def dns_contact_base_world():
BaseWorld.apply_config(name='main',
config={
'app.contact.dns.domain': 'mycaldera.caldera',
'app.contact.dns.socket': '0.0.0.0:53',
'plugins': ['sandcat', 'stockpile'],
'crypt_salt': 'BLAH',
'api_key': 'ADMIN123',
'encryption_key': 'ADMIN123',
'exfil_dir': '/tmp'
})
BaseWorld.apply_config(name='agents',
config={
'sleep_max':
5,
'sleep_min':
5,
'untrusted_timer':
90,
'watchdog':
0,
'implant_name':
'splunkd',
'bootstrap_abilities':
['43b3754c-def4-4699-a673-1d85648fda6a']
})
def ssh_contact_base_world():
BaseWorld.apply_config(name='main',
config={
'app.contact.tunnel.ssh.user_name': 'sandcat',
'app.contact.tunnel.ssh.user_password':
'******',
'app.contact.tunnel.ssh.socket': '0.0.0.0:8122',
'app.contact.tunnel.ssh.host_key_file':
'REPLACE_WITH_KEY_FILE_PATH,',
'app.contact.tunnel.ssh.host_key_passphrase':
'REPLACE_WITH_KEY_FILE_PASSPHRASE',
'plugins': ['sandcat', 'stockpile'],
'crypt_salt': 'BLAH',
'api_key': 'ADMIN123',
'encryption_key': 'ADMIN123',
'exfil_dir': '/tmp'
})
BaseWorld.apply_config(name='agents',
config={
'sleep_max':
5,
'sleep_min':
5,
'untrusted_timer':
90,
'watchdog':
0,
'implant_name':
'splunkd',
'bootstrap_abilities':
['43b3754c-def4-4699-a673-1d85648fda6a']
})
def setup_rest_svc_test(loop, data_svc):
BaseWorld.apply_config(name='default',
config={
'app.contact.http': '0.0.0.0',
'plugins': ['sandcat', 'stockpile'],
'crypt_salt': 'BLAH',
'api_key': 'ADMIN123',
'encryption_key': 'ADMIN123',
'exfil_dir': '/tmp'
})
loop.run_until_complete(
data_svc.store(
Ability(ability_id='123',
test=BaseWorld.encode_string('curl #{app.contact.http}'),
variations=[])))
loop.run_until_complete(
data_svc.store(
Adversary(adversary_id='123',
name='test',
description='test',
phases=[])))
loop.run_until_complete(
data_svc.store(Agent(paw='123', sleep_min=2, sleep_max=8, watchdog=0)))
loop.run_until_complete(
data_svc.store(
Planner(planner_id='123',
name='test',
module='test',
params=dict())))
loop.run_until_complete(
data_svc.store(Source(identifier='123', name='test', facts=[])))
async def initialize():
with open(Path(__file__).parents[2] / 'conf' / 'default.yml',
'r') as fle:
BaseWorld.apply_config('main', yaml.safe_load(fle))
with open(Path(__file__).parents[2] / 'conf' / 'payloads.yml',
'r') as fle:
BaseWorld.apply_config('payloads', yaml.safe_load(fle))
app_svc = AppService(web.Application())
_ = DataService()
_ = RestService()
_ = PlanningService()
_ = LearningService()
auth_svc = AuthService()
_ = ContactService()
_ = FileSvc()
services = app_svc.get_services()
os.chdir(str(Path(__file__).parents[2]))
await app_svc.register_contacts()
await app_svc.load_plugins(['sandcat', 'ssl'])
_ = await RestApi(services).enable()
await auth_svc.apply(app_svc.application, auth_svc.get_config('users'))
await auth_svc.set_login_handlers(services)
return app_svc.application
def dns_c2(loop, app_svc, contact_svc, data_svc, obfuscator):
BaseWorld.apply_config(name='main',
config={
'app.contact.dns.domain': 'mycaldera.caldera',
'app.contact.dns.socket': '0.0.0.0:53',
'plugins': ['sandcat', 'stockpile'],
'crypt_salt': 'BLAH',
'api_key': 'ADMIN123',
'encryption_key': 'ADMIN123',
'exfil_dir': '/tmp'
})
BaseWorld.apply_config(name='agents',
config={
'sleep_max':
5,
'sleep_min':
5,
'untrusted_timer':
90,
'watchdog':
0,
'implant_name':
'splunkd',
'bootstrap_abilities':
['43b3754c-def4-4699-a673-1d85648fda6a']
})
services = app_svc(loop).get_services()
dns_c2 = DnsContact(services)
return dns_c2
def base_world(app_config, agent_config):
BaseWorld.clear_config()
BaseWorld.apply_config('main', app_config)
BaseWorld.apply_config('agents', agent_config)
