mirror of
https://github.com/cliffe/SecGen.git
synced 2026-02-21 19:28:02 +00:00
184 lines
5.3 KiB
XML
184 lines
5.3 KiB
XML
<?xml version="1.0"?>
|
|
|
|
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
|
|
|
|
<name>Auto Grading Testbed</name>
|
|
<author>Thomas Shaw</author>
|
|
<description>Auto Grading w/ scenario level goals</description>
|
|
<type>AGT</type>
|
|
<difficulty>medium</difficulty>
|
|
|
|
<system>
|
|
<system_name>ids_server</system_name>
|
|
<base distro="Debian 10" />
|
|
|
|
<input into_datastore="IP_addresses">
|
|
<value>192.168.209.165</value>
|
|
<value>192.168.209.166</value>
|
|
<value>192.168.209.167</value>
|
|
</input>
|
|
|
|
<input into_datastore="desktop_account">
|
|
<generator type="account">
|
|
<input into="username">
|
|
<value>test</value>
|
|
</input>
|
|
<input into="password">
|
|
<value>test</value>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
|
|
<input into_datastore="client_root_password">
|
|
<value>test</value>
|
|
<!--<generator type="strong_password_generator"/>-->
|
|
</input>
|
|
|
|
<input into_datastore="aaa_config">
|
|
<generator type="aaa_config">
|
|
<input into="server_ip">
|
|
<datastore access="0">IP_addresses</datastore>
|
|
</input>
|
|
<input into="client_ips">
|
|
<datastore access="1">IP_addresses</datastore>
|
|
</input>
|
|
<input into="elasticsearch_port">
|
|
<value>9200</value>
|
|
</input>
|
|
<input into="logstash_port">
|
|
<value>5044</value>
|
|
</input>
|
|
<input into="kibana_port">
|
|
<value>5601</value>
|
|
</input>
|
|
<input into="aa_configs">
|
|
<!-- <generator type="alert_actioner_config" module_path=".*goal_flag_hacktivity.*"/>-->
|
|
<generator type="alert_actioner_config" module_path=".*goal_message_host.*">
|
|
<input into="host">
|
|
<datastore access="1">IP_addresses</datastore>
|
|
</input>
|
|
<input into="message_header">
|
|
<value>Well done!</value>
|
|
</input>
|
|
<input into="message_subtext">
|
|
<value>Here is some subtext from the scenario.</value>
|
|
</input>
|
|
<input into="sender">
|
|
<value>root</value>
|
|
</input>
|
|
<input into="password">
|
|
<datastore access="0">client_root_password</datastore>
|
|
</input>
|
|
<input into="recipient">
|
|
<value>test</value>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
|
|
<utility module_path=".*handy_cli_tools.*"/>
|
|
|
|
<service module_path=".*analysis_alert_action_server">
|
|
<input into="aaa_config">
|
|
<datastore access="0">aaa_config</datastore>
|
|
</input>
|
|
</service>
|
|
|
|
<network type="private_network">
|
|
<input into="IP_address">
|
|
<datastore access="0">IP_addresses</datastore>
|
|
</input>
|
|
</network>
|
|
|
|
<build type="cleanup">
|
|
<input into="root_password">
|
|
<value>test</value>
|
|
</input>
|
|
</build>
|
|
</system>
|
|
|
|
<system>
|
|
<system_name>client_1</system_name>
|
|
<base distro="Debian 10" type="desktop"/>
|
|
|
|
<goals>
|
|
<access_account>
|
|
<account_name>test</account_name> <!-- todo: update this to use desktop_account datastore -->
|
|
</access_account>
|
|
<read_file>
|
|
<file_path>/etc/shadow</file_path>
|
|
</read_file>
|
|
</goals>
|
|
|
|
<utility module_path=".*handy_cli_tools.*"/>
|
|
|
|
<utility module_path=".*parameterised_accounts">
|
|
<input into="accounts">
|
|
<datastore access="0">desktop_account</datastore>
|
|
</input>
|
|
</utility>
|
|
|
|
<utility module_path=".*analysis_alert_action_client">
|
|
<input into="aaa_config">
|
|
<datastore access="0">aaa_config</datastore>
|
|
</input>
|
|
</utility>
|
|
|
|
<!-- <vulnerability module_path=".*symlinks"/>-->
|
|
<vulnerability module_path=".*readable_shadow"/>
|
|
|
|
<utility module_path=".*iceweasel">
|
|
<input into="accounts">
|
|
<value>{"username":"test","password":"test","super_user":"","strings_to_leak":[],"leaked_filenames":[]}</value>
|
|
</input>
|
|
<input into="autostart">
|
|
<value>true</value>
|
|
</input>
|
|
<input into="start_page">
|
|
<datastore access="0">IP_addresses</datastore>
|
|
</input>
|
|
</utility>
|
|
|
|
<network type="private_network">
|
|
<input into="IP_address">
|
|
<datastore access="1">IP_addresses</datastore>
|
|
</input>
|
|
</network>
|
|
|
|
<build type="cleanup">
|
|
<input into="root_password">
|
|
<datastore access="0">client_root_password</datastore>
|
|
</input>
|
|
</build>
|
|
</system>
|
|
|
|
<!-- <system>-->
|
|
<!-- <system_name>client_2</system_name>-->
|
|
<!-- <base distro="Kali" name="MSF"/>-->
|
|
|
|
<!-- <!– <utility module_path=".*/thunderbird"/>–>-->
|
|
|
|
<!-- <utility module_path=".*analysis_alert_action_client">-->
|
|
<!-- <input into="aaa_config">-->
|
|
<!-- <datastore access="0">aaa_config</datastore>-->
|
|
<!-- </input>-->
|
|
<!-- </utility>-->
|
|
|
|
<!-- <network type="private_network">-->
|
|
<!-- <input into="IP_address">-->
|
|
<!-- <datastore access="2">IP_addresses</datastore>-->
|
|
<!-- </input>-->
|
|
<!-- </network>-->
|
|
|
|
<!-- <build type="cleanup">-->
|
|
<!-- <input into="root_password">-->
|
|
<!-- <value>toor</value>-->
|
|
<!-- </input>-->
|
|
<!-- </build>-->
|
|
<!-- </system>-->
|
|
|
|
</scenario>
|