oxbrbtx/PrimAITE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#3062 - First pass at unifying naming convention for discriminators (still errors) [skip ci]

Browse Source
This commit is contained in:
Marek Wolan
2025-02-03 16:24:03 +00:00
parent 055c853b0f
commit abccf4afc5
195 changed files with 2824 additions and 2802 deletions
Download Patch File Download Diff File Expand all files Collapse all files

220
tests/assets/configs/action_penalty.yaml
View File

@@ -24,20 +24,20 @@ agents:
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
- hostname: domain_controller
- hostname: web_server
services:
- service_name: WebServer
- service_name: web-server
- hostname: database_server
folders:
- folder_name: database
@@ -77,7 +77,7 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
@@ -91,222 +91,222 @@ agents:
- switch_2:eth-1<->client_1:eth-1
- switch_2:eth-2<->client_2:eth-1
- switch_2:eth-7<->security_suite:eth-2
- type: "NONE"
- type: "none"
label: ICS
options: {}
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
# scan webapp service
1:
action: node_service_scan
action: node-service-scan
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# stop webapp service
2:
action: node_service_stop
action: node-service-stop
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# start webapp service
3:
action: "node_service_start"
action: "node-service-start"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
4:
action: "node_service_pause"
action: "node-service-pause"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
5:
action: "node_service_resume"
action: "node-service-resume"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
6:
action: "node_service_restart"
action: "node-service-restart"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
7:
action: "node_service_disable"
action: "node-service-disable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
8:
action: "node_service_enable"
action: "node-service-enable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
9: # check database.db file
action: "node_file_scan"
action: "node-file-scan"
options:
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node-file-scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "node_file_delete"
action: "node-file-delete"
options:
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "node_file_repair"
action: "node-file-repair"
options:
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "node_service_fix"
action: "node-service-fix"
options:
node_name: database_server
service_name: DatabaseService
service_name: database-service
14:
action: "node_folder_scan"
action: "node-folder-scan"
options:
node_name: database_server
folder_name: database
15:
action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node-folder-scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_name: database_server
folder_name: database
16:
action: "node_folder_repair"
action: "node-folder-repair"
options:
node_name: database_server
folder_name: database
17:
action: "node_folder_restore"
action: "node-folder-restore"
options:
node_name: database_server
folder_name: database
18:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: domain_controller
19:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: domain_controller
20:
action: node_startup
action: node-startup
options:
node_name: domain_controller
21:
action: node_reset
action: node-reset
options:
node_name: domain_controller
22:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: web_server
23:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: web_server
24:
action: node_startup
action: node-startup
options:
node_name: web_server
25:
action: node_reset
action: node-reset
options:
node_name: web_server
26: # old action num: 18
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: database_server
27:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: database_server
28:
action: node_startup
action: node-startup
options:
node_name: database_server
29:
action: node_reset
action: node-reset
options:
node_name: database_server
30:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: backup_server
31:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: backup_server
32:
action: node_startup
action: node-startup
options:
node_name: backup_server
33:
action: node_reset
action: node-reset
options:
node_name: backup_server
34:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: security_suite
35:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: security_suite
36:
action: node_startup
action: node-startup
options:
node_name: security_suite
37:
action: node_reset
action: node-reset
options:
node_name: security_suite
38:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: client_1
39: # old action num: 19 # shutdown client 1
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_1
40: # old action num: 20
action: node_startup
action: node-startup
options:
node_name: client_1
41: # old action num: 21
action: node_reset
action: node-reset
options:
node_name: client_1
42:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: client_2
43:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_2
44:
action: node_startup
action: node-startup
options:
node_name: client_2
45:
action: node_reset
action: node-reset
options:
node_name: client_2
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "router_acl_add_rule"
46: # old action num: 22 # "acl: ADDRULE - Block outgoing traffic from client 1"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 1
@@ -318,8 +318,8 @@ agents:
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "router_acl_add_rule"
47: # old action num: 23 # "acl: ADDRULE - Block outgoing traffic from client 2"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 2
@@ -332,7 +332,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 3
@@ -345,7 +345,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 4
@@ -358,7 +358,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
50: # old action num: 26
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 5
@@ -371,7 +371,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
51: # old action num: 27
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 6
@@ -384,139 +384,139 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
52: # old action num: 28
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 0
53: # old action num: 29
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 1
54: # old action num: 30
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 2
55: # old action num: 31
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 3
56: # old action num: 32
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 4
57: # old action num: 33
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 5
58: # old action num: 34
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 6
59: # old action num: 35
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 7
60: # old action num: 36
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 8
61: # old action num: 37
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 9
62: # old action num: 38
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: domain_controller
nic_num: 1
63: # old action num: 39
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: domain_controller
nic_num: 1
64: # old action num: 40
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: web_server
nic_num: 1
65: # old action num: 41
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: web_server
nic_num: 1
66: # old action num: 42
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: database_server
nic_num: 1
67: # old action num: 43
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: database_server
nic_num: 1
68: # old action num: 44
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: backup_server
nic_num: 1
69: # old action num: 45
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: backup_server
nic_num: 1
70: # old action num: 46
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 1
71: # old action num: 47
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 1
72: # old action num: 48
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 2
73: # old action num: 49
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 2
74: # old action num: 50
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_1
nic_num: 1
75: # old action num: 51
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_1
nic_num: 1
76: # old action num: 52
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_2
nic_num: 1
77: # old action num: 53
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_2
nic_num: 1
reward_function:
reward_components:
- type: ACTION_PENALTY
- type: action-penalty
weight: 1.0
options:
action_penalty: -0.75
@@ -585,7 +585,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.1.1
services:
- type: DNSServer
- type: dns-server
options:
domain_mapping:
arcd.com: 192.168.1.12 # web server
@@ -597,9 +597,9 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: WebServer
- type: web-server
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
@@ -611,10 +611,10 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: DatabaseService
- type: database-service
options:
backup_server_ip: 192.168.1.16
- type: FTPClient
- type: ftp-client
- hostname: backup_server
type: server
@@ -623,7 +623,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: FTPServer
- type: ftp-server
- hostname: security_suite
type: server
@@ -643,20 +643,20 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.14
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client
- hostname: client_2
type: computer
@@ -665,20 +665,20 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.14
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client

170
tests/assets/configs/bad_primaite_session.yaml
View File

@@ -12,37 +12,37 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
action_probabilities:
0: 1.0
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
type: red-database-corrupting-agent
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
possible_start_nodes: [client_1,]
target_application: DataManipulationBot
target_application: data-manipulation-bot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
- hostname: domain_controller
- hostname: web_server
services:
- service_name: WebServer
- service_name: web-server
- hostname: database_server
folders:
- folder_name: database
@@ -82,7 +82,7 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
@@ -96,7 +96,7 @@ agents:
- switch_2:eth-1<->client_1:eth-1
- switch_2:eth-2<->client_2:eth-1
- switch_2:eth-7<->security_suite:eth-2
- type: "NONE"
- type: "none"
label: ICS
options: {}
@@ -104,118 +104,118 @@ agents:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
# scan webapp service
1:
action: node_service_scan
action: node-service-scan
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# stop webapp service
2:
action: node_service_stop
action: node-service-stop
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# start webapp service
3:
action: "node_service_start"
action: "node-service-start"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
4:
action: "node_service_pause"
action: "node-service-pause"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
5:
action: "node_service_resume"
action: "node-service-resume"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
6:
action: "node_service_restart"
action: "node-service-restart"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
7:
action: "node_service_disable"
action: "node-service-disable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
8:
action: "node_service_enable"
action: "node-service-enable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
9: # check database.db file
action: "node_file_scan"
action: "node-file-scan"
options:
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "node_file_checkhash"
action: "node-file-checkhash"
options:
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "node_file_delete"
action: "node-file-delete"
options:
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "node_file_repair"
action: "node-file-repair"
options:
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "node_service_fix"
action: "node-service-fix"
options:
node_name: database_server
service_name: DatabaseService
service_name: database-service
14:
action: "node_folder_scan"
action: "node-folder-scan"
options:
node_name: database_server
folder_name: database
15:
action: "node_folder_checkhash"
action: "node-folder-checkhash"
options:
node_name: database_server
folder_name: database
16:
action: "node_folder_repair"
action: "node-folder-repair"
options:
node_name: database_server
folder_name: database
17:
action: "node_folder_restore"
action: "node-folder-restore"
options:
node_name: database_server
folder_name: database
18:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: database_server
19: # shutdown client 1
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_1
20:
action: "node_startup"
action: "node-startup"
options:
node_name: client_1
21:
action: "node_reset"
action: "node-reset"
options:
node_name: client_1
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "router_acl_add_rule"
22: # "acl: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "router-acl-add-rule"
options:
target_router: router_1
position: 1
@@ -227,8 +227,8 @@ agents:
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "router_acl_add_rule"
23: # "acl: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "router-acl-add-rule"
options:
target_router: router_1
position: 2
@@ -241,7 +241,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
24: # block tcp traffic from client 1 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 3
@@ -254,7 +254,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
25: # block tcp traffic from client 2 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 4
@@ -267,7 +267,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
26:
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 5
@@ -280,7 +280,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
27:
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 6
@@ -293,139 +293,139 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
28:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 0
29:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 1
30:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 2
31:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 3
32:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 4
33:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 5
34:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 6
35:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 7
36:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 8
37:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 9
38:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: domain_controller
nic_num: 1
39:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: domain_controller
nic_num: 1
40:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: web_server
nic_num: 1
41:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: web_server
nic_num: 1
42:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: database_server
nic_num: 1
43:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: database_server
nic_num: 1
44:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: backup_server
nic_num: 1
45:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: backup_server
nic_num: 1
46:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 1
47:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 1
48:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 2
49:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 2
50:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_1
nic_num: 1
51:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_1
nic_num: 1
52:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_2
nic_num: 1
53:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_2
nic_num: 1
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY
- type: database-file-integrity
weight: 0.5
options:
node_hostname: database_server
@@ -433,7 +433,7 @@ agents:
file_name: database.db
- type: WEB_SERVER_404_PENALTY
- type: web-server-404-penalty
weight: 0.5
options:
node_hostname: web_server
@@ -492,7 +492,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.1.1
services:
- type: DNSServer
- type: dns-server
options:
domain_mapping:
arcd.com: 192.168.1.12 # web server
@@ -504,9 +504,9 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: WebServer
- type: web-server
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
@@ -518,7 +518,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: DatabaseService
- type: database-service
- type: server
hostname: backup_server
@@ -527,7 +527,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: FTPServer
- type: ftp-server
- type: server
hostname: security_suite
@@ -547,14 +547,14 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.1
data_manipulation_p_of_success: 0.1
payload: "DELETE"
server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client
- type: computer
hostname: client_2
@@ -563,9 +563,9 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: WebBrowser
- type: web-browser
services:
- type: DNSClient
- type: dns-client
links:
- endpoint_a_hostname: router_1

4
tests/assets/configs/basic_c2_setup.yaml
View File

@@ -40,7 +40,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.10.1
applications:
- type: C2Server
- type: c2-server
options:
listen_on_ports:
- 80
@@ -52,7 +52,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.10.1
applications:
- type: C2Beacon
- type: c2-beacon
options:
c2_server_ip_address: 192.168.10.21
keep_alive_frequency: 5

8
tests/assets/configs/basic_firewall.yaml
View File

@@ -26,18 +26,18 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: WebBrowser
application_name: web-browser
agent_settings:
action_probabilities:

4
tests/assets/configs/basic_node_with_software_listening_ports.yaml
View File

@@ -26,13 +26,13 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.10.1
services:
- type: DatabaseService
- type: database-service
options:
backup_server_ip: 10.10.1.12
listen_on_ports:
- 631
applications:
- type: WebBrowser
- type: web-browser
options:
target_url: http://sometech.ai
listen_on_ports:

50
tests/assets/configs/basic_switched_network.yaml
View File

@@ -29,22 +29,22 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: WebBrowser
application_name: web-browser
reward_function:
reward_components:
- type: DUMMY
- type: dummy
agent_settings:
action_probabilities:
@@ -53,13 +53,13 @@ agents:
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
@@ -96,25 +96,25 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
- switch_1:eth-1<->client_1:eth-1
- switch_1:eth-2<->client_2:eth-1
- type: "NONE"
- type: "none"
label: ICS
options: {}
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY
- type: database-file-integrity
weight: 0.5
options:
node_hostname: database_server
@@ -122,7 +122,7 @@ agents:
file_name: database.db
- type: WEB_SERVER_404_PENALTY
- type: web-server-404-penalty
weight: 0.5
options:
node_hostname: web_server
@@ -147,41 +147,41 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: RansomwareScript
- type: WebBrowser
- type: ransomware-script
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.10
server_password: arcd
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.21
server_password: arcd
- type: DoSBot
- type: dos-bot
options:
target_ip_address: 192.168.10.21
payload: SPOOF DATA
port_scan_p_of_success: 0.8
services:
- type: DNSClient
- type: DNSServer
- type: dns-client
- type: dns-server
options:
domain_mapping:
arcd.com: 192.168.1.10
- type: DatabaseService
- type: database-service
options:
backup_server_ip: 192.168.1.10
- type: WebServer
- type: FTPServer
- type: NTPClient
- type: web-server
- type: ftp-server
- type: ntp-client
options:
ntp_server_ip: 192.168.1.10
- type: NTPServer
- type: ntp-server
- hostname: client_2
type: computer
ip_address: 192.168.10.22

260
tests/assets/configs/data_manipulation.yaml
View File

@@ -24,7 +24,7 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings:
action_probabilities:
0: 0.3
@@ -34,33 +34,33 @@ agents:
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: WebBrowser
application_name: web-browser
2:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: DatabaseClient
application_name: database-client
reward_function:
reward_components:
- type: WEBPAGE_UNAVAILABLE_PENALTY
- type: webpage-unavailable-penalty
weight: 0.25
options:
node_hostname: client_2
- type: GREEN_ADMIN_DATABASE_UNREACHABLE_PENALTY
- type: green-admin-database-unreachable-penalty
weight: 0.05
options:
node_hostname: client_2
- ref: client_1_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings:
action_probabilities:
0: 0.3
@@ -70,26 +70,26 @@ agents:
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: WebBrowser
application_name: web-browser
2:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: WebBrowser
application_name: web-browser
reward_function:
reward_components:
- type: WEBPAGE_UNAVAILABLE_PENALTY
- type: webpage-unavailable-penalty
weight: 0.25
options:
node_hostname: client_1
- type: GREEN_ADMIN_DATABASE_UNREACHABLE_PENALTY
- type: green-admin-database-unreachable-penalty
weight: 0.05
options:
node_hostname: client_1
@@ -100,30 +100,30 @@ agents:
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
type: red-database-corrupting-agent
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
possible_start_nodes: [client_1, client_2]
target_application: DataManipulationBot
target_application: data-manipulation-bot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
- hostname: domain_controller
- hostname: web_server
services:
- service_name: WebServer
- service_name: web-server
- hostname: database_server
folders:
- folder_name: database
@@ -168,7 +168,7 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
@@ -182,222 +182,222 @@ agents:
- switch_2:eth-1<->client_1:eth-1
- switch_2:eth-2<->client_2:eth-1
- switch_2:eth-7<->security_suite:eth-2
- type: "NONE"
- type: "none"
label: ICS
options: {}
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
# scan webapp service
1:
action: node_service_scan
action: node-service-scan
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# stop webapp service
2:
action: node_service_stop
action: node-service-stop
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# start webapp service
3:
action: "node_service_start"
action: "node-service-start"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
4:
action: "node_service_pause"
action: "node-service-pause"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
5:
action: "node_service_resume"
action: "node-service-resume"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
6:
action: "node_service_restart"
action: "node-service-restart"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
7:
action: "node_service_disable"
action: "node-service-disable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
8:
action: "node_service_enable"
action: "node-service-enable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
9: # check database.db file
action: "node_file_scan"
action: "node-file-scan"
options:
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node-file-scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "node_file_delete"
action: "node-file-delete"
options:
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "node_file_repair"
action: "node-file-repair"
options:
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "node_service_fix"
action: "node-service-fix"
options:
node_name: database_server
service_name: DatabaseService
service_name: database-service
14:
action: "node_folder_scan"
action: "node-folder-scan"
options:
node_name: database_server
folder_name: database
15:
action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node-folder-scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_name: database_server
folder_name: database
16:
action: "node_folder_repair"
action: "node-folder-repair"
options:
node_name: database_server
folder_name: database
17:
action: "node_folder_restore"
action: "node-folder-restore"
options:
node_name: database_server
folder_name: database
18:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: domain_controller
19:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: domain_controller
20:
action: node_startup
action: node-startup
options:
node_name: domain_controller
21:
action: node_reset
action: node-reset
options:
node_name: domain_controller
22:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: web_server
23:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: web_server
24:
action: node_startup
action: node-startup
options:
node_name: web_server
25:
action: node_reset
action: node-reset
options:
node_name: web_server
26: # old action num: 18
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: database_server
27:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: database_server
28:
action: node_startup
action: node-startup
options:
node_name: database_server
29:
action: node_reset
action: node-reset
options:
node_name: database_server
30:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: backup_server
31:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: backup_server
32:
action: node_startup
action: node-startup
options:
node_name: backup_server
33:
action: node_reset
action: node-reset
options:
node_name: backup_server
34:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: security_suite
35:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: security_suite
36:
action: node_startup
action: node-startup
options:
node_name: security_suite
37:
action: node_reset
action: node-reset
options:
node_name: security_suite
38:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: client_1
39: # old action num: 19 # shutdown client 1
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_1
40: # old action num: 20
action: node_startup
action: node-startup
options:
node_name: client_1
41: # old action num: 21
action: node_reset
action: node-reset
options:
node_name: client_1
42:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: client_2
43:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_2
44:
action: node_startup
action: node-startup
options:
node_name: client_2
45:
action: node_reset
action: node-reset
options:
node_name: client_2
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "router_acl_add_rule"
46: # old action num: 22 # "acl: ADDRULE - Block outgoing traffic from client 1"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 1
@@ -409,8 +409,8 @@ agents:
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "router_acl_add_rule"
47: # old action num: 23 # "acl: ADDRULE - Block outgoing traffic from client 2"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 2
@@ -423,7 +423,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 3
@@ -436,7 +436,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 4
@@ -449,7 +449,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
50: # old action num: 26
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 5
@@ -462,7 +462,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
51: # old action num: 27
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 6
@@ -475,151 +475,151 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
52: # old action num: 28
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 0
53: # old action num: 29
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 1
54: # old action num: 30
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 2
55: # old action num: 31
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 3
56: # old action num: 32
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 4
57: # old action num: 33
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 5
58: # old action num: 34
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 6
59: # old action num: 35
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 7
60: # old action num: 36
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 8
61: # old action num: 37
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 9
62: # old action num: 38
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: domain_controller
nic_num: 1
63: # old action num: 39
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: domain_controller
nic_num: 1
64: # old action num: 40
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: web_server
nic_num: 1
65: # old action num: 41
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: web_server
nic_num: 1
66: # old action num: 42
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: database_server
nic_num: 1
67: # old action num: 43
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: database_server
nic_num: 1
68: # old action num: 44
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: backup_server
nic_num: 1
69: # old action num: 45
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: backup_server
nic_num: 1
70: # old action num: 46
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 1
71: # old action num: 47
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 1
72: # old action num: 48
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 2
73: # old action num: 49
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 2
74: # old action num: 50
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_1
nic_num: 1
75: # old action num: 51
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_1
nic_num: 1
76: # old action num: 52
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_2
nic_num: 1
77: # old action num: 53
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_2
nic_num: 1
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY
- type: database-file-integrity
weight: 0.40
options:
node_hostname: database_server
folder_name: database
file_name: database.db
- type: SHARED_REWARD
- type: shared-reward
weight: 1.0
options:
agent_name: client_1_green_user
- type: SHARED_REWARD
- type: shared-reward
weight: 1.0
options:
agent_name: client_2_green_user
@@ -689,7 +689,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.1.1
services:
- type: DNSServer
- type: dns-server
options:
domain_mapping:
arcd.com: 192.168.1.12 # web server
@@ -701,9 +701,9 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: WebServer
- type: web-server
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
@@ -715,10 +715,10 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: DatabaseService
- type: database-service
options:
backup_server_ip: 192.168.1.16
- type: FTPClient
- type: ftp-client
- hostname: backup_server
type: server
@@ -727,7 +727,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: FTPServer
- type: ftp-server
- hostname: security_suite
type: server
@@ -747,20 +747,20 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.14
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client
- hostname: client_2
type: computer
@@ -769,20 +769,20 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.14
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client
links:
- endpoint_a_hostname: router_1

10
tests/assets/configs/dmz_network.yaml
View File

@@ -51,18 +51,18 @@ game:
agents:
- ref: client_1_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: WebBrowser
application_name: web-browser
agent_settings:
action_probabilities:
@@ -223,7 +223,7 @@ simulation:
start_up_duration: 0
shut_down_duration: 0
services:
- type: DNSServer
- type: dns-server
links:
- endpoint_a_hostname: client_1
endpoint_a_port: 1

182
tests/assets/configs/eval_only_primaite_session.yaml
View File

@@ -12,17 +12,17 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
reward_function:
reward_components:
- type: DUMMY
- type: dummy
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
action_probabilities:
@@ -30,47 +30,47 @@ agents:
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
type: red-database-corrupting-agent
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: DataManipulationBot
application_name: data-manipulation-bot
reward_function:
reward_components:
- type: DUMMY
- type: dummy
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
possible_start_nodes: [client_1,]
target_application: DataManipulationBot
target_application: data-manipulation-bot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
- hostname: domain_controller
- hostname: web_server
services:
- service_name: WebServer
- service_name: web-server
- hostname: database_server
folders:
- folder_name: database
@@ -110,7 +110,7 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
@@ -124,7 +124,7 @@ agents:
- switch_2:eth-1<->client_1:eth-1
- switch_2:eth-2<->client_2:eth-1
- switch_2:eth-7<->security_suite:eth-2
- type: "NONE"
- type: "none"
label: ICS
options: {}
@@ -132,118 +132,118 @@ agents:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
# scan webapp service
1:
action: node_service_scan
action: node-service-scan
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# stop webapp service
2:
action: node_service_stop
action: node-service-stop
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# start webapp service
3:
action: "node_service_start"
action: "node-service-start"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
4:
action: "node_service_pause"
action: "node-service-pause"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
5:
action: "node_service_resume"
action: "node-service-resume"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
6:
action: "node_service_restart"
action: "node-service-restart"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
7:
action: "node_service_disable"
action: "node-service-disable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
8:
action: "node_service_enable"
action: "node-service-enable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
9: # check database.db file
action: "node_file_scan"
action: "node-file-scan"
options:
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "node_file_checkhash"
action: "node-file-checkhash"
options:
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "node_file_delete"
action: "node-file-delete"
options:
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "node_file_repair"
action: "node-file-repair"
options:
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "node_service_fix"
action: "node-service-fix"
options:
node_name: database_server
service_name: DatabaseService
service_name: database-service
14:
action: "node_folder_scan"
action: "node-folder-scan"
options:
node_name: database_server
folder_name: database
15:
action: "node_folder_checkhash"
action: "node-folder-checkhash"
options:
node_name: database_server
folder_name: database
16:
action: "node_folder_repair"
action: "node-folder-repair"
options:
node_name: database_server
folder_name: database
17:
action: "node_folder_restore"
action: "node-folder-restore"
options:
node_name: database_server
folder_name: database
18:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: database_server
19: # shutdown client 1
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_1
20:
action: "node_startup"
action: "node-startup"
options:
node_name: client_1
21:
action: "node_reset"
action: "node-reset"
options:
node_name: client_1
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "router_acl_add_rule"
22: # "acl: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "router-acl-add-rule"
options:
target_router: router_1
position: 1
@@ -255,8 +255,8 @@ agents:
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "router_acl_add_rule"
23: # "acl: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "router-acl-add-rule"
options:
target_router: router_1
position: 2
@@ -269,7 +269,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
24: # block tcp traffic from client 1 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 3
@@ -282,7 +282,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
25: # block tcp traffic from client 2 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 4
@@ -295,7 +295,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
26:
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 5
@@ -308,7 +308,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
27:
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 6
@@ -321,139 +321,139 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
28:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 0
29:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 1
30:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 2
31:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 3
32:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 4
33:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 5
34:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 6
35:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 7
36:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 8
37:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 9
38:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: domain_controller
nic_num: 1
39:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: domain_controller
nic_num: 1
40:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: web_server
nic_num: 1
41:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: web_server
nic_num: 1
42:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: database_server
nic_num: 1
43:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: database_server
nic_num: 1
44:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: backup_server
nic_num: 1
45:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: backup_server
nic_num: 1
46:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 1
47:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 1
48:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 2
49:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 2
50:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_1
nic_num: 1
51:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_1
nic_num: 1
52:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_2
nic_num: 1
53:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_2
nic_num: 1
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY
- type: database-file-integrity
weight: 0.5
options:
node_hostname: database_server
@@ -461,7 +461,7 @@ agents:
file_name: database.db
- type: WEB_SERVER_404_PENALTY
- type: web-server-404-penalty
weight: 0.5
options:
node_hostname: web_server
@@ -520,7 +520,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.1.1
services:
- type: DNSServer
- type: dns-server
options:
domain_mapping:
arcd.com: 192.168.1.12 # web server
@@ -532,9 +532,9 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: WebServer
- type: web-server
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
@@ -546,7 +546,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: DatabaseService
- type: database-service
- type: server
hostname: backup_server
@@ -555,7 +555,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: FTPServer
- type: ftp-server
- type: server
hostname: security_suite
@@ -575,14 +575,14 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.1
data_manipulation_p_of_success: 0.1
payload: "DELETE"
server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client
- type: computer
hostname: client_2
@@ -591,9 +591,9 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: WebBrowser
- type: web-browser
services:
- type: DNSClient
- type: dns-client
links:
- endpoint_a_hostname: router_1

266
tests/assets/configs/extended_config.yaml
View File

@@ -24,7 +24,7 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings:
action_probabilities:
0: 0.3
@@ -34,33 +34,33 @@ agents:
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: WebBrowser
application_name: web-browser
2:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: DatabaseClient
application_name: database-client
reward_function:
reward_components:
- type: WEBPAGE_UNAVAILABLE_PENALTY
- type: webpage-unavailable-penalty
weight: 0.25
options:
node_hostname: client_2
- type: GREEN_ADMIN_DATABASE_UNREACHABLE_PENALTY
- type: green-admin-database-unreachable-penalty
weight: 0.05
options:
node_hostname: client_2
- ref: client_1_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings:
action_probabilities:
0: 0.3
@@ -70,26 +70,26 @@ agents:
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: WebBrowser
application_name: web-browser
2:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: DatabaseClient
application_name: database-client
reward_function:
reward_components:
- type: WEBPAGE_UNAVAILABLE_PENALTY
- type: webpage-unavailable-penalty
weight: 0.25
options:
node_hostname: client_1
- type: GREEN_ADMIN_DATABASE_UNREACHABLE_PENALTY
- type: green-admin-database-unreachable-penalty
weight: 0.05
options:
node_hostname: client_1
@@ -100,31 +100,31 @@ agents:
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
type: red-database-corrupting-agent
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
possible_start_nodes: [client_1, client_2]
target_application: DataManipulationBot
target_application: data-manipulation-bot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
- hostname: domain_controller
- hostname: web_server
services:
- service_name: WebServer
- service_name: web-server
- hostname: database_server
folders:
- folder_name: database
@@ -169,7 +169,7 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
@@ -183,222 +183,222 @@ agents:
- switch_2:eth-1<->client_1:eth-1
- switch_2:eth-2<->client_2:eth-1
- switch_2:eth-7<->security_suite:eth-2
- type: "NONE"
- type: "none"
label: ICS
options: {}
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
# scan webapp service
1:
action: node_service_scan
action: node-service-scan
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# stop webapp service
2:
action: node_service_stop
action: node-service-stop
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# start webapp service
3:
action: "node_service_start"
action: "node-service-start"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
4:
action: "node_service_pause"
action: "node-service-pause"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
5:
action: "node_service_resume"
action: "node-service-resume"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
6:
action: "node_service_restart"
action: "node-service-restart"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
7:
action: "node_service_disable"
action: "node-service-disable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
8:
action: "node_service_enable"
action: "node-service-enable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
9: # check database.db file
action: "node_file_scan"
action: "node-file-scan"
options:
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "node_file_checkhash"
action: "node-file-checkhash"
options:
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "node_file_delete"
action: "node-file-delete"
options:
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "node_file_repair"
action: "node-file-repair"
options:
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "node_service_fix"
action: "node-service-fix"
options:
node_name: database_server
service_name: DatabaseService
service_name: database-service
14:
action: "node_folder_scan"
action: "node-folder-scan"
options:
node_name: database_server
folder_name: database
15:
action: "node_folder_checkhash"
action: "node-folder-checkhash"
options:
node_name: database_server
folder_name: database
16:
action: "node_folder_repair"
action: "node-folder-repair"
options:
node_name: database_server
folder_name: database
17:
action: "node_folder_restore"
action: "node-folder-restore"
options:
node_name: database_server
folder_name: database
18:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: domain_controller
19:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: domain_controller
20:
action: node_startup
action: node-startup
options:
node_name: domain_controller
21:
action: node_reset
action: node-reset
options:
node_name: domain_controller
22:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: web_server
23:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: web_server
24:
action: node_startup
action: node-startup
options:
node_name: web_server
25:
action: node_reset
action: node-reset
options:
node_name: web_server
26: # old action num: 18
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: database_server
27:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: database_server
28:
action: node_startup
action: node-startup
options:
node_name: database_server
29:
action: node_reset
action: node-reset
options:
node_name: database_server
30:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: backup_server
31:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: backup_server
32:
action: node_startup
action: node-startup
options:
node_name: backup_server
33:
action: node_reset
action: node-reset
options:
node_name: backup_server
34:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: security_suite
35:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: security_suite
36:
action: node_startup
action: node-startup
options:
node_name: security_suite
37:
action: node_reset
action: node-reset
options:
node_name: security_suite
38:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: client_1
39: # old action num: 19 # shutdown client 1
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_1
40: # old action num: 20
action: node_startup
action: node-startup
options:
node_name: client_1
41: # old action num: 21
action: node_reset
action: node-reset
options:
node_name: client_1
42:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: client_2
43:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_2
44:
action: node_startup
action: node-startup
options:
node_name: client_2
45:
action: node_reset
action: node-reset
options:
node_name: client_2
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "router_acl_add_rule"
46: # old action num: 22 # "acl: ADDRULE - Block outgoing traffic from client 1"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 1
@@ -410,8 +410,8 @@ agents:
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "router_acl_add_rule"
47: # old action num: 23 # "acl: ADDRULE - Block outgoing traffic from client 2"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 2
@@ -424,7 +424,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 3
@@ -437,7 +437,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 4
@@ -450,7 +450,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
50: # old action num: 26
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 5
@@ -463,7 +463,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
51: # old action num: 27
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 6
@@ -476,132 +476,132 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
52: # old action num: 28
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 0
53: # old action num: 29
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 1
54: # old action num: 30
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 2
55: # old action num: 31
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 3
56: # old action num: 32
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 4
57: # old action num: 33
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 5
58: # old action num: 34
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 6
59: # old action num: 35
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 7
60: # old action num: 36
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 8
61: # old action num: 37
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 9
62: # old action num: 38
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: domain_controller
nic_num: 1
63: # old action num: 39
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: domain_controller
nic_num: 1
64: # old action num: 40
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: web_server
nic_num: 1
65: # old action num: 41
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: web_server
nic_num: 1
66: # old action num: 42
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: database_server
nic_num: 1
67: # old action num: 43
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: database_server
nic_num: 1
68: # old action num: 44
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: backup_server
nic_num: 1
69: # old action num: 45
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: backup_server
nic_num: 1
70: # old action num: 46
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 1
71: # old action num: 47
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 1
72: # old action num: 48
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 2
73: # old action num: 49
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 2
74: # old action num: 50
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_1
nic_num: 1
75: # old action num: 51
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_1
nic_num: 1
76: # old action num: 52
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_2
nic_num: 1
77: # old action num: 53
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_2
nic_num: 1
@@ -610,19 +610,19 @@ agents:
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY
- type: database-file-integrity
weight: 0.40
options:
node_hostname: database_server
folder_name: database
file_name: database.db
- type: SHARED_REWARD
- type: shared-reward
weight: 1.0
options:
agent_name: client_1_green_user
- type: SHARED_REWARD
- type: shared-reward
weight: 1.0
options:
agent_name: client_2_green_user
@@ -692,7 +692,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.1.1
services:
- type: DNSServer
- type: dns-server
options:
domain_mapping:
arcd.com: 192.168.1.12 # web server
@@ -704,9 +704,9 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: WebServer
- type: web-server
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
@@ -718,10 +718,10 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: DatabaseService
- type: database-service
options:
backup_server_ip: 192.168.1.16
- type: FTPClient
- type: ftp-client
- hostname: backup_server
type: server
@@ -730,7 +730,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: FTPServer
- type: ftp-server
- hostname: security_suite
type: server
@@ -750,27 +750,27 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.14
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: ExtendedApplication
- type: extended-application
options:
target_url: http://arcd.com/users/
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
services:
- type: DNSClient
- type: DatabaseService
- type: dns-client
- type: database-service
options:
backup_server_ip: 192.168.1.16
- type: ExtendedService
- type: extended-service
- hostname: client_2
type: computer
@@ -779,20 +779,20 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.14
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client
links:
- endpoint_a_hostname: router_1

