Merge branch 'dev' into feature/2712-Terminal_Login_Handling

2024-07-23 15:52:42 +01:00
parent a7f9e4502e e67b4b54ce
commit 9d5b58ce44
51 changed files with 35366 additions and 12367 deletions
--- a/docs/source/simulation_components/system/applications/dos_bot.rst
+++ b/docs/source/simulation_components/system/applications/dos_bot.rst
@@ -7,7 +7,10 @@
 DoSBot
 ######

-The ``DoSBot`` is an implementation of a Denial of Service attack within the PrimAITE simulation. This specifically simulates a `Slow Loris attack <https://en.wikipedia.org/wiki/Slowloris_(computer_security)>`.
+The ``DoSBot`` is an implementation of a Denial of Service attack within the PrimAITE simulation.
+This specifically simulates a `Slow Loris attack`_.
+
+.. _Slow Loris Attack: https://en.wikipedia.org/wiki/Slowloris_(computer_security)

 Key features
 ============
--- a/docs/source/simulation_components/system/applications/nmap.rst
+++ b/docs/source/simulation_components/system/applications/nmap.rst
@@ -5,10 +5,10 @@
 .. _NMAP:

 NMAP
-====
+####

 Overview
--------
+========

 The NMAP application is used to simulate network scanning activities. NMAP is a powerful tool that helps in discovering
 hosts and services on a network. It provides functionalities such as ping scans to discover active hosts and port scans
@@ -19,8 +19,8 @@ structure, identify active devices, and find potential vulnerabilities by discov
 However, it is also a tool frequently used by attackers during the reconnaissance stage of a cyber attack to gather
 information about the target network.

-Scan Types
----------
+Scan Type
+=========

 Ping Scan
 ^^^^^^^^^
@@ -46,7 +46,7 @@ identifying potential entry points for attacks. There are three types of port sc
  It gives a comprehensive view of the network's service landscape.

 Example Usage
-------------
+^^^^^^^^^^^^^

 The network we use for these examples is defined below:

@@ -345,3 +345,11 @@ Perform a full box scan on all ports, over both TCP and UDP, on a whole subnet:
   | 192.168.1.13 | 123  | NTP             | UDP      |
   | 192.168.1.13 | 219  | ARP             | UDP      |
   +--------------+------+-----------------+----------+
+
+Configuration
+=============
+
+.. include:: ../common/common_configuration.rst
+
+.. |SOFTWARE_NAME| replace:: NMAP
+.. |SOFTWARE_NAME_BACKTICK| replace:: ``NMAP``
--- a/docs/source/simulation_components/system/applications/ransomware_script.rst
+++ b/docs/source/simulation_components/system/applications/ransomware_script.rst
@@ -0,0 +1,85 @@
+.. only:: comment
+
+    © Crown-owned copyright 2024, Defence Science and Technology Laboratory UK
+
+.. _RansomwareScript:
+
+RansomwareScript
+###################
+
+The RansomwareScript class provides functionality to connect to a :ref:`DatabaseService` and set a database's database.db into a ``CORRUPTED`` state.
+
+Overview
+========
+
+The ransomware script intends to simulate a generic implementation of ransomware.
+
+Currently, due to simulation restraints, the ransomware script is unable to attack a host without an active database service.
+
+The ransomware script is similar to that of the data_manipulation_bot but does not have any separate stages or configurable probabilities.
+
+Additionally, similar to the data_manipulation_bot, the ransomware script must be installed on a host with a pre-existing :ref:`DatabaseClient` application installed.
+
+Usage
+=====
+
+- Create an instance and call ``configure`` to set:
+    - Target Database IP
+    - Database password (if needed)
+- Call ``Execute`` to connect and execute the ransomware script.
+
+This application handles connections to the database server and the connection made to encrypt the database but it does not handle disconnections.
+
+Implementation
+==============
+
+Currently, the ransomware script connects to a :ref:`DatabaseClient` and leverages its connectivity. The host running ``RansomwareScript`` must also have a :ref:`DatabaseClient` installed on it.
+
+- Uses the Application base class for lifecycle management.
+- Target IP and other options set via ``configure``.
+- ``execute`` handles connecting and encrypting.
+
+
+Examples
+========
+
+Python
+""""""
+.. code-block:: python
+
+    from primaite.simulator.network.hardware.nodes.host.computer import Computer
+    from primaite.simulator.network.hardware.node_operating_state import NodeOperatingState
+    from primaite.simulator.system.applications.red_applications.RansomwareScript import RansomwareScript
+    from primaite.simulator.system.applications.database_client import DatabaseClient
+
+    client_1 = Computer(
+        hostname="client_1",
+        ip_address="192.168.10.21",
+        subnet_mask="255.255.255.0",
+        default_gateway="192.168.10.1",
+        operating_state=NodeOperatingState.ON # initialise the computer in an ON state
+    )
+    network.connect(endpoint_b=client_1.network_interface[1], endpoint_a=switch_2.network_interface[1])
+    client_1.software_manager.install(DatabaseClient)
+    client_1.software_manager.install(RansomwareScript)
+    RansomwareScript: RansomwareScript = client_1.software_manager.software.get("RansomwareScript")
+    RansomwareScript.configure(server_ip_address=IPv4Address("192.168.1.14"))
+    RansomwareScript.execute()
+
+
+Configuration
+=============
+
+The RansomwareScript inherits configuration options such as ``fix_duration`` from its parent class. However, for the ``RansomwareScript`` the most relevant option is ``server_ip``.
+
+.. include:: ../common/common_configuration.rst
+
+.. |SOFTWARE_NAME| replace:: RansomwareScript
+.. |SOFTWARE_NAME_BACKTICK| replace:: ``RansomwareScript``
+
+``server_ip``
+"""""""""""""
+
+IP address of the :ref:`DatabaseService` which the ``RansomwareScript`` will encrypt.
+
+This must be a valid octet i.e. in the range of ``0.0.0.0`` and ``255.255.255.255``.
--- a/docs/source/simulation_components/system/applications/web_browser.rst
+++ b/docs/source/simulation_components/system/applications/web_browser.rst
@@ -23,7 +23,7 @@ Usage
 =====

 - Install on a Node via the ``SoftwareManager`` to start the ``WebBrowser``.
- Service runs on HTTP port 80 by default. (TODO: HTTPS)
+- Service runs on HTTP port 80 by default.
 - Execute sending an HTTP GET request with ``get_webpage``

 Implementation
--- a/docs/source/simulation_components/system/services/ftp_client.rst
+++ b/docs/source/simulation_components/system/services/ftp_client.rst
@@ -87,5 +87,3 @@ Configuration

 .. |SOFTWARE_NAME| replace:: FTPClient
 .. |SOFTWARE_NAME_BACKTICK| replace:: ``FTPClient``
-
-**FTPClient has no configuration options**
--- a/docs/source/simulation_components/system/services/ntp_server.rst
+++ b/docs/source/simulation_components/system/services/ntp_server.rst
@@ -82,5 +82,3 @@ Configuration

 .. |SOFTWARE_NAME| replace:: NTPServer
 .. |SOFTWARE_NAME_BACKTICK| replace:: ``NTPServer``
-
-**NTPServer has no configuration options**
--- a/docs/source/simulation_components/system/services/web_server.rst
+++ b/docs/source/simulation_components/system/services/web_server.rst
@@ -82,5 +82,3 @@ Configuration

 .. |SOFTWARE_NAME| replace:: WebServer
 .. |SOFTWARE_NAME_BACKTICK| replace:: ``WebServer``
-
-**WebServer has no configuration options**