Made alterations to the multiple windows module example scenario

2026-02-23 04:08:02 +00:00 · 2017-12-11 12:30:12 +00:00
parent 9383eef84b
commit fe2a879fb0
1 changed files with 14 additions and 8 deletions
--- a/scenarios/simple_examples/forensic_examples/multiple_module_example.xml
+++ b/scenarios/simple_examples/forensic_examples/multiple_module_example.xml
@@ -4,9 +4,8 @@
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">

-  <!-- an example remote storage system, with a remotely exploitable vulnerability that can then be escalated to root -->
  <system>
-    <system_name>storage_server</system_name>
+    <system_name>windows_box</system_name>
    <base platform="windows" name="Windows 2008 Virtualbox puppet 64"/>

    <utility type="database_editor" name="Sqlite browser install"/>
@@ -43,22 +42,29 @@

    <forensic type="illegal_images" name="Add illegal images cats">
      <input into="image_path">
-        <value>C:\Users\vagrant\Desktop\Hello.jpg</value>
+        <!--<value>['C:\Secret\Illegal_image.jpg','C:\Users\vagrant\Desktop\Illegal_image_2.jpg','C:\Users\vagrant\Documents\Illegal_image_3.jpg']</value>-->
+        <value>C:\Users\vagrant\Desktop\Illegal_image.jpg</value>
+      </input>
+    </forensic>
+
+    <forensic type="file_manipulation" name="Create directory">
+      <input into="new_directory_path">
+        <value>C:\Secret</value>
      </input>
    </forensic>

    <forensic type="file_manipulation" name="Create file">
      <input into="new_file_path">
-        <value>C:\Users\vagrant\Desktop\Hello.txt</value>
+        <value>C:\Users\vagrant\Desktop\Crime.txt</value>
      </input>
      <input into="new_file_contents">
-        <value>File contents</value>
+        <value>I robbed a bank last week, got about 1 mil. I think I'm set now unless the rozzers find me.</value>
      </input>
    </forensic>

    <forensic type="timestamps" name="Change timestamp last write time">
      <input into="last_write_time_file_path">
-        <value>C:\Users\vagrant\Desktop\Hello.txt</value>
+        <value>C:\Users\vagrant\Desktop\Crime.txt</value>
      </input>
      <input into="last_write_time_date">
        <generator type="time_generator" name="Generate random time">
@@ -74,7 +80,7 @@

    <forensic type="timestamps" name="Change timestamp last access time">
      <input into="last_access_time_file_path">
-        <value>C:\Users\vagrant\Desktop\Hello.txt</value>
+        <value>C:\Users\vagrant\Desktop\Crime.txt</value>
      </input>
      <input into="last_access_time_date">
        <generator type="time_generator" name="Generate random time">
@@ -90,7 +96,7 @@

    <forensic type="timestamps" name="Change timestamp creation time">
      <input into="creation_time_file_path">
-        <value>C:\Users\vagrant\Desktop\Hello.txt</value>
+        <value>C:\Users\vagrant\Desktop\Crime.txt</value>
      </input>
      <input into="creation_time_date">
        <generator type="time_generator" name="Generate random time"/>