58
tests/assets/configs/firewall_actions_network.yaml
View File

@@ -51,13 +51,13 @@ game:
agents:
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
@@ -85,24 +85,24 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
- client_1:eth-1<->switch_1:eth-1
- type: "NONE"
- type: "none"
label: ICS
options: {}
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: firewall_acl_add_rule
action: firewall-acl-add-rule
options:
type: firewall_acl_add_rule
type: firewall-acl-add-rule
target_firewall_nodename: firewall
firewall_port_name: internal
firewall_port_direction: inbound
@@ -116,14 +116,14 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
2:
action: firewall_acl_remove_rule
action: firewall-acl-remove-rule
options:
target_firewall_nodename: firewall
firewall_port_name: internal
firewall_port_direction: inbound
position: 1
3:
action: firewall_acl_add_rule
action: firewall-acl-add-rule
options:
target_firewall_nodename: firewall
firewall_port_name: internal
@@ -134,18 +134,18 @@ agents:
dst_ip: ALL
src_port: ARP
dst_port: DNS
protocol_name: ICMP
protocol_name: icmp
src_wildcard: NONE
dst_wildcard: NONE
4:
action: firewall_acl_remove_rule
action: firewall-acl-remove-rule
options:
target_firewall_nodename: firewall
firewall_port_name: internal
firewall_port_direction: outbound
position: 1
5:
action: firewall_acl_add_rule
action: firewall-acl-add-rule
options:
target_firewall_nodename: firewall
firewall_port_name: dmz
@@ -160,14 +160,14 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
6:
action: firewall_acl_remove_rule
action: firewall-acl-remove-rule
options:
target_firewall_nodename: firewall
firewall_port_name: dmz
firewall_port_direction: inbound
position: 1
7:
action: firewall_acl_add_rule
action: firewall-acl-add-rule
options:
target_firewall_nodename: firewall
firewall_port_name: dmz
@@ -182,14 +182,14 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
8:
action: firewall_acl_remove_rule
action: firewall-acl-remove-rule
options:
target_firewall_nodename: firewall
firewall_port_name: dmz
firewall_port_direction: outbound
position: 2
9:
action: firewall_acl_add_rule
action: firewall-acl-add-rule
options:
target_firewall_nodename: firewall
firewall_port_name: external
@@ -200,18 +200,18 @@ agents:
dst_ip: 192.168.10.10 # dmz
src_port: POSTGRES_SERVER
dst_port: POSTGRES_SERVER
protocol_name: ICMP
protocol_name: icmp
src_wildcard: NONE
dst_wildcard: NONE
10:
action: firewall_acl_remove_rule
action: firewall-acl-remove-rule
options:
target_firewall_nodename: firewall
firewall_port_name: external
firewall_port_direction: inbound
position: 10
11:
action: firewall_acl_add_rule
action: firewall-acl-add-rule
options:
target_firewall_nodename: firewall
firewall_port_name: external
@@ -220,28 +220,28 @@ agents:
permission: DENY
src_ip: 192.168.20.10 # external_computer
dst_ip: 192.168.0.10 # client_1
src_port: NONE
dst_port: NONE
protocol_name: none
src_port: ALL
dst_port: ALL
protocol_name: NONE
src_wildcard: NONE
dst_wildcard: NONE
12:
action: firewall_acl_remove_rule
action: firewall-acl-remove-rule
options:
target_firewall_nodename: firewall
firewall_port_name: external
firewall_port_direction: outbound
position: 1
13:
action: network_port_disable
action: network-port-disable
options:
type: network_port_disable
type: network-port-disable
target_nodename: firewall
port_num: 3
14:
action: network_port_enable
action: network-port-enable
options:
type: network_port_enable
type: network-port-enable
target_nodename: firewall
port_num: 3
@@ -401,7 +401,7 @@ simulation:
start_up_duration: 0
shut_down_duration: 0
services:
- type: DNSServer
- type: dns-server
links:
- endpoint_a_hostname: client_1
endpoint_a_port: 1

54
tests/assets/configs/fixing_duration_one_item.yaml
View File

@@ -26,18 +26,18 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: WebBrowser
application_name: web-browser
agent_settings:
action_probabilities:
0: 0.4
@@ -46,13 +46,13 @@ agents:
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
@@ -89,25 +89,25 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
- switch_1:eth-1<->client_1:eth-1
- switch_1:eth-2<->client_2:eth-1
- type: "NONE"
- type: "none"
label: ICS
options: {}
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY
- type: database-file-integrity
weight: 0.5
options:
node_hostname: database_server
@@ -115,7 +115,7 @@ agents:
file_name: database.db
- type: WEB_SERVER_404_PENALTY
- type: web-server-404-penalty
weight: 0.5
options:
node_hostname: web_server
@@ -140,46 +140,46 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: RansomwareScript
- type: WebBrowser
- type: ransomware-script
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.10
server_password: arcd
fixing_duration: 1
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.21
server_password: arcd
- type: DoSBot
- type: dos-bot
options:
target_ip_address: 192.168.10.21
payload: SPOOF DATA
port_scan_p_of_success: 0.8
services:
- type: DNSClient
- type: DNSServer
- type: dns-client
- type: dns-server
options:
domain_mapping:
arcd.com: 192.168.1.10
- type: DatabaseService
- type: database-service
options:
fixing_duration: 5
backup_server_ip: 192.168.1.10
- type: WebServer
- type: FTPClient
- type: FTPServer
- type: web-server
- type: ftp-client
- type: ftp-server
options:
server_password: arcd
- type: NTPClient
- type: ntp-client
options:
ntp_server_ip: 192.168.1.10
- type: NTPServer
- type: ntp-server
- hostname: client_2
type: computer
ip_address: 192.168.10.22
@@ -187,12 +187,12 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.10
server_password: arcd
services:
- type: DNSClient
- type: dns-client
links:
- endpoint_a_hostname: switch_1

30
tests/assets/configs/install_and_configure_apps.yaml
View File

@@ -16,48 +16,48 @@ game:
agents:
- ref: agent_1
team: BLUE
type: ProxyAgent
type: proxy-agent
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_install
action: node-application-install
options:
node_name: client_1
application_name: DatabaseClient
application_name: database-client
2:
action: node_application_install
action: node-application-install
options:
node_name: client_2
application_name: RansomwareScript
application_name: ransomware-script
3:
action: node_application_install
action: node-application-install
options:
node_name: client_3
application_name: DoSBot
application_name: dos-bot
4:
action: configure_database_client
action: configure-database-client
options:
node_name: client_1
server_ip_address: 10.0.0.5
5:
action: configure_database_client
action: configure-database-client
options:
node_name: client_1
server_password: correct_password
6:
action: configure_ransomware_script
action: configure-ransomware-script
options:
node_name: client_2
server_ip_address: 10.0.0.5
server_password: correct_password
payload: ENCRYPT
7:
action: configure_dos_bot
action: configure-dos-bot
options:
node_name: client_3
target_ip_address: 10.0.0.5
@@ -68,10 +68,10 @@ agents:
dos_intensity: 1.0
max_sessions: 1000
8:
action: node_application_install
action: node-application-install
options:
node_name: client_2
application_name: DatabaseClient
application_name: database-client
agent_settings:
flatten_obs: True
action_masking: False
@@ -103,7 +103,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 10.0.0.1
services:
- type: DatabaseService
- type: database-service
options:
db_password: correct_password
links:

456
tests/assets/configs/multi_agent_session.yaml
View File

File diff suppressed because it is too large Load Diff

4
tests/assets/configs/nmap_network_service_recon_red_agent_config.yaml
View File

@@ -21,12 +21,12 @@ game:
agents:
- ref: client_1_red_nmap
team: RED
type: ProbabilisticAgent
type: probabilistic-agent
action_space:
action_map:
0:
action: node_network_service_recon
action: node-network-service-recon
options:
source_node: client_1
target_ip_address: 192.168.10.0/24

4
tests/assets/configs/nmap_ping_scan_red_agent_config.yaml
View File

@@ -21,12 +21,12 @@ game:
agents:
- ref: client_1_red_nmap
team: RED
type: ProbabilisticAgent
type: probabilistic-agent
action_space:
action_map:
0:
action: node_nmap_ping_scan
action: node-nmap-ping-scan
options:
source_node: client_1
target_ip_address: 192.168.1.0/24

4
tests/assets/configs/nmap_port_scan_red_agent_config.yaml
View File

@@ -21,12 +21,12 @@ game:
agents:
- ref: client_1_red_nmap
team: RED
type: ProbabilisticAgent
type: probabilistic-agent
action_space:
action_map:
0:
action: node_nmap_port_scan
action: node-nmap-port-scan
options:
source_node: client_1
target_ip_address: 192.168.10.0/24

10
tests/assets/configs/scenario_with_placeholders/greens_1.yaml
View File

@@ -1,7 +1,7 @@
agents: &greens
- ref: green_A
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings:
action_probabilities:
0: 0.2
@@ -10,17 +10,17 @@ agents: &greens
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client
application_name: DatabaseClient
application_name: database-client
reward_function:
reward_components:
- type: GREEN_ADMIN_DATABASE_UNREACHABLE_PENALTY
- type: green-admin-database-unreachable-penalty
weight: 1.0
options:
node_hostname: client

10
tests/assets/configs/scenario_with_placeholders/greens_2.yaml
View File

@@ -1,7 +1,7 @@
agents: &greens
- ref: green_B
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings:
action_probabilities:
0: 0.95
@@ -10,17 +10,17 @@ agents: &greens
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client
application_name: DatabaseClient
application_name: database-client
reward_function:
reward_components:
- type: GREEN_ADMIN_DATABASE_UNREACHABLE_PENALTY
- type: green-admin-database-unreachable-penalty
weight: 1.0
options:
node_hostname: client

4
tests/assets/configs/scenario_with_placeholders/reds_1.yaml
View File

@@ -1,11 +1,11 @@
reds: &reds
- ref: red_A
team: RED
type: RedDatabaseCorruptingAgent
type: red-database-corrupting-agent
agent_settings:
possible_start_nodes: [client,]
target_application: DataManipulationBot
target_application: data-manipulation-bot
start_step: 10
frequency: 10
variance: 0

4
tests/assets/configs/scenario_with_placeholders/reds_2.yaml
View File

@@ -1,10 +1,10 @@
reds: &reds
- ref: red_B
team: RED
type: RedDatabaseCorruptingAgent
type: red-database-corrupting-agent
agent_settings:
possible_start_nodes: [client_1,]
target_application: DataManipulationBot
target_application: data-manipulation-bot
start_step: 3
frequency: 2
variance: 1

34
tests/assets/configs/scenario_with_placeholders/scenario.yaml
View File

@@ -26,12 +26,12 @@ agents:
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
routers: []
@@ -46,7 +46,7 @@ agents:
include_num_access: false
include_nmne: false
- type: LINKS
- type: links
label: LINKS
options:
link_references:
@@ -56,48 +56,48 @@ agents:
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_shutdown
action: node-shutdown
options:
node_name: client
2:
action: node_shutdown
action: node-shutdown
options:
node_name: server
3:
action: node_startup
action: node-startup
options:
node_name: client
4:
action: node_startup
action: node-startup
options:
node_name: server
5:
action: host_nic_disable
action: host-nic-disable
options:
node_name: client
nic_num: 1
6:
action: host_nic_disable
action: host-nic-disable
options:
node_name: server
nic_num: 1
7:
action: host_nic_enable
action: host-nic-enable
options:
node_name: client
nic_num: 1
8:
action: host_nic_enable
action: host-nic-enable
options:
node_name: server
nic_num: 1
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY
- type: database-file-integrity
weight: 0.40
options:
node_hostname: database_server
@@ -117,10 +117,10 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.1.1
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.3
- type: DataManipulationBot
- type: data-manipulation-bot
options:
server_ip: 192.168.1.3
payload: "DELETE"
@@ -135,7 +135,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.1.1
services:
- type: DatabaseService
- type: database-service
links:
- endpoint_a_hostname: client

258
tests/assets/configs/shared_rewards.yaml
View File

@@ -23,7 +23,7 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings:
action_probabilities:
0: 0.3
@@ -33,33 +33,33 @@ agents:
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: WebBrowser
application_name: web-browser
2:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: DatabaseClient
application_name: database-client
reward_function:
reward_components:
- type: WEBPAGE_UNAVAILABLE_PENALTY
- type: webpage-unavailable-penalty
weight: 0.25
options:
node_hostname: client_2
- type: GREEN_ADMIN_DATABASE_UNREACHABLE_PENALTY
- type: green-admin-database-unreachable-penalty
weight: 0.05
options:
node_hostname: client_2
- ref: client_1_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings:
action_probabilities:
0: 0.3
@@ -69,57 +69,57 @@ agents:
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: WebBrowser
application_name: web-browser
2:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: DatabaseClient
application_name: database-client
reward_function:
reward_components:
- type: WEBPAGE_UNAVAILABLE_PENALTY
- type: webpage-unavailable-penalty
weight: 0.25
options:
node_hostname: client_1
- type: GREEN_ADMIN_DATABASE_UNREACHABLE_PENALTY
- type: green-admin-database-unreachable-penalty
weight: 0.05
options:
node_hostname: client_1
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
type: red-database-corrupting-agent
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
possible_start_nodes: [client_1, client_2]
target_application: DataManipulationBot
target_application: data-manipulation-bot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
- hostname: domain_controller
- hostname: web_server
services:
- service_name: WebServer
- service_name: web-server
- hostname: database_server
folders:
- folder_name: database
@@ -159,7 +159,7 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
@@ -173,222 +173,222 @@ agents:
- switch_2:eth-1<->client_1:eth-1
- switch_2:eth-2<->client_2:eth-1
- switch_2:eth-7<->security_suite:eth-2
- type: "NONE"
- type: "none"
label: ICS
options: {}
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
# scan webapp service
1:
action: node_service_scan
action: node-service-scan
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# stop webapp service
2:
action: node_service_stop
action: node-service-stop
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# start webapp service
3:
action: "node_service_start"
action: "node-service-start"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
4:
action: "node_service_pause"
action: "node-service-pause"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
5:
action: "node_service_resume"
action: "node-service-resume"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
6:
action: "node_service_restart"
action: "node-service-restart"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
7:
action: "node_service_disable"
action: "node-service-disable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
8:
action: "node_service_enable"
action: "node-service-enable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
9: # check database.db file
action: "node_file_scan"
action: "node-file-scan"
options:
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "node_file_checkhash"
action: "node-file-checkhash"
options:
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "node_file_delete"
action: "node-file-delete"
options:
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "node_file_repair"
action: "node-file-repair"
options:
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "node_service_fix"
action: "node-service-fix"
options:
node_name: database_server
service_name: DatabaseService
service_name: database-service
14:
action: "node_folder_scan"
action: "node-folder-scan"
options:
node_name: database_server
folder_name: database
15:
action: "node_folder_checkhash"
action: "node-folder-checkhash"
options:
node_name: database_server
folder_name: database
16:
action: "node_folder_repair"
action: "node-folder-repair"
options:
node_name: database_server
folder_name: database
17:
action: "node_folder_restore"
action: "node-folder-restore"
options:
node_name: database_server
folder_name: database
18:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: domain_controller
19:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: domain_controller
20:
action: node_startup
action: node-startup
options:
node_name: domain_controller
21:
action: node_reset
action: node-reset
options:
node_name: domain_controller
22:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: web_server
23:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: web_server
24:
action: node_startup
action: node-startup
options:
node_name: web_server
25:
action: node_reset
action: node-reset
options:
node_name: web_server
26: # old action num: 18
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: database_server
27:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: database_server
28:
action: node_startup
action: node-startup
options:
node_name: database_server
29:
action: node_reset
action: node-reset
options:
node_name: database_server
30:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: backup_server
31:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: backup_server
32:
action: node_startup
action: node-startup
options:
node_name: backup_server
33:
action: node_reset
action: node-reset
options:
node_name: backup_server
34:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: security_suite
35:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: security_suite
36:
action: node_startup
action: node-startup
options:
node_name: security_suite
37:
action: node_reset
action: node-reset
options:
node_name: security_suite
38:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: client_1
39: # old action num: 19 # shutdown client 1
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_1
40: # old action num: 20
action: node_startup
action: node-startup
options:
node_name: client_1
41: # old action num: 21
action: node_reset
action: node-reset
options:
node_name: client_1
42:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: client_2
43:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_2
44:
action: node_startup
action: node-startup
options:
node_name: client_2
45:
action: node_reset
action: node-reset
options:
node_name: client_2
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "router_acl_add_rule"
46: # old action num: 22 # "acl: ADDRULE - Block outgoing traffic from client 1"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 1
@@ -400,8 +400,8 @@ agents:
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "router_acl_add_rule"
47: # old action num: 23 # "acl: ADDRULE - Block outgoing traffic from client 2"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 2
@@ -414,7 +414,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 3
@@ -427,7 +427,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 4
@@ -440,7 +440,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
50: # old action num: 26
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 5
@@ -453,7 +453,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
51: # old action num: 27
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 6
@@ -466,143 +466,143 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
52: # old action num: 28
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 0
53: # old action num: 29
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 1
54: # old action num: 30
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 2
55: # old action num: 31
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 3
56: # old action num: 32
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 4
57: # old action num: 33
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 5
58: # old action num: 34
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 6
59: # old action num: 35
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 7
60: # old action num: 36
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 8
61: # old action num: 37
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 9
62: # old action num: 38
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: domain_controller
nic_num: 1
63: # old action num: 39
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: domain_controller
nic_num: 1
64: # old action num: 40
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: web_server
nic_num: 1
65: # old action num: 41
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: web_server
nic_num: 1
66: # old action num: 42
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: database_server
nic_num: 1
67: # old action num: 43
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: database_server
nic_num: 1
68: # old action num: 44
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: backup_server
nic_num: 1
69: # old action num: 45
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: backup_server
nic_num: 1
70: # old action num: 46
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 1
71: # old action num: 47
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 1
72: # old action num: 48
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 2
73: # old action num: 49
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 2
74: # old action num: 50
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_1
nic_num: 1
75: # old action num: 51
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_1
nic_num: 1
76: # old action num: 52
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_2
nic_num: 1
77: # old action num: 53
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_2
nic_num: 1
reward_function:
reward_components:
- type: SHARED_REWARD
- type: shared-reward
weight: 1.0
options:
agent_name: client_1_green_user
- type: SHARED_REWARD
- type: shared-reward
weight: 1.0
options:
agent_name: client_2_green_user
@@ -673,7 +673,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.1.1
services:
- type: DNSServer
- type: dns-server
options:
domain_mapping:
arcd.com: 192.168.1.12 # web server
@@ -685,9 +685,9 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: WebServer
- type: web-server
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
@@ -699,10 +699,10 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: DatabaseService
- type: database-service
options:
backup_server_ip: 192.168.1.16
- type: FTPClient
- type: ftp-client
- hostname: backup_server
type: server
@@ -711,7 +711,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: FTPServer
- type: ftp-server
- hostname: security_suite
type: server
@@ -731,20 +731,20 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.14
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client
- hostname: client_2
type: computer
@@ -753,20 +753,20 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.14
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client

56
tests/assets/configs/software_fixing_duration.yaml
View File

@@ -26,18 +26,18 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: WebBrowser
application_name: web-browser
agent_settings:
action_probabilities:
0: 0.4
@@ -46,13 +46,13 @@ agents:
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
@@ -89,25 +89,25 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
- switch_1:eth-1<->client_1:eth-1
- switch_1:eth-2<->client_2:eth-1
- type: "NONE"
- type: "none"
label: ICS
options: {}
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY
- type: database-file-integrity
weight: 0.5
options:
node_hostname: database_server
@@ -115,7 +115,7 @@ agents:
file_name: database.db
- type: WEB_SERVER_404_PENALTY
- type: web-server-404-penalty
weight: 0.5
options:
node_hostname: web_server
@@ -140,22 +140,22 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: NMAP
- type: nmap
options:
fixing_duration: 1
- type: RansomwareScript
- type: ransomware-script
options:
fixing_duration: 1
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
fixing_duration: 1
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.10
server_password: arcd
fixing_duration: 1
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
@@ -163,41 +163,41 @@ simulation:
server_ip: 192.168.1.21
server_password: arcd
fixing_duration: 1
- type: DoSBot
- type: dos-bot
options:
target_ip_address: 192.168.10.21
payload: SPOOF DATA
port_scan_p_of_success: 0.8
fixing_duration: 1
services:
- type: DNSClient
- type: dns-client
options:
dns_server: 192.168.1.10
fixing_duration: 3
- type: DNSServer
- type: dns-server
options:
fixing_duration: 3
domain_mapping:
arcd.com: 192.168.1.10
- type: DatabaseService
- type: database-service
options:
backup_server_ip: 192.168.1.10
fixing_duration: 3
- type: WebServer
- type: web-server
options:
fixing_duration: 3
- type: FTPClient
- type: ftp-client
options:
fixing_duration: 3
- type: FTPServer
- type: ftp-server
options:
server_password: arcd
fixing_duration: 3
- type: NTPClient
- type: ntp-client
options:
ntp_server_ip: 192.168.1.10
fixing_duration: 3
- type: NTPServer
- type: ntp-server
options:
fixing_duration: 3
- hostname: client_2
@@ -207,12 +207,12 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.10
server_password: arcd
services:
- type: DNSClient
- type: dns-client
links:
- endpoint_a_hostname: switch_1

278
tests/assets/configs/test_application_install.yaml
View File

@@ -23,7 +23,7 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings:
action_probabilities:
0: 0.3
@@ -33,33 +33,33 @@ agents:
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: WebBrowser
application_name: web-browser
2:
action: node_application_execute
action: node-application-execute
options:
node_name: client_2
application_name: DatabaseClient
application_name: database-client
reward_function:
reward_components:
- type: WEBPAGE_UNAVAILABLE_PENALTY
- type: webpage-unavailable-penalty
weight: 0.25
options:
node_hostname: client_2
- type: GREEN_ADMIN_DATABASE_UNREACHABLE_PENALTY
- type: green-admin-database-unreachable-penalty
weight: 0.05
options:
node_hostname: client_2
- ref: client_1_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
agent_settings:
action_probabilities:
0: 0.3
@@ -69,26 +69,26 @@ agents:
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: WebBrowser
application_name: web-browser
2:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: WebBrowser
application_name: web-browser
reward_function:
reward_components:
- type: WEBPAGE_UNAVAILABLE_PENALTY
- type: webpage-unavailable-penalty
weight: 0.25
options:
node_hostname: client_1
- type: GREEN_ADMIN_DATABASE_UNREACHABLE_PENALTY
- type: green-admin-database-unreachable-penalty
weight: 0.05
options:
node_hostname: client_1
@@ -99,31 +99,31 @@ agents:
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
type: red-database-corrupting-agent
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
possible_start_nodes: [client_1, client_2]
target_application: DataManipulationBot
target_application: data-manipulation-bot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
- hostname: domain_controller
- hostname: web_server
services:
- service_name: WebServer
- service_name: web-server
- hostname: database_server
folders:
- folder_name: database
@@ -163,7 +163,7 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
@@ -177,222 +177,222 @@ agents:
- switch_2:eth-1<->client_1:eth-1
- switch_2:eth-2<->client_2:eth-1
- switch_2:eth-7<->security_suite:eth-2
- type: "NONE"
- type: "none"
label: ICS
options: {}
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
# scan webapp service
1:
action: node_service_scan
action: node-service-scan
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# stop webapp service
2:
action: node_service_stop
action: node-service-stop
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# start webapp service
3:
action: "node_service_start"
action: "node-service-start"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
4:
action: "node_service_pause"
action: "node-service-pause"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
5:
action: "node_service_resume"
action: "node-service-resume"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
6:
action: "node_service_restart"
action: "node-service-restart"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
7:
action: "node_service_disable"
action: "node-service-disable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
8:
action: "node_service_enable"
action: "node-service-enable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
9: # check database.db file
action: "node_file_scan"
action: "node-file-scan"
options:
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node-file-scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "node_file_delete"
action: "node-file-delete"
options:
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "node_file_repair"
action: "node-file-repair"
options:
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "node_service_fix"
action: "node-service-fix"
options:
node_name: database_server
service_name: DatabaseService
service_name: database-service
14:
action: "node_folder_scan"
action: "node-folder-scan"
options:
node_name: database_server
folder_name: database
15:
action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node-folder-scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_name: database_server
folder_name: database
16:
action: "node_folder_repair"
action: "node-folder-repair"
options:
node_name: database_server
folder_name: database
17:
action: "node_folder_restore"
action: "node-folder-restore"
options:
node_name: database_server
folder_name: database
18:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: domain_controller
19:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: domain_controller
20:
action: node_startup
action: node-startup
options:
node_name: domain_controller
21:
action: node_reset
action: node-reset
options:
node_name: domain_controller
22:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: web_server
23:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: web_server
24:
action: node_startup
action: node-startup
options:
node_name: web_server
25:
action: node_reset
action: node-reset
options:
node_name: web_server
26: # old action num: 18
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: database_server
27:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: database_server
28:
action: node_startup
action: node-startup
options:
node_name: database_server
29:
action: node_reset
action: node-reset
options:
node_name: database_server
30:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: backup_server
31:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: backup_server
32:
action: node_startup
action: node-startup
options:
node_name: backup_server
33:
action: node_reset
action: node-reset
options:
node_name: backup_server
34:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: security_suite
35:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: security_suite
36:
action: node_startup
action: node-startup
options:
node_name: security_suite
37:
action: node_reset
action: node-reset
options:
node_name: security_suite
38:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: client_1
39: # old action num: 19 # shutdown client 1
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_1
40: # old action num: 20
action: node_startup
action: node-startup
options:
node_name: client_1
41: # old action num: 21
action: node_reset
action: node-reset
options:
node_name: client_1
42:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: client_2
43:
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_2
44:
action: node_startup
action: node-startup
options:
node_name: client_2
45:
action: node_reset
action: node-reset
options:
node_name: client_2
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "router_acl_add_rule"
46: # old action num: 22 # "acl: ADDRULE - Block outgoing traffic from client 1"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 1
@@ -404,8 +404,8 @@ agents:
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "router_acl_add_rule"
47: # old action num: 23 # "acl: ADDRULE - Block outgoing traffic from client 2"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 2
@@ -418,7 +418,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 3
@@ -431,7 +431,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 4
@@ -444,7 +444,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
50: # old action num: 26
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 5
@@ -457,7 +457,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
51: # old action num: 27
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 6
@@ -470,157 +470,157 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
52: # old action num: 28
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 0
53: # old action num: 29
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 1
54: # old action num: 30
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 2
55: # old action num: 31
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 3
56: # old action num: 32
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 4
57: # old action num: 33
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 5
58: # old action num: 34
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 6
59: # old action num: 35
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 7
60: # old action num: 36
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 8
61: # old action num: 37
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 9
62: # old action num: 38
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: domain_controller
nic_num: 1
63: # old action num: 39
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: domain_controller
nic_num: 1
64: # old action num: 40
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: web_server
nic_num: 1
65: # old action num: 41
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: web_server
nic_num: 1
66: # old action num: 42
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: database_server
nic_num: 1
67: # old action num: 43
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: database_server
nic_num: 1
68: # old action num: 44
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: backup_server
nic_num: 1
69: # old action num: 45
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: backup_server
nic_num: 1
70: # old action num: 46
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 1
71: # old action num: 47
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 1
72: # old action num: 48
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 2
73: # old action num: 49
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 2
74: # old action num: 50
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_1
nic_num: 1
75: # old action num: 51
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_1
nic_num: 1
76: # old action num: 52
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_2
nic_num: 1
77: # old action num: 53
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_2
nic_num: 1
78:
action: node_application_install
action: node-application-install
options:
node_name: domain_controller
application_name: DoSBot
application_name: dos-bot
79:
action: node_application_remove
action: node-application-remove
options:
node_name: domain_controller
application_name: DoSBot
application_name: dos-bot
80:
action: node_application_remove
action: node-application-remove
options:
node_name: domain_controller
application_name: WebBrowser
application_name: web-browser
81:
action: node_application_execute
action: node-application-execute
options:
node_name: domain_controller
application_name: DoSBot
application_name: dos-bot
82:
action: configure_dos_bot
action: configure-dos-bot
options:
node_name: domain_controller
target_ip_address: 192.168.1.14
@@ -628,17 +628,17 @@ agents:
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY
- type: database-file-integrity
weight: 0.40
options:
node_hostname: database_server
folder_name: database
file_name: database.db
- type: SHARED_REWARD
- type: shared-reward
weight: 1.0
options:
agent_name: client_1_green_user
- type: SHARED_REWARD
- type: shared-reward
weight: 1.0
options:
agent_name: client_2_green_user
@@ -709,7 +709,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.1.1
services:
- type: DNSServer
- type: dns-server
options:
domain_mapping:
arcd.com: 192.168.1.12 # web server
@@ -721,9 +721,9 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: WebServer
- type: web-server
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
@@ -735,10 +735,10 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: DatabaseService
- type: database-service
options:
backup_server_ip: 192.168.1.16
- type: FTPClient
- type: ftp-client
- hostname: backup_server
type: server
@@ -747,7 +747,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: FTPServer
- type: ftp-server
- hostname: security_suite
type: server
@@ -767,20 +767,20 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.14
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client
- hostname: client_2
type: computer
@@ -789,20 +789,20 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: WebBrowser
- type: web-browser
options:
target_url: http://arcd.com/users/
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.8
data_manipulation_p_of_success: 0.8
payload: "DELETE"
server_ip: 192.168.1.14
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client

