2024-07-16 09:32:26 +01:00
.. only :: comment
2025-01-02 15:05:06 +00:00
© Crown-owned copyright 2025, Defence Science and Technology Laboratory UK
2024-07-16 09:32:26 +01:00
.. _RansomwareScript:
RansomwareScript
###################
2024-07-17 16:15:56 +01:00
The RansomwareScript class provides functionality to connect to a :ref: `DatabaseService` and set a database's database.db into a `` CORRUPTED `` state.
2024-07-16 09:32:26 +01:00
Overview
========
The ransomware script intends to simulate a generic implementation of ransomware.
2024-07-17 16:15:56 +01:00
Currently, due to simulation restraints, the ransomware script is unable to attack a host without an active database service.
2024-07-16 09:32:26 +01:00
The ransomware script is similar to that of the data_manipulation_bot but does not have any separate stages or configurable probabilities.
2024-07-17 15:07:37 +01:00
Additionally, similar to the data_manipulation_bot, the ransomware script must be installed on a host with a pre-existing :ref: `DatabaseClient` application installed.
2024-07-16 09:32:26 +01:00
Usage
=====
- Create an instance and call `` configure `` to set:
- Target Database IP
- Database password (if needed)
- Call `` Execute `` to connect and execute the ransomware script.
2024-07-17 15:07:37 +01:00
This application handles connections to the database server and the connection made to encrypt the database but it does not handle disconnections.
2024-07-16 09:32:26 +01:00
Implementation
==============
2024-07-17 15:07:37 +01:00
Currently, the ransomware script connects to a :ref: `DatabaseClient` and leverages its connectivity. The host running `` RansomwareScript `` must also have a :ref: `DatabaseClient` installed on it.
2024-07-16 09:32:26 +01:00
- Uses the Application base class for lifecycle management.
- Target IP and other options set via `` configure `` .
- `` execute `` handles connecting and encrypting.
Examples
========
Python
""""""
.. code-block :: python
from primaite.simulator.network.hardware.nodes.host.computer import Computer
from primaite.simulator.network.hardware.node_operating_state import NodeOperatingState
from primaite.simulator.system.applications.red_applications.RansomwareScript import RansomwareScript
from primaite.simulator.system.applications.database_client import DatabaseClient
client_1 = Computer(
hostname="client_1",
ip_address="192.168.10.21",
subnet_mask="255.255.255.0",
default_gateway="192.168.10.1",
operating_state=NodeOperatingState.ON # initialise the computer in an ON state
)
network.connect(endpoint_b=client_1.network_interface[1], endpoint_a=switch_2.network_interface[1])
client_1.software_manager.install(DatabaseClient)
client_1.software_manager.install(RansomwareScript)
RansomwareScript: RansomwareScript = client_1.software_manager.software.get("RansomwareScript")
RansomwareScript.configure(server_ip_address=IPv4Address("192.168.1.14"))
RansomwareScript.execute()
Configuration
=============
2024-07-17 15:07:37 +01:00
The RansomwareScript inherits configuration options such as `` fix_duration `` from its parent class. However, for the `` RansomwareScript `` the most relevant option is `` server_ip `` .
2024-07-16 09:32:26 +01:00
`` server_ip ``
"""""""""""""
IP address of the :ref: `DatabaseService` which the `` RansomwareScript `` will encrypt.
This must be a valid octet i.e. in the range of `` 0.0.0.0 `` and `` 255.255.255.255 `` .
2024-09-05 08:41:04 +01:00
`` Common Attributes ``
2024-09-05 11:23:52 +01:00
^^^^^^^^^^^^^^^^^^^^^
2024-09-05 08:41:04 +01:00
See :ref: `Common Configuration`
