_datastore="3_person_name">
-          <generator type="name_generator"/>
-        </input>
-      </generator>
-    </input>
-
-    <input into_datastore="1_store_person">
-      <generator type="person">
-        <input into="name" into_datastore="1_store_person_name">
-          <generator type="name_generator"/>
-        </input>
-      </generator>
-    </input>
-
-    <input into_datastore="2_store_person">
-      <generator type="person">
-        <input into="name" into_datastore="2_store_person_name">
-          <generator type="name_generator"/>
-        </input>
-      </generator>
-    </input>
-
-    <input into_datastore="3_store_person">
-      <generator type="person">
-        <input into="name" into_datastore="3_store_person_name">
-          <generator type="name_generator"/>
-        </input>
-      </generator>
-    </input>
-
-    <!-- Web Store data: dealer, murderer, victims and timestamps -->
-
-    <input into_datastore="dealer_id">
-      <encoder type="string_selector">
-        <input into="strings_to_encode">
-          <value>3</value>
-          <value>4</value>
-          <value>5</value>
-        </input>
-      </encoder>
-    </input>
-
-    <input into_datastore="murderer_id">
-      <encoder type="string_selector">
-        <input into="strings_to_encode">
-          <value>2</value>
-          <value>3</value>
-          <value>4</value>
-          <value>5</value>
-        </input>
-      </encoder>
-    </input>
-
-    <input into_datastore="murderer_name">
-      <encoder type="string_selector">
-        <input into="strings_to_encode">
-          <datastore>2_person_name</datastore>
-          <datastore>3_person_name</datastore>
-          <datastore>1_store_person_name</datastore>
-          <datastore>2_store_person_name</datastore>
-          <datastore>3_store_person_name</datastore>
-        </input>
-        <input into="position">
-          <datastore>murderer_id</datastore>
-        </input>
-      </encoder>
-    </input>
-
-    <input into_datastore="1_murdered_id">
-      <encoder type="string_selector_with_exclusions">
-        <input into="exclusion_list">
-          <datastore>murderer_id</datastore>
-          <datastore>dealer_id</datastore>
-        </input>
-        <input into="strings_to_encode">
-          <value>2</value>
-          <value>3</value>
-          <value>4</value>
-          <value>5</value>
-        </input>
-      </encoder>
-    </input>
-
-    <input into_datastore="2_murdered_id">
-      <encoder type="string_selector_with_exclusions">
-        <input into="exclusion_list">
-          <datastore>murderer_id</datastore>
-          <datastore>dealer_id</datastore>
-          <datastore>1_murdered_id</datastore>
-        </input>
-        <input into="strings_to_encode">
-          <value>2</value>
-          <value>3</value>
-          <value>4</value>
-          <value>5</value>
-        </input>
-      </encoder>
-    </input>
-
-    <input into_datastore="1_murdered_name">
-      <encoder type="string_selector">
-        <input into="strings_to_encode">
-          <datastore>2_person_name</datastore>
-          <datastore>3_person_name</datastore>
-          <datastore>1_store_person_name</datastore>
-          <datastore>2_store_person_name</datastore>
-          <datastore>3_store_person_name</datastore>
-        </input>
-        <input into="position">
-          <datastore>1_murdered_id</datastore>
-        </input>
-      </encoder>
-    </input>
-
-    <input into_datastore="2_murdered_name">
-      <encoder type="string_selector">
-        <input into="strings_to_encode">
-          <datastore>2_person_name</datastore>
-          <datastore>3_person_name</datastore>
-          <datastore>1_store_person_name</datastore>
-          <datastore>2_store_person_name</datastore>
-          <datastore>3_store_person_name</datastore>
-        </input>
-        <input into="position">
-          <datastore>2_murdered_id</datastore>
-        </input>
-      </encoder>
-    </input>
-
-    <input into_datastore="1_murdered_timestamp">
-      <generator type="date_generator">
-        <input into="format">
-          <value>mysql_datetime</value>
-        </input>
-      </generator>
-    </input>
-
-    <input into_datastore="2_murdered_timestamp">
-      <generator type="date_generator">
-        <input into="format">
-          <value>mysql_datetime</value>
-        </input>
-      </generator>
-    </input>
-
-    <!-- Murder flags: 1x murderer, 2x murdered w/ timestamp -->
-
-    <input into="murderer_flag">
-      <generator type="concat_flag.*">
-        <input into="strings_to_join">
-          <datastore>murderer_name</datastore>