180
tests/assets/configs/test_primaite_session.yaml
View File

@@ -20,12 +20,12 @@ game:
agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
type: probabilistic-agent
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
@@ -34,44 +34,44 @@ agents:
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
type: red-database-corrupting-agent
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
1:
action: node_application_execute
action: node-application-execute
options:
node_name: client_1
application_name: DataManipulationBot
application_name: data-manipulation-bot
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
possible_start_nodes: [client_1,]
target_application: DataManipulationBot
target_application: data-manipulation-bot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
type: ProxyAgent
type: proxy-agent
observation_space:
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
- hostname: domain_controller
- hostname: web_server
services:
- service_name: WebServer
- service_name: web-server
- hostname: database_server
folders:
- folder_name: database
@@ -111,7 +111,7 @@ agents:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
@@ -125,125 +125,125 @@ agents:
- switch_2:eth-1<->client_1:eth-1
- switch_2:eth-2<->client_2:eth-1
- switch_2:eth-7<->security_suite:eth-2
- type: "NONE"
- type: "none"
label: ICS
options: {}
action_space:
action_map:
0:
action: do_nothing
action: do-nothing
options: {}
# scan webapp service
1:
action: node_service_scan
action: node-service-scan
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# stop webapp service
2:
action: node_service_stop
action: node-service-stop
options:
node_name: web_server
service_name: WebServer
service_name: web-server
# start webapp service
3:
action: "node_service_start"
action: "node-service-start"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
4:
action: "node_service_pause"
action: "node-service-pause"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
5:
action: "node_service_resume"
action: "node-service-resume"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
6:
action: "node_service_restart"
action: "node-service-restart"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
7:
action: "node_service_disable"
action: "node-service-disable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
8:
action: "node_service_enable"
action: "node-service-enable"
options:
node_name: web_server
service_name: WebServer
service_name: web-server
9: # check database.db file
action: "node_file_scan"
action: "node-file-scan"
options:
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "node_file_checkhash"
action: "node-file-checkhash"
options:
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "node_file_delete"
action: "node-file-delete"
options:
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "node_file_repair"
action: "node-file-repair"
options:
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "node_service_fix"
action: "node-service-fix"
options:
node_name: database_server
service_name: DatabaseService
service_name: database-service
14:
action: "node_folder_scan"
action: "node-folder-scan"
options:
node_name: database_server
folder_name: database
15:
action: "node_folder_checkhash"
action: "node-folder-checkhash"
options:
node_name: database_server
folder_name: database
16:
action: "node_folder_repair"
action: "node-folder-repair"
options:
node_name: database_server
folder_name: database
17:
action: "node_folder_restore"
action: "node-folder-restore"
options:
node_name: database_server
folder_name: database
18:
action: "node_os_scan"
action: "node-os-scan"
options:
node_name: database_server
19: # shutdown client 1
action: "node_shutdown"
action: "node-shutdown"
options:
node_name: client_1
20:
action: "node_startup"
action: "node-startup"
options:
node_name: client_1
21:
action: "node_reset"
action: "node-reset"
options:
node_name: client_1
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "router_acl_add_rule"
22: # "acl: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "router-acl-add-rule"
options:
target_router: router_1
position: 1
@@ -255,8 +255,8 @@ agents:
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "router_acl_add_rule"
23: # "acl: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "router-acl-add-rule"
options:
target_router: router_1
position: 2
@@ -269,7 +269,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
24: # block tcp traffic from client 1 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 3
@@ -282,7 +282,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
25: # block tcp traffic from client 2 to web app
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 4
@@ -295,7 +295,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
26:
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 5
@@ -308,7 +308,7 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
27:
action: "router_acl_add_rule"
action: "router-acl-add-rule"
options:
target_router: router_1
position: 6
@@ -321,139 +321,139 @@ agents:
src_wildcard: NONE
dst_wildcard: NONE
28:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 0
29:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 1
30:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 2
31:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 3
32:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 4
33:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 5
34:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 6
35:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 7
36:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 8
37:
action: "router_acl_remove_rule"
action: "router-acl-remove-rule"
options:
target_router: router_1
position: 9
38:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: domain_controller
nic_num: 1
39:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: domain_controller
nic_num: 1
40:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: web_server
nic_num: 1
41:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: web_server
nic_num: 1
42:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: database_server
nic_num: 1
43:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: database_server
nic_num: 1
44:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: backup_server
nic_num: 1
45:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: backup_server
nic_num: 1
46:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 1
47:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 1
48:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: security_suite
nic_num: 2
49:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: security_suite
nic_num: 2
50:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_1
nic_num: 1
51:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_1
nic_num: 1
52:
action: "host_nic_disable"
action: "host-nic-disable"
options:
node_name: client_2
nic_num: 1
53:
action: "host_nic_enable"
action: "host-nic-enable"
options:
node_name: client_2
nic_num: 1
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY
- type: database-file-integrity
weight: 0.5
options:
node_hostname: database_server
@@ -461,7 +461,7 @@ agents:
file_name: database.db
- type: WEB_SERVER_404_PENALTY
- type: web-server-404-penalty
weight: 0.5
options:
node_hostname: web_server
@@ -521,7 +521,7 @@ simulation:
subnet_mask: 255.255.255.0
default_gateway: 192.168.1.1
services:
- type: DNSServer
- type: dns-server
options:
domain_mapping:
arcd.com: 192.168.1.12 # web server
@@ -533,9 +533,9 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: WebServer
- type: web-server
applications:
- type: DatabaseClient
- type: database-client
options:
db_server_ip: 192.168.1.14
@@ -547,7 +547,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: DatabaseService
- type: database-service
options:
backup_server_ip: 192.168.1.16
@@ -558,7 +558,7 @@ simulation:
default_gateway: 192.168.1.1
dns_server: 192.168.1.10
services:
- type: FTPServer
- type: ftp-server
- type: server
hostname: security_suite
@@ -578,14 +578,14 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: DataManipulationBot
- type: data-manipulation-bot
options:
port_scan_p_of_success: 0.1
data_manipulation_p_of_success: 0.1
payload: "DELETE"
server_ip: 192.168.1.14
services:
- type: DNSClient
- type: dns-client
- type: computer
hostname: client_2
@@ -594,16 +594,16 @@ simulation:
default_gateway: 192.168.10.1
dns_server: 192.168.1.10
applications:
- type: WebBrowser
- type: web-browser
services:
- type: DNSClient
- type: dns-client
- type: printer
hostname: HP_LaserJet_Pro_4102fdn_printer
ip_address: 192.168.10.99
subnet_mask: 255.255.255.0
- type: wireless_router
- type: wireless-router
hostname: router_2
router_interface:
ip_address: 192.169.1.1

4
tests/assets/configs/wireless_wan_network_config.yaml
View File

@@ -24,7 +24,7 @@ simulation:
default_gateway: 192.168.2.1
start_up_duration: 0
- type: wireless_router
- type: wireless-router
hostname: router_1
start_up_duration: 0
@@ -45,7 +45,7 @@ simulation:
next_hop_ip_address: 192.168.1.2
metric: 0
- type: wireless_router
- type: wireless-router
hostname: router_2
start_up_duration: 0

4
tests/assets/configs/wireless_wan_network_config_freq_max_override.yaml
View File

@@ -28,7 +28,7 @@ simulation:
default_gateway: 192.168.2.1
start_up_duration: 0
- type: wireless_router
- type: wireless-router
hostname: router_1
start_up_duration: 0
@@ -49,7 +49,7 @@ simulation:
next_hop_ip_address: 192.168.1.2
metric: 0
- type: wireless_router
- type: wireless-router
hostname: router_2
start_up_duration: 0

4
tests/assets/configs/wireless_wan_network_config_freq_max_override_blocked.yaml
View File

@@ -28,7 +28,7 @@ simulation:
default_gateway: 192.168.2.1
start_up_duration: 0
- type: wireless_router
- type: wireless-router
hostname: router_1
start_up_duration: 0
@@ -49,7 +49,7 @@ simulation:
next_hop_ip_address: 192.168.1.2
metric: 0
- type: wireless_router
- type: wireless-router
hostname: router_2
start_up_duration: 0

49
tests/conftest.py
View File

@@ -39,21 +39,21 @@ ACTION_SPACE_NODE_ACTION_VALUES = 1
_LOGGER = getLogger(__name__)
class DummyService(Service, discriminator="DummyService"):
class DummyService(Service, discriminator="dummy-service"):
"""Test Service class"""
class ConfigSchema(Service.ConfigSchema):
"""ConfigSchema for DummyService."""
type: str = "DummyService"
type: str = "dummy-service"
config: "DummyService.ConfigSchema" = Field(default_factory=lambda: DummyService.ConfigSchema())
config: ConfigSchema = Field(default_factory=lambda: DummyService.ConfigSchema())
def describe_state(self) -> Dict:
return super().describe_state()
def __init__(self, **kwargs):
kwargs["name"] = "DummyService"
kwargs["name"] = "dummy-service"
kwargs["port"] = PORT_LOOKUP["HTTP"]
kwargs["protocol"] = PROTOCOL_LOOKUP["TCP"]
super().__init__(**kwargs)
@@ -62,18 +62,18 @@ class DummyService(Service, discriminator="DummyService"):
pass
class DummyApplication(Application, discriminator="DummyApplication"):
class DummyApplication(Application, discriminator="dummy-application"):
"""Test Application class"""
class ConfigSchema(Application.ConfigSchema):
"""ConfigSchema for DummyApplication."""
type: str = "DummyApplication"
type: str = "dummy-application"
config: "DummyApplication.ConfigSchema" = Field(default_factory=lambda: DummyApplication.ConfigSchema())
config: ConfigSchema = Field(default_factory=lambda: DummyApplication.ConfigSchema())
def __init__(self, **kwargs):
kwargs["name"] = "DummyApplication"
kwargs["name"] = "dummy-application"
kwargs["port"] = PORT_LOOKUP["HTTP"]
kwargs["protocol"] = PROTOCOL_LOOKUP["TCP"]
super().__init__(**kwargs)
@@ -93,7 +93,7 @@ def uc2_network() -> Network:
@pytest.fixture(scope="function")
def service(file_system) -> DummyService:
return DummyService(
name="DummyService", port=PORT_LOOKUP["ARP"], file_system=file_system, sys_log=SysLog(hostname="dummy_service")
name="dummy-service", port=PORT_LOOKUP["ARP"], file_system=file_system, sys_log=SysLog(hostname="dummy_service")
)
@@ -105,7 +105,7 @@ def service_class():
@pytest.fixture(scope="function")
def application(file_system) -> DummyApplication:
return DummyApplication(
name="DummyApplication",
name="dummy-application",
port=PORT_LOOKUP["ARP"],
file_system=file_system,
sys_log=SysLog(hostname="dummy_application"),
@@ -280,16 +280,17 @@ def example_network() -> Network:
return network
class ControlledAgent(AbstractAgent, discriminator="ControlledAgent"):
class ControlledAgent(AbstractAgent, discriminator="controlled-agent"):
"""Agent that can be controlled by the tests."""
config: "ControlledAgent.ConfigSchema" = Field(default_factory=lambda: ControlledAgent.ConfigSchema())
most_recent_action: Optional[Tuple[str, Dict]] = None
class ConfigSchema(AbstractAgent.ConfigSchema):
"""Configuration Schema for Abstract Agent used in tests."""
type: str = "ControlledAgent"
type: str = "controlled-agent"
config: ConfigSchema = Field(default_factory=lambda: ControlledAgent.ConfigSchema())
def get_action(self, obs: None, timestep: int = 0) -> Tuple[str, Dict]:
"""Return the agent's most recent action, formatted in CAOS format."""
@@ -358,7 +359,7 @@ def install_stuff_to_sim(sim: Simulation):
server_2.power_on()
network.connect(endpoint_a=server_2.network_interface[1], endpoint_b=switch_2.network_interface[2])
# 2: Configure base ACL
# 2: Configure base acl
router.acl.add_rule(action=ACLAction.PERMIT, src_port=PORT_LOOKUP["ARP"], dst_port=PORT_LOOKUP["ARP"], position=22)
router.acl.add_rule(action=ACLAction.PERMIT, protocol=PROTOCOL_LOOKUP["ICMP"], position=23)
router.acl.add_rule(action=ACLAction.PERMIT, src_port=PORT_LOOKUP["DNS"], dst_port=PORT_LOOKUP["DNS"], position=1)
@@ -366,17 +367,17 @@ def install_stuff_to_sim(sim: Simulation):
# 3: Install server software
server_1.software_manager.install(DNSServer)
dns_service: DNSServer = server_1.software_manager.software.get("DNSServer") # noqa
dns_service: DNSServer = server_1.software_manager.software.get("dns-server") # noqa
dns_service.dns_register("www.example.com", server_2.network_interface[1].ip_address)
server_2.software_manager.install(WebServer)
# 3.1: Ensure that the dns clients are configured correctly
client_1.software_manager.software.get("DNSClient").dns_server = server_1.network_interface[1].ip_address
server_2.software_manager.software.get("DNSClient").dns_server = server_1.network_interface[1].ip_address
client_1.software_manager.software.get("dns-client").dns_server = server_1.network_interface[1].ip_address
server_2.software_manager.software.get("dns-client").dns_server = server_1.network_interface[1].ip_address
# 4: Check that client came pre-installed with web browser and dns client
assert isinstance(client_1.software_manager.software.get("WebBrowser"), WebBrowser)
assert isinstance(client_1.software_manager.software.get("DNSClient"), DNSClient)
assert isinstance(client_1.software_manager.software.get("web-browser"), WebBrowser)
assert isinstance(client_1.software_manager.software.get("dns-client"), DNSClient)
# 4.1: Create a file on the computer
client_1.file_system.create_file("cat.png", 300, folder_name="downloads")
@@ -403,19 +404,19 @@ def install_stuff_to_sim(sim: Simulation):
# 5.2: Assert the client is correctly configured
c: Computer = [node for node in sim.network.nodes.values() if node.hostname == "client_1"][0]
assert c.software_manager.software.get("WebBrowser") is not None
assert c.software_manager.software.get("DNSClient") is not None
assert c.software_manager.software.get("web-browser") is not None
assert c.software_manager.software.get("dns-client") is not None
assert str(c.network_interface[1].ip_address) == "10.0.1.2"
# 5.3: Assert that server_1 is correctly configured
s1: Server = [node for node in sim.network.nodes.values() if node.hostname == "server_1"][0]
assert str(s1.network_interface[1].ip_address) == "10.0.2.2"
assert s1.software_manager.software.get("DNSServer") is not None
assert s1.software_manager.software.get("dns-server") is not None
# 5.4: Assert that server_2 is correctly configured
s2: Server = [node for node in sim.network.nodes.values() if node.hostname == "server_2"][0]
assert str(s2.network_interface[1].ip_address) == "10.0.2.3"
assert s2.software_manager.software.get("WebServer") is not None
assert s2.software_manager.software.get("web-server") is not None
# 6: Return the simulation
return sim
@@ -429,7 +430,7 @@ def game_and_agent():
install_stuff_to_sim(sim)
config = {
"type": "ControlledAgent",
"type": "controlled-agent",
"ref": "test_agent",
"team": "BLUE",
}

14
tests/e2e_integration_tests/test_uc2_data_manipulation_scenario.py
View File

@@ -14,13 +14,13 @@ from tests import TEST_ASSETS_ROOT
def test_data_manipulation(uc2_network):
"""Tests the UC2 data manipulation scenario end-to-end. Is a work in progress."""
client_1: Computer = uc2_network.get_node_by_hostname("client_1")
db_manipulation_bot: DataManipulationBot = client_1.software_manager.software.get("DataManipulationBot")
db_manipulation_bot: DataManipulationBot = client_1.software_manager.software.get("data-manipulation-bot")
database_server: Server = uc2_network.get_node_by_hostname("database_server")
db_service: DatabaseService = database_server.software_manager.software.get("DatabaseService")
db_service: DatabaseService = database_server.software_manager.software.get("database-service")
web_server: Server = uc2_network.get_node_by_hostname("web_server")
db_client: DatabaseClient = web_server.software_manager.software.get("DatabaseClient")
db_client: DatabaseClient = web_server.software_manager.software.get("database-client")
db_connection: DatabaseClientConnection = db_client.get_new_connection()
db_service.backup_database()
@@ -61,7 +61,7 @@ def test_application_install_uninstall_on_uc2():
# Test we can Install the DoSBot app
_, _, _, _, info = env.step(78)
assert "DoSBot" in domcon.software_manager.software
assert "dos-bot" in domcon.software_manager.software
# installing takes 3 steps so let's wait for 3 steps
env.step(0)
@@ -75,13 +75,13 @@ def test_application_install_uninstall_on_uc2():
# Test we can Uninstall the DoSBot app
_, _, _, _, info = env.step(79)
assert "DoSBot" not in domcon.software_manager.software
assert "dos-bot" not in domcon.software_manager.software
# Test we cannot execute the DoSBot app as it was uninstalled
_, _, _, _, info = env.step(81)
assert info["agent_actions"]["defender"].response.status == "unreachable"
# Test we can uninstall one of the default apps (WebBrowser)
assert "WebBrowser" in domcon.software_manager.software
assert "web-browser" in domcon.software_manager.software
_, _, _, _, info = env.step(80)
assert "WebBrowser" not in domcon.software_manager.software
assert "web-browser" not in domcon.software_manager.software

26
tests/integration_tests/configuration_file_parsing/software_installation_and_configuration.py
View File

@@ -99,7 +99,7 @@ def test_web_browser_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
web_browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
web_browser: WebBrowser = client_1.software_manager.software.get("web-browser")
assert web_browser.target_url == "http://arcd.com/users/"
@@ -109,7 +109,7 @@ def test_database_client_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
database_client: DatabaseClient = client_1.software_manager.software.get("DatabaseClient")
database_client: DatabaseClient = client_1.software_manager.software.get("database-client")
assert database_client.server_ip_address == IPv4Address("192.168.1.10")
assert database_client.server_password == "arcd"
@@ -120,7 +120,7 @@ def test_data_manipulation_bot_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
data_manipulation_bot: DataManipulationBot = client_1.software_manager.software.get("DataManipulationBot")
data_manipulation_bot: DataManipulationBot = client_1.software_manager.software.get("data-manipulation-bot")
assert data_manipulation_bot.server_ip_address == IPv4Address("192.168.1.21")
assert data_manipulation_bot.payload == "DELETE"
@@ -134,7 +134,7 @@ def test_dos_bot_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
dos_bot: DoSBot = client_1.software_manager.software.get("DoSBot")
dos_bot: DoSBot = client_1.software_manager.software.get("dos-bot")
assert dos_bot.target_ip_address == IPv4Address("192.168.10.21")
assert dos_bot.payload == "SPOOF DATA"
@@ -149,7 +149,7 @@ def test_dns_client_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
dns_client: DNSClient = client_1.software_manager.software.get("DNSClient")
dns_client: DNSClient = client_1.software_manager.software.get("dns-client")
assert dns_client.dns_server == IPv4Address("192.168.1.10")
@@ -159,7 +159,7 @@ def test_dns_server_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
dns_server: DNSServer = client_1.software_manager.software.get("DNSServer")
dns_server: DNSServer = client_1.software_manager.software.get("dns-server")
assert dns_server.dns_lookup("arcd.com") == IPv4Address("192.168.1.10")
@@ -169,7 +169,7 @@ def test_database_service_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
database_service: DatabaseService = client_1.software_manager.software.get("DatabaseService")
database_service: DatabaseService = client_1.software_manager.software.get("database-service")
assert database_service.backup_server_ip == IPv4Address("192.168.1.10")
@@ -179,10 +179,10 @@ def test_web_server_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
web_server_service: WebServer = client_1.software_manager.software.get("WebServer")
web_server_service: WebServer = client_1.software_manager.software.get("web-server")
# config should have also installed database client - web server service should be able to retrieve this
assert web_server_service.software_manager.software.get("DatabaseClient") is not None
assert web_server_service.software_manager.software.get("database-client") is not None
def test_ftp_client_install():
@@ -190,7 +190,7 @@ def test_ftp_client_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
ftp_client_service: FTPClient = client_1.software_manager.software.get("FTPClient")
ftp_client_service: FTPClient = client_1.software_manager.software.get("ftp-client")
assert ftp_client_service is not None
@@ -199,7 +199,7 @@ def test_ftp_server_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
ftp_server_service: FTPServer = client_1.software_manager.software.get("FTPServer")
ftp_server_service: FTPServer = client_1.software_manager.software.get("ftp-server")
assert ftp_server_service is not None
@@ -208,7 +208,7 @@ def test_ntp_client_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
ntp_client_service: NTPClient = client_1.software_manager.software.get("NTPClient")
ntp_client_service: NTPClient = client_1.software_manager.software.get("ntp-client")
assert ntp_client_service is not None
assert ntp_client_service.ntp_server == IPv4Address("192.168.1.10")
@@ -218,5 +218,5 @@ def test_ntp_server_install():
game = load_config(BASIC_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
ntp_server_service: NTPServer = client_1.software_manager.software.get("NTPServer")
ntp_server_service: NTPServer = client_1.software_manager.software.get("ntp-server")
assert ntp_server_service is not None

26
tests/integration_tests/configuration_file_parsing/test_software_fixing_duration.py
View File

@@ -16,7 +16,7 @@ from tests import TEST_ASSETS_ROOT
TEST_CONFIG = TEST_ASSETS_ROOT / "configs/software_fixing_duration.yaml"
ONE_ITEM_CONFIG = TEST_ASSETS_ROOT / "configs/fixing_duration_one_item.yaml"
TestApplications = ["DummyApplication", "BroadcastTestClient"]
TestApplications = ["dummy-application", "broadcast-test-client"]
def load_config(config_path: Union[str, Path]) -> PrimaiteGame:
@@ -32,10 +32,10 @@ def test_default_fixing_duration():
game = load_config(TEST_CONFIG)
client_2: Computer = game.simulation.network.get_node_by_hostname("client_2")
database_client: DatabaseClient = client_2.software_manager.software.get("DatabaseClient")
database_client: DatabaseClient = client_2.software_manager.software.get("database-client")
assert database_client.config.fixing_duration == 2
dns_client: DNSClient = client_2.software_manager.software.get("DNSClient")
dns_client: DNSClient = client_2.software_manager.software.get("dns-client")
assert dns_client.config.fixing_duration == 2
@@ -45,7 +45,15 @@ def test_fixing_duration_set_from_config():
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
# in config - services take 3 timesteps to fix
for service in ["DNSClient", "DNSServer", "DatabaseService", "WebServer", "FTPClient", "FTPServer", "NTPServer"]:
for service in [
"dns-client",
"dns-server",
"database-service",
"web-server",
"ftp-client",
"ftp-server",
"ntp-server",
]:
assert client_1.software_manager.software.get(service) is not None
assert client_1.software_manager.software.get(service).config.fixing_duration == 3
@@ -53,7 +61,7 @@ def test_fixing_duration_set_from_config():
# remove test applications from list
applications = set(Application._registry) - set(TestApplications)
for application in ["RansomwareScript", "WebBrowser", "DataManipulationBot", "DoSBot", "DatabaseClient"]:
for application in ["ransomware-script", "web-browser", "data-manipulation-bot", "dos-bot", "database-client"]:
assert client_1.software_manager.software.get(application) is not None
assert client_1.software_manager.software.get(application).config.fixing_duration == 1
@@ -64,18 +72,18 @@ def test_fixing_duration_for_one_item():
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
# in config - services take 3 timesteps to fix
for service in ["DNSClient", "DNSServer", "WebServer", "FTPClient", "FTPServer", "NTPServer"]:
for service in ["dns-client", "dns-server", "web-server", "ftp-client", "ftp-server", "ntp-server"]:
assert client_1.software_manager.software.get(service) is not None
assert client_1.software_manager.software.get(service).config.fixing_duration == 2
# in config - applications take 1 timestep to fix
# remove test applications from list
for applications in ["RansomwareScript", "WebBrowser", "DataManipulationBot", "DoSBot"]:
for applications in ["ransomware-script", "web-browser", "data-manipulation-bot", "dos-bot"]:
assert client_1.software_manager.software.get(applications) is not None
assert client_1.software_manager.software.get(applications).config.fixing_duration == 2
database_client: DatabaseClient = client_1.software_manager.software.get("DatabaseClient")
database_client: DatabaseClient = client_1.software_manager.software.get("database-client")
assert database_client.config.fixing_duration == 1
database_service: DatabaseService = client_1.software_manager.software.get("DatabaseService")
database_service: DatabaseService = client_1.software_manager.software.get("database-service")
assert database_service.config.fixing_duration == 5

8
tests/integration_tests/extensions/applications/extended_application.py
View File

@@ -24,7 +24,7 @@ from primaite.utils.validation.port import PORT_LOOKUP
_LOGGER = getLogger(__name__)
class ExtendedApplication(Application, discriminator="ExtendedApplication"):
class ExtendedApplication(Application, discriminator="extended-application"):
"""
Clone of web browser that uses the extension framework instead of being part of PrimAITE directly.
@@ -34,7 +34,7 @@ class ExtendedApplication(Application, discriminator="ExtendedApplication"):
class ConfigSchema(Application.ConfigSchema):
"""ConfigSchema for ExtendedApplication."""
type: str = "ExtendedApplication"
type: str = "extended-application"
target_url: Optional[str] = None
config: "ExtendedApplication.ConfigSchema" = Field(default_factory=lambda: ExtendedApplication.ConfigSchema())
@@ -51,7 +51,7 @@ class ExtendedApplication(Application, discriminator="ExtendedApplication"):
"""Keep a log of visited websites and information about the visit, such as response code."""
def __init__(self, **kwargs):
kwargs["name"] = "ExtendedApplication"
kwargs["name"] = "extended-application"
kwargs["protocol"] = PROTOCOL_LOOKUP["TCP"]
# default for web is port 80
if kwargs.get("port") is None:
@@ -112,7 +112,7 @@ class ExtendedApplication(Application, discriminator="ExtendedApplication"):
return False
# get the IP address of the domain name via DNS
dns_client: DNSClient = self.software_manager.software.get("DNSClient")
dns_client: DNSClient = self.software_manager.software.get("dns-client")
domain_exists = dns_client.check_domain_exists(target_domain=parsed_url.hostname)
# if domain does not exist, the request fails

2
tests/integration_tests/extensions/nodes/super_computer.py
View File

@@ -34,7 +34,7 @@ class SuperComputer(HostNode, discriminator="supercomputer"):
* Web Browser
"""
SYSTEM_SOFTWARE: ClassVar[Dict] = {**HostNode.SYSTEM_SOFTWARE, "FTPClient": FTPClient}
SYSTEM_SOFTWARE: ClassVar[Dict] = {**HostNode.SYSTEM_SOFTWARE, "ftp-client": FTPClient}
def __init__(self, ip_address: IPV4Address, subnet_mask: IPV4Address, **kwargs):
print("--- Extended Component: SuperComputer ---")

12
tests/integration_tests/extensions/services/extended_service.py
View File

@@ -19,7 +19,7 @@ from primaite.utils.validation.port import PORT_LOOKUP
_LOGGER = getLogger(__name__)
class ExtendedService(Service, discriminator="ExtendedService"):
class ExtendedService(Service, discriminator="extended-service"):
"""
A copy of DatabaseService that uses the extension framework instead of being part of PrimAITE.
@@ -29,7 +29,7 @@ class ExtendedService(Service, discriminator="ExtendedService"):
class ConfigSchema(Service.ConfigSchema):
"""ConfigSchema for ExtendedService."""
type: str = "ExtendedService"
type: str = "extended-service"
config: "ExtendedService.ConfigSchema" = Field(default_factory=lambda: ExtendedService.ConfigSchema())
@@ -46,7 +46,7 @@ class ExtendedService(Service, discriminator="ExtendedService"):
"""File name of latest backup."""
def __init__(self, **kwargs):
kwargs["name"] = "ExtendedService"
kwargs["name"] = "extended-service"
kwargs["port"] = PORT_LOOKUP["POSTGRES_SERVER"]
kwargs["protocol"] = PROTOCOL_LOOKUP["TCP"]
super().__init__(**kwargs)
@@ -65,7 +65,7 @@ class ExtendedService(Service, discriminator="ExtendedService"):
"""
super().install()
if not self.parent.software_manager.software.get("FTPClient"):
if not self.parent.software_manager.software.get("ftp-client"):
self.parent.sys_log.info(f"{self.name}: Installing FTPClient to enable database backups")
self.parent.software_manager.install(FTPClient)
@@ -89,7 +89,7 @@ class ExtendedService(Service, discriminator="ExtendedService"):
return False
software_manager: SoftwareManager = self.software_manager
ftp_client_service: FTPClient = software_manager.software.get("FTPClient")
ftp_client_service: FTPClient = software_manager.software.get("ftp-client")
if not ftp_client_service:
self.sys_log.error(
@@ -124,7 +124,7 @@ class ExtendedService(Service, discriminator="ExtendedService"):
return False
software_manager: SoftwareManager = self.software_manager
ftp_client_service: FTPClient = software_manager.software.get("FTPClient")
ftp_client_service: FTPClient = software_manager.software.get("ftp-client")
if not ftp_client_service:
self.sys_log.error(

4
tests/integration_tests/extensions/test_extendable_config.py
View File

@@ -30,5 +30,5 @@ def test_extended_example_config():
extended_host = network.get_node_by_hostname("client_1")
assert "ExtendedApplication" in extended_host.software_manager.software
assert "ExtendedService" in extended_host.software_manager.software
assert "extended-application" in extended_host.software_manager.software
assert "extended-service" in extended_host.software_manager.software

10
tests/integration_tests/game_layer/actions/test_application_request_permission.py
View File

