mirror of
https://github.com/cliffe/SecGen.git
synced 2026-02-22 03:38:01 +00:00
268 lines
8.4 KiB
XML
268 lines
8.4 KiB
XML
<?xml version="1.0"?>
|
|
|
|
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
|
|
|
|
<!-- Web Server on NIC1 and NIC2 -->
|
|
<system>
|
|
<system_name>web_server</system_name>
|
|
<base module_path=".*debian_puppet_32"/>
|
|
|
|
<input into_datastore="manager">
|
|
<generator type="person">
|
|
<input into="name" into_datastore="manager_name">
|
|
<generator type="name_generator"/>
|
|
</input>
|
|
<input into="email_address">
|
|
<generator type="business_email"> <!-- e.g. contact@business.co.uk -->
|
|
<input into="name">
|
|
<datastore>manager_name</datastore>
|
|
</input>
|
|
<input into="domain" into_datastore="business_domain">
|
|
<generator type="domain">
|
|
<input into="name" into_datastore="business_name">
|
|
<generator type="business_name"/>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
<input into="username" into_datastore="manager_username">
|
|
<generator type="username_generator" read_fact="name">
|
|
<input into="name">
|
|
<datastore>manager_name</datastore>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
|
|
<!--Two Employees-->
|
|
<input into_datastore="employees">
|
|
<!--Employee 1-->
|
|
<generator type="person">
|
|
<input into="name" into_datastore="employee_1_name">
|
|
<generator type="name_generator"/>
|
|
</input>
|
|
<input into="email_address">
|
|
<generator type="business_email"> <!-- e.g. contact@business.co.uk -->
|
|
<input into="name">
|
|
<datastore>employee_1_name</datastore>
|
|
</input>
|
|
<input into="domain">
|
|
<datastore>business_domain</datastore>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
<input into="username" into_datastore="employee_1_username">
|
|
<generator type="username_generator" read_fact="name">
|
|
<input into="name">
|
|
<datastore>employee_1_name</datastore>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
</generator>
|
|
|
|
<!--Employee 2-->
|
|
<generator type="person">
|
|
<input into="name" into_datastore="employee_2_name">
|
|
<generator type="name_generator"/>
|
|
</input>
|
|
<input into="email_address">
|
|
<generator type="business_email"> <!-- e.g. contact@business.co.uk -->
|
|
<input into="name">
|
|
<datastore>employee_2_name</datastore>
|
|
</input>
|
|
<input into="domain">
|
|
<datastore>business_domain</datastore>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
<input into="username" into_datastore="employee_2_username">
|
|
<generator type="username_generator" read_fact="name">
|
|
<input into="name">
|
|
<datastore>employee_2_name</datastore>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
|
|
<vulnerability module_path="vulnerabilities/unix/webapp/parameterised_website">
|
|
<input into="business_name">
|
|
<datastore>business_name</datastore>
|
|
</input>
|
|
<input into="business_motto" into_datastore="business_motto">
|
|
<generator type="motto"/>
|
|
</input>
|
|
<input into="manager_profile">
|
|
<datastore>manager</datastore>
|
|
</input>
|
|
<input into="business_address" into_datastore="business_address">
|
|
<generator type="address_generator"/>
|
|
</input>
|
|
<input into="office_email" into_datastore="office_email">
|
|
<generator type="business_email"> <!-- e.g. contact@business.co.uk -->
|
|
<input into="name">
|
|
<value>contact</value>
|
|
</input>
|
|
<input into="domain">
|
|
<datastore>business_domain</datastore>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
<input into="industry" into_datastore="industry">
|
|
<generator type="industry_generator"/>
|
|
</input>
|
|
<input into="employees">
|
|
<datastore>employees</datastore>
|
|
</input>
|
|
<input into="product_name" into_datastore="product_name">
|
|
<generator type="product"/>
|
|
</input>
|
|
</vulnerability>
|
|
|
|
<vulnerability privilege="user_rwx" access="remote" type="^((?!webapp).)*$">
