oxbrbtx/PrimAITE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#2686 - typo changes in jupyter notebook

Browse Source
This commit is contained in:
Chris McCarthy
2024-08-22 09:53:27 +01:00
parent 5d209e4ff9
commit 4a7a4fd571
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/primaite/notebooks/Privilege-Escalation-and Data-Loss-Example.ipynb
View File

@@ -121,7 +121,7 @@
"some_tech_db_srv: Server = game.simulation.network.get_node_by_hostname(\"some_tech_db_srv\")\n",
"some_tech_db_service: DatabaseService = some_tech_db_srv.software_manager.software[\"DatabaseService\"]\n",
"some_tech_storage_srv: Server = game.simulation.network.get_node_by_hostname(\"some_tech_storage_srv\")\n",
"some_tech_web_srv: Server = game.simulation.network.get_node_by_hostname(\"\")"
"some_tech_web_srv: Server = game.simulation.network.get_node_by_hostname(\"some_tech_web_srv\")"
]
},
{
@@ -193,7 +193,7 @@
"source": [
"## Check That the Junior Engineer Cannot SSH into the Storage Server\n",
"\n",
"This step verifies that the junior engineer is currently restricted from SSH access to the storage server. By attempting to establish an SSH connection from the junior engineers workstation to the storage server, this action confirms that the current ACL rules on the core router correctly prevent unauthorised access. It sets up the necessary conditions to later validate the effectiveness of the privilege escalation by demonstrating the initial access restrictions.\n"
"This step verifies that the junior engineer is currently restricted from SSH access to the storage server. By attempting to establish an SSH connection from the junior engineers workstation to the storage server, this action confirms that the current ACL rules on the core router correctly prevents unauthorised access. It sets up the necessary conditions to later validate the effectiveness of the privilege escalation by demonstrating the initial access restrictions.\n"
]
},
{
@@ -240,9 +240,9 @@
"source": [
"## Exploit Core Router to Add ACL for SSH Access\n",
"\n",
"At this point, the junior engineer exploits a vulnerability in the core router by obtaining the login credentials through social engineering. With SSH access to the core router, the engineer modifies the ACL rules to permit SSH connections from theimachinePC to the storage server. This action is crucial as it will enable the engineer to remotely access the storage server and execute further malicious activities.\n",
"At this point, the junior engineer exploits a vulnerability in the core router by obtaining the login credentials through social engineering. With SSH access to the core router, the engineer modifies the ACL rules to permit SSH connections from their machine to the storage server. This action is crucial as it will enable the engineer to remotely access the storage server and execute further malicious activities.\n",
"\n",
"Interestingly, if we inspect the `active_remote_sessions` on the SomeTech core routers `UserSessionManager`, we'll see an active session appear. This active sessoin would pop up in the obersation space."
"Interestingly, if we inspect the `active_remote_sessions` on the SomeTech core routers `UserSessionManager`, we'll see an active session appear. This active session would pop up in the observation space."
]
},
{