@@ -28,27 +28,27 @@ def test_application_cannot_perform_actions_unless_running(game_and_agent_fixtur
game, agent = game_and_agent_fixture
client_1 = game.simulation.network.get_node_by_hostname("client_1")
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser: WebBrowser = client_1.software_manager.software.get("web-browser")
browser.close()
assert browser.operating_state == ApplicationOperatingState.CLOSED
action = ("node_application_scan", {"node_name": "client_1", "application_name": "WebBrowser"})
action = ("node-application-scan", {"node_name": "client_1", "application_name": "web-browser"})
agent.store_action(action)
game.step()
assert browser.operating_state == ApplicationOperatingState.CLOSED
action = ("node_application_close", {"node_name": "client_1", "application_name": "WebBrowser"})
action = ("node-application-close", {"node_name": "client_1", "application_name": "web-browser"})
agent.store_action(action)
game.step()
assert browser.operating_state == ApplicationOperatingState.CLOSED
action = ("node_application_fix", {"node_name": "client_1", "application_name": "WebBrowser"})
action = ("node-application-fix", {"node_name": "client_1", "application_name": "web-browser"})
agent.store_action(action)
game.step()
assert browser.operating_state == ApplicationOperatingState.CLOSED
action = ("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"})
action = ("node-application-execute", {"node_name": "client_1", "application_name": "web-browser"})
agent.store_action(action)
game.step()
assert browser.operating_state == ApplicationOperatingState.CLOSED

36
tests/integration_tests/game_layer/actions/test_c2_suite_actions.py
View File

@@ -32,7 +32,7 @@ def game_and_agent_fixture(game_and_agent):
c2_server_host = game.simulation.network.get_node_by_hostname("client_1")
c2_server_host.software_manager.install(software_class=C2Server)
c2_server: C2Server = c2_server_host.software_manager.software["C2Server"]
c2_server: C2Server = c2_server_host.software_manager.software["c2-server"]
c2_server.run()
return (game, agent)
@@ -46,15 +46,15 @@ def test_c2_beacon_default(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgen
server_1: Server = game.simulation.network.get_node_by_hostname("server_1")
action = (
"node_application_install",
{"node_name": "server_1", "application_name": "C2Beacon"},
"node-application-install",
{"node_name": "server_1", "application_name": "c2-beacon"},
)
agent.store_action(action)
game.step()
assert agent.history[-1].response.status == "success"
action = (
"configure_c2_beacon",
"configure-c2-beacon",
{
"node_name": "server_1",
"c2_server_ip_address": "10.0.1.2",
@@ -68,15 +68,15 @@ def test_c2_beacon_default(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgen
assert agent.history[-1].response.status == "success"
action = (
"node_application_execute",
{"node_name": "server_1", "application_name": "C2Beacon"},
"node-application-execute",
{"node_name": "server_1", "application_name": "c2-beacon"},
)
agent.store_action(action)
game.step()
assert agent.history[-1].response.status == "success"
# Asserting that we've confirmed our connection
c2_beacon: C2Beacon = server_1.software_manager.software["C2Beacon"]
c2_beacon: C2Beacon = server_1.software_manager.software["c2-beacon"]
assert c2_beacon.c2_connection_active == True
@@ -91,9 +91,9 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
# Installing a database on Server_2 for the ransomware to attack
server_2: Server = game.simulation.network.get_node_by_hostname("server_2")
server_2.software_manager.install(DatabaseService)
server_2.software_manager.software["DatabaseService"].start()
server_2.software_manager.software["database-service"].start()
# Configuring the C2 to connect to client 1 (C2 Server)
c2_beacon: C2Beacon = server_1.software_manager.software["C2Beacon"]
c2_beacon: C2Beacon = server_1.software_manager.software["c2-beacon"]
c2_beacon.configure(c2_server_ip_address=IPv4Address("10.0.1.2"))
c2_beacon.establish()
assert c2_beacon.c2_connection_active == True
@@ -101,15 +101,15 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
# C2 Action 1: Installing the RansomwareScript & Database client via Terminal
action = (
"c2_server_terminal_command",
"c2-server-terminal-command",
{
"node_name": "client_1",
"ip_address": None,
"username": "admin",
"password": "admin",
"commands": [
["software_manager", "application", "install", "RansomwareScript"],
["software_manager", "application", "install", "DatabaseClient"],
["software_manager", "application", "install", "ransomware-script"],
["software_manager", "application", "install", "database-client"],
],
},
)
@@ -118,7 +118,7 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
assert agent.history[-1].response.status == "success"
action = (
"c2_server_ransomware_configure",
"c2-server-ransomware-configure",
{
"node_name": "client_1",
"server_ip_address": "10.0.2.3",
@@ -131,14 +131,14 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
# Stepping a few timesteps to allow for the RansowmareScript to finish installing.
action = ("do_nothing", {})
action = ("do-nothing", {})
agent.store_action(action)
game.step()
game.step()
game.step()
action = (
"c2_server_ransomware_launch",
"c2-server-ransomware-launch",
{
"node_name": "client_1",
},
@@ -162,10 +162,10 @@ def test_c2_server_data_exfiltration(game_and_agent_fixture: Tuple[PrimaiteGame,
# Installing a database on Server_2 (creates a database.db file.)
server_2: Server = game.simulation.network.get_node_by_hostname("server_2")
server_2.software_manager.install(DatabaseService)
server_2.software_manager.software["DatabaseService"].start()
server_2.software_manager.software["database-service"].start()
# Configuring the C2 to connect to client 1 (C2 Server)
c2_beacon: C2Beacon = server_1.software_manager.software["C2Beacon"]
c2_beacon: C2Beacon = server_1.software_manager.software["c2-beacon"]
c2_beacon.configure(c2_server_ip_address=IPv4Address("10.0.1.2"))
c2_beacon.establish()
assert c2_beacon.c2_connection_active == True
@@ -178,7 +178,7 @@ def test_c2_server_data_exfiltration(game_and_agent_fixture: Tuple[PrimaiteGame,
# C2 Action: Data exfiltrate.
action = (
"c2_server_data_exfiltrate",
"c2-server-data-exfiltrate",
{
"node_name": "client_1",
"target_file_name": "database.db",

38
tests/integration_tests/game_layer/actions/test_configure_actions.py
View File

@@ -31,10 +31,10 @@ class TestConfigureDatabaseAction:
# make sure there is a database client on this node
client_1 = game.simulation.network.get_node_by_hostname("client_1")
client_1.software_manager.install(DatabaseClient)
db_client: DatabaseClient = client_1.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = client_1.software_manager.software["database-client"]
action = (
"configure_database_client",
"configure-database-client",
{
"node_name": "client_1",
"server_ip_address": "192.168.1.99",
@@ -54,10 +54,10 @@ class TestConfigureDatabaseAction:
# make sure there is a database client on this node
client_1 = game.simulation.network.get_node_by_hostname("client_1")
client_1.software_manager.install(DatabaseClient)
db_client: DatabaseClient = client_1.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = client_1.software_manager.software["database-client"]
action = (
"configure_database_client",
"configure-database-client",
{
"node_name": "client_1",
"server_ip_address": "192.168.1.99",
@@ -76,11 +76,11 @@ class TestConfigureDatabaseAction:
# make sure there is a database client on this node
client_1 = game.simulation.network.get_node_by_hostname("client_1")
client_1.software_manager.install(DatabaseClient)
db_client: DatabaseClient = client_1.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = client_1.software_manager.software["database-client"]
old_ip = db_client.server_ip_address
action = (
"configure_database_client",
"configure-database-client",
{
"node_name": "client_1",
"server_password": "admin123",
@@ -115,14 +115,14 @@ class TestConfigureRansomwareScriptAction:
# make sure there is a database client on this node
client_1 = game.simulation.network.get_node_by_hostname("client_1")
client_1.software_manager.install(RansomwareScript)
ransomware_script: RansomwareScript = client_1.software_manager.software["RansomwareScript"]
ransomware_script: RansomwareScript = client_1.software_manager.software["ransomware-script"]
old_ip = ransomware_script.server_ip_address
old_pw = ransomware_script.server_password
old_payload = ransomware_script.payload
action = (
"configure_ransomware_script",
"configure-ransomware-script",
{"node_name": "client_1", **config},
)
agent.store_action(action)
@@ -143,9 +143,9 @@ class TestConfigureRansomwareScriptAction:
# make sure there is a database client on this node
client_1 = game.simulation.network.get_node_by_hostname("client_1")
client_1.software_manager.install(RansomwareScript)
ransomware_script: RansomwareScript = client_1.software_manager.software["RansomwareScript"]
ransomware_script: RansomwareScript = client_1.software_manager.software["ransomware-script"]
action = (
"configure_ransomware_script",
"configure-ransomware-script",
{
"node_name": "client_1",
"config": {"server_password": "admin123", "bad_option": 70},
@@ -163,10 +163,10 @@ class TestConfigureDoSBot:
client_1 = game.simulation.network.get_node_by_hostname("client_1")
client_1.software_manager.install(DoSBot)
dos_bot: DoSBot = client_1.software_manager.software["DoSBot"]
dos_bot: DoSBot = client_1.software_manager.software["dos-bot"]
action = (
"configure_dos_bot",
"configure-dos-bot",
{
"node_name": "client_1",
"target_ip_address": "192.168.1.99",
@@ -196,11 +196,11 @@ class TestConfigureYAML:
# make sure there's no db client on the node yet
client_1 = env.game.simulation.network.get_node_by_hostname("client_1")
assert client_1.software_manager.software.get("DatabaseClient") is None
assert client_1.software_manager.software.get("database-client") is None
# take the install action, check that the db gets installed, step to get it to finish installing
env.step(1)
db_client: DatabaseClient = client_1.software_manager.software.get("DatabaseClient")
db_client: DatabaseClient = client_1.software_manager.software.get("database-client")
assert isinstance(db_client, DatabaseClient)
assert db_client.operating_state == ApplicationOperatingState.INSTALLING
env.step(0)
@@ -224,11 +224,11 @@ class TestConfigureYAML:
def test_c2_server_ransomware_configure(self):
env = PrimaiteGymEnv(env_config=APP_CONFIG_YAML)
client_2 = env.game.simulation.network.get_node_by_hostname("client_2")
assert client_2.software_manager.software.get("RansomwareScript") is None
assert client_2.software_manager.software.get("ransomware-script") is None
# install ransomware script
env.step(2)
ransom = client_2.software_manager.software.get("RansomwareScript")
ransom = client_2.software_manager.software.get("ransomware-script")
assert isinstance(ransom, RansomwareScript)
assert ransom.operating_state == ApplicationOperatingState.INSTALLING
env.step(0)
@@ -250,17 +250,17 @@ class TestConfigureYAML:
assert ransom.attack()
db_server = env.game.simulation.network.get_node_by_hostname("server_1")
db_service: DatabaseService = db_server.software_manager.software.get("DatabaseService")
db_service: DatabaseService = db_server.software_manager.software.get("database-service")
assert db_service.db_file.health_status == FileSystemItemHealthStatus.CORRUPT
def test_configure_dos_bot(self):
env = PrimaiteGymEnv(env_config=APP_CONFIG_YAML)
client_3 = env.game.simulation.network.get_node_by_hostname("client_3")
assert client_3.software_manager.software.get("DoSBot") is None
assert client_3.software_manager.software.get("dos-bot") is None
# install DoSBot
env.step(3)
bot = client_3.software_manager.software.get("DoSBot")
bot = client_3.software_manager.software.get("dos-bot")
assert isinstance(bot, DoSBot)
assert bot.operating_state == ApplicationOperatingState.INSTALLING
env.step(0)

14
tests/integration_tests/game_layer/actions/test_file_request_permission.py
View File

@@ -33,7 +33,7 @@ def test_create_file(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
assert client_1.file_system.get_file(folder_name=random_folder, file_name=random_file) is None
action = (
"node_file_create",
"node-file-create",
{"node_name": "client_1", "folder_name": random_folder, "file_name": random_file},
)
agent.store_action(action)
@@ -51,7 +51,7 @@ def test_file_delete_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
assert file.deleted is False
action = (
"node_file_delete",
"node-file-delete",
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
)
agent.store_action(action)
@@ -72,7 +72,7 @@ def test_file_scan_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
action = (
"node_file_scan",
"node-file-scan",
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
)
agent.store_action(action)
@@ -93,7 +93,7 @@ def test_file_repair_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
action = (
"node_file_repair",
"node-file-repair",
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
)
agent.store_action(action)
@@ -113,7 +113,7 @@ def test_file_restore_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAg
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
action = (
"node_file_restore",
"node-file-restore",
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
)
agent.store_action(action)
@@ -132,7 +132,7 @@ def test_file_corrupt_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAg
assert file.health_status == FileSystemItemHealthStatus.GOOD
action = (
"node_file_corrupt",
"node-file-corrupt",
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
)
agent.store_action(action)
@@ -150,7 +150,7 @@ def test_file_access_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
assert file.num_access == 0
action = (
"node_file_access",
"node-file-access",
{"node_name": "client_1", "folder_name": file.folder_name, "file_name": file.name},
)
agent.store_action(action)

8
tests/integration_tests/game_layer/actions/test_folder_request_permission.py
View File

@@ -32,7 +32,7 @@ def test_create_folder(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
assert client_1.file_system.get_folder(folder_name=random_folder) is None
action = (
"node_folder_create",
"node-folder-create",
{
"node_name": "client_1",
"folder_name": random_folder,
@@ -60,7 +60,7 @@ def test_folder_scan_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
action = (
"node_folder_scan",
"node-folder-scan",
{
"node_name": "client_1", # client_1,
"folder_name": "downloads", # downloads
@@ -87,7 +87,7 @@ def test_folder_repair_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
action = (
"node_folder_repair",
"node-folder-repair",
{
"node_name": "client_1", # client_1,
"folder_name": "downloads", # downloads
@@ -111,7 +111,7 @@ def test_folder_restore_action(game_and_agent_fixture: Tuple[PrimaiteGame, Proxy
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
action = (
"node_folder_restore",
"node-folder-restore",
{
"node_name": "client_1", # client_1,
"folder_name": "downloads", # downloads

8
tests/integration_tests/game_layer/actions/test_nic_request_permission.py
View File

@@ -29,7 +29,7 @@ def test_nic_cannot_be_turned_off_if_not_on(game_and_agent_fixture: Tuple[Primai
assert nic.enabled is False
action = (
"host_nic_disable",
"host-nic-disable",
{
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
@@ -50,7 +50,7 @@ def test_nic_cannot_be_turned_on_if_already_on(game_and_agent_fixture: Tuple[Pri
assert nic.enabled
action = (
"host_nic_enable",
"host-nic-enable",
{
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
@@ -71,7 +71,7 @@ def test_that_a_nic_can_be_enabled_and_disabled(game_and_agent_fixture: Tuple[Pr
assert nic.enabled
action = (
"host_nic_disable",
"host-nic-disable",
{
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
@@ -83,7 +83,7 @@ def test_that_a_nic_can_be_enabled_and_disabled(game_and_agent_fixture: Tuple[Pr
assert nic.enabled is False
action = (
"host_nic_enable",
"host-nic-enable",
{
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)

14
tests/integration_tests/game_layer/actions/test_node_request_permission.py
View File

@@ -29,28 +29,28 @@ def test_node_startup_shutdown(game_and_agent_fixture: Tuple[PrimaiteGame, Proxy
assert client_1.operating_state == NodeOperatingState.ON
# turn it off
action = ("node_shutdown", {"node_name": "client_1"})
action = ("node-shutdown", {"node_name": "client_1"})
agent.store_action(action)
game.step()
assert client_1.operating_state == NodeOperatingState.SHUTTING_DOWN
for i in range(client_1.shut_down_duration + 1):
action = ("do_nothing", {})
action = ("do-nothing", {})
agent.store_action(action)
game.step()
assert client_1.operating_state == NodeOperatingState.OFF
# turn it on
action = ("node_startup", {"node_name": "client_1"})
action = ("node-startup", {"node_name": "client_1"})
agent.store_action(action)
game.step()
assert client_1.operating_state == NodeOperatingState.BOOTING
for i in range(client_1.start_up_duration + 1):
action = ("do_nothing", {})
action = ("do-nothing", {})
agent.store_action(action)
game.step()
@@ -65,7 +65,7 @@ def test_node_cannot_be_started_up_if_node_is_already_on(game_and_agent_fixture:
assert client_1.operating_state == NodeOperatingState.ON
# turn it on
action = ("node_startup", {"node_name": "client_1"})
action = ("node-startup", {"node_name": "client_1"})
agent.store_action(action)
game.step()
@@ -80,14 +80,14 @@ def test_node_cannot_be_shut_down_if_node_is_already_off(game_and_agent_fixture:
client_1.power_off()
for i in range(client_1.shut_down_duration + 1):
action = ("do_nothing", {})
action = ("do-nothing", {})
agent.store_action(action)
game.step()
assert client_1.operating_state == NodeOperatingState.OFF
# turn it ff
action = ("node_shutdown", {"node_name": "client_1"})
action = ("node-shutdown", {"node_name": "client_1"})
agent.store_action(action)
game.step()

24
tests/integration_tests/game_layer/actions/test_service_request_permission.py
View File

@@ -26,12 +26,12 @@ def test_service_start(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
game, agent = game_and_agent_fixture
server_1: Server = game.simulation.network.get_node_by_hostname("server_1")
dns_server = server_1.software_manager.software.get("DNSServer")
dns_server = server_1.software_manager.software.get("dns-server")
dns_server.pause()
assert dns_server.operating_state == ServiceOperatingState.PAUSED
action = ("node_service_start", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-start", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.PAUSED
@@ -40,7 +40,7 @@ def test_service_start(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("node_service_start", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-start", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
@@ -52,9 +52,9 @@ def test_service_resume(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent])
game, agent = game_and_agent_fixture
server_1: Server = game.simulation.network.get_node_by_hostname("server_1")
dns_server = server_1.software_manager.software.get("DNSServer")
dns_server = server_1.software_manager.software.get("dns-server")
action = ("node_service_resume", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-resume", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.RUNNING
@@ -63,7 +63,7 @@ def test_service_resume(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent])
assert dns_server.operating_state == ServiceOperatingState.PAUSED
action = ("node_service_resume", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-resume", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
@@ -75,32 +75,32 @@ def test_service_cannot_perform_actions_unless_running(game_and_agent_fixture: T
game, agent = game_and_agent_fixture
server_1: Server = game.simulation.network.get_node_by_hostname("server_1")
dns_server = server_1.software_manager.software.get("DNSServer")
dns_server = server_1.software_manager.software.get("dns-server")
dns_server.stop()
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("node_service_scan", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-scan", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("node_service_pause", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-pause", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("node_service_resume", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-resume", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("node_service_restart", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-restart", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("node_service_fix", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-fix", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.STOPPED

20
tests/integration_tests/game_layer/actions/test_terminal_actions.py
View File

@@ -32,11 +32,11 @@ def test_remote_login(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
client_1 = game.simulation.network.get_node_by_hostname("client_1")
# create a new user account on server_1 that will be logged into remotely
server_1_usm: UserManager = server_1.software_manager.software["UserManager"]
server_1_usm: UserManager = server_1.software_manager.software["user-manager"]
server_1_usm.add_user("user123", "password", is_admin=True)
action = (
"node_session_remote_login",
"node-session-remote-login",
{
"node_name": "client_1",
"username": "user123",
@@ -64,11 +64,11 @@ def test_remote_login_wrong_password(game_and_agent_fixture: Tuple[PrimaiteGame,
client_1 = game.simulation.network.get_node_by_hostname("client_1")
# create a new user account on server_1 that will be logged into remotely
server_1_usm: UserManager = server_1.software_manager.software["UserManager"]
server_1_usm: UserManager = server_1.software_manager.software["user-manager"]
server_1_usm.add_user("user123", "password", is_admin=True)
action = (
"node_session_remote_login",
"node-session-remote-login",
{
"node_name": "client_1",
"username": "user123",
@@ -96,11 +96,11 @@ def test_remote_login_change_password(game_and_agent_fixture: Tuple[PrimaiteGame
client_1 = game.simulation.network.get_node_by_hostname("client_1")
# create a new user account on server_1 that will be logged into remotely
server_1_um: UserManager = server_1.software_manager.software["UserManager"]
server_1_um: UserManager = server_1.software_manager.software["user-manager"]
server_1_um.add_user("user123", "password", is_admin=True)
action = (
"node_account_change_password",
"node-account-change-password",
{
"node_name": "server_1", # server_1
"username": "user123",
@@ -122,12 +122,12 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam
client_1 = game.simulation.network.get_node_by_hostname("client_1")
# create a new user account on server_1 that will be logged into remotely
server_1_usm: UserManager = server_1.software_manager.software["UserManager"]
server_1_usm: UserManager = server_1.software_manager.software["user-manager"]
server_1_usm.add_user("user123", "password", is_admin=True)
# Log in remotely
action = (
"node_session_remote_login",
"node-session-remote-login",
{
"node_name": "client_1",
"username": "user123",
@@ -140,7 +140,7 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam
# Change password
action = (
"node_account_change_password",
"node-account-change-password",
{
"node_name": "server_1", # server_1
"username": "user123",
@@ -154,7 +154,7 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam
# Assert that the user cannot execute an action
action = (
"node_send_remote_command",
"node-send-remote-command",
{
"node_name": "client_1",
"remote_ip": str(server_1.network_interface[1].ip_address),

2
tests/integration_tests/game_layer/observations/test_acl_observations.py
View File

@@ -28,7 +28,7 @@ def test_acl_observations(simulation):
# quick set up of ntp
client_1.software_manager.install(NTPClient)
ntp_client: NTPClient = client_1.software_manager.software.get("NTPClient")
ntp_client: NTPClient = client_1.software_manager.software.get("ntp-client")
ntp_client.configure(server.network_interface.get(1).ip_address)
server.software_manager.install(NTPServer)

10
tests/integration_tests/game_layer/observations/test_nic_observations.py
View File

@@ -43,23 +43,23 @@ def simulation(example_network) -> Simulation:
computer: Computer = example_network.get_node_by_hostname("client_1")
server: Server = example_network.get_node_by_hostname("server_1")
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
web_browser: WebBrowser = computer.software_manager.software.get("web-browser")
web_browser.run()
# Install DNS Client service on computer
computer.software_manager.install(DNSClient)
dns_client: DNSClient = computer.software_manager.software.get("DNSClient")
dns_client: DNSClient = computer.software_manager.software.get("dns-client")
# set dns server
dns_client.dns_server = server.network_interface[1].ip_address
# Install Web Server service on server
server.software_manager.install(WebServer)
web_server_service: WebServer = server.software_manager.software.get("WebServer")
web_server_service: WebServer = server.software_manager.software.get("web-server")
web_server_service.start()
# Install DNS Server service on server
server.software_manager.install(DNSServer)
dns_server: DNSServer = server.software_manager.software.get("DNSServer")
dns_server: DNSServer = server.software_manager.software.get("dns-server")
# register arcd.com to DNS
dns_server.dns_register(
domain_name="arcd.com",
@@ -190,7 +190,7 @@ def test_nic_monitored_traffic(simulation):
assert traffic_obs["tcp"][53]["outbound"] == 0
# send a database query
browser: WebBrowser = pc.software_manager.software.get("WebBrowser")
browser: WebBrowser = pc.software_manager.software.get("web-browser")
browser.config.target_url = f"http://arcd.com/"
browser.get_webpage()

8
tests/integration_tests/game_layer/observations/test_software_observations.py
View File

@@ -26,10 +26,10 @@ def test_service_observation(simulation):
# install software on the computer
pc.software_manager.install(NTPServer)
ntp_server = pc.software_manager.software.get("NTPServer")
ntp_server = pc.software_manager.software.get("ntp-server")
assert ntp_server
service_obs = ServiceObservation(where=["network", "nodes", pc.hostname, "services", "NTPServer"])
service_obs = ServiceObservation(where=["network", "nodes", pc.hostname, "services", "ntp-server"])
assert service_obs.space["operating_status"] == spaces.Discrete(7)
assert service_obs.space["health_status"] == spaces.Discrete(5)
@@ -51,10 +51,10 @@ def test_application_observation(simulation):
# install software on the computer
pc.software_manager.install(DatabaseClient)
web_browser: WebBrowser = pc.software_manager.software.get("WebBrowser")
web_browser: WebBrowser = pc.software_manager.software.get("web-browser")
assert web_browser
app_obs = ApplicationObservation(where=["network", "nodes", pc.hostname, "applications", "WebBrowser"])
app_obs = ApplicationObservation(where=["network", "nodes", pc.hostname, "applications", "web-browser"])
web_browser.close()
observation_state = app_obs.observe(simulation.describe_state())

8
tests/integration_tests/game_layer/test_RNG_seed.py
View File

@@ -24,12 +24,12 @@ def test_rng_seed_set(create_env):
env.reset(seed=3)
for i in range(100):
env.step(0)
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do-nothing"]
env.reset(seed=3)
for i in range(100):
env.step(0)
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do-nothing"]
assert a == b
@@ -40,11 +40,11 @@ def test_rng_seed_unset(create_env):
env.reset()
for i in range(100):
env.step(0)
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do-nothing"]
env.reset()
for i in range(100):
env.step(0)
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do-nothing"]
assert a != b

26
tests/integration_tests/game_layer/test_action_mask.py
View File

@@ -44,13 +44,13 @@ def test_mask_contents_correct():
assert not mask[action_num]
nic_obj.enable()
if act_type == "router_acl_add_rule":
if act_type == "router-acl-add-rule":
assert mask[action_num]
if act_type == "router_acl_remove_rule":
if act_type == "router-acl-remove-rule":
assert mask[action_num]
if act_type == "node_reset":
if act_type == "node-reset":
node_name = act_params["node_name"]
node_obj = net.get_node_by_hostname(node_name)
assert node_obj.operating_state is NodeOperatingState.ON
@@ -60,7 +60,7 @@ def test_mask_contents_correct():
assert not mask[action_num]
node_obj.operating_state = NodeOperatingState.ON
if act_type == "node_shutdown":
if act_type == "node-shutdown":
node_name = act_params["node_name"]
node_obj = net.get_node_by_hostname(node_name)
assert node_obj.operating_state is NodeOperatingState.ON
@@ -70,7 +70,7 @@ def test_mask_contents_correct():
assert not mask[action_num]
node_obj.operating_state = NodeOperatingState.ON
if act_type == "node_os_scan":
if act_type == "node-os-scan":
node_name = act_params["node_name"]
node_obj = net.get_node_by_hostname(node_name)
assert node_obj.operating_state is NodeOperatingState.ON
@@ -80,7 +80,7 @@ def test_mask_contents_correct():
assert not mask[action_num]
node_obj.operating_state = NodeOperatingState.ON
if act_type == "node_startup":
if act_type == "node-startup":
node_name = act_params["node_name"]
node_obj = net.get_node_by_hostname(node_name)
assert node_obj.operating_state is NodeOperatingState.ON
@@ -90,13 +90,13 @@ def test_mask_contents_correct():
assert mask[action_num]
node_obj.operating_state = NodeOperatingState.ON
if act_type == "do_nothing":
if act_type == "do-nothing":
assert mask[action_num]
if act_type == "node_service_disable":
if act_type == "node-service-disable":
assert mask[action_num]
if act_type in ["node_service_scan", "node_service_stop", "node_service_pause"]:
if act_type in ["node-service-scan", "node-service-stop", "node-service-pause"]:
node_name = act_params["node_name"]
service_name = act_params["service_name"]
node_obj = net.get_node_by_hostname(node_name)
@@ -108,7 +108,7 @@ def test_mask_contents_correct():
assert not mask[action_num]
service_obj.operating_state = ServiceOperatingState.RUNNING
if act_type == "node_service_resume":
if act_type == "node-service-resume":
node_name = act_params["node_name"]
service_name = act_params["service_name"]
node_obj = net.get_node_by_hostname(node_name)
@@ -120,7 +120,7 @@ def test_mask_contents_correct():
assert mask[action_num]
service_obj.operating_state = ServiceOperatingState.RUNNING
if act_type == "node_service_start":
if act_type == "node-service-start":
node_name = act_params["node_name"]
service_name = act_params["service_name"]
node_obj = net.get_node_by_hostname(node_name)
@@ -132,7 +132,7 @@ def test_mask_contents_correct():
assert mask[action_num]
service_obj.operating_state = ServiceOperatingState.RUNNING
if act_type == "node_service_enable":
if act_type == "node-service-enable":
node_name = act_params["node_name"]
service_name = act_params["service_name"]
node_obj = net.get_node_by_hostname(node_name)
@@ -144,7 +144,7 @@ def test_mask_contents_correct():
assert mask[action_num]
service_obj.operating_state = ServiceOperatingState.RUNNING
if act_type in ["node_file_scan", "node_file_checkhash", "node_file_delete"]:
if act_type in ["node-file-scan", "node-file-checkhash", "node-file-delete"]:
node_name = act_params["node_name"]
folder_name = act_params["folder_name"]
file_name = act_params["file_name"]