yield BaseWorld
BaseWorld.clear_config()
def test_apply_and_retrieve_config(self):
new_config = dict(name='newconfig',
config={
'app.unit.test': 'abcd12345',
'plugins': ['stockpile']
})
BaseWorld.apply_config(**new_config)
assert BaseWorld.get_config(name='newconfig') == new_config['config']
def setup_rest_svc_test(loop, data_svc):
BaseWorld.apply_config(name='main',
config={
'app.contact.http': '0.0.0.0',
'plugins': ['sandcat', 'stockpile'],
'crypt_salt': 'BLAH',
'api_key': 'ADMIN123',
'encryption_key': 'ADMIN123',
'exfil_dir': '/tmp'
})
loop.run_until_complete(
data_svc.store(
Ability(ability_id='123',
test=BaseWorld.encode_string('curl #{app.contact.http}'),
variations=[],
executor='psh',
platform='windows')))
adversary = Adversary(adversary_id='123',
name='test',
description='test',
atomic_ordering=[])
loop.run_until_complete(data_svc.store(adversary))
agent = Agent(paw='123',
sleep_min=2,
sleep_max=8,
watchdog=0,
executors=['pwsh', 'psh'],
platform='windows')
loop.run_until_complete(data_svc.store(agent))
loop.run_until_complete(
data_svc.store(
Planner(planner_id='123',
name='test',
module='test',
params=dict())))
source = Source(id='123', name='test', facts=[], adjustments=[])
loop.run_until_complete(data_svc.store(source))
loop.run_until_complete(
data_svc.store(
Operation(name='test',
agents=[agent],
adversary=adversary,
id='123',
source=source)))
loop.run_until_complete(
data_svc.store(
Obfuscator(
name='plain-text',
description=
'Does no obfuscation to any command, instead running it in plain text',
module='plugins.stockpile.app.obfuscators.plain_text')))
async def enable(services):
BaseWorld.apply_config('response', BaseWorld.strip_yml('plugins/response/conf/response.yml')[0])
response_svc = ResponseService(services)
app = services.get('app_svc').application
app.router.add_route('GET', '/plugin/responder/gui', response_svc.splash)
app.router.add_route('POST', '/plugin/responder/update', response_svc.update_responder)
_register_agent('1837b43e-4fff-46b2-a604-a602f7540469') # Elasticat agent
await response_svc.register_handler(services.get('event_svc'))
async def enable(services):
BaseWorld.apply_config('gameboard', BaseWorld.strip_yml('plugins/gameboard/conf/gameboard.yml')[0])
gameboard_svc = GameboardService(services)
gameboard_api = GameboardApi(services)
app = services.get('app_svc').application
app.router.add_route('GET', '/plugin/gameboard/gui', gameboard_api.splash)
app.router.add_route('POST', '/plugin/gameboard/pieces', gameboard_api.get_pieces)
app.router.add_route('POST', '/plugin/gameboard/pin', gameboard_api.update_pin)
app.router.add_route('POST', '/plugin/gameboard/analytic', gameboard_api.analytic)
app.router.add_route('POST', '/plugin/gameboard/detection', gameboard_api.verify_detection)
def test_retrieve_config(self, loop, app_svc):
BaseWorld.apply_config(name='main', config={'app.contact.gist': 'arandomkeythatisusedtoconnecttogithubapi',
'plugins': ['sandcat', 'stockpile'],
'crypt_salt': 'BLAH',
'api_key': 'ADMIN123',
'encryption_key': 'ADMIN123',
'exfil_dir': '/tmp'})
gist_c2 = Gist(app_svc(loop).get_services())
loop.run_until_complete(gist_c2.start())
assert gist_c2.retrieve_config() == 'arandomkeythatisusedtoconnecttogithubapi'
def setUp(self):
self.initialize()
BaseWorld.apply_config({
'app.contact.http': '0.0.0.0',
'plugins': ['sandcat', 'stockpile']
})
self.run_async(
self.data_svc.store(
Ability(
ability_id='123',
test=BaseWorld.encode_string('curl #{app.contact.http}'))))
async def enable(services):
environments = BaseWorld.strip_yml(
'plugins/builder/conf/environments.yml')[0]
BaseWorld.apply_config('build', environments)