-        </input>
-      </generator>
-    </input>
-    <input into="murdered_flags">
-      <generator type="concat_flag.*">
-        <input into="strings_to_join">
-          <datastore>1_murdered_name</datastore>
-          <datastore>1_murdered_timestamp</datastore>
-        </input>
-      </generator>
-      <generator type="concat_flag.*">
-        <input into="strings_to_join">
-          <datastore>2_murdered_name</datastore>
-          <datastore>2_murdered_timestamp</datastore>
-        </input>
-      </generator>
-    </input>
-
-
-    <!-- DATASTORE SETUP END. -->
-
-
-    <utility module_path=".*parameterised_accounts">
-      <input into="accounts">
-        <datastore>1_account</datastore>
-      </input>
-    </utility>
-
-    <vulnerability module_path=".*hidden_file">
-      <input into="account">
-        <datastore>1_account</datastore>
-      </input>
-      <input into="strings_to_leak">
-        <generator type="flag_generator"/>
-        <value>Make a note of the technique used to solve this challenge as it will come in handy again soon.</value>
-      </input>
-    </vulnerability>
-
-    <vulnerability module_path=".*passwordless_user_account.*">
-      <input into="accounts">
-        <datastore>2_account</datastore>
-      </input>
-    </vulnerability>
-
-    <service name="Random Parameterised Website">
-      <input into="main_page_paragraph_content">
-        <generator type="html_snippet_generator">
-          <input into="heading">
-            <value>We need your help!</value>
-          </input>
-          <input into="paragraphs" unique_module_list="unique_encoders">
-            <value>You have received a strange message. Can you decode it to read the contents?</value>
-            <!--<encoder type="string_encoder">-->
-            <encoder type="caesar_cipher">
-              <input into="strings_to_encode">
-                <value>Log into the server and check your mail.</value>
-                <value>Username:</value>
-                <datastore>1_username</datastore>
-                <value>Password:</value>
-                <datastore>1_password</datastore>
-                <value>Here's a flag for your efforts.</value>
-                <generator type="flag_generator"/>
-              </input>
-            </encoder>
-          </input>
-        </generator>
-      </input>
-
-      <input into="strings_to_leak">
-        <generator type="flag_generator"/>
-        <value>&lt;a href="oops.html"/&gt;</value>
-      </input>
-
-      <input into="additional_page_filenames">
-        <value>oops.html</value>
-      </input>
-
-      <input into="additional_pages">
-        <generator type="html_snippet_generator">
-          <input into="heading">
-            <value/>
-          </input>
-          <input into="paragraphs">
-            <generator type="flag_generator"/>
-          </input>
-        </generator>
-      </input>
-
-      <input into="white_text">
-        <generator type="flag_generator"/>
-      </input>
-
-      <input into="visible_tabs">
-        <value/>
-      </input>
-      <input into="images_to_leak">
-        <value/>
-      </input>
-
-      <!-- No business facts. -->
-      <input into="business_name">
-        <value/>
-      </input>
-      <input into="business_motto">
-        <value/>
-      </input>
-      <input into="manager_profile">
-        <value/>
-      </input>
-      <input into="business_address">
-        <value/>
-      </input>
-      <input into="office_telephone">
-        <value/>
-      </input>
-      <input into="office_email">
-        <value/>
-      </input>
-      <input into="industry">
-        <value/>
-      </input>
-      <input into="employees">
-        <value/>
-      </input>
-      <input into="product_name">
-        <value/>
-      </input>
-    </service>
-
-    <utility module_path=".*mail.*">
-      <input into="mail">
-        <generator type="mail_message">
-          <input into="sender_user">
-            <value>detective_jones</value>
-          </input>
-          <input into="sender_domain">
-            <value>police.gov.uk</value>
-          </input>
-          <input into="recipient_user">
-            <datastore>1_username</datastore>
-          </input>
-          <input into="subject">
-            <value>Investigation Information</value>
-          </input>
-          <input into="content">
-            <value>To whom this may concern,</value>
-            <value>Now that you're on the server, we need your help with our investigation.</value>
-            <value>We've managed to hide this account on the server for you. Criminal activity has been taking place, particularly over port 1337.</value>