90
tests/integration_tests/game_layer/test_actions.py
View File

@@ -35,7 +35,7 @@ def test_do_nothing_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAgent])
"""Test that the do_nothingAction can form a request and that it is accepted by the simulation."""
game, agent = game_and_agent
action = ("do_nothing", {})
action = ("do-nothing", {})
agent.store_action(action)
game.step()
@@ -51,12 +51,12 @@ def test_node_service_scan_integration(game_and_agent: Tuple[PrimaiteGame, Proxy
game, agent = game_and_agent
# 1: Check that the service starts off in a good state, and that visible state is hidden until first scan
svc = game.simulation.network.get_node_by_hostname("server_1").software_manager.software.get("DNSServer")
svc = game.simulation.network.get_node_by_hostname("server_1").software_manager.software.get("dns-server")
assert svc.health_state_actual == SoftwareHealthState.GOOD
assert svc.health_state_visible == SoftwareHealthState.UNUSED
# 2: Scan and check that the visible state is now correct
action = ("node_service_scan", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-scan", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
assert svc.health_state_actual == SoftwareHealthState.GOOD
@@ -67,7 +67,7 @@ def test_node_service_scan_integration(game_and_agent: Tuple[PrimaiteGame, Proxy
assert svc.health_state_visible == SoftwareHealthState.GOOD
# 4: Scan and check that the visible state is now correct
action = ("node_service_scan", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-scan", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
assert svc.health_state_actual == SoftwareHealthState.COMPROMISED
@@ -84,11 +84,11 @@ def test_node_service_fix_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
game, agent = game_and_agent
# 1: Corrupt the service
svc = game.simulation.network.get_node_by_hostname("server_1").software_manager.software.get("DNSServer")
svc = game.simulation.network.get_node_by_hostname("server_1").software_manager.software.get("dns-server")
svc.health_state_actual = SoftwareHealthState.COMPROMISED
# 2: Apply a patch action
action = ("node_service_fix", {"node_name": "server_1", "service_name": "DNSServer"})
action = ("node-service-fix", {"node_name": "server_1", "service_name": "dns-server"})
agent.store_action(action)
game.step()
@@ -96,7 +96,7 @@ def test_node_service_fix_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
assert svc.health_state_actual == SoftwareHealthState.FIXING
# 4: perform a few do-nothing steps and check that the service is now in the good state
action = ("do_nothing", {})
action = ("do-nothing", {})
agent.store_action(action)
game.step()
assert svc.health_state_actual == SoftwareHealthState.GOOD
@@ -106,7 +106,7 @@ def test_router_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Prox
"""
Test that the RouterACLAddRuleAction can form a request and that it is accepted by the simulation.
The ACL starts off with 4 rules, and we add a rule, and check that the ACL now has 5 rules.
The acl starts off with 4 rules, and we add a rule, and check that the acl now has 5 rules.
"""
game, agent = game_and_agent
@@ -121,7 +121,7 @@ def test_router_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Prox
# 2: Add a rule to block client 1 from reaching server 2 on router
action = (
"router_acl_add_rule",
"router-acl-add-rule",
{
"target_router": "router",
"position": 4,
@@ -138,7 +138,7 @@ def test_router_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Prox
agent.store_action(action)
game.step()
# 3: Check that the ACL now has 5 rules, and that client 1 cannot ping server 2
# 3: Check that the acl now has 5 rules, and that client 1 cannot ping server 2
assert router.acl.num_rules == 5
assert not client_1.ping("10.0.2.3") # Cannot ping server_2
assert client_1.ping("10.0.2.2") # Can ping server_1
@@ -148,7 +148,7 @@ def test_router_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Prox
# 4: Add a rule to block server_1 from reaching server_2 on router (this should not affect comms as they are on same subnet)
action = (
"router_acl_add_rule",
"router-acl-add-rule",
{
"target_router": "router",
"position": 5, # 5th rule
@@ -181,14 +181,14 @@ def test_router_acl_removerule_integration(game_and_agent: Tuple[PrimaiteGame, P
server_1 = game.simulation.network.get_node_by_hostname("server_1")
router = game.simulation.network.get_node_by_hostname("router")
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser: WebBrowser = client_1.software_manager.software.get("web-browser")
browser.run()
browser.config.target_url = "http://www.example.com"
assert browser.get_webpage() # check that the browser can access example.com before we block it
# 2: Remove rule that allows HTTP traffic across the network
action = (
"router_acl_remove_rule",
"router-acl-remove-rule",
{
"target_router": "router",
"position": 3, # 4th rule
@@ -200,7 +200,7 @@ def test_router_acl_removerule_integration(game_and_agent: Tuple[PrimaiteGame, P
# 3: Check that the ACL now has 3 rules, and that client 1 cannot access example.com
assert router.acl.num_rules == 3
assert not browser.get_webpage()
client_1.software_manager.software.get("DNSClient").dns_cache.clear()
client_1.software_manager.software.get("dns-client").dns_cache.clear()
assert client_1.ping("10.0.2.2") # pinging still works because ICMP is allowed
assert client_1.ping("10.0.2.3")
@@ -214,14 +214,14 @@ def test_host_nic_disable_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
server_1 = game.simulation.network.get_node_by_hostname("server_1")
server_2 = game.simulation.network.get_node_by_hostname("server_2")
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser: WebBrowser = client_1.software_manager.software.get("web-browser")
browser.run()
browser.config.target_url = "http://www.example.com"
assert browser.get_webpage() # check that the browser can access example.com before we block it
# 2: Disable the NIC on client_1
action = (
"host_nic_disable",
"host-nic-disable",
{
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
@@ -252,7 +252,7 @@ def test_host_nic_enable_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAg
# 2: Use action to enable nic
action = (
"host_nic_enable",
"host-nic-enable",
{
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
@@ -279,7 +279,7 @@ def test_node_file_scan_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAge
# 2: perform a scan and make sure nothing has changed
action = (
"node_file_scan",
"node-file-scan",
{
"node_name": "client_1", # client_1,
"folder_name": "downloads", # downloads,
@@ -316,7 +316,7 @@ def test_node_file_delete_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
# 2: delete the file
action = (
"node_file_delete",
"node-file-delete",
{
"node_name": "client_1", # client_1
"folder_name": "downloads", # downloads
@@ -339,7 +339,7 @@ def test_node_file_create(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
client_1 = game.simulation.network.get_node_by_hostname("client_1")
action = (
"node_file_create",
"node-file-create",
{
"node_name": "client_1",
"folder_name": "test",
@@ -360,7 +360,7 @@ def test_node_file_access(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
client_1 = game.simulation.network.get_node_by_hostname("client_1") #
action = (
"node_file_create",
"node-file-create",
{
"node_name": "client_1",
"folder_name": "test",
@@ -373,7 +373,7 @@ def test_node_file_access(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
assert client_1.file_system.get_file(folder_name="test", file_name="file.txt").num_access == 0
action = (
"node_file_access",
"node-file-access",
{
"node_name": "client_1",
"folder_name": "test",
@@ -393,7 +393,7 @@ def test_node_folder_create(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
client_1 = game.simulation.network.get_node_by_hostname("client_1") #
action = (
"node_folder_create",
"node-folder-create",
{
"node_name": "client_1",
"folder_name": "test",
@@ -414,14 +414,14 @@ def test_network_router_port_disable_integration(game_and_agent: Tuple[PrimaiteG
server_1 = game.simulation.network.get_node_by_hostname("server_1")
router = game.simulation.network.get_node_by_hostname("router")
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser: WebBrowser = client_1.software_manager.software.get("web-browser")
browser.run()
browser.config.target_url = "http://www.example.com"
assert browser.get_webpage() # check that the browser can access example.com before we block it
# 2: Disable the NIC on client_1
action = (
"network_port_disable",
"network-port-disable",
{
"target_nodename": "router", # router
"port_num": 1, # port 1
@@ -453,7 +453,7 @@ def test_network_router_port_enable_integration(game_and_agent: Tuple[PrimaiteGa
# 2: Use action to enable port
action = (
"network_port_enable",
"network-port-enable",
{
"target_nodename": "router", # router
"port_num": 1, # port 1
@@ -474,7 +474,7 @@ def test_node_application_scan_integration(game_and_agent: Tuple[PrimaiteGame, P
# 1: Check that http traffic is going across the network nicely.
client_1 = game.simulation.network.get_node_by_hostname("client_1")
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser: WebBrowser = client_1.software_manager.software.get("web-browser")
browser.run()
browser.config.target_url = "http://www.example.com"
assert browser.get_webpage() # check that the browser can access example.com
@@ -484,8 +484,8 @@ def test_node_application_scan_integration(game_and_agent: Tuple[PrimaiteGame, P
# 2: Scan and check that the visible state is now correct
action = (
"node_application_scan",
{"node_name": "client_1", "application_name": "WebBrowser"},
"node-application-scan",
{"node_name": "client_1", "application_name": "web-browser"},
)
agent.store_action(action)
game.step()
@@ -498,8 +498,8 @@ def test_node_application_scan_integration(game_and_agent: Tuple[PrimaiteGame, P
# 4: Scan and check that the visible state is now correct
action = (
"node_application_scan",
{"node_name": "client_1", "application_name": "WebBrowser"},
"node-application-scan",
{"node_name": "client_1", "application_name": "web-browser"},
)
agent.store_action(action)
game.step()
@@ -517,13 +517,13 @@ def test_node_application_fix_integration(game_and_agent: Tuple[PrimaiteGame, Pr
# 1: Check that http traffic is going across the network nicely.
client_1 = game.simulation.network.get_node_by_hostname("client_1")
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser: WebBrowser = client_1.software_manager.software.get("web-browser")
browser.health_state_actual = SoftwareHealthState.COMPROMISED
# 2: Apply a fix action
action = (
"node_application_fix",
{"node_name": "client_1", "application_name": "WebBrowser"},
"node-application-fix",
{"node_name": "client_1", "application_name": "web-browser"},
)
agent.store_action(action)
game.step()
@@ -532,7 +532,7 @@ def test_node_application_fix_integration(game_and_agent: Tuple[PrimaiteGame, Pr
assert browser.health_state_actual == SoftwareHealthState.FIXING
# 4: perform a few do-nothing steps and check that the application is now in the good state
action = ("do_nothing", {})
action = ("do-nothing", {})
agent.store_action(action)
game.step()
assert browser.health_state_actual == SoftwareHealthState.GOOD
@@ -545,14 +545,14 @@ def test_node_application_close_integration(game_and_agent: Tuple[PrimaiteGame,
game, agent = game_and_agent
client_1 = game.simulation.network.get_node_by_hostname("client_1")
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser: WebBrowser = client_1.software_manager.software.get("web-browser")
browser.run()
assert browser.operating_state == ApplicationOperatingState.RUNNING
# 2: Apply a close action
action = (
"node_application_close",
{"node_name": "client_1", "application_name": "WebBrowser"},
"node-application-close",
{"node_name": "client_1", "application_name": "web-browser"},
)
agent.store_action(action)
game.step()
@@ -570,25 +570,25 @@ def test_node_application_install_and_uninstall_integration(game_and_agent: Tupl
client_1 = game.simulation.network.get_node_by_hostname("client_1")
assert client_1.software_manager.software.get("DoSBot") is None
assert client_1.software_manager.software.get("dos-bot") is None
action = (
"node_application_install",
{"node_name": "client_1", "application_name": "DoSBot"},
"node-application-install",
{"node_name": "client_1", "application_name": "dos-bot"},
)
agent.store_action(action)
game.step()
assert client_1.software_manager.software.get("DoSBot") is not None
assert client_1.software_manager.software.get("dos-bot") is not None
action = (
"node_application_remove",
{"node_name": "client_1", "application_name": "DoSBot"},
"node-application-remove",
{"node_name": "client_1", "application_name": "dos-bot"},
)
agent.store_action(action)
game.step()
assert client_1.software_manager.software.get("DoSBot") is None
assert client_1.software_manager.software.get("dos-bot") is None
def test_firewall_acl_add_remove_rule_integration():

34
tests/integration_tests/game_layer/test_rewards.py
View File

@@ -27,18 +27,18 @@ def test_WebpageUnavailablePenalty(game_and_agent: tuple[PrimaiteGame, Controlle
comp = WebpageUnavailablePenalty(config=schema)
client_1 = game.simulation.network.get_node_by_hostname("client_1")
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser: WebBrowser = client_1.software_manager.software.get("web-browser")
browser.run()
browser.config.target_url = "http://www.example.com"
agent.reward_function.register_component(comp, 0.7)
# Check that before trying to fetch the webpage, the reward is 0.0
agent.store_action(("do_nothing", {}))
agent.store_action(("do-nothing", {}))
game.step()
assert agent.reward_function.current_reward == 0.0
# Check that successfully fetching the webpage yields a reward of 0.7
agent.store_action(("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"}))
agent.store_action(("node-application-execute", {"node_name": "client_1", "application_name": "web-browser"}))
game.step()
assert agent.reward_function.current_reward == 0.7
@@ -50,7 +50,7 @@ def test_WebpageUnavailablePenalty(game_and_agent: tuple[PrimaiteGame, Controlle
src_port=PORT_LOOKUP["HTTP"],
dst_port=PORT_LOOKUP["HTTP"],
)
agent.store_action(("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"}))
agent.store_action(("node-application-execute", {"node_name": "client_1", "application_name": "web-browser"}))
game.step()
assert agent.reward_function.current_reward == -0.7
@@ -62,12 +62,12 @@ def test_uc2_rewards(game_and_agent: tuple[PrimaiteGame, ControlledAgent]):
server_1: Server = game.simulation.network.get_node_by_hostname("server_1")
server_1.software_manager.install(DatabaseService)
db_service = server_1.software_manager.software.get("DatabaseService")
db_service = server_1.software_manager.software.get("database-service")
db_service.start()
client_1 = game.simulation.network.get_node_by_hostname("client_1")
client_1.software_manager.install(DatabaseClient)
db_client: DatabaseClient = client_1.software_manager.software.get("DatabaseClient")
db_client: DatabaseClient = client_1.software_manager.software.get("database-client")
db_client.configure(server_ip_address=server_1.network_interface[1].ip_address)
db_client.run()
@@ -79,11 +79,11 @@ def test_uc2_rewards(game_and_agent: tuple[PrimaiteGame, ControlledAgent]):
schema = GreenAdminDatabaseUnreachablePenalty.ConfigSchema(node_hostname="client_1", sticky=True)
comp = GreenAdminDatabaseUnreachablePenalty(config=schema)
request = ["network", "node", "client_1", "application", "DatabaseClient", "execute"]
request = ["network", "node", "client_1", "application", "database-client", "execute"]
response = game.simulation.apply_request(request)
state = game.get_sim_state()
ahi = AgentHistoryItem(
timestep=0, action="node_application_execute", parameters={}, request=request, response=response
timestep=0, action="node-application-execute", parameters={}, request=request, response=response
)
reward_value = comp.calculate(state, last_action_response=ahi)
assert reward_value == 1.0
@@ -94,7 +94,7 @@ def test_uc2_rewards(game_and_agent: tuple[PrimaiteGame, ControlledAgent]):
response = game.simulation.apply_request(request)
state = game.get_sim_state()
ahi = AgentHistoryItem(
timestep=0, action="node_application_execute", parameters={}, request=request, response=response
timestep=0, action="node-application-execute", parameters={}, request=request, response=response
)
reward_value = comp.calculate(
state,
@@ -154,13 +154,13 @@ def test_action_penalty():
# Penalty = ActionPenalty(action_penalty=-0.75, do_nothing_penalty=0.125)
Penalty = ActionPenalty(config=schema)
# Assert that penalty is applied if action isn't do_nothing
# Assert that penalty is applied if action isn't do-nothing
reward_value = Penalty.calculate(
state={},
last_action_response=AgentHistoryItem(
timestep=0,
action="node_application_execute",
parameters={"node_name": "client", "application_name": "WebBrowser"},
action="node-application-execute",
parameters={"node_name": "client", "application_name": "web-browser"},
request=["execute"],
response=RequestResponse.from_bool(True),
),
@@ -168,14 +168,14 @@ def test_action_penalty():
assert reward_value == -0.75
# Assert that no penalty applied for a do_nothing action
# Assert that no penalty applied for a do-nothing action
reward_value = Penalty.calculate(
state={},
last_action_response=AgentHistoryItem(
timestep=0,
action="do_nothing",
action="do-nothing",
parameters={},
request=["do_nothing"],
request=["do-nothing"],
response=RequestResponse.from_bool(True),
),
)
@@ -192,12 +192,12 @@ def test_action_penalty_e2e(game_and_agent: tuple[PrimaiteGame, ControlledAgent]
agent.reward_function.register_component(comp, 1.0)
action = ("do_nothing", {})
action = ("do-nothing", {})
agent.store_action(action)
game.step()
assert agent.reward_function.current_reward == 0.125
action = ("node_file_scan", {"node_name": "client", "folder_name": "downloads", "file_name": "document.pdf"})
action = ("node-file-scan", {"node_name": "client", "folder_name": "downloads", "file_name": "document.pdf"})
agent.store_action(action)
game.step()
assert agent.reward_function.current_reward == -0.75

4
tests/integration_tests/network/test_bandwidth_load_checks_before_transmission.py
View File

@@ -19,11 +19,11 @@ def test_wireless_link_loading(wireless_wan_network):
airspace = router_1.airspace
client.software_manager.install(FTPClient)
ftp_client: FTPClient = client.software_manager.software.get("FTPClient")
ftp_client: FTPClient = client.software_manager.software.get("ftp-client")
ftp_client.start()
server.software_manager.install(FTPServer)
ftp_server: FTPServer = server.software_manager.software.get("FTPServer")
ftp_server: FTPServer = server.software_manager.software.get("ftp-server")
ftp_server.start()
client.file_system.create_file(file_name="mixtape", size=10 * 10**6, file_type=FileType.MP3, folder_name="music")

20
tests/integration_tests/network/test_broadcast.py
View File

@@ -15,13 +15,13 @@ from primaite.utils.validation.ip_protocol import PROTOCOL_LOOKUP
from primaite.utils.validation.port import PORT_LOOKUP
class BroadcastTestService(Service, discriminator="BroadcastTestService"):
class BroadcastTestService(Service, discriminator="broadcast-test-service"):
"""A service for sending broadcast and unicast messages over a network."""
class ConfigSchema(Service.ConfigSchema):
"""ConfigSchema for BroadcastTestService."""
type: str = "BroadcastTestService"
type: str = "broadcast-test-service"
config: "BroadcastTestService.ConfigSchema" = Field(default_factory=lambda: BroadcastTestService.ConfigSchema())
@@ -51,13 +51,13 @@ class BroadcastTestService(Service, discriminator="BroadcastTestService"):
)
class BroadcastTestClient(Application, discriminator="BroadcastTestClient"):
class BroadcastTestClient(Application, discriminator="broadcast-test-client"):
"""A client application to receive broadcast and unicast messages."""
class ConfigSchema(Service.ConfigSchema):
"""ConfigSchema for BroadcastTestClient."""
type: str = "BroadcastTestClient"
type: str = "broadcast-test-client"
config: ConfigSchema = Field(default_factory=lambda: BroadcastTestClient.ConfigSchema())
@@ -65,7 +65,7 @@ class BroadcastTestClient(Application, discriminator="BroadcastTestClient"):
def __init__(self, **kwargs):
# Set default client properties
kwargs["name"] = "BroadcastTestClient"
kwargs["name"] = "broadcast-test-client"
kwargs["port"] = PORT_LOOKUP["HTTP"]
kwargs["protocol"] = PROTOCOL_LOOKUP["TCP"]
super().__init__(**kwargs)
@@ -93,7 +93,7 @@ def broadcast_network() -> Network:
)
client_1.power_on()
client_1.software_manager.install(BroadcastTestClient)
application_1 = client_1.software_manager.software["BroadcastTestClient"]
application_1 = client_1.software_manager.software["broadcast-test-client"]
application_1.run()
client_2 = Computer(
@@ -105,7 +105,7 @@ def broadcast_network() -> Network:
)
client_2.power_on()
client_2.software_manager.install(BroadcastTestClient)
application_2 = client_2.software_manager.software["BroadcastTestClient"]
application_2 = client_2.software_manager.software["broadcast-test-client"]
application_2.run()
server_1 = Server(
@@ -136,13 +136,13 @@ def broadcast_service_and_clients(
broadcast_network,
) -> Tuple[BroadcastTestService, BroadcastTestClient, BroadcastTestClient]:
client_1: BroadcastTestClient = broadcast_network.get_node_by_hostname("client_1").software_manager.software[
"BroadcastTestClient"
"broadcast-test-client"
]
client_2: BroadcastTestClient = broadcast_network.get_node_by_hostname("client_2").software_manager.software[
"BroadcastTestClient"
"broadcast-test-client"
]
service: BroadcastTestService = broadcast_network.get_node_by_hostname("server_1").software_manager.software[
"BroadcastService"
"broadcast-service"
]
return service, client_1, client_2

6
tests/integration_tests/network/test_capture_nmne.py
View File

@@ -17,7 +17,7 @@ def test_capture_nmne(uc2_network: Network):
of the "DELETE" SQL command as a malicious network event.
"""
web_server: Server = uc2_network.get_node_by_hostname("web_server") # noqa
db_client: DatabaseClient = web_server.software_manager.software["DatabaseClient"] # noqa
db_client: DatabaseClient = web_server.software_manager.software["database-client"] # noqa
db_client_connection: DatabaseClientConnection = db_client.get_new_connection()
db_server: Server = uc2_network.get_node_by_hostname("database_server") # noqa
@@ -94,7 +94,7 @@ def test_describe_state_nmne(uc2_network: Network):
only shows MNEs since the last time describe_state was called.
"""
web_server: Server = uc2_network.get_node_by_hostname("web_server") # noqa
db_client: DatabaseClient = web_server.software_manager.software["DatabaseClient"] # noqa
db_client: DatabaseClient = web_server.software_manager.software["database-client"] # noqa
db_client_connection: DatabaseClientConnection = db_client.get_new_connection()
db_server: Server = uc2_network.get_node_by_hostname("database_server") # noqa
@@ -208,7 +208,7 @@ def test_capture_nmne_observations(uc2_network: Network):
sim.network = uc2_network
web_server: Server = uc2_network.get_node_by_hostname("web_server")
db_client: DatabaseClient = web_server.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = web_server.software_manager.software["database-client"]
db_client_connection: DatabaseClientConnection = db_client.get_new_connection()
# Set the NMNE configuration to capture DELETE/ENCRYPT queries as MNEs

14
tests/integration_tests/network/test_firewall.py
View File

@@ -90,7 +90,7 @@ def dmz_external_internal_network() -> Network:
)
external_node.power_on()
external_node.software_manager.install(NTPServer)
ntp_service: NTPServer = external_node.software_manager.software["NTPServer"]
ntp_service: NTPServer = external_node.software_manager.software["ntp-server"]
ntp_service.start()
# connect external node to firewall node
network.connect(endpoint_b=external_node.network_interface[1], endpoint_a=firewall_node.external_port)
@@ -105,7 +105,7 @@ def dmz_external_internal_network() -> Network:
)
internal_node.power_on()
internal_node.software_manager.install(NTPClient)
internal_ntp_client: NTPClient = internal_node.software_manager.software["NTPClient"]
internal_ntp_client: NTPClient = internal_node.software_manager.software["ntp-client"]
internal_ntp_client.configure(external_node.network_interface[1].ip_address)
internal_ntp_client.start()
# connect external node to firewall node
@@ -120,7 +120,7 @@ def dmz_external_internal_network() -> Network:
start_up_duration=0,
)
dmz_node.power_on()
dmz_ntp_client: NTPClient = dmz_node.software_manager.software["NTPClient"]
dmz_ntp_client: NTPClient = dmz_node.software_manager.software["ntp-client"]
dmz_ntp_client.configure(external_node.network_interface[1].ip_address)
dmz_ntp_client.start()
# connect external node to firewall node
@@ -214,8 +214,8 @@ def test_service_blocked(dmz_external_internal_network):
firewall = dmz_external_internal_network.get_node_by_hostname("firewall_1")
internal_node = dmz_external_internal_network.get_node_by_hostname("internal_node")
dmz_node = dmz_external_internal_network.get_node_by_hostname("dmz_node")
internal_ntp_client: NTPClient = internal_node.software_manager.software["NTPClient"]
dmz_ntp_client: NTPClient = dmz_node.software_manager.software["NTPClient"]
internal_ntp_client: NTPClient = internal_node.software_manager.software["ntp-client"]
dmz_ntp_client: NTPClient = dmz_node.software_manager.software["ntp-client"]
assert not internal_ntp_client.time
@@ -261,8 +261,8 @@ def test_service_allowed_with_rule(dmz_external_internal_network):
firewall = dmz_external_internal_network.get_node_by_hostname("firewall_1")
internal_node = dmz_external_internal_network.get_node_by_hostname("internal_node")
dmz_node = dmz_external_internal_network.get_node_by_hostname("dmz_node")
internal_ntp_client: NTPClient = internal_node.software_manager.software["NTPClient"]
dmz_ntp_client: NTPClient = dmz_node.software_manager.software["NTPClient"]
internal_ntp_client: NTPClient = internal_node.software_manager.software["ntp-client"]
dmz_ntp_client: NTPClient = dmz_node.software_manager.software["ntp-client"]
assert not internal_ntp_client.time

36
tests/integration_tests/network/test_multi_lan_internet_example_network.py
View File

@@ -12,7 +12,7 @@ def test_all_with_configured_dns_server_ip_can_resolve_url():
network = multi_lan_internet_network_example()
for node in network.nodes.values():
dns_client: DNSClient = node.software_manager.software.get("DNSClient")
dns_client: DNSClient = node.software_manager.software.get("dns-client")
if not dns_client:
continue
@@ -24,8 +24,8 @@ def test_all_with_configured_dns_server_ip_can_resolve_url():
def test_external_pcs_can_access_sometech_website():
network = multi_lan_internet_network_example()
pc_1_browser: WebBrowser = network.get_node_by_hostname("pc_1").software_manager.software["WebBrowser"]
pc_2_browser: WebBrowser = network.get_node_by_hostname("pc_2").software_manager.software["WebBrowser"]
pc_1_browser: WebBrowser = network.get_node_by_hostname("pc_1").software_manager.software["web-browser"]
pc_2_browser: WebBrowser = network.get_node_by_hostname("pc_2").software_manager.software["web-browser"]
assert pc_1_browser.get_webpage()
assert pc_2_browser.get_webpage()
@@ -34,8 +34,8 @@ def test_external_pcs_can_access_sometech_website():
def test_external_pcs_cannot_access_sometech_db():
network = multi_lan_internet_network_example()
pc_1_db_client: DatabaseClient = network.get_node_by_hostname("pc_1").software_manager.software["DatabaseClient"]
pc_2_db_client: DatabaseClient = network.get_node_by_hostname("pc_2").software_manager.software["DatabaseClient"]
pc_1_db_client: DatabaseClient = network.get_node_by_hostname("pc_1").software_manager.software["database-client"]
pc_2_db_client: DatabaseClient = network.get_node_by_hostname("pc_2").software_manager.software["database-client"]
assert not pc_1_db_client.get_new_connection()
assert not pc_2_db_client.get_new_connection()
@@ -47,8 +47,8 @@ def test_external_pcs_cannot_access_ftp_on_sometech_storage_server():
some_tech_storage_srv = network.get_node_by_hostname("some_tech_storage_srv")
some_tech_storage_srv.file_system.create_file(file_name="test.png")
pc_1_ftp_client: FTPClient = network.get_node_by_hostname("pc_1").software_manager.software["FTPClient"]
pc_2_ftp_client: FTPClient = network.get_node_by_hostname("pc_2").software_manager.software["FTPClient"]
pc_1_ftp_client: FTPClient = network.get_node_by_hostname("pc_1").software_manager.software["ftp-client"]
pc_2_ftp_client: FTPClient = network.get_node_by_hostname("pc_2").software_manager.software["ftp-client"]
assert not pc_1_ftp_client.request_file(
dest_ip_address=some_tech_storage_srv.network_interface[1].ip_address,
@@ -71,7 +71,7 @@ def test_sometech_webserver_can_access_sometech_db_server():
network = multi_lan_internet_network_example()
web_db_client: DatabaseClient = network.get_node_by_hostname("some_tech_web_srv").software_manager.software[
"DatabaseClient"
"database-client"
]
assert web_db_client.get_new_connection()
@@ -85,7 +85,7 @@ def test_sometech_webserver_cannot_access_ftp_on_sometech_storage_server():
web_server: Server = network.get_node_by_hostname("some_tech_web_srv")
web_server.software_manager.install(FTPClient)
web_ftp_client: FTPClient = web_server.software_manager.software["FTPClient"]
web_ftp_client: FTPClient = web_server.software_manager.software["ftp-client"]
assert not web_ftp_client.request_file(
dest_ip_address=some_tech_storage_srv.network_interface[1].ip_address,
@@ -101,13 +101,13 @@ def test_sometech_dev_pcs_can_access_sometech_website():
some_tech_snr_dev_pc: Computer = network.get_node_by_hostname("some_tech_snr_dev_pc")
snr_dev_browser: WebBrowser = some_tech_snr_dev_pc.software_manager.software["WebBrowser"]
snr_dev_browser: WebBrowser = some_tech_snr_dev_pc.software_manager.software["web-browser"]
assert snr_dev_browser.get_webpage()
some_tech_jnr_dev_pc: Computer = network.get_node_by_hostname("some_tech_jnr_dev_pc")
jnr_dev_browser: WebBrowser = some_tech_jnr_dev_pc.software_manager.software["WebBrowser"]
jnr_dev_browser: WebBrowser = some_tech_jnr_dev_pc.software_manager.software["web-browser"]
assert jnr_dev_browser.get_webpage()
@@ -116,12 +116,12 @@ def test_sometech_dev_pcs_can_connect_to_sometech_db_server():
network = multi_lan_internet_network_example()
some_tech_snr_dev_pc: Computer = network.get_node_by_hostname("some_tech_snr_dev_pc")
snr_dev_db_client: DatabaseClient = some_tech_snr_dev_pc.software_manager.software["DatabaseClient"]
snr_dev_db_client: DatabaseClient = some_tech_snr_dev_pc.software_manager.software["database-client"]
assert snr_dev_db_client.get_new_connection()
some_tech_jnr_dev_pc: Computer = network.get_node_by_hostname("some_tech_jnr_dev_pc")
jnr_dev_db_client: DatabaseClient = some_tech_jnr_dev_pc.software_manager.software["DatabaseClient"]
jnr_dev_db_client: DatabaseClient = some_tech_jnr_dev_pc.software_manager.software["database-client"]
assert jnr_dev_db_client.get_new_connection()
@@ -133,7 +133,7 @@ def test_sometech_snr_dev_can_access_ftp_on_sometech_storage_server():
some_tech_storage_srv.file_system.create_file(file_name="test.png")
some_tech_snr_dev_pc: Computer = network.get_node_by_hostname("some_tech_snr_dev_pc")
snr_dev_ftp_client: FTPClient = some_tech_snr_dev_pc.software_manager.software["FTPClient"]
snr_dev_ftp_client: FTPClient = some_tech_snr_dev_pc.software_manager.software["ftp-client"]
assert snr_dev_ftp_client.request_file(
dest_ip_address=some_tech_storage_srv.network_interface[1].ip_address,
@@ -151,7 +151,7 @@ def test_sometech_jnr_dev_cannot_access_ftp_on_sometech_storage_server():
some_tech_storage_srv.file_system.create_file(file_name="test.png")
some_tech_jnr_dev_pc: Computer = network.get_node_by_hostname("some_tech_jnr_dev_pc")
jnr_dev_ftp_client: FTPClient = some_tech_jnr_dev_pc.software_manager.software["FTPClient"]
jnr_dev_ftp_client: FTPClient = some_tech_jnr_dev_pc.software_manager.software["ftp-client"]
assert not jnr_dev_ftp_client.request_file(
dest_ip_address=some_tech_storage_srv.network_interface[1].ip_address,
@@ -167,7 +167,7 @@ def test_sometech_hr_pc_can_access_sometech_website():
some_tech_hr_pc: Computer = network.get_node_by_hostname("some_tech_hr_1")
hr_browser: WebBrowser = some_tech_hr_pc.software_manager.software["WebBrowser"]
hr_browser: WebBrowser = some_tech_hr_pc.software_manager.software["web-browser"]
assert hr_browser.get_webpage()
@@ -177,7 +177,7 @@ def test_sometech_hr_pc_cannot_access_sometech_db():
some_tech_hr_pc: Computer = network.get_node_by_hostname("some_tech_hr_1")
hr_db_client: DatabaseClient = some_tech_hr_pc.software_manager.software["DatabaseClient"]
hr_db_client: DatabaseClient = some_tech_hr_pc.software_manager.software["database-client"]
assert not hr_db_client.get_new_connection()
@@ -189,7 +189,7 @@ def test_sometech_hr_pc_cannot_access_ftp_on_sometech_storage_server():
some_tech_storage_srv.file_system.create_file(file_name="test.png")
some_tech_hr_pc: Computer = network.get_node_by_hostname("some_tech_hr_1")
hr_ftp_client: FTPClient = some_tech_hr_pc.software_manager.software["FTPClient"]
hr_ftp_client: FTPClient = some_tech_hr_pc.software_manager.software["ftp-client"]
assert not hr_ftp_client.request_file(
dest_ip_address=some_tech_storage_srv.network_interface[1].ip_address,

4
tests/integration_tests/network/test_routing.py
View File

@@ -188,11 +188,11 @@ def test_routing_services(multi_hop_network):
pc_b = multi_hop_network.get_node_by_hostname("pc_b")
pc_a.software_manager.install(NTPClient)
ntp_client = pc_a.software_manager.software["NTPClient"]
ntp_client = pc_a.software_manager.software["ntp-client"]
ntp_client.start()
pc_b.software_manager.install(NTPServer)
pc_b.software_manager.software["NTPServer"].start()
pc_b.software_manager.software["ntp-server"].start()
ntp_client.configure(ntp_server_ip_address=pc_b.network_interface[1].ip_address)