build_svc = BuildService(services)
await build_svc.stage_enabled_dockers()
envs = environments['enabled']
builder_gui = BuilderGUI(services, name, description, envs)
app = services.get('app_svc').application
app.router.add_route('GET', '/plugin/builder/gui', builder_gui.splash)
async def enable(services):
BaseWorld.apply_config('debrief', BaseWorld.strip_yml('plugins/debrief/conf/default.yml')[0])
app = services.get('app_svc').application
debrief_gui = DebriefGui(services)
app.router.add_static('/debrief', 'plugins/debrief/static/', append_version=True)
app.router.add_static('/logodebrief', 'plugins/debrief/uploads/', append_version=True)
app.router.add_route('GET', '/plugin/debrief/gui', debrief_gui.splash)
app.router.add_route('POST', '/plugin/debrief/report', debrief_gui.report)
app.router.add_route('*', '/plugin/debrief/graph', debrief_gui.graph)
app.router.add_route('POST', '/plugin/debrief/pdf', debrief_gui.download_pdf)
app.router.add_route('POST', '/plugin/debrief/json', debrief_gui.download_json)
app.router.add_route('GET', '/plugin/debrief/logos', debrief_gui.all_logos)
app.router.add_route('POST', '/plugin/debrief/logo', debrief_gui.upload_logo)
def base_world():
BaseWorld.apply_config(
name='main',
config={
'app.foo': 'foo',
'app.bar': 'bar',
'auth.baz': 'not an app. item'
}
)
yield BaseWorld
BaseWorld.clear_config()
def base_world():
BaseWorld.clear_config()
BaseWorld.apply_config(
name='main',
config={
'users': {
'red': {'reduser': '******'},
'blue': {'blueuser': '******'}
}
}
)
yield BaseWorld
BaseWorld.clear_config()
def setup_rest_svc_test(loop, data_svc):
BaseWorld.apply_config(name='main', config={'app.contact.http': '0.0.0.0',
'plugins': ['sandcat', 'stockpile'],
'crypt_salt': 'BLAH',
'api_key': 'ADMIN123',
'encryption_key': 'ADMIN123',
'exfil_dir': '/tmp'})
loop.run_until_complete(data_svc.store(
Ability(ability_id='123', name='testA', executors=[
Executor(name='psh', platform='windows', command='curl #{app.contact.http}')
])
))
loop.run_until_complete(data_svc.store(
Ability(ability_id='456', name='testB', executors=[
Executor(name='sh', platform='linux', command='whoami')
])
))
loop.run_until_complete(data_svc.store(
Ability(ability_id='789', name='testC', executors=[
Executor(name='sh', platform='linux', command='hostname')
])
))
adversary = Adversary(adversary_id='123', name='test', description='test', atomic_ordering=[])
loop.run_until_complete(data_svc.store(adversary))
agent = Agent(paw='123', sleep_min=2, sleep_max=8, watchdog=0, executors=['pwsh', 'psh'], platform='windows')
loop.run_until_complete(data_svc.store(agent))
loop.run_until_complete(data_svc.store(
Objective(id='495a9828-cab1-44dd-a0ca-66e58177d8cc', name='default', goals=[Goal()])
))
loop.run_until_complete(data_svc.store(
Planner(planner_id='123', name='test', module='test', params=dict())
))
source = Source(id='123', name='test', facts=[], adjustments=[])
loop.run_until_complete(data_svc.store(source))
loop.run_until_complete(data_svc.store(
Operation(name='test', agents=[agent], adversary=adversary, id='123', source=source)
))
loop.run_until_complete(data_svc.store(
Obfuscator(name='plain-text',
description='Does no obfuscation to any command, instead running it in plain text',
module='plugins.stockpile.app.obfuscators.plain_text')
))
def base_world():
BaseWorld.clear_config()
BaseWorld.apply_config(
name='main',
config={
CONFIG_API_KEY_RED: 'abc123',
'users': {
'red': {'reduser': '******'},
'blue': {'blueuser': '******'}
}
}
)
yield BaseWorld
BaseWorld.clear_config()
def base_world():
main_conf = {
'app.contact.dns.domain': 'mycaldera.caldera',
'app.contact.dns.socket': '0.0.0.0:8853',