-            <value>Our initial examinations lead us to believe that the perpetrators use poor security practices.</value>
-            <value>Find out if the suspects have user accounts on this server and see if you can break in.</value>
-            <value>We need all the evidence we can get. In the form of flags. The more you collect the stronger our case will be.</value>
-            <value>Godspeed,</value>
-            <value>Detective Jones.</value>
-          </input>
-          <input into="sent_datetime">
-            <generator type="date_generator">
-              <input into="date">
-                <value>12/06/2017 14:51:03</value>
-              </input>
-              <input into="format">
-                <value>mail</value>
-              </input>
-            </generator>
-          </input>
-        </generator>
-
-        <generator type="mail_message">
-          <input into="sender_user">
-            <datastore>3_username</datastore>
-          </input>
-          <input into="sender_domain">
-            <datastore>store_domain</datastore>
-          </input>
-          <input into="recipient_user">
-            <datastore>2_username</datastore>
-          </input>
-          <input into="subject">
-            <value>New order required</value>
-          </input>
-          <input into="content">
-            <value>Good news, I've been getting rid of loads of gear lately. The customers are mad for it.</value>
-            <value>We're going to need a new order ASAP!</value>
-          </input>
-          <input into="sent_datetime">
-            <generator type="date_generator">
-              <input into="date">
-                <value>17/06/2017 20:12:35</value>
-              </input>
-              <input into="format">
-                <value>mail</value>
-              </input>
-            </generator>
-          </input>
-        </generator>
-
-        <generator type="mail_message">
-          <input into="sender_user">
-            <!--<datastore>murderer_username</datastore>-->
-            <value>hitman</value>
-          </input>
-          <input into="sender_domain">
-            <datastore>store_domain</datastore>
-          </input>
-          <input into="recipient_user">
-            <datastore>3_username</datastore>
-          </input>
-          <input into="subject">
-            <value>Offed the last one</value>
-          </input>
-          <input into="content">
-            <value>Job done! The last one on the list is now swimming with the fishes.</value>
-            <value>It wasn't clean though, I think I saw someone watching in the distance.</value>
-            <value>Not that it matters. They'll never catch us!</value>
-          </input>
-          <input into="sent_datetime">
-            <generator type="date_generator">
-              <input into="date">
-                <value>19/06/2017 23:58:12</value>
-              </input>
-              <input into="format">
-                <value>mail</value>
-              </input>
-            </generator>
-          </input>
-        </generator>
-      </input>
-    </utility>
-
-    <!-- Get onto user account 3!! -->
-    <vulnerability module_path="modules/vulnerabilities/unix/system/ssh_leaked_keys">
-      <input into="accounts">
-        <datastore>3_account</datastore>
-      </input>
-    </vulnerability>
-
-    <vulnerability module_path=".*onlinestore.*">
-      <input into="port">
-        <datastore>store_port</datastore>
-      </input>
-      <input into="domain">
-        <datastore>store_domain</datastore>
-      </input>
-      <input into="accounts">
-        <datastore>2_person</datastore>
-        <datastore>3_person</datastore>
-        <datastore>1_store_person</datastore>
-        <datastore>2_store_person</datastore>
-        <datastore>3_store_person</datastore>
-      </input>
-      <input into="dealer_id">
-        <datastore>dealer_id</datastore>
-      </input>
-      <input into="murderer_id">
-        <datastore>murderer_id</datastore>
-      </input>
-      <input into="murdered_on">
-        <datastore>1_murdered_timestamp</datastore>
-        <datastore>2_murdered_timestamp</datastore>
-      </input>
-      <input into="murdered_ids">
-          <datastore>1_murdered_id</datastore>
-          <datastore>2_murdered_id</datastore>
-      </input>
-    </vulnerability>
-
-    <utility module_path=".*sqlmap.*"/>
-
-    <network module_path=".*private_network_1"/>
-    <build type="cleanup">
-      <input into="root_password">
-        <value>tiaspbiqe2r</value>
-      </input>
-    </build>
-  </system>
-
-</scenario>
\ No newline at end of file