2
tests/integration_tests/network/test_users_creation_from_config.py
View File

@@ -15,7 +15,7 @@ def test_users_from_config():
client_1 = network.get_node_by_hostname("client_1")
user_manager: UserManager = client_1.software_manager.software["UserManager"]
user_manager: UserManager = client_1.software_manager.software["user-manager"]
assert len(user_manager.users) == 3

24
tests/integration_tests/system/red_applications/test_c2_suite_integration.py
View File

@@ -99,15 +99,15 @@ def basic_network() -> Network:
def setup_c2(given_network: Network):
"""Installs the C2 Beacon & Server, configures and then returns."""
computer_a: Computer = given_network.get_node_by_hostname("node_a")
c2_server: C2Server = computer_a.software_manager.software.get("C2Server")
c2_server: C2Server = computer_a.software_manager.software.get("c2-server")
computer_a.software_manager.install(DatabaseService)
computer_a.software_manager.software["DatabaseService"].start()
computer_a.software_manager.software["database-service"].start()
computer_b: Computer = given_network.get_node_by_hostname("node_b")
c2_beacon: C2Beacon = computer_b.software_manager.software.get("C2Beacon")
c2_beacon: C2Beacon = computer_b.software_manager.software.get("c2-beacon")
computer_b.software_manager.install(DatabaseClient)
computer_b.software_manager.software["DatabaseClient"].configure(server_ip_address=IPv4Address("192.168.0.2"))
computer_b.software_manager.software["DatabaseClient"].run()
computer_b.software_manager.software["database-client"].configure(server_ip_address=IPv4Address("192.168.0.2"))
computer_b.software_manager.software["database-client"].run()
c2_beacon.configure(c2_server_ip_address="192.168.0.2", keep_alive_frequency=2)
c2_server.run()
@@ -177,9 +177,9 @@ def test_c2_suite_configure_request(basic_network):
"masquerade_port": 80,
}
network.apply_request(["node", "node_b", "application", "C2Beacon", "configure", c2_beacon_config])
network.apply_request(["node", "node_b", "application", "c2-beacon", "configure", c2_beacon_config])
network.apply_timestep(0)
network.apply_request(["node", "node_b", "application", "C2Beacon", "execute"])
network.apply_request(["node", "node_b", "application", "c2-beacon", "execute"])
assert c2_beacon.c2_connection_active is True
assert c2_server.c2_connection_active is True
@@ -195,13 +195,13 @@ def test_c2_suite_ransomware_commands(basic_network):
# Testing Via Requests:
computer_b.software_manager.install(software_class=RansomwareScript)
ransomware_config = {"server_ip_address": "192.168.0.2"}
network.apply_request(["node", "node_a", "application", "C2Server", "ransomware_configure", ransomware_config])
network.apply_request(["node", "node_a", "application", "c2-server", "ransomware_configure", ransomware_config])
ransomware_script: RansomwareScript = computer_b.software_manager.software["RansomwareScript"]
ransomware_script: RansomwareScript = computer_b.software_manager.software["ransomware-script"]
assert ransomware_script.server_ip_address == "192.168.0.2"
network.apply_request(["node", "node_a", "application", "C2Server", "ransomware_launch"])
network.apply_request(["node", "node_a", "application", "c2-server", "ransomware_launch"])
database_file = computer_a.software_manager.file_system.get_file("database", "database.db")
@@ -491,10 +491,10 @@ def test_c2_suite_yaml():
yaml_network = game.simulation.network
computer_a: Computer = yaml_network.get_node_by_hostname("node_a")
c2_server: C2Server = computer_a.software_manager.software.get("C2Server")
c2_server: C2Server = computer_a.software_manager.software.get("c2-server")
computer_b: Computer = yaml_network.get_node_by_hostname("node_b")
c2_beacon: C2Beacon = computer_b.software_manager.software.get("C2Beacon")
c2_beacon: C2Beacon = computer_b.software_manager.software.get("c2-beacon")
c2_beacon.configure(
c2_server_ip_address=c2_beacon.config.c2_server_ip_address,
keep_alive_frequency=c2_beacon.config.keep_alive_frequency,

20
tests/integration_tests/system/red_applications/test_data_manipulation_bot_and_server.py
View File

@@ -27,20 +27,20 @@ def data_manipulation_bot_and_db_server(client_server) -> Tuple[DataManipulation
# install db client on computer
computer.software_manager.install(DatabaseClient)
db_client: DatabaseClient = computer.software_manager.software.get("DatabaseClient")
db_client: DatabaseClient = computer.software_manager.software.get("database-client")
db_client.run()
# Install DoSBot on computer
computer.software_manager.install(DataManipulationBot)
data_manipulation_bot: DataManipulationBot = computer.software_manager.software.get("DataManipulationBot")
data_manipulation_bot: DataManipulationBot = computer.software_manager.software.get("data-manipulation-bot")
data_manipulation_bot.configure(
server_ip_address=IPv4Address(server.network_interface[1].ip_address), payload="DELETE"
)
# Install DB Server service on server
server.software_manager.install(DatabaseService)
db_server_service: DatabaseService = server.software_manager.software.get("DatabaseService")
db_server_service: DatabaseService = server.software_manager.software.get("database-service")
db_server_service.start()
return data_manipulation_bot, computer, db_server_service, server
@@ -64,26 +64,26 @@ def data_manipulation_db_server_green_client(example_network) -> Network:
# install db client on client 1
client_1.software_manager.install(DatabaseClient)
db_client: DatabaseClient = client_1.software_manager.software.get("DatabaseClient")
db_client: DatabaseClient = client_1.software_manager.software.get("database-client")
db_client.run()
# install Data Manipulation bot on client 1
client_1.software_manager.install(DataManipulationBot)
data_manipulation_bot: DataManipulationBot = client_1.software_manager.software.get("DataManipulationBot")
data_manipulation_bot: DataManipulationBot = client_1.software_manager.software.get("data-manipulation-bot")
data_manipulation_bot.configure(
server_ip_address=IPv4Address(server.network_interface[1].ip_address), payload="DELETE"
)
# install db server service on server
server.software_manager.install(DatabaseService)
db_server_service: DatabaseService = server.software_manager.software.get("DatabaseService")
db_server_service: DatabaseService = server.software_manager.software.get("database-service")
db_server_service.start()
# Install DB client (green) on client 2
client_2.software_manager.install(DatabaseClient)
database_client: DatabaseClient = client_2.software_manager.software.get("DatabaseClient")
database_client: DatabaseClient = client_2.software_manager.software.get("database-client")
database_client.configure(server_ip_address=IPv4Address(server.network_interface[1].ip_address))
database_client.run()
@@ -137,13 +137,13 @@ def test_data_manipulation_disrupts_green_agent_connection(data_manipulation_db_
network: Network = data_manipulation_db_server_green_client
client_1: Computer = network.get_node_by_hostname("client_1")
data_manipulation_bot: DataManipulationBot = client_1.software_manager.software.get("DataManipulationBot")
data_manipulation_bot: DataManipulationBot = client_1.software_manager.software.get("data-manipulation-bot")
client_2: Computer = network.get_node_by_hostname("client_2")
green_db_client: DatabaseClient = client_2.software_manager.software.get("DatabaseClient")
green_db_client: DatabaseClient = client_2.software_manager.software.get("database-client")
server: Server = network.get_node_by_hostname("server_1")
db_server_service: DatabaseService = server.software_manager.software.get("DatabaseService")
db_server_service: DatabaseService = server.software_manager.software.get("database-service")
green_db_connection: DatabaseClientConnection = green_db_client.get_new_connection()

16
tests/integration_tests/system/red_applications/test_dos_bot_and_server.py
View File

@@ -23,7 +23,7 @@ def dos_bot_and_db_server(client_server) -> Tuple[DoSBot, Computer, DatabaseServ
# Install DoSBot on computer
computer.software_manager.install(DoSBot)
dos_bot: DoSBot = computer.software_manager.software.get("DoSBot")
dos_bot: DoSBot = computer.software_manager.software.get("dos-bot")
dos_bot.configure(
target_ip_address=IPv4Address(server.network_interface[1].ip_address),
target_port=PORT_LOOKUP["POSTGRES_SERVER"],
@@ -31,7 +31,7 @@ def dos_bot_and_db_server(client_server) -> Tuple[DoSBot, Computer, DatabaseServ
# Install DB Server service on server
server.software_manager.install(DatabaseService)
db_server_service: DatabaseService = server.software_manager.software.get("DatabaseService")
db_server_service: DatabaseService = server.software_manager.software.get("database-service")
db_server_service.start()
return dos_bot, computer, db_server_service, server
@@ -56,7 +56,7 @@ def dos_bot_db_server_green_client(example_network) -> Network:
# install DoS bot on client 1
client_1.software_manager.install(DoSBot)
dos_bot: DoSBot = client_1.software_manager.software.get("DoSBot")
dos_bot: DoSBot = client_1.software_manager.software.get("dos-bot")
dos_bot.configure(
target_ip_address=IPv4Address(server.network_interface[1].ip_address),
target_port=PORT_LOOKUP["POSTGRES_SERVER"],
@@ -64,13 +64,13 @@ def dos_bot_db_server_green_client(example_network) -> Network:
# install db server service on server
server.software_manager.install(DatabaseService)
db_server_service: DatabaseService = server.software_manager.software.get("DatabaseService")
db_server_service: DatabaseService = server.software_manager.software.get("database-service")
db_server_service.start()
# Install DB client (green) on client 2
client_2.software_manager.install(DatabaseClient)
database_client: DatabaseClient = client_2.software_manager.software.get("DatabaseClient")
database_client: DatabaseClient = client_2.software_manager.software.get("database-client")
database_client.configure(server_ip_address=IPv4Address("192.168.0.1"))
database_client.run()
@@ -159,13 +159,13 @@ def test_dos_blocks_green_agent_connection(dos_bot_db_server_green_client):
network: Network = dos_bot_db_server_green_client
client_1: Computer = network.get_node_by_hostname("client_1")
dos_bot: DoSBot = client_1.software_manager.software.get("DoSBot")
dos_bot: DoSBot = client_1.software_manager.software.get("dos-bot")
client_2: Computer = network.get_node_by_hostname("client_2")
green_db_client: DatabaseClient = client_2.software_manager.software.get("DatabaseClient")
green_db_client: DatabaseClient = client_2.software_manager.software.get("database-client")
server: Server = network.get_node_by_hostname("server_1")
db_server_service: DatabaseService = server.software_manager.software.get("DatabaseService")
db_server_service: DatabaseService = server.software_manager.software.get("database-service")
assert db_server_service.health_state_actual is SoftwareHealthState.GOOD

20
tests/integration_tests/system/red_applications/test_ransomware_script.py
View File

@@ -22,20 +22,20 @@ def ransomware_script_and_db_server(client_server) -> Tuple[RansomwareScript, Co
# install db client on computer
computer.software_manager.install(DatabaseClient)
db_client: DatabaseClient = computer.software_manager.software.get("DatabaseClient")
db_client: DatabaseClient = computer.software_manager.software.get("database-client")
db_client.run()
# Install DoSBot on computer
computer.software_manager.install(RansomwareScript)
ransomware_script_application: RansomwareScript = computer.software_manager.software.get("RansomwareScript")
ransomware_script_application: RansomwareScript = computer.software_manager.software.get("ransomware-script")
ransomware_script_application.configure(
server_ip_address=IPv4Address(server.network_interface[1].ip_address), payload="ENCRYPT"
)
# Install DB Server service on server
server.software_manager.install(DatabaseService)
db_server_service: DatabaseService = server.software_manager.software.get("DatabaseService")
db_server_service: DatabaseService = server.software_manager.software.get("database-service")
db_server_service.start()
return ransomware_script_application, computer, db_server_service, server
@@ -59,26 +59,26 @@ def ransomware_script_db_server_green_client(example_network) -> Network:
# install db client on client 1
client_1.software_manager.install(DatabaseClient)
db_client: DatabaseClient = client_1.software_manager.software.get("DatabaseClient")
db_client: DatabaseClient = client_1.software_manager.software.get("database-client")
db_client.run()
# install Ransomware Script bot on client 1
client_1.software_manager.install(RansomwareScript)
ransomware_script_application: RansomwareScript = client_1.software_manager.software.get("RansomwareScript")
ransomware_script_application: RansomwareScript = client_1.software_manager.software.get("ransomware-script")
ransomware_script_application.configure(
server_ip_address=IPv4Address(server.network_interface[1].ip_address), payload="ENCRYPT"
)
# install db server service on server
server.software_manager.install(DatabaseService)
db_server_service: DatabaseService = server.software_manager.software.get("DatabaseService")
db_server_service: DatabaseService = server.software_manager.software.get("database-service")
db_server_service.start()
# Install DB client (green) on client 2
client_2.software_manager.install(DatabaseClient)
database_client: DatabaseClient = client_2.software_manager.software.get("DatabaseClient")
database_client: DatabaseClient = client_2.software_manager.software.get("database-client")
database_client.configure(server_ip_address=IPv4Address(server.network_interface[1].ip_address))
database_client.run()
@@ -110,15 +110,15 @@ def test_ransomware_disrupts_green_agent_connection(ransomware_script_db_server_
network: Network = ransomware_script_db_server_green_client
client_1: Computer = network.get_node_by_hostname("client_1")
ransomware_script_application: RansomwareScript = client_1.software_manager.software.get("RansomwareScript")
ransomware_script_application: RansomwareScript = client_1.software_manager.software.get("ransomware-script")
client_2: Computer = network.get_node_by_hostname("client_2")
green_db_client: DatabaseClient = client_2.software_manager.software.get("DatabaseClient")
green_db_client: DatabaseClient = client_2.software_manager.software.get("database-client")
green_db_client.connect()
green_db_client_connection: DatabaseClientConnection = green_db_client.get_new_connection()
server: Server = network.get_node_by_hostname("server_1")
db_server_service: DatabaseService = server.software_manager.software.get("DatabaseService")
db_server_service: DatabaseService = server.software_manager.software.get("database-service")
assert db_server_service.db_file.health_status is FileSystemItemHealthStatus.GOOD
assert green_db_client.query("SELECT") is True

4
tests/integration_tests/system/test_application_on_node.py
View File

@@ -21,7 +21,7 @@ def populated_node(application_class) -> Tuple[Application, Computer]:
computer.power_on()
computer.software_manager.install(application_class)
app = computer.software_manager.software.get("DummyApplication")
app = computer.software_manager.software.get("dummy-application")
app.run()
return app, computer
@@ -39,7 +39,7 @@ def test_application_on_offline_node(application_class):
)
computer.software_manager.install(application_class)
app: Application = computer.software_manager.software.get("DummyApplication")
app: Application = computer.software_manager.software.get("dummy-application")
computer.power_off()

74
tests/integration_tests/system/test_database_on_node.py
View File

@@ -31,11 +31,11 @@ def peer_to_peer() -> Tuple[Computer, Computer]:
assert node_a.ping("192.168.0.11")
node_a.software_manager.install(DatabaseClient)
node_a.software_manager.software["DatabaseClient"].configure(server_ip_address=IPv4Address("192.168.0.11"))
node_a.software_manager.software["DatabaseClient"].run()
node_a.software_manager.software["database-client"].configure(server_ip_address=IPv4Address("192.168.0.11"))
node_a.software_manager.software["database-client"].run()
node_b.software_manager.install(DatabaseService)
database_service: DatabaseService = node_b.software_manager.software["DatabaseService"] # noqa
database_service: DatabaseService = node_b.software_manager.software["database-service"] # noqa
database_service.start()
return node_a, node_b
@@ -44,7 +44,7 @@ def peer_to_peer() -> Tuple[Computer, Computer]:
def peer_to_peer_secure_db(peer_to_peer) -> Tuple[Computer, Computer]:
node_a, node_b = peer_to_peer
database_service: DatabaseService = node_b.software_manager.software["DatabaseService"] # noqa
database_service: DatabaseService = node_b.software_manager.software["database-service"] # noqa
database_service.stop()
database_service.password = "12345"
database_service.start()
@@ -54,9 +54,9 @@ def peer_to_peer_secure_db(peer_to_peer) -> Tuple[Computer, Computer]:
def test_database_client_server_connection(peer_to_peer):
node_a, node_b = peer_to_peer
db_client: DatabaseClient = node_a.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = node_a.software_manager.software["database-client"]
db_service: DatabaseService = node_b.software_manager.software["DatabaseService"]
db_service: DatabaseService = node_b.software_manager.software["database-service"]
db_client.connect()
@@ -71,9 +71,9 @@ def test_database_client_server_connection(peer_to_peer):
def test_database_client_server_correct_password(peer_to_peer_secure_db):
node_a, node_b = peer_to_peer_secure_db
db_client: DatabaseClient = node_a.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = node_a.software_manager.software["database-client"]
db_service: DatabaseService = node_b.software_manager.software["DatabaseService"]
db_service: DatabaseService = node_b.software_manager.software["database-service"]
db_client.configure(server_ip_address=IPv4Address("192.168.0.11"), server_password="12345")
db_client.connect()
@@ -84,9 +84,9 @@ def test_database_client_server_correct_password(peer_to_peer_secure_db):
def test_database_client_server_incorrect_password(peer_to_peer_secure_db):
node_a, node_b = peer_to_peer_secure_db
db_client: DatabaseClient = node_a.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = node_a.software_manager.software["database-client"]
db_service: DatabaseService = node_b.software_manager.software["DatabaseService"]
db_service: DatabaseService = node_b.software_manager.software["database-service"]
# should fail
db_client.connect()
@@ -102,7 +102,7 @@ def test_database_client_server_incorrect_password(peer_to_peer_secure_db):
def test_database_client_native_connection_query(uc2_network):
"""Tests DB query across the network returns HTTP status 200 and date."""
web_server: Server = uc2_network.get_node_by_hostname("web_server")
db_client: DatabaseClient = web_server.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = web_server.software_manager.software["database-client"]
db_client.connect()
assert db_client.query(sql="SELECT")
assert db_client.query(sql="INSERT")
@@ -111,7 +111,7 @@ def test_database_client_native_connection_query(uc2_network):
def test_database_client_connection_query(uc2_network):
"""Tests DB query across the network returns HTTP status 200 and date."""
web_server: Server = uc2_network.get_node_by_hostname("web_server")
db_client: DatabaseClient = web_server.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = web_server.software_manager.software["database-client"]
db_connection: DatabaseClientConnection = db_client.get_new_connection()
@@ -122,13 +122,13 @@ def test_database_client_connection_query(uc2_network):
def test_create_database_backup(uc2_network):
"""Run the backup_database method and check if the FTP server has the relevant file."""
db_server: Server = uc2_network.get_node_by_hostname("database_server")
db_service: DatabaseService = db_server.software_manager.software["DatabaseService"]
db_service: DatabaseService = db_server.software_manager.software["database-service"]
# back up should be created
assert db_service.backup_database() is True
backup_server: Server = uc2_network.get_node_by_hostname("backup_server")
ftp_server: FTPServer = backup_server.software_manager.software["FTPServer"]
ftp_server: FTPServer = backup_server.software_manager.software["ftp-server"]
# backup file should exist in the backup server
assert ftp_server.file_system.get_file(folder_name=db_service.uuid, file_name="database.db") is not None
@@ -137,7 +137,7 @@ def test_create_database_backup(uc2_network):
def test_restore_backup(uc2_network):
"""Run the restore_backup method and check if the backup is properly restored."""
db_server: Server = uc2_network.get_node_by_hostname("database_server")
db_service: DatabaseService = db_server.software_manager.software["DatabaseService"]
db_service: DatabaseService = db_server.software_manager.software["database-service"]
# create a back up
assert db_service.backup_database() is True
@@ -156,7 +156,7 @@ def test_restore_backup(uc2_network):
def test_restore_backup_without_updating_scan(uc2_network):
"""Same test as restore backup but the file is previously seen as corrupted."""
db_server: Server = uc2_network.get_node_by_hostname("database_server")
db_service: DatabaseService = db_server.software_manager.software["DatabaseService"]
db_service: DatabaseService = db_server.software_manager.software["database-service"]
# create a back up
assert db_service.backup_database() is True
@@ -184,7 +184,7 @@ def test_restore_backup_without_updating_scan(uc2_network):
def test_restore_backup_after_deleting_file_without_updating_scan(uc2_network):
"""Same test as restore backup but the file is previously seen as corrupted."""
db_server: Server = uc2_network.get_node_by_hostname("database_server")
db_service: DatabaseService = db_server.software_manager.software["DatabaseService"]
db_service: DatabaseService = db_server.software_manager.software["database-service"]
assert db_service.backup_database() is True
@@ -217,7 +217,7 @@ def test_restore_backup_after_deleting_file_without_updating_scan(uc2_network):
def test_database_service_fix(uc2_network):
"""Test that the software fix applies to database service."""
db_server: Server = uc2_network.get_node_by_hostname("database_server")
db_service: DatabaseService = db_server.software_manager.software["DatabaseService"]
db_service: DatabaseService = db_server.software_manager.software["database-service"]
assert db_service.backup_database() is True
@@ -242,10 +242,10 @@ def test_database_service_fix(uc2_network):
def test_database_cannot_be_queried_while_fixing(uc2_network):
"""Tests that the database service cannot be queried if the service is being fixed."""
db_server: Server = uc2_network.get_node_by_hostname("database_server")
db_service: DatabaseService = db_server.software_manager.software["DatabaseService"]
db_service: DatabaseService = db_server.software_manager.software["database-service"]
web_server: Server = uc2_network.get_node_by_hostname("web_server")
db_client: DatabaseClient = web_server.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = web_server.software_manager.software["database-client"]
db_connection: DatabaseClientConnection = db_client.get_new_connection()
@@ -279,10 +279,10 @@ def test_database_cannot_be_queried_while_fixing(uc2_network):
def test_database_can_create_connection_while_fixing(uc2_network):
"""Tests that connections cannot be created while the database is being fixed."""
db_server: Server = uc2_network.get_node_by_hostname("database_server")
db_service: DatabaseService = db_server.software_manager.software["DatabaseService"]
db_service: DatabaseService = db_server.software_manager.software["database-service"]
client_2: Server = uc2_network.get_node_by_hostname("client_2")
db_client: DatabaseClient = client_2.software_manager.software["DatabaseClient"]
db_client: DatabaseClient = client_2.software_manager.software["database-client"]
db_connection: DatabaseClientConnection = db_client.get_new_connection()
@@ -321,13 +321,13 @@ def test_database_can_create_connection_while_fixing(uc2_network):
def test_database_client_cannot_query_offline_database_server(uc2_network):
"""Tests DB query across the network returns HTTP status 404 when db server is offline."""
db_server: Server = uc2_network.get_node_by_hostname("database_server")
db_service: DatabaseService = db_server.software_manager.software.get("DatabaseService")
db_service: DatabaseService = db_server.software_manager.software.get("database-service")
assert db_server.operating_state is NodeOperatingState.ON
assert db_service.operating_state is ServiceOperatingState.RUNNING
web_server: Server = uc2_network.get_node_by_hostname("web_server")
db_client: DatabaseClient = web_server.software_manager.software.get("DatabaseClient")
db_client: DatabaseClient = web_server.software_manager.software.get("database-client")
db_client.connect()
assert len(db_client.client_connections)
@@ -351,8 +351,8 @@ def test_database_client_cannot_query_offline_database_server(uc2_network):
def test_database_client_uninstall_terminates_connections(peer_to_peer):
node_a, node_b = peer_to_peer
db_client: DatabaseClient = node_a.software_manager.software["DatabaseClient"]
db_service: DatabaseService = node_b.software_manager.software["DatabaseService"] # noqa
db_client: DatabaseClient = node_a.software_manager.software["database-client"]
db_service: DatabaseService = node_b.software_manager.software["database-service"] # noqa
db_connection: DatabaseClientConnection = db_client.get_new_connection()
@@ -366,7 +366,7 @@ def test_database_client_uninstall_terminates_connections(peer_to_peer):
assert db_connection.query("SELECT")
# Perform the DatabaseClient uninstall
node_a.software_manager.uninstall("DatabaseClient")
node_a.software_manager.uninstall("database-client")
# Check that all connection counters are updated accordingly and client connection can no longer query the database
assert len(db_service.connections) == 0
@@ -381,8 +381,8 @@ def test_database_client_uninstall_terminates_connections(peer_to_peer):
def test_database_service_can_terminate_connection(peer_to_peer):
node_a, node_b = peer_to_peer
db_client: DatabaseClient = node_a.software_manager.software["DatabaseClient"]
db_service: DatabaseService = node_b.software_manager.software["DatabaseService"] # noqa
db_client: DatabaseClient = node_a.software_manager.software["database-client"]
db_service: DatabaseService = node_b.software_manager.software["database-service"] # noqa
db_connection: DatabaseClientConnection = db_client.get_new_connection()
@@ -418,7 +418,7 @@ def test_client_connection_terminate_does_not_terminate_another_clients_connecti
db_server.power_on()
db_server.software_manager.install(DatabaseService)
db_service: DatabaseService = db_server.software_manager.software["DatabaseService"] # noqa
db_service: DatabaseService = db_server.software_manager.software["database-service"] # noqa
db_service.start()
client_a = Computer(
@@ -427,8 +427,8 @@ def test_client_connection_terminate_does_not_terminate_another_clients_connecti
client_a.power_on()
client_a.software_manager.install(DatabaseClient)
client_a.software_manager.software["DatabaseClient"].configure(server_ip_address=IPv4Address("192.168.0.11"))
client_a.software_manager.software["DatabaseClient"].run()
client_a.software_manager.software["database-client"].configure(server_ip_address=IPv4Address("192.168.0.11"))
client_a.software_manager.software["database-client"].run()
client_b = Computer(
hostname="client_b", ip_address="192.168.0.13", subnet_mask="255.255.255.0", start_up_duration=0
@@ -436,8 +436,8 @@ def test_client_connection_terminate_does_not_terminate_another_clients_connecti
client_b.power_on()
client_b.software_manager.install(DatabaseClient)
client_b.software_manager.software["DatabaseClient"].configure(server_ip_address=IPv4Address("192.168.0.11"))
client_b.software_manager.software["DatabaseClient"].run()
client_b.software_manager.software["database-client"].configure(server_ip_address=IPv4Address("192.168.0.11"))
client_b.software_manager.software["database-client"].run()
switch = Switch(hostname="switch", start_up_duration=0, num_ports=3)
switch.power_on()
@@ -446,13 +446,13 @@ def test_client_connection_terminate_does_not_terminate_another_clients_connecti
network.connect(endpoint_a=switch.network_interface[2], endpoint_b=client_a.network_interface[1])
network.connect(endpoint_a=switch.network_interface[3], endpoint_b=client_b.network_interface[1])
db_client_a: DatabaseClient = client_a.software_manager.software["DatabaseClient"] # noqa
db_client_a: DatabaseClient = client_a.software_manager.software["database-client"] # noqa
db_connection_a = db_client_a.get_new_connection()
assert db_connection_a.query("SELECT")
assert len(db_service.connections) == 1
db_client_b: DatabaseClient = client_b.software_manager.software["DatabaseClient"] # noqa
db_client_b: DatabaseClient = client_b.software_manager.software["database-client"] # noqa
db_connection_b = db_client_b.get_new_connection()
assert db_connection_b.query("SELECT")
@@ -467,4 +467,4 @@ def test_client_connection_terminate_does_not_terminate_another_clients_connecti
def test_database_server_install_ftp_client():
server = Server(hostname="db_server", ip_address="192.168.1.2", subnet_mask="255.255.255.0", start_up_duration=0)
server.software_manager.install(DatabaseService)
assert server.software_manager.software.get("FTPClient")
assert server.software_manager.software.get("ftp-client")

4
tests/integration_tests/system/test_dns_client_server.py
View File

@@ -18,14 +18,14 @@ def dns_client_and_dns_server(client_server) -> Tuple[DNSClient, Computer, DNSSe
# Install DNS Client on computer
computer.software_manager.install(DNSClient)
dns_client: DNSClient = computer.software_manager.software.get("DNSClient")
dns_client: DNSClient = computer.software_manager.software.get("dns-client")
dns_client.start()
# set server as DNS Server
dns_client.dns_server = IPv4Address(server.network_interfaces.get(next(iter(server.network_interfaces))).ip_address)
# Install DNS Server on server
server.software_manager.install(DNSServer)
dns_server: DNSServer = server.software_manager.software.get("DNSServer")
dns_server: DNSServer = server.software_manager.software.get("dns-server")
dns_server.start()
# register arcd.com as a domain
dns_server.dns_register(

4
tests/integration_tests/system/test_ftp_client_server.py
View File

@@ -17,12 +17,12 @@ def ftp_client_and_ftp_server(client_server) -> Tuple[FTPClient, Computer, FTPSe
# Install FTP Client service on computer
computer.software_manager.install(FTPClient)
ftp_client: FTPClient = computer.software_manager.software.get("FTPClient")
ftp_client: FTPClient = computer.software_manager.software.get("ftp-client")
ftp_client.start()
# Install FTP Server service on server
server.software_manager.install(FTPServer)
ftp_server: FTPServer = server.software_manager.software.get("FTPServer")
ftp_server: FTPServer = server.software_manager.software.get("ftp-server")
ftp_server.start()
return ftp_client, computer, ftp_server, server

14
tests/integration_tests/system/test_nmap.py
View File

@@ -15,7 +15,7 @@ def test_ping_scan_all_on(example_network):
network = example_network
client_1 = network.get_node_by_hostname("client_1")
client_1_nmap: NMAP = client_1.software_manager.software["NMAP"] # noqa
client_1_nmap: NMAP = client_1.software_manager.software["nmap"] # noqa
expected_result = [IPv4Address("192.168.1.10"), IPv4Address("192.168.1.14")]
actual_result = client_1_nmap.ping_scan(target_ip_address=["192.168.1.10", "192.168.1.14"])
@@ -27,7 +27,7 @@ def test_ping_scan_all_on_full_network(example_network):
network = example_network
client_1 = network.get_node_by_hostname("client_1")
client_1_nmap: NMAP = client_1.software_manager.software["NMAP"] # noqa
client_1_nmap: NMAP = client_1.software_manager.software["nmap"] # noqa
expected_result = [IPv4Address("192.168.1.1"), IPv4Address("192.168.1.10"), IPv4Address("192.168.1.14")]
actual_result = client_1_nmap.ping_scan(target_ip_address=IPv4Network("192.168.1.0/24"))
@@ -39,7 +39,7 @@ def test_ping_scan_some_on(example_network):
network = example_network
client_1 = network.get_node_by_hostname("client_1")
client_1_nmap: NMAP = client_1.software_manager.software["NMAP"] # noqa
client_1_nmap: NMAP = client_1.software_manager.software["nmap"] # noqa
network.get_node_by_hostname("server_2").power_off()
@@ -53,7 +53,7 @@ def test_ping_scan_all_off(example_network):
network = example_network
client_1 = network.get_node_by_hostname("client_1")
client_1_nmap: NMAP = client_1.software_manager.software["NMAP"] # noqa
client_1_nmap: NMAP = client_1.software_manager.software["nmap"] # noqa
network.get_node_by_hostname("server_1").power_off()
network.get_node_by_hostname("server_2").power_off()
@@ -68,7 +68,7 @@ def test_port_scan_one_node_one_port(example_network):
network = example_network
client_1 = network.get_node_by_hostname("client_1")
client_1_nmap: NMAP = client_1.software_manager.software["NMAP"] # noqa
client_1_nmap: NMAP = client_1.software_manager.software["nmap"] # noqa
client_2 = network.get_node_by_hostname("client_2")
@@ -99,7 +99,7 @@ def test_port_scan_full_subnet_all_ports_and_protocols(example_network):
network = example_network
client_1 = network.get_node_by_hostname("client_1")
client_1_nmap: NMAP = client_1.software_manager.software["NMAP"] # noqa
client_1_nmap: NMAP = client_1.software_manager.software["nmap"] # noqa
actual_result = client_1_nmap.port_scan(
target_ip_address=IPv4Network("192.168.10.0/24"),
@@ -127,7 +127,7 @@ def test_network_service_recon_all_ports_and_protocols(example_network):
network = example_network
client_1 = network.get_node_by_hostname("client_1")
client_1_nmap: NMAP = client_1.software_manager.software["NMAP"] # noqa
client_1_nmap: NMAP = client_1.software_manager.software["nmap"] # noqa
actual_result = client_1_nmap.network_service_recon(
target_ip_address=IPv4Network("192.168.10.0/24"),

