From 4c0f87e8aad39e6b01c907e10a22d481283716c7 Mon Sep 17 00:00:00 2001 From: Marek Wolan Date: Mon, 20 Jan 2025 10:23:13 +0000 Subject: [PATCH] Fix configure actions that were accidentally combined --- src/primaite/game/agent/actions/software.py | 13 ++++++++++++- .../assets/configs/install_and_configure_apps.yaml | 2 +- .../configs/nmap_port_scan_red_agent_config.yaml | 1 - .../game_layer/actions/test_configure_actions.py | 4 ++-- 4 files changed, 15 insertions(+), 5 deletions(-) diff --git a/src/primaite/game/agent/actions/software.py b/src/primaite/game/agent/actions/software.py index da751a15..aeb7c582 100644 --- a/src/primaite/game/agent/actions/software.py +++ b/src/primaite/game/agent/actions/software.py @@ -19,7 +19,7 @@ __all__ = ( ) -class ConfigureRansomwareScriptAction(AbstractAction, identifier="c2_server_ransomware_configure"): +class ConfigureRansomwareScriptAction(AbstractAction, identifier="configure_ransomware_script"): """Action which sets config parameters for a ransomware script on a node.""" config: "ConfigureRansomwareScriptAction.ConfigSchema" @@ -45,6 +45,17 @@ class ConfigureRansomwareScriptAction(AbstractAction, identifier="c2_server_rans return ["network", "node", config.node_name, "application", "RansomwareScript", "configure", data] +class RansomwareConfigureC2ServerAction(ConfigureRansomwareScriptAction, identifier="c2_server_ransomware_configure"): + """Action which causes a C2 server to send a command to set options on a ransomware script remotely.""" + + @classmethod + def form_request(cls, config: ConfigureRansomwareScriptAction.ConfigSchema) -> RequestFormat: + data = dict( + server_ip_address=config.server_ip_address, server_password=config.server_password, payload=config.payload + ) + return ["network", "node", config.node_name, "application", "C2Server", "ransomware_configure", data] + + class ConfigureDoSBotAction(AbstractAction, identifier="configure_dos_bot"): """Action which sets config parameters for a DoS bot on a node.""" diff --git a/tests/assets/configs/install_and_configure_apps.yaml b/tests/assets/configs/install_and_configure_apps.yaml index ecc81668..2baca409 100644 --- a/tests/assets/configs/install_and_configure_apps.yaml +++ b/tests/assets/configs/install_and_configure_apps.yaml @@ -50,7 +50,7 @@ agents: node_name: client_1 server_password: correct_password 6: - action: c2_server_ransomware_configure + action: configure_ransomware_script options: node_name: client_2 server_ip_address: 10.0.0.5 diff --git a/tests/assets/configs/nmap_port_scan_red_agent_config.yaml b/tests/assets/configs/nmap_port_scan_red_agent_config.yaml index 09e88a76..873401b9 100644 --- a/tests/assets/configs/nmap_port_scan_red_agent_config.yaml +++ b/tests/assets/configs/nmap_port_scan_red_agent_config.yaml @@ -30,7 +30,6 @@ agents: options: source_node: client_1 target_ip_address: 192.168.10.0/24 - target_protocol: tcp target_port: - 21 - 53 diff --git a/tests/integration_tests/game_layer/actions/test_configure_actions.py b/tests/integration_tests/game_layer/actions/test_configure_actions.py index 5c9f09e4..17559405 100644 --- a/tests/integration_tests/game_layer/actions/test_configure_actions.py +++ b/tests/integration_tests/game_layer/actions/test_configure_actions.py @@ -122,7 +122,7 @@ class TestConfigureRansomwareScriptAction: old_payload = ransomware_script.payload action = ( - "c2_server_ransomware_configure", + "configure_ransomware_script", {"node_name": "client_1", **config}, ) agent.store_action(action) @@ -145,7 +145,7 @@ class TestConfigureRansomwareScriptAction: client_1.software_manager.install(RansomwareScript) ransomware_script: RansomwareScript = client_1.software_manager.software["RansomwareScript"] action = ( - "c2_server_ransomware_configure", + "configure_ransomware_script", { "node_name": "client_1", "config": {"server_password": "admin123", "bad_option": 70},