Files
SecGen/scenarios/examples/auto_grading_example.xml

184 lines
5.3 KiB
XML

<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>Auto Grading Testbed</name>
<author>Thomas Shaw</author>
<description>Auto Grading w/ scenario level goals</description>
<type>AGT</type>
<difficulty>medium</difficulty>
<system>
<system_name>ids_server</system_name>
<base distro="Debian 10" />
<input into_datastore="IP_addresses">
<value>192.168.209.165</value>
<value>192.168.209.166</value>
<value>192.168.209.167</value>
</input>
<input into_datastore="desktop_account">
<generator type="account">
<input into="username">
<value>test</value>
</input>
<input into="password">
<value>test</value>
</input>
</generator>
</input>
<input into_datastore="client_root_password">
<value>test</value>
<!--<generator type="strong_password_generator"/>-->
</input>
<input into_datastore="aaa_config">
<generator type="aaa_config">
<input into="server_ip">
<datastore access="0">IP_addresses</datastore>
</input>
<input into="client_ips">
<datastore access="1">IP_addresses</datastore>
</input>
<input into="elasticsearch_port">
<value>9200</value>
</input>
<input into="logstash_port">
<value>5044</value>
</input>
<input into="kibana_port">
<value>5601</value>
</input>
<input into="aa_configs">
<!-- <generator type="alert_actioner_config" module_path=".*goal_flag_hacktivity.*"/>-->
<generator type="alert_actioner_config" module_path=".*goal_message_host.*">
<input into="host">
<datastore access="1">IP_addresses</datastore>
</input>
<input into="message_header">
<value>Well done!</value>
</input>
<input into="message_subtext">
<value>Here is some subtext from the scenario.</value>
</input>
<input into="sender">
<value>root</value>
</input>
<input into="password">
<datastore access="0">client_root_password</datastore>
</input>
<input into="recipient">
<value>test</value>
</input>
</generator>
</input>
</generator>
</input>
<utility module_path=".*handy_cli_tools.*"/>
<service module_path=".*analysis_alert_action_server">
<input into="aaa_config">
<datastore access="0">aaa_config</datastore>
</input>
</service>
<network type="private_network">
<input into="IP_address">
<datastore access="0">IP_addresses</datastore>
</input>
</network>
<build type="cleanup">
<input into="root_password">
<value>test</value>
</input>
</build>
</system>
<system>
<system_name>client_1</system_name>
<base distro="Debian 10" type="desktop"/>
<goals>
<access_account>
<account_name>test</account_name> <!-- todo: update this to use desktop_account datastore -->
</access_account>
<read_file>
<file_path>/etc/shadow</file_path>
</read_file>
</goals>
<utility module_path=".*handy_cli_tools.*"/>
<utility module_path=".*parameterised_accounts">
<input into="accounts">
<datastore access="0">desktop_account</datastore>
</input>
</utility>
<utility module_path=".*analysis_alert_action_client">
<input into="aaa_config">
<datastore access="0">aaa_config</datastore>
</input>
</utility>
<!-- <vulnerability module_path=".*symlinks"/>-->
<vulnerability module_path=".*readable_shadow"/>
<utility module_path=".*iceweasel">
<input into="accounts">
<value>{"username":"test","password":"test","super_user":"","strings_to_leak":[],"leaked_filenames":[]}</value>
</input>
<input into="autostart">
<value>true</value>
</input>
<input into="start_page">
<datastore access="0">IP_addresses</datastore>
</input>
</utility>
<network type="private_network">
<input into="IP_address">
<datastore access="1">IP_addresses</datastore>
</input>
</network>
<build type="cleanup">
<input into="root_password">
<datastore access="0">client_root_password</datastore>
</input>
</build>
</system>
<!-- <system>-->
<!-- <system_name>client_2</system_name>-->
<!-- <base distro="Kali" name="MSF"/>-->
<!-- &lt;!&ndash; <utility module_path=".*/thunderbird"/>&ndash;&gt;-->
<!-- <utility module_path=".*analysis_alert_action_client">-->
<!-- <input into="aaa_config">-->
<!-- <datastore access="0">aaa_config</datastore>-->
<!-- </input>-->
<!-- </utility>-->
<!-- <network type="private_network">-->
<!-- <input into="IP_address">-->
<!-- <datastore access="2">IP_addresses</datastore>-->
<!-- </input>-->
<!-- </network>-->
<!-- <build type="cleanup">-->
<!-- <input into="root_password">-->
<!-- <value>toor</value>-->
<!-- </input>-->
<!-- </build>-->
<!-- </system>-->
</scenario>