12
tests/integration_tests/system/test_ntp_client_server.py
View File

@@ -29,12 +29,12 @@ def create_ntp_network(client_server) -> Tuple[NTPClient, Computer, NTPServer, S
server.power_on()
server.software_manager.install(NTPServer)
ntp_server: NTPServer = server.software_manager.software.get("NTPServer")
ntp_server: NTPServer = server.software_manager.software.get("ntp-server")
ntp_server.start()
client.power_on()
client.software_manager.install(NTPClient)
ntp_client: NTPClient = client.software_manager.software.get("NTPClient")
ntp_client: NTPClient = client.software_manager.software.get("ntp-client")
ntp_client.start()
return ntp_client, client, ntp_server, server
@@ -43,8 +43,8 @@ def create_ntp_network(client_server) -> Tuple[NTPClient, Computer, NTPServer, S
def test_ntp_client_server(create_ntp_network):
ntp_client, client, ntp_server, server = create_ntp_network
ntp_server: NTPServer = server.software_manager.software["NTPServer"]
ntp_client: NTPClient = client.software_manager.software["NTPClient"]
ntp_server: NTPServer = server.software_manager.software["ntp-server"]
ntp_client: NTPClient = client.software_manager.software["ntp-client"]
assert ntp_server.operating_state == ServiceOperatingState.RUNNING
assert ntp_client.operating_state == ServiceOperatingState.RUNNING
@@ -64,8 +64,8 @@ def test_ntp_client_server(create_ntp_network):
def test_ntp_server_failure(create_ntp_network):
ntp_client, client, ntp_server, server = create_ntp_network
ntp_server: NTPServer = server.software_manager.software["NTPServer"]
ntp_client: NTPClient = client.software_manager.software["NTPClient"]
ntp_server: NTPServer = server.software_manager.software["ntp-server"]
ntp_client: NTPClient = client.software_manager.software["ntp-client"]
assert ntp_client.operating_state == ServiceOperatingState.RUNNING
assert ntp_client.operating_state == ServiceOperatingState.RUNNING

10
tests/integration_tests/system/test_service_listening_on_ports.py
View File

@@ -14,11 +14,11 @@ from primaite.utils.validation.port import PORT_LOOKUP
from tests import TEST_ASSETS_ROOT
class _DatabaseListener(Service, discriminator="_DatabaseListener"):
class _DatabaseListener(Service, discriminator="database-listener"):
class ConfigSchema(Service.ConfigSchema):
"""ConfigSchema for _DatabaseListener."""
type: str = "_DatabaseListener"
type: str = "database-listener"
listen_on_ports: Set[int] = {PORT_LOOKUP["POSTGRES_SERVER"]}
config: "_DatabaseListener.ConfigSchema" = Field(default_factory=lambda: _DatabaseListener.ConfigSchema())
@@ -41,7 +41,7 @@ def test_http_listener(client_server):
computer, server = client_server
server.software_manager.install(DatabaseService)
server_db = server.software_manager.software["DatabaseService"]
server_db = server.software_manager.software["database-service"]
server_db.start()
server.software_manager.install(_DatabaseListener)
@@ -49,7 +49,7 @@ def test_http_listener(client_server):
server_db_listener.start()
computer.software_manager.install(DatabaseClient)
computer_db_client: DatabaseClient = computer.software_manager.software["DatabaseClient"]
computer_db_client: DatabaseClient = computer.software_manager.software["database-client"]
computer_db_client.run()
computer_db_client.server_ip_address = server.network_interface[1].ip_address
@@ -86,6 +86,6 @@ def test_set_listen_on_ports_from_config():
assert PORT_LOOKUP["SMB"] in client.software_manager.get_open_ports()
assert PORT_LOOKUP["IPP"] in client.software_manager.get_open_ports()
web_browser = client.software_manager.software["WebBrowser"]
web_browser = client.software_manager.software["web-browser"]
assert not web_browser.listen_on_ports.difference({PORT_LOOKUP["SMB"], PORT_LOOKUP["IPP"]})

4
tests/integration_tests/system/test_service_on_node.py
View File

@@ -23,7 +23,7 @@ def populated_node(
server.power_on()
server.software_manager.install(service_class)
service = server.software_manager.software.get("DummyService")
service = server.software_manager.software.get("dummy-service")
service.start()
return server, service
@@ -42,7 +42,7 @@ def test_service_on_offline_node(service_class):
computer.power_on()
computer.software_manager.install(service_class)
service: Service = computer.software_manager.software.get("DummyService")
service: Service = computer.software_manager.software.get("dummy-service")
computer.power_off()

8
tests/integration_tests/system/test_web_client_server.py
View File

@@ -20,23 +20,23 @@ def web_client_and_web_server(client_server) -> Tuple[WebBrowser, Computer, WebS
# Install Web Browser on computer
computer.software_manager.install(WebBrowser)
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
web_browser: WebBrowser = computer.software_manager.software.get("web-browser")
web_browser.run()
# Install DNS Client service on computer
computer.software_manager.install(DNSClient)
dns_client: DNSClient = computer.software_manager.software.get("DNSClient")
dns_client: DNSClient = computer.software_manager.software.get("dns-client")
# set dns server
dns_client.dns_server = server.network_interfaces[next(iter(server.network_interfaces))].ip_address
# Install Web Server service on server
server.software_manager.install(WebServer)
web_server_service: WebServer = server.software_manager.software.get("WebServer")
web_server_service: WebServer = server.software_manager.software.get("web-server")
web_server_service.start()
# Install DNS Server service on server
server.software_manager.install(DNSServer)
dns_server: DNSServer = server.software_manager.software.get("DNSServer")
dns_server: DNSServer = server.software_manager.software.get("dns-server")
# register arcd.com to DNS
dns_server.dns_register(
domain_name="arcd.com",

30
tests/integration_tests/system/test_web_client_server_and_database.py
View File

@@ -68,29 +68,29 @@ def web_client_web_server_database(example_network) -> Tuple[Network, Computer,
# Install DatabaseService on db server
db_server.software_manager.install(DatabaseService)
db_service: DatabaseService = db_server.software_manager.software.get("DatabaseService")
db_service: DatabaseService = db_server.software_manager.software.get("database-service")
db_service.start()
# Install Web Browser on computer
computer.software_manager.install(WebBrowser)
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
web_browser: WebBrowser = computer.software_manager.software.get("web-browser")
web_browser.config.target_url = "http://arcd.com/users/"
web_browser.run()
# Install DNS Client service on computer
computer.software_manager.install(DNSClient)
dns_client: DNSClient = computer.software_manager.software.get("DNSClient")
dns_client: DNSClient = computer.software_manager.software.get("dns-client")
# set dns server
dns_client.dns_server = web_server.network_interfaces[next(iter(web_server.network_interfaces))].ip_address
# Install Web Server service on web server
web_server.software_manager.install(WebServer)
web_server_service: WebServer = web_server.software_manager.software.get("WebServer")
web_server_service: WebServer = web_server.software_manager.software.get("web-server")
web_server_service.start()
# Install DNS Server service on web server
web_server.software_manager.install(DNSServer)
dns_server: DNSServer = web_server.software_manager.software.get("DNSServer")
dns_server: DNSServer = web_server.software_manager.software.get("dns-server")
# register arcd.com to DNS
dns_server.dns_register(
domain_name="arcd.com",
@@ -99,7 +99,7 @@ def web_client_web_server_database(example_network) -> Tuple[Network, Computer,
# Install DatabaseClient service on web server
web_server.software_manager.install(DatabaseClient)
db_client: DatabaseClient = web_server.software_manager.software.get("DatabaseClient")
db_client: DatabaseClient = web_server.software_manager.software.get("database-client")
db_client.server_ip_address = IPv4Address(db_server_nic.ip_address) # set IP address of Database Server
db_client.run()
assert dns_client.check_domain_exists("arcd.com")
@@ -111,7 +111,7 @@ def web_client_web_server_database(example_network) -> Tuple[Network, Computer,
def test_web_client_requests_users(web_client_web_server_database):
_, computer, _, _ = web_client_web_server_database
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
web_browser: WebBrowser = computer.software_manager.software.get("web-browser")
assert web_browser.get_webpage()
@@ -121,8 +121,8 @@ def test_database_fix_disrupts_web_client(uc2_network):
computer: Computer = uc2_network.get_node_by_hostname("client_1")
db_server: Server = uc2_network.get_node_by_hostname("database_server")
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
database_service: DatabaseService = db_server.software_manager.software.get("DatabaseService")
web_browser: WebBrowser = computer.software_manager.software.get("web-browser")
database_service: DatabaseService = db_server.software_manager.software.get("database-service")
# fix the database service
database_service.fix()
@@ -143,7 +143,7 @@ class TestWebBrowserHistory:
def test_populating_history(self, web_client_web_server_database):
network, computer, _, _ = web_client_web_server_database
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
web_browser: WebBrowser = computer.software_manager.software.get("web-browser")
assert web_browser.history == []
web_browser.get_webpage()
assert len(web_browser.history) == 1
@@ -165,11 +165,11 @@ class TestWebBrowserHistory:
def test_history_in_state(self, web_client_web_server_database):
network, computer, _, _ = web_client_web_server_database
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
web_browser: WebBrowser = computer.software_manager.software.get("web-browser")
state = computer.describe_state()
assert "history" in state["applications"]["WebBrowser"]
assert len(state["applications"]["WebBrowser"]["history"]) == 0
assert "history" in state["applications"]["web-browser"]
assert len(state["applications"]["web-browser"]["history"]) == 0
web_browser.get_webpage()
router = network.get_node_by_hostname("router_1")
@@ -179,5 +179,5 @@ class TestWebBrowserHistory:
web_browser.get_webpage()
state = computer.describe_state()
assert state["applications"]["WebBrowser"]["history"][0]["outcome"] == 200
assert state["applications"]["WebBrowser"]["history"][1]["outcome"] == 404
assert state["applications"]["web-browser"]["history"][0]["outcome"] == 200
assert state["applications"]["web-browser"]["history"][1]["outcome"] == 404

60
tests/integration_tests/test_simulation/test_request_response.py
View File

@@ -48,13 +48,13 @@ def test_successful_application_requests(example_network):
client_1 = net.get_node_by_hostname("client_1")
client_1.software_manager.install(DummyApplication)
client_1.software_manager.software.get("DummyApplication").run()
client_1.software_manager.software.get("dummy-application").run()
resp_1 = net.apply_request(["node", "client_1", "application", "DummyApplication", "scan"])
resp_1 = net.apply_request(["node", "client_1", "application", "dummy-application", "scan"])
assert resp_1 == RequestResponse(status="success", data={})
resp_2 = net.apply_request(["node", "client_1", "application", "DummyApplication", "fix"])
resp_2 = net.apply_request(["node", "client_1", "application", "dummy-application", "fix"])
assert resp_2 == RequestResponse(status="success", data={})
resp_3 = net.apply_request(["node", "client_1", "application", "DummyApplication", "compromise"])
resp_3 = net.apply_request(["node", "client_1", "application", "dummy-application", "compromise"])
assert resp_3 == RequestResponse(status="success", data={})
@@ -77,7 +77,7 @@ def test_successful_service_requests(example_network):
"scan",
"fix",
]:
resp_1 = net.apply_request(["node", "server_1", "service", "DummyService", verb])
resp_1 = net.apply_request(["node", "server_1", "service", "dummy-service", verb])
assert resp_1 == RequestResponse(status="success", data={})
server_1.apply_timestep(timestep=1)
server_1.apply_timestep(timestep=1)
@@ -93,7 +93,7 @@ def test_non_existent_requests(example_network):
net = example_network
resp_1 = net.apply_request(["fake"])
assert resp_1.status == "unreachable"
resp_2 = net.apply_request(["network", "node", "client_39", "application", "WebBrowser", "execute"])
resp_2 = net.apply_request(["network", "node", "client_39", "application", "web-browser", "execute"])
assert resp_2.status == "unreachable"
@@ -102,8 +102,8 @@ def test_non_existent_requests(example_network):
[
["node", "client_1", "file_system", "folder", "root", "scan"],
["node", "client_1", "os", "scan"],
["node", "client_1", "service", "DNSClient", "stop"],
["node", "client_1", "application", "WebBrowser", "scan"],
["node", "client_1", "service", "dns-client", "stop"],
["node", "client_1", "application", "web-browser", "scan"],
["node", "client_1", "network_interface", 1, "disable"],
],
)
@@ -128,10 +128,14 @@ class TestDataManipulationGreenRequests:
"""Test that green requests succeed when the node is on and fail if the node is off."""
net: Network = uc2_network
client_1_browser_execute = net.apply_request(["node", "client_1", "application", "WebBrowser", "execute"])
client_1_db_client_execute = net.apply_request(["node", "client_1", "application", "DatabaseClient", "execute"])
client_2_browser_execute = net.apply_request(["node", "client_2", "application", "WebBrowser", "execute"])
client_2_db_client_execute = net.apply_request(["node", "client_2", "application", "DatabaseClient", "execute"])
client_1_browser_execute = net.apply_request(["node", "client_1", "application", "web-browser", "execute"])
client_1_db_client_execute = net.apply_request(
["node", "client_1", "application", "database-client", "execute"]
)
client_2_browser_execute = net.apply_request(["node", "client_2", "application", "web-browser", "execute"])
client_2_db_client_execute = net.apply_request(
["node", "client_2", "application", "database-client", "execute"]
)
assert client_1_browser_execute.status == "success"
assert client_1_db_client_execute.status == "success"
assert client_2_browser_execute.status == "success"
@@ -145,13 +149,13 @@ class TestDataManipulationGreenRequests:
client_2.shut_down_duration = 0
client_2.power_off()
client_1_browser_execute_off = net.apply_request(["node", "client_1", "application", "WebBrowser", "execute"])
client_1_browser_execute_off = net.apply_request(["node", "client_1", "application", "web-browser", "execute"])
client_1_db_client_execute_off = net.apply_request(
["node", "client_1", "application", "DatabaseClient", "execute"]
["node", "client_1", "application", "database-client", "execute"]
)
client_2_browser_execute_off = net.apply_request(["node", "client_2", "application", "WebBrowser", "execute"])
client_2_browser_execute_off = net.apply_request(["node", "client_2", "application", "web-browser", "execute"])
client_2_db_client_execute_off = net.apply_request(
["node", "client_2", "application", "DatabaseClient", "execute"]
["node", "client_2", "application", "database-client", "execute"]
)
assert client_1_browser_execute_off.status == "failure"
assert client_1_db_client_execute_off.status == "failure"
@@ -166,26 +170,34 @@ class TestDataManipulationGreenRequests:
client_1: HostNode = net.get_node_by_hostname("client_1")
client_2: HostNode = net.get_node_by_hostname("client_2")
client_1_browser_execute = net.apply_request(["node", "client_1", "application", "WebBrowser", "execute"])
client_2_browser_execute = net.apply_request(["node", "client_2", "application", "WebBrowser", "execute"])
client_1_browser_execute = net.apply_request(["node", "client_1", "application", "web-browser", "execute"])
client_2_browser_execute = net.apply_request(["node", "client_2", "application", "web-browser", "execute"])
assert client_1_browser_execute.status == "success"
assert client_2_browser_execute.status == "success"
router.acl.add_rule(ACLAction.DENY, src_port=PORT_LOOKUP["HTTP"], dst_port=PORT_LOOKUP["HTTP"], position=3)
client_1_browser_execute = net.apply_request(["node", "client_1", "application", "WebBrowser", "execute"])
client_2_browser_execute = net.apply_request(["node", "client_2", "application", "WebBrowser", "execute"])
client_1_browser_execute = net.apply_request(["node", "client_1", "application", "web-browser", "execute"])
client_2_browser_execute = net.apply_request(["node", "client_2", "application", "web-browser", "execute"])
assert client_1_browser_execute.status == "failure"
assert client_2_browser_execute.status == "failure"
client_1_db_client_execute = net.apply_request(["node", "client_1", "application", "DatabaseClient", "execute"])
client_2_db_client_execute = net.apply_request(["node", "client_2", "application", "DatabaseClient", "execute"])
client_1_db_client_execute = net.apply_request(
["node", "client_1", "application", "database-client", "execute"]
)
client_2_db_client_execute = net.apply_request(
["node", "client_2", "application", "database-client", "execute"]
)
assert client_1_db_client_execute.status == "success"
assert client_2_db_client_execute.status == "success"
router.acl.add_rule(
ACLAction.DENY, src_port=PORT_LOOKUP["POSTGRES_SERVER"], dst_port=PORT_LOOKUP["POSTGRES_SERVER"]
)
client_1_db_client_execute = net.apply_request(["node", "client_1", "application", "DatabaseClient", "execute"])
client_2_db_client_execute = net.apply_request(["node", "client_2", "application", "DatabaseClient", "execute"])
client_1_db_client_execute = net.apply_request(
["node", "client_1", "application", "database-client", "execute"]
)
client_2_db_client_execute = net.apply_request(
["node", "client_2", "application", "database-client", "execute"]
)
assert client_1_db_client_execute.status == "failure"
assert client_2_db_client_execute.status == "failure"

2
tests/unit_tests/_primaite/_game/_agent/test_actions.py
View File

@@ -21,7 +21,7 @@ from primaite.game.agent.actions.service import (
def test_do_nothing_action_form_request():
"""Test that the do_nothingAction can form a request and that it is correct."""
request = DoNothingAction.form_request(DoNothingAction.ConfigSchema())
assert request == ["do_nothing"]
assert request == ["do-nothing"]
@pytest.mark.parametrize(

8
tests/unit_tests/_primaite/_game/_agent/test_agent.py
View File

@@ -13,15 +13,15 @@ def test_creating_empty_agent():
def test_creating_agent_from_dict():
action_config = {
"action_map": {
0: {"action": "do_nothing", "options": {}},
0: {"action": "do-nothing", "options": {}},
1: {
"action": "node_application_execute",
"action": "node-application-execute",
"options": {"node_name": "client", "application_name": "database"},
},
}
}
observation_config = {
"type": "FILE",
"type": "file",
"options": {
"file_name": "dog.pdf",
"include_num_access": False,
@@ -31,7 +31,7 @@ def test_creating_agent_from_dict():
reward_config = {
"reward_components": [
{
"type": "DATABASE_FILE_INTEGRITY",
"type": "database-file-integrity",
"weight": 0.3,
"options": {"node_hostname": "server", "folder_name": "database", "file_name": "database.db"},
}

10
tests/unit_tests/_primaite/_game/_agent/test_observations.py
View File

@@ -21,17 +21,17 @@ class TestFileSystemRequiresScan:
def test_obs_config(self, yaml_option_string, expected_val):
"""Check that the default behaviour is to set FileSystemRequiresScan to True."""
obs_cfg_yaml = f"""
type: CUSTOM
type: custom
options:
components:
- type: NODES
- type: nodes
label: NODES
options:
hosts:
- hostname: domain_controller
- hostname: web_server
services:
- service_name: WebServer
- service_name: web-server
- hostname: database_server
folders:
- folder_name: database
@@ -77,7 +77,7 @@ class TestFileSystemRequiresScan:
- UDP
num_rules: 10
- type: LINKS
- type: links
label: LINKS
options:
link_references:
@@ -91,7 +91,7 @@ class TestFileSystemRequiresScan:
- switch_2:eth-1<->client_1:eth-1
- switch_2:eth-2<->client_2:eth-1
- switch_2:eth-7<->security_suite:eth-2
- type: "NONE"
- type: "none"
label: ICS
options: {{}}

18
tests/unit_tests/_primaite/_game/_agent/test_probabilistic_agent.py
View File

@@ -28,13 +28,13 @@ def test_probabilistic_agent():
action_space_cfg = {
"action_map": {
0: {"action": "do_nothing", "options": {}},
0: {"action": "do-nothing", "options": {}},
1: {
"action": "node_application_execute",
"options": {"node_name": "client_1", "application_name": "WebBrowser"},
"action": "node-application-execute",
"options": {"node_name": "client_1", "application_name": "web-browser"},
},
2: {
"action": "node_file_delete",
"action": "node-file-delete",
"options": {"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
},
},
@@ -44,8 +44,8 @@ def test_probabilistic_agent():
game.options = PrimaiteGameOptions(ports=[], protocols=[])
pa_config = {
"type": "ProbabilisticAgent",
"ref": "ProbabilisticAgent",
"type": "probabilistic-agent",
"ref": "probabilistic-agent",
"team": "BLUE",
"action_space": action_space_cfg,
"agent_settings": {
@@ -60,11 +60,11 @@ def test_probabilistic_agent():
node_file_delete_count = 0
for _ in range(N_TRIALS):
a = pa.get_action(0)
if a == ("do_nothing", {}):
if a == ("do-nothing", {}):
do_nothing_count += 1
elif a == ("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"}):
elif a == ("node-application-execute", {"node_name": "client_1", "application_name": "web-browser"}):
node_application_execute_count += 1
elif a == ("node_file_delete", {"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"}):
elif a == ("node-file-delete", {"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"}):
node_file_delete_count += 1
else:
raise AssertionError("Probabilistic agent produced an unexpected action.")

128
tests/unit_tests/_primaite/_game/_agent/test_sticky_rewards.py
View File

@@ -81,22 +81,22 @@ class TestWebpageUnavailabilitySticky:
reward = WebpageUnavailablePenalty(config=schema)
# no response codes yet, reward is 0
action, params, request = "do_nothing", {}, ["do_nothing"]
action, params, request = "do-nothing", {}, ["do-nothing"]
response = RequestResponse(status="success", data={})
browser_history = []
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"web-browser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == 0
# agent did a successful fetch
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "web-browser"}
request = ["network", "node", "computer", "application", "web-browser", "execute"]
response = RequestResponse(status="success", data={})
browser_history.append({"outcome": 200})
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"web-browser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
@@ -104,34 +104,34 @@ class TestWebpageUnavailabilitySticky:
# THE IMPORTANT BIT
# agent did nothing, because reward is not sticky, it goes back to 0
action, params, request = "do_nothing", {}, ["do_nothing"]
action, params, request = "do-nothing", {}, ["do-nothing"]
response = RequestResponse(status="success", data={})
browser_history = []
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"web-browser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == 0.0
# agent fails to fetch, get a -1.0 reward
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "web-browser"}
request = ["network", "node", "computer", "application", "web-browser", "execute"]
response = RequestResponse(status="failure", data={})
browser_history.append({"outcome": 404})
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"web-browser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == -1.0
# agent fails again to fetch, get a -1.0 reward again
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "web-browser"}
request = ["network", "node", "computer", "application", "web-browser", "execute"]
response = RequestResponse(status="failure", data={})
browser_history.append({"outcome": 404})
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"web-browser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
@@ -142,22 +142,22 @@ class TestWebpageUnavailabilitySticky:
reward = WebpageUnavailablePenalty(config=schema)
# no response codes yet, reward is 0
action, params, request = "do_nothing", {}, ["do_nothing"]
action, params, request = "do-nothing", {}, ["do-nothing"]
response = RequestResponse(status="success", data={})
browser_history = []
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"web-browser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == 0
# agent did a successful fetch
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "web-browser"}
request = ["network", "node", "computer", "application", "web-browser", "execute"]
response = RequestResponse(status="success", data={})
browser_history.append({"outcome": 200})
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"web-browser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
@@ -165,33 +165,33 @@ class TestWebpageUnavailabilitySticky:
# THE IMPORTANT BIT
# agent did nothing, because reward is sticky, it stays at 1.0
action, params, request = "do_nothing", {}, ["do_nothing"]
action, params, request = "do-nothing", {}, ["do-nothing"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"web-browser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == 1.0
# agent fails to fetch, get a -1.0 reward
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "web-browser"}
request = ["network", "node", "computer", "application", "web-browser", "execute"]
response = RequestResponse(status="failure", data={})
browser_history.append({"outcome": 404})
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"web-browser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == -1.0
# agent fails again to fetch, get a -1.0 reward again
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "web-browser"}
request = ["network", "node", "computer", "application", "web-browser", "execute"]
response = RequestResponse(status="failure", data={})
browser_history.append({"outcome": 404})
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"web-browser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
@@ -207,20 +207,20 @@ class TestGreenAdminDatabaseUnreachableSticky:
reward = GreenAdminDatabaseUnreachablePenalty(config=schema)
# no response codes yet, reward is 0
action, params, request = "do_nothing", {}, ["do_nothing"]
action, params, request = "do-nothing", {}, ["do-nothing"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"database-client": {}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == 0
# agent did a successful fetch
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "database-client"}
request = ["network", "node", "computer", "application", "database-client", "execute"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"database-client": {}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
@@ -228,31 +228,31 @@ class TestGreenAdminDatabaseUnreachableSticky:
# THE IMPORTANT BIT
# agent did nothing, because reward is not sticky, it goes back to 0
action, params, request = "do_nothing", {}, ["do_nothing"]
action, params, request = "do-nothing", {}, ["do-nothing"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"database-client": {}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == 0.0
# agent fails to fetch, get a -1.0 reward
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "database-client"}
request = ["network", "node", "computer", "application", "database-client", "execute"]
response = RequestResponse(status="failure", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"database-client": {}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == -1.0
# agent fails again to fetch, get a -1.0 reward again
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "database-client"}
request = ["network", "node", "computer", "application", "database-client", "execute"]
response = RequestResponse(status="failure", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"database-client": {}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
@@ -266,20 +266,20 @@ class TestGreenAdminDatabaseUnreachableSticky:
reward = GreenAdminDatabaseUnreachablePenalty(config=schema)
# no response codes yet, reward is 0
action, params, request = "do_nothing", {}, ["do_nothing"]
action, params, request = "do-nothing", {}, ["do-nothing"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"database-client": {}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == 0
# agent did a successful fetch
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "database-client"}
request = ["network", "node", "computer", "application", "database-client", "execute"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"database-client": {}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
@@ -287,31 +287,31 @@ class TestGreenAdminDatabaseUnreachableSticky:
# THE IMPORTANT BIT
# agent did nothing, because reward is not sticky, it goes back to 0
action, params, request = "do_nothing", {}, ["do_nothing"]
action, params, request = "do-nothing", {}, ["do-nothing"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"database-client": {}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == 1.0
# agent fails to fetch, get a -1.0 reward
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "database-client"}
request = ["network", "node", "computer", "application", "database-client", "execute"]
response = RequestResponse(status="failure", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"database-client": {}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)
assert reward.calculate(state, last_action_response) == -1.0
# agent fails again to fetch, get a -1.0 reward again
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
action = "node-application-execute"
params = {"node_name": "computer", "application_name": "database-client"}
request = ["network", "node", "computer", "application", "database-client", "execute"]
response = RequestResponse(status="failure", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
state = {"network": {"nodes": {"computer": {"applications": {"database-client": {}}}}}}
last_action_response = AgentHistoryItem(
timestep=0, action=action, parameters=params, request=request, response=response
)

2
tests/unit_tests/_primaite/_simulator/_file_system/test_file.py
View File

@@ -46,7 +46,7 @@ def test_file_reveal_to_red_scan(file_system):
assert file.revealed_to_red is True
@pytest.mark.skip(reason="node_file_checkhash not implemented")
@pytest.mark.skip(reason="node-file-checkhash not implemented")
def test_simulated_file_check_hash(file_system):
file: File = file_system.create_file(file_name="test_file.txt", folder_name="test_folder")

2
tests/unit_tests/_primaite/_simulator/_file_system/test_file_actions.py
View File

@@ -32,7 +32,7 @@ def test_file_scan_request(populated_file_system):
assert file.visible_health_status == FileSystemItemHealthStatus.CORRUPT
@pytest.mark.skip(reason="node_file_checkhash not implemented")
@pytest.mark.skip(reason="node-file-checkhash not implemented")
def test_file_checkhash_request(populated_file_system):
"""Test that an agent can request a file hash check."""
fs, folder, file = populated_file_system

2
tests/unit_tests/_primaite/_simulator/_file_system/test_folder.py
View File

@@ -120,7 +120,7 @@ def test_folder_corrupt_repair(file_system):
assert file.health_status == FileSystemItemHealthStatus.GOOD
@pytest.mark.skip(reason="node_file_checkhash not implemented")
@pytest.mark.skip(reason="node-file-checkhash not implemented")
def test_simulated_folder_check_hash(file_system):
folder: Folder = file_system.create_folder(folder_name="test_folder")
file_system.create_file(file_name="test_file.txt", folder_name="test_folder")

2
tests/unit_tests/_primaite/_simulator/_file_system/test_folder_actions.py
View File

@@ -51,7 +51,7 @@ def test_folder_scan_request(populated_file_system):
assert file2.visible_health_status == FileSystemItemHealthStatus.CORRUPT
@pytest.mark.skip(reason="node_folder_checkhash not implemented")
@pytest.mark.skip(reason="node-folder-checkhash not implemented")
def test_folder_checkhash_request(populated_file_system):
"""Test that an agent can request a folder hash check."""
fs, folder, file = populated_file_system

8
tests/unit_tests/_primaite/_simulator/_network/_hardware/test_node_actions.py
View File

@@ -57,13 +57,13 @@ def test_node_os_scan(node):
# add services to node
node.software_manager.install(DummyService)
service = node.software_manager.software.get("DummyService")
service = node.software_manager.software.get("dummy-service")
service.set_health_state(SoftwareHealthState.COMPROMISED)
assert service.health_state_visible == SoftwareHealthState.UNUSED
# add application to node
node.software_manager.install(DummyApplication)
application = node.software_manager.software.get("DummyApplication")
application = node.software_manager.software.get("dummy-application")
application.set_health_state(SoftwareHealthState.COMPROMISED)
assert application.health_state_visible == SoftwareHealthState.UNUSED
@@ -103,12 +103,12 @@ def test_node_red_scan(node):
# add services to node
node.software_manager.install(DummyService)
service = node.software_manager.software.get("DummyService")
service = node.software_manager.software.get("dummy-service")
assert service.revealed_to_red is False
# add application to node
node.software_manager.install(DummyApplication)
application = node.software_manager.software.get("DummyApplication")
application = node.software_manager.software.get("dummy-application")
application.set_health_state(SoftwareHealthState.COMPROMISED)
assert application.revealed_to_red is False