|
|
<input into="business_domain">
|
|
<datastore>business_domain</datastore>
|
|
</input>
|
|
<input into="business_name">
|
|
<datastore>business_name</datastore>
|
|
</input>
|
|
<input into="person">
|
|
<datastore>manager</datastore>
|
|
</input>
|
|
</vulnerability>
|
|
<vulnerability privilege="root_rwx" access="local">
|
|
<input into="business_domain">
|
|
<datastore>business_domain</datastore>
|
|
</input>
|
|
<input into="business_name">
|
|
<datastore>business_name</datastore>
|
|
</input>
|
|
<input into="person">
|
|
<datastore>manager</datastore>
|
|
</input>
|
|
</vulnerability>
|
|
|
|
<build type="cleanup">
|
|
<input into="root_password">
|
|
<generator type="password_generator"/>
|
|
</input>
|
|
</build>
|
|
|
|
<network module_path=".*private_network_1"/>
|
|
<network module_path=".*private_network_2"/>
|
|
</system>
|
|
|
|
<!-- Intranet Server on NIC 2 -->
|
|
<system>
|
|
<system_name>intranet_server</system_name>
|
|
<base module_path=".*debian_puppet_32"/>
|
|
|
|
<!-- Create accounts for the 3 employees -->
|
|
<vulnerability module_path=".*parameterised_accounts">
|
|
<input into="accounts">
|
|
<generator type="account">
|
|
<input into="username">
|
|
<datastore>manager_username</datastore>
|
|
</input>
|
|
</generator>
|
|
<generator type="account">
|
|
<input into="username">
|
|
<datastore>employee_1_username</datastore>
|
|
</input>
|
|
</generator>
|
|
<generator type="account">
|
|
<input into="username">
|
|
<datastore>employee_2_username</datastore>
|
|
</input>
|
|
</generator>
|
|
</input>
|
|
</vulnerability>
|
|
|
|
<vulnerability module_path="vulnerabilities/unix/webapp/parameterised_website">
|
|
<input into="host_acceptable_use_policy">
|
|
<value>true</value>
|
|
</input>
|
|
<input into="security_audit">
|
|
<generator module_path=".*security_audit_remit"/>
|
|
</input>
|
|
<input into="business_name">
|
|
<datastore>business_name</datastore>
|
|
</input>
|
|
<input into="business_motto">
|
|
<datastore>business_motto</datastore>
|
|
</input>
|
|
<input into="manager_profile">
|
|
<datastore>manager</datastore>
|
|
</input>
|
|
<input into="business_address">
|
|
<datastore>business_address</datastore>
|
|
</input>
|
|
<input into="office_email">
|
|
<datastore>office_email</datastore>
|
|
</input>
|
|
<input into="industry">
|
|
<datastore>industry</datastore>
|
|
</input>
|
|
<input into="employees">
|
|
<datastore>employees</datastore>
|
|
</input>
|
|
<input into="product_name">
|
|
<datastore>product_name</datastore>
|
|
</input>
|
|
</vulnerability>
|
|
|
|
<service/>
|
|
<service/>
|
|
<service/>
|
|
|
|
<vulnerability access="remote" type="^((?!webapp).)*$">
|
|
<input into="business_domain">
|
|
<datastore>business_domain</datastore>
|
|
</input>
|
|
<input into="business_name">
|
|
<datastore>business_name</datastore>
|
|
</input>
|
|
<input into="person">
|
|
<datastore>manager</datastore>
|
|
</input>
|
|
</vulnerability>
|
|
|
|
<vulnerability type="^((?!webapp).)*$">
|
|
<input into="business_domain">
|
|
<datastore>business_domain</datastore>
|
|
</input>
|
|
<input into="business_name">
|
|
<datastore>business_name</datastore>
|
|
</input>
|
|
<input into="person">
|
|
<datastore>manager</datastore>
|
|
</input>
|
|
</vulnerability>
|
|
|
|
<build type="cleanup">
|
|
<input into="root_password">
|
|
<generator type="password_generator"/>
|
|
</input>
|
|
</build>
|
|
|
|
<network module_path=".*private_network_2"/>
|
|
</system>
|
|
|
|
<!-- Desktop Client on NIC2 -->
|
|
<system>
|
|
<system_name>desktop</system_name>
|
|
<base platform="linux"/>
|
|
<utility module_path=".*xfce"/>
|
|
<utility module_path=".*iceweasel" />
|
|
<network module_path=".*private_network_2"/>
|
|
</system>
|
|
|
|
<!-- Attacker Kali on NIC1-->
|
|
<!-- Handle this outside of the scenario.-->
|
|
|
|
</scenario>
|