2
tests/unit_tests/_primaite/_simulator/_network/test_creation.py
View File

@@ -56,7 +56,7 @@ def test_office_lan_from_config(kwargs):
net = Network()
config = dict(
type="office_lan",
type="office-lan",
lan_name=kwargs["lan_name"],
subnet_base=kwargs["subnet_base"],
pcs_ip_block_start=kwargs["pcs_ip_block_start"],

4
tests/unit_tests/_primaite/_simulator/_system/_applications/_red_applications/test_c2_suite.py
View File

@@ -44,8 +44,8 @@ def setup_c2(given_network: Network):
computer_a: Computer = network.get_node_by_hostname("computer_a")
computer_b: Computer = network.get_node_by_hostname("computer_b")
c2_beacon: C2Beacon = computer_b.software_manager.software.get("C2Beacon")
c2_server: C2Server = computer_a.software_manager.software.get("C2Server")
c2_beacon: C2Beacon = computer_b.software_manager.software.get("c2-beacon")
c2_server: C2Server = computer_a.software_manager.software.get("c2-server")
c2_beacon.configure(c2_server_ip_address="192.168.0.1", keep_alive_frequency=2)
c2_server.run()

10
tests/unit_tests/_primaite/_simulator/_system/_applications/_red_applications/test_data_manipulation_bot.py
View File

@@ -20,13 +20,13 @@ def dm_client() -> Node:
@pytest.fixture
def dm_bot(dm_client) -> DataManipulationBot:
return dm_client.software_manager.software.get("DataManipulationBot")
return dm_client.software_manager.software.get("data-manipulation-bot")
def test_create_dm_bot(dm_client):
data_manipulation_bot: DataManipulationBot = dm_client.software_manager.software.get("DataManipulationBot")
data_manipulation_bot: DataManipulationBot = dm_client.software_manager.software.get("data-manipulation-bot")
assert data_manipulation_bot.name == "DataManipulationBot"
assert data_manipulation_bot.name == "data-manipulation-bot"
assert data_manipulation_bot.port == PORT_LOOKUP["NONE"]
assert data_manipulation_bot.protocol == PROTOCOL_LOOKUP["NONE"]
assert data_manipulation_bot.payload == "DELETE"
@@ -75,8 +75,8 @@ def test_dm_bot_perform_data_manipulation_success(dm_bot):
def test_dm_bot_fails_without_db_client(dm_client):
dm_client.software_manager.uninstall("DatabaseClient")
dm_bot = dm_client.software_manager.software.get("DataManipulationBot")
dm_client.software_manager.uninstall("database-client")
dm_bot = dm_client.software_manager.software.get("data-manipulation-bot")
assert dm_bot._host_db_client is None
dm_bot.attack_stage = DataManipulationAttackStage.PORT_SCAN
dm_bot._perform_data_manipulation(p_of_success=1.0)

2
tests/unit_tests/_primaite/_simulator/_system/_applications/_red_applications/test_dos_bot.py
View File

@@ -18,7 +18,7 @@ def dos_bot() -> DoSBot:
computer.power_on()
computer.software_manager.install(DoSBot)
dos_bot: DoSBot = computer.software_manager.software.get("DoSBot")
dos_bot: DoSBot = computer.software_manager.software.get("dos-bot")
dos_bot.configure(target_ip_address=IPv4Address("192.168.0.1"))
return dos_bot

8
tests/unit_tests/_primaite/_simulator/_system/_applications/test_application_registry.py
View File

@@ -5,18 +5,18 @@ from primaite.simulator.system.applications.application import Application
def test_adding_to_app_registry():
class temp_application(Application, discriminator="temp_app"):
class temp_application(Application, discriminator="temp-app"):
pass
assert Application._registry["temp_app"] is temp_application
assert Application._registry["temp-app"] is temp_application
with pytest.raises(ValueError):
class another_application(Application, discriminator="temp_app"):
class another_application(Application, discriminator="temp-app"):
pass
# This is kinda evil...
# Because pytest doesn't reimport classes from modules, registering this temporary test application will change the
# state of the Application registry for all subsequently run tests. So, we have to delete and unregister the class.
del temp_application
Application._registry.pop("temp_app")
Application._registry.pop("temp-app")

4
tests/unit_tests/_primaite/_simulator/_system/_applications/test_database_client.py
View File

@@ -20,7 +20,7 @@ def database_client_on_computer() -> Tuple[DatabaseClient, Computer]:
db_server = Server(hostname="db_server", ip_address="192.168.0.1", subnet_mask="255.255.255.0", start_up_duration=0)
db_server.power_on()
db_server.software_manager.install(DatabaseService)
db_server.software_manager.software["DatabaseService"].start()
db_server.software_manager.software["database-service"].start()
db_client = Computer(
hostname="db_client", ip_address="192.168.0.2", subnet_mask="255.255.255.0", start_up_duration=0
@@ -28,7 +28,7 @@ def database_client_on_computer() -> Tuple[DatabaseClient, Computer]:
db_client.power_on()
db_client.software_manager.install(DatabaseClient)
database_client: DatabaseClient = db_client.software_manager.software.get("DatabaseClient")
database_client: DatabaseClient = db_client.software_manager.software.get("database-client")
database_client.configure(server_ip_address=IPv4Address("192.168.0.1"))
database_client.run()

6
tests/unit_tests/_primaite/_simulator/_system/_applications/test_web_browser.py
View File

@@ -21,7 +21,7 @@ def web_browser() -> WebBrowser:
)
computer.power_on()
# Web Browser should be pre-installed in computer
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
web_browser: WebBrowser = computer.software_manager.software.get("web-browser")
web_browser.run()
assert web_browser.operating_state is ApplicationOperatingState.RUNNING
return web_browser
@@ -37,8 +37,8 @@ def test_create_web_client():
)
computer.power_on()
# Web Browser should be pre-installed in computer
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
assert web_browser.name is "WebBrowser"
web_browser: WebBrowser = computer.software_manager.software.get("web-browser")
assert web_browser.name is "web-browser"
assert web_browser.port is PORT_LOOKUP["HTTP"]
assert web_browser.protocol is PROTOCOL_LOOKUP["TCP"]

2
tests/unit_tests/_primaite/_simulator/_system/_services/test_database.py
View File

@@ -11,7 +11,7 @@ def database_server() -> Node:
node = Computer(hostname="db_node", ip_address="192.168.1.2", subnet_mask="255.255.255.0", start_up_duration=0)
node.power_on()
node.software_manager.install(DatabaseService)
node.software_manager.software.get("DatabaseService").start()
node.software_manager.software.get("database-service").start()
return node

14
tests/unit_tests/_primaite/_simulator/_system/_services/test_dns_client.py
View File

@@ -26,14 +26,14 @@ def dns_client() -> Computer:
def test_create_dns_client(dns_client):
assert dns_client is not None
dns_client_service: DNSClient = dns_client.software_manager.software.get("DNSClient")
assert dns_client_service.name is "DNSClient"
dns_client_service: DNSClient = dns_client.software_manager.software.get("dns-client")
assert dns_client_service.name is "dns-client"
assert dns_client_service.port is PORT_LOOKUP["DNS"]
assert dns_client_service.protocol is PROTOCOL_LOOKUP["TCP"]
def test_dns_client_add_domain_to_cache_when_not_running(dns_client):
dns_client_service: DNSClient = dns_client.software_manager.software.get("DNSClient")
dns_client_service: DNSClient = dns_client.software_manager.software.get("dns-client")
assert dns_client.operating_state is NodeOperatingState.OFF
assert dns_client_service.operating_state is ServiceOperatingState.STOPPED
@@ -46,7 +46,7 @@ def test_dns_client_add_domain_to_cache_when_not_running(dns_client):
def test_dns_client_check_domain_exists_when_not_running(dns_client):
dns_client.operating_state = NodeOperatingState.ON
dns_client_service: DNSClient = dns_client.software_manager.software.get("DNSClient")
dns_client_service: DNSClient = dns_client.software_manager.software.get("dns-client")
dns_client_service.start()
assert dns_client.operating_state is NodeOperatingState.ON
@@ -73,7 +73,7 @@ def test_dns_client_check_domain_exists_when_not_running(dns_client):
def test_dns_client_check_domain_in_cache(dns_client):
"""Test to make sure that the check_domain_in_cache returns the correct values."""
dns_client.operating_state = NodeOperatingState.ON
dns_client_service: DNSClient = dns_client.software_manager.software.get("DNSClient")
dns_client_service: DNSClient = dns_client.software_manager.software.get("dns-client")
dns_client_service.start()
# add a domain to the dns client cache
@@ -85,7 +85,7 @@ def test_dns_client_check_domain_in_cache(dns_client):
def test_dns_client_receive(dns_client):
"""Test to make sure the DNS Client knows how to deal with request responses."""
dns_client_service: DNSClient = dns_client.software_manager.software.get("DNSClient")
dns_client_service: DNSClient = dns_client.software_manager.software.get("dns-client")
dns_client_service.receive(
payload=DNSPacket(
@@ -99,6 +99,6 @@ def test_dns_client_receive(dns_client):
def test_dns_client_receive_non_dns_payload(dns_client):
dns_client_service: DNSClient = dns_client.software_manager.software.get("DNSClient")
dns_client_service: DNSClient = dns_client.software_manager.software.get("dns-client")
assert dns_client_service.receive(payload=None) is False

10
tests/unit_tests/_primaite/_simulator/_system/_services/test_dns_server.py
View File

@@ -30,15 +30,15 @@ def dns_server() -> Node:
def test_create_dns_server(dns_server):
assert dns_server is not None
dns_server_service: DNSServer = dns_server.software_manager.software.get("DNSServer")
assert dns_server_service.name is "DNSServer"
dns_server_service: DNSServer = dns_server.software_manager.software.get("dns-server")
assert dns_server_service.name is "dns-server"
assert dns_server_service.port is PORT_LOOKUP["DNS"]
assert dns_server_service.protocol is PROTOCOL_LOOKUP["TCP"]
def test_dns_server_domain_name_registration(dns_server):
"""Test to check if the domain name registration works."""
dns_server_service: DNSServer = dns_server.software_manager.software.get("DNSServer")
dns_server_service: DNSServer = dns_server.software_manager.software.get("dns-server")
# register the web server in the domain controller
dns_server_service.dns_register(domain_name="real-domain.com", domain_ip_address=IPv4Address("192.168.1.12"))
@@ -50,7 +50,7 @@ def test_dns_server_domain_name_registration(dns_server):
def test_dns_server_receive(dns_server):
"""Test to make sure that the DNS Server correctly responds to a DNS Client request."""
dns_server_service: DNSServer = dns_server.software_manager.software.get("DNSServer")
dns_server_service: DNSServer = dns_server.software_manager.software.get("dns-server")
# register the web server in the domain controller
dns_server_service.dns_register(domain_name="real-domain.com", domain_ip_address=IPv4Address("192.168.1.12"))
@@ -60,7 +60,7 @@ def test_dns_server_receive(dns_server):
client.dns_server = IPv4Address("192.168.1.10")
network = Network()
network.connect(dns_server.network_interface[1], client.network_interface[1])
dns_client: DNSClient = client.software_manager.software["DNSClient"] # noqa
dns_client: DNSClient = client.software_manager.software["dns-client"] # noqa
dns_client.check_domain_exists("fake-domain.com")
assert dns_client.check_domain_exists("fake-domain.com") is False

16
tests/unit_tests/_primaite/_simulator/_system/_services/test_ftp_client.py
View File

@@ -29,8 +29,8 @@ def ftp_client() -> Node:
def test_create_ftp_client(ftp_client):
assert ftp_client is not None
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("FTPClient")
assert ftp_client_service.name is "FTPClient"
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("ftp-client")
assert ftp_client_service.name is "ftp-client"
assert ftp_client_service.port is PORT_LOOKUP["FTP"]
assert ftp_client_service.protocol is PROTOCOL_LOOKUP["TCP"]
@@ -51,7 +51,7 @@ def test_ftp_client_store_file(ftp_client):
status_code=FTPStatusCode.OK,
)
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("FTPClient")
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("ftp-client")
ftp_client_service.receive(response)
assert ftp_client.file_system.get_file(folder_name="downloads", file_name="file.txt")
@@ -65,7 +65,7 @@ def test_ftp_should_not_process_commands_if_service_not_running(ftp_client):
status_code=FTPStatusCode.OK,
)
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("FTPClient")
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("ftp-client")
ftp_client_service.stop()
assert ftp_client_service.operating_state is ServiceOperatingState.STOPPED
assert ftp_client_service._process_ftp_command(payload=payload).status_code is FTPStatusCode.ERROR
@@ -75,7 +75,7 @@ def test_ftp_tries_to_senf_file__that_does_not_exist(ftp_client):
"""Method send_file should return false if no file to send."""
assert ftp_client.file_system.get_file(folder_name="root", file_name="test.txt") is None
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("FTPClient")
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("ftp-client")
assert ftp_client_service.operating_state is ServiceOperatingState.RUNNING
assert (
ftp_client_service.send_file(
@@ -91,7 +91,7 @@ def test_ftp_tries_to_senf_file__that_does_not_exist(ftp_client):
def test_offline_ftp_client_receives_request(ftp_client):
"""Receive should return false if the node the ftp client is installed on is offline."""
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("FTPClient")
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("ftp-client")
ftp_client.power_off()
for i in range(ftp_client.shut_down_duration + 1):
@@ -111,7 +111,7 @@ def test_offline_ftp_client_receives_request(ftp_client):
def test_receive_should_fail_if_payload_is_not_ftp(ftp_client):
"""Receive should return false if the node the ftp client is installed on is not an FTPPacket."""
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("FTPClient")
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("ftp-client")
assert ftp_client_service.receive(payload=None) is False
@@ -122,5 +122,5 @@ def test_receive_should_ignore_payload_with_none_status_code(ftp_client):
ftp_command_args=PORT_LOOKUP["FTP"],
status_code=None,
)
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("FTPClient")
ftp_client_service: FTPClient = ftp_client.software_manager.software.get("ftp-client")
assert ftp_client_service.receive(payload=payload) is False

12
tests/unit_tests/_primaite/_simulator/_system/_services/test_ftp_server.py
View File

@@ -28,8 +28,8 @@ def ftp_server() -> Node:
def test_create_ftp_server(ftp_server):
assert ftp_server is not None
ftp_server_service: FTPServer = ftp_server.software_manager.software.get("FTPServer")
assert ftp_server_service.name is "FTPServer"
ftp_server_service: FTPServer = ftp_server.software_manager.software.get("ftp-server")
assert ftp_server_service.name is "ftp-server"
assert ftp_server_service.port is PORT_LOOKUP["FTP"]
assert ftp_server_service.protocol is PROTOCOL_LOOKUP["TCP"]
@@ -49,7 +49,7 @@ def test_ftp_server_store_file(ftp_server):
packet_payload_size=24,
)
ftp_server_service: FTPServer = ftp_server.software_manager.software.get("FTPServer")
ftp_server_service: FTPServer = ftp_server.software_manager.software.get("ftp-server")
ftp_server_service.receive(response)
assert ftp_server.file_system.get_file(folder_name="downloads", file_name="file.txt")
@@ -63,7 +63,7 @@ def test_ftp_server_should_send_error_if_port_arg_is_invalid(ftp_server):
packet_payload_size=24,
)
ftp_server_service: FTPServer = ftp_server.software_manager.software.get("FTPServer")
ftp_server_service: FTPServer = ftp_server.software_manager.software.get("ftp-server")
assert ftp_server_service._process_ftp_command(payload=payload).status_code is FTPStatusCode.ERROR
@@ -71,7 +71,7 @@ def test_ftp_server_receives_non_ftp_packet(ftp_server):
"""Receive should return false if the service receives a non ftp packet."""
response: FTPPacket = None
ftp_server_service: FTPServer = ftp_server.software_manager.software.get("FTPServer")
ftp_server_service: FTPServer = ftp_server.software_manager.software.get("ftp-server")
assert ftp_server_service.receive(response) is False
@@ -87,7 +87,7 @@ def test_offline_ftp_server_receives_request(ftp_server):
packet_payload_size=24,
)
ftp_server_service: FTPServer = ftp_server.software_manager.software.get("FTPServer")
ftp_server_service: FTPServer = ftp_server.software_manager.software.get("ftp-server")
ftp_server_service.stop()
assert ftp_server_service.operating_state is ServiceOperatingState.STOPPED
assert ftp_server_service.receive(response) is False

78
tests/unit_tests/_primaite/_simulator/_system/_services/test_terminal.py
View File

@@ -18,7 +18,7 @@ from primaite.simulator.network.protocols.ssh import (
SSHTransportMessage,
SSHUserCredentials,
)
from primaite.simulator.system.applications.red_applications.ransomware_script import RansomwareScript
from primaite.simulator.system.applications.red_applications.ransomware_script import ransomware_script
from primaite.simulator.system.services.dns.dns_server import DNSServer
from primaite.simulator.system.services.service import ServiceOperatingState
from primaite.simulator.system.services.terminal.terminal import RemoteTerminalConnection, Terminal
@@ -33,7 +33,7 @@ def terminal_on_computer() -> Tuple[Terminal, Computer]:
hostname="node_a", ip_address="192.168.0.10", subnet_mask="255.255.255.0", start_up_duration=0
)
computer.power_on()
terminal: Terminal = computer.software_manager.software.get("Terminal")
terminal: Terminal = computer.software_manager.software.get("terminal")
return terminal, computer
@@ -82,7 +82,7 @@ def wireless_wan_network():
)
router_1.acl.add_rule(action=ACLAction.PERMIT, protocol=PROTOCOL_LOOKUP["ICMP"], position=23)
# add ACL rule to allow SSH traffic
# add acl rule to allow SSH traffic
router_1.acl.add_rule(
action=ACLAction.PERMIT, src_port=PORT_LOOKUP["SSH"], dst_port=PORT_LOOKUP["SSH"], position=21
)
@@ -142,25 +142,25 @@ def test_terminal_creation(terminal_on_computer):
def test_terminal_install_default():
"""Terminal should be auto installed onto Nodes"""
"""terminal should be auto installed onto Nodes"""
computer = Computer(hostname="node_a", ip_address="192.168.0.10", subnet_mask="255.255.255.0", start_up_duration=0)
computer.power_on()
assert computer.software_manager.software.get("Terminal")
assert computer.software_manager.software.get("terminal")
def test_terminal_not_on_switch():
"""Ensure terminal does not auto-install to switch"""
test_switch = Switch(hostname="Test")
assert not test_switch.software_manager.software.get("Terminal")
assert not test_switch.software_manager.software.get("terminal")
def test_terminal_send(basic_network):
"""Test that Terminal can send valid commands."""
"""Test that terminal can send valid commands."""
network: Network = basic_network
computer_a: Computer = network.get_node_by_hostname("node_a")
terminal_a: Terminal = computer_a.software_manager.software.get("Terminal")
terminal_a: Terminal = computer_a.software_manager.software.get("terminal")
computer_b: Computer = network.get_node_by_hostname("node_b")
payload: SSHPacket = SSHPacket(
@@ -178,7 +178,7 @@ def test_terminal_receive(basic_network):
"""Test that terminal can receive and process commands"""
network: Network = basic_network
computer_a: Computer = network.get_node_by_hostname("node_a")
terminal_a: Terminal = computer_a.software_manager.software.get("Terminal")
terminal_a: Terminal = computer_a.software_manager.software.get("terminal")
computer_b: Computer = network.get_node_by_hostname("node_b")
folder_name = "Downloads"
@@ -199,14 +199,14 @@ def test_terminal_receive(basic_network):
def test_terminal_install(basic_network):
"""Test that Terminal can successfully process an INSTALL request"""
"""Test that terminal can successfully process an INSTALL request"""
network: Network = basic_network
computer_a: Computer = network.get_node_by_hostname("node_a")
terminal_a: Terminal = computer_a.software_manager.software.get("Terminal")
terminal_a: Terminal = computer_a.software_manager.software.get("terminal")
computer_b: Computer = network.get_node_by_hostname("node_b")
payload: SSHPacket = SSHPacket(
payload=["software_manager", "application", "install", "RansomwareScript"],
payload=["software_manager", "application", "install", "ransomware-script"],
transport_message=SSHTransportMessage.SSH_MSG_SERVICE_REQUEST,
connection_message=SSHConnectionMessage.SSH_MSG_CHANNEL_OPEN,
)
@@ -215,16 +215,16 @@ def test_terminal_install(basic_network):
username="admin", password="admin", ip_address="192.168.0.11"
)
term_a_on_node_b.execute(["software_manager", "application", "install", "RansomwareScript"])
term_a_on_node_b.execute(["software_manager", "application", "install", "ransomware-script"])
assert computer_b.software_manager.software.get("RansomwareScript")
assert computer_b.software_manager.software.get("ransomware-script")
def test_terminal_fail_when_closed(basic_network):
"""Ensure Terminal won't attempt to send/receive when off"""
"""Ensure terminal won't attempt to send/receive when off"""
network: Network = basic_network
computer: Computer = network.get_node_by_hostname("node_a")
terminal: Terminal = computer.software_manager.software.get("Terminal")
terminal: Terminal = computer.software_manager.software.get("terminal")
computer_b: Computer = network.get_node_by_hostname("node_b")
terminal.operating_state = ServiceOperatingState.STOPPED
@@ -233,12 +233,12 @@ def test_terminal_fail_when_closed(basic_network):
def test_terminal_disconnect(basic_network):
"""Test Terminal disconnects"""
"""Test terminal disconnects"""
network: Network = basic_network
computer_a: Computer = network.get_node_by_hostname("node_a")
terminal_a: Terminal = computer_a.software_manager.software.get("Terminal")
terminal_a: Terminal = computer_a.software_manager.software.get("terminal")
computer_b: Computer = network.get_node_by_hostname("node_b")
terminal_b: Terminal = computer_b.software_manager.software.get("Terminal")
terminal_b: Terminal = computer_b.software_manager.software.get("terminal")
assert len(terminal_b._connections) == 0
@@ -256,10 +256,10 @@ def test_terminal_disconnect(basic_network):
def test_terminal_ignores_when_off(basic_network):
"""Terminal should ignore commands when not running"""
"""terminal should ignore commands when not running"""
network: Network = basic_network
computer_a: Computer = network.get_node_by_hostname("node_a")
terminal_a: Terminal = computer_a.software_manager.software.get("Terminal")
terminal_a: Terminal = computer_a.software_manager.software.get("terminal")
computer_b: Computer = network.get_node_by_hostname("node_b")
@@ -269,14 +269,14 @@ def test_terminal_ignores_when_off(basic_network):
terminal_a.operating_state = ServiceOperatingState.STOPPED
assert not term_a_on_term_b.execute(["software_manager", "application", "install", "RansomwareScript"])
assert not term_a_on_term_b.execute(["software_manager", "application", "install", "ransomware-script"])
def test_computer_remote_login_to_router(wireless_wan_network):
"""Test to confirm that a computer can SSH into a router."""
pc_a, _, router_1, _ = wireless_wan_network
pc_a_terminal: Terminal = pc_a.software_manager.software.get("Terminal")
pc_a_terminal: Terminal = pc_a.software_manager.software.get("terminal")
assert len(pc_a_terminal._connections) == 0
@@ -284,18 +284,18 @@ def test_computer_remote_login_to_router(wireless_wan_network):
assert len(pc_a_terminal._connections) == 1
payload = ["software_manager", "application", "install", "RansomwareScript"]
payload = ["software_manager", "application", "install", "ransomware-script"]
pc_a_on_router_1.execute(payload)
assert router_1.software_manager.software.get("RansomwareScript")
assert router_1.software_manager.software.get("ransomware-script")
def test_router_remote_login_to_computer(wireless_wan_network):
"""Test to confirm that a router can ssh into a computer."""
pc_a, _, router_1, _ = wireless_wan_network
router_1_terminal: Terminal = router_1.software_manager.software.get("Terminal")
router_1_terminal: Terminal = router_1.software_manager.software.get("terminal")
assert len(router_1_terminal._connections) == 0
@@ -303,21 +303,21 @@ def test_router_remote_login_to_computer(wireless_wan_network):
assert len(router_1_terminal._connections) == 1
payload = ["software_manager", "application", "install", "RansomwareScript"]
payload = ["software_manager", "application", "install", "ransomware-script"]
router_1_on_pc_a.execute(payload)
assert pc_a.software_manager.software.get("RansomwareScript")
assert pc_a.software_manager.software.get("ransomware-script")
def test_router_blocks_SSH_traffic(wireless_wan_network):
"""Test to check that router will block SSH traffic if no ACL rule."""
"""Test to check that router will block SSH traffic if no acl rule."""
pc_a, _, router_1, _ = wireless_wan_network
# Remove rule that allows SSH traffic.
router_1.acl.remove_rule(position=21)
pc_a_terminal: Terminal = pc_a.software_manager.software.get("Terminal")
pc_a_terminal: Terminal = pc_a.software_manager.software.get("terminal")
assert len(pc_a_terminal._connections) == 0
@@ -330,8 +330,8 @@ def test_SSH_across_network(wireless_wan_network):
"""Test to show ability to SSH across a network."""
pc_a, pc_b, router_1, router_2 = wireless_wan_network
terminal_a: Terminal = pc_a.software_manager.software.get("Terminal")
terminal_b: Terminal = pc_b.software_manager.software.get("Terminal")
terminal_a: Terminal = pc_a.software_manager.software.get("terminal")
terminal_b: Terminal = pc_b.software_manager.software.get("terminal")
router_2.acl.add_rule(
action=ACLAction.PERMIT, src_port=PORT_LOOKUP["SSH"], dst_port=PORT_LOOKUP["SSH"], position=21
@@ -348,7 +348,7 @@ def test_multiple_remote_terminals_same_node(basic_network):
"""Test to check that multiple remote terminals can be spawned by one node."""
network: Network = basic_network
computer_a: Computer = network.get_node_by_hostname("node_a")
terminal_a: Terminal = computer_a.software_manager.software.get("Terminal")
terminal_a: Terminal = computer_a.software_manager.software.get("terminal")
computer_b: Computer = network.get_node_by_hostname("node_b")
assert len(terminal_a._connections) == 0
@@ -366,10 +366,10 @@ def test_terminal_rejects_commands_if_disconnect(basic_network):
"""Test to check terminal will ignore commands from disconnected connections"""
network: Network = basic_network
computer_a: Computer = network.get_node_by_hostname("node_a")
terminal_a: Terminal = computer_a.software_manager.software.get("Terminal")
terminal_a: Terminal = computer_a.software_manager.software.get("terminal")
computer_b: Computer = network.get_node_by_hostname("node_b")
terminal_b: Terminal = computer_b.software_manager.software.get("Terminal")
terminal_b: Terminal = computer_b.software_manager.software.get("terminal")
remote_connection = terminal_a.login(username="admin", password="admin", ip_address="192.168.0.11")
@@ -381,9 +381,9 @@ def test_terminal_rejects_commands_if_disconnect(basic_network):
assert len(terminal_a._connections) == 0
assert len(terminal_b._connections) == 0
assert remote_connection.execute(["software_manager", "application", "install", "RansomwareScript"]) is False
assert remote_connection.execute(["software_manager", "application", "install", "ransomware-script"]) is False
assert not computer_b.software_manager.software.get("RansomwareScript")
assert not computer_b.software_manager.software.get("ransomware-script")
assert remote_connection.is_active is False
@@ -392,9 +392,9 @@ def test_terminal_connection_timeout(basic_network):
"""Test that terminal_connections are affected by UserSession timeout."""
network: Network = basic_network
computer_a: Computer = network.get_node_by_hostname("node_a")
terminal_a: Terminal = computer_a.software_manager.software.get("Terminal")
terminal_a: Terminal = computer_a.software_manager.software.get("terminal")
computer_b: Computer = network.get_node_by_hostname("node_b")
terminal_b: Terminal = computer_b.software_manager.software.get("Terminal")
terminal_b: Terminal = computer_b.software_manager.software.get("terminal")
remote_connection = terminal_a.login(username="admin", password="admin", ip_address="192.168.0.11")

10
tests/unit_tests/_primaite/_simulator/_system/_services/test_web_server.py
View File

@@ -25,14 +25,14 @@ def web_server() -> Server:
)
node.power_on()
node.software_manager.install(WebServer)
node.software_manager.software.get("WebServer").start()
node.software_manager.software.get("web-server").start()
return node
def test_create_web_server(web_server):
assert web_server is not None
web_server_service: WebServer = web_server.software_manager.software.get("WebServer")
assert web_server_service.name is "WebServer"
web_server_service: WebServer = web_server.software_manager.software.get("web-server")
assert web_server_service.name is "web-server"
assert web_server_service.port is PORT_LOOKUP["HTTP"]
assert web_server_service.protocol is PROTOCOL_LOOKUP["TCP"]
@@ -40,7 +40,7 @@ def test_create_web_server(web_server):
def test_handling_get_request_not_found_path(web_server):
payload = HttpRequestPacket(request_method=HttpRequestMethod.GET, request_url="http://domain.com/fake-path")
web_server_service: WebServer = web_server.software_manager.software.get("WebServer")
web_server_service: WebServer = web_server.software_manager.software.get("web-server")
response: HttpResponsePacket = web_server_service._handle_get_request(payload=payload)
assert response.status_code == HttpStatusCode.NOT_FOUND
@@ -49,7 +49,7 @@ def test_handling_get_request_not_found_path(web_server):
def test_handling_get_request_home_page(web_server):
payload = HttpRequestPacket(request_method=HttpRequestMethod.GET, request_url="http://domain.com/")
web_server_service: WebServer = web_server.software_manager.software.get("WebServer")
web_server_service: WebServer = web_server.software_manager.software.get("web-server")
response: HttpResponsePacket = web_server_service._handle_get_request(payload=payload)
assert response.status_code == HttpStatusCode.OK

4
tests/unit_tests/_primaite/_simulator/_system/test_software.py
View File

@@ -15,7 +15,7 @@ class TestSoftware(Service, discriminator="TestSoftware"):
class ConfigSchema(Service.ConfigSchema):
"""ConfigSChema for TestSoftware."""
type: str = "TestSoftware"
type: str = "test-software"
config: "TestSoftware.ConfigSchema" = Field(default_factory=lambda: TestSoftware.ConfigSchema())
@@ -26,7 +26,7 @@ class TestSoftware(Service, discriminator="TestSoftware"):
@pytest.fixture(scope="function")
def software(file_system):
return TestSoftware(
name="TestSoftware",
name="test-software",
port=PORT_LOOKUP["ARP"],
file_system=file_system,
sys_log=SysLog(hostname="test_service"),