'app.contact.html': '/weather',
'app.contact.http': 'http://0.0.0.0:8888',
'app.contact.tcp': '0.0.0.0:7010',
'app.contact.tunnel.ssh.socket': '0.0.0.0:8022',
'app.contact.udp': '0.0.0.0:7013',
'app.contact.websocket': '0.0.0.0:7012',
'exfil_dir': '/tmp/caldera',
'plugins': ['stockpile', 'atomic'],
'reports_dir': '/tmp',
'host': '0.0.0.0',
'auth.login.handler.module': 'default',
'users': {
'red': {
'red': 'password-foo'
},
'blue': {
'blue': 'password-bar'
}
}
}
agents_conf = {
'sleep_min': '30',
'sleep_max': '60',
'untrusted_timer': '90',
'watchdog': '0',
'implant_name': 'splunkd',
'deadman_abilities': ['this-is-a-fake-ability'],
'bootstrap_abilities': ['this-is-another-fake-ability']
}
BaseWorld.clear_config()
BaseWorld.apply_config('main', main_conf)
BaseWorld.apply_config('agents', agents_conf)
yield BaseWorld
BaseWorld.clear_config()
def setup_rest_svc_test(loop, data_svc):
BaseWorld.apply_config(name='default',
config={
'app.contact.http': '0.0.0.0',
'plugins': ['sandcat', 'stockpile'],
'crypt_salt': 'BLAH',
'api_key': 'ADMIN123',
'exfil_dir': '/tmp'
})
loop.run_until_complete(
data_svc.store(
Ability(ability_id='123',
test=BaseWorld.encode_string('curl #{app.contact.http}'),
variations=[])))
loop.run_until_complete(
data_svc.store(
Adversary(adversary_id='123',
name='test',
description='test',
phases=[])))
def base_world():
BaseWorld.clear_config()
BaseWorld.apply_config(name='main', config={'app.contact.ftp.host': '0.0.0.0',
'app.contact.ftp.port': '2222',
'app.contact.ftp.pword': 'caldera',
'app.contact.ftp.server.dir': 'ftp_dir',
'app.contact.ftp.user': '******',
'plugins': ['sandcat', 'stockpile'],
'crypt_salt': 'BLAH',
'api_key': 'ADMIN123',
'encryption_key': 'ADMIN123'})
BaseWorld.apply_config(name='agents', config={'sleep_max': 5,
'sleep_min': 5,
'untrusted_timer': 90,
'watchdog': 0,
'implant_name': 'splunkd',
'bootstrap_abilities': [
'43b3754c-def4-4699-a673-1d85648fda6a'
]})
yield BaseWorld
BaseWorld.clear_config()
def base_world():
BaseWorld.apply_config(
name='main',
config={
CONFIG_API_KEY_RED: cakr,
'users': {
'red': {
'reduser': '******'
},
'blue': {
'blueuser': '******'
}
},
'crypt_salt':
'thisisdefinitelynotkosher', # Salt for file service instantiation
'encryption_key':
'andneitheristhis' # fake encryption key for file service instantiation
})
yield BaseWorld
BaseWorld.clear_config()
def init_base_world():
with open(os.path.join(CONFIG_DIR, 'default.yml')) as c:
BaseWorld.apply_config('main', yaml.load(c, Loader=yaml.FullLoader))
BaseWorld.apply_config(
'agents',
BaseWorld.strip_yml(os.path.join(CONFIG_DIR, 'agents.yml'))[0])
BaseWorld.apply_config(
'payloads',
BaseWorld.strip_yml(os.path.join(CONFIG_DIR, 'payloads.yml'))[0])
async def initialize():
with open(Path(__file__).parents[1] / 'conf' / 'default.yml',
'r') as fle:
BaseWorld.apply_config('main', yaml.safe_load(fle))
with open(Path(__file__).parents[1] / 'conf' / 'payloads.yml',
'r') as fle:
BaseWorld.apply_config('payloads', yaml.safe_load(fle))
app_svc = AppService(web.Application(client_max_size=5120**2))
_ = DataService()
_ = RestService()
_ = PlanningService()
_ = LearningService()
auth_svc = AuthService()
_ = FileSvc()
_ = EventService()
services = app_svc.get_services()
os.chdir(str(Path(__file__).parents[1]))
_ = await RestApi(services).enable()
await app_svc.register_contacts()
await auth_svc.apply(app_svc.application, auth_svc.get_config('users'))
await auth_svc.set_login_handlers(services)
app_svc.register_subapp('/api/v2', make_app(svcs=services))
aiohttp_apispec.setup_aiohttp_apispec(app=app_svc.application,
title='CALDERA',
version=version.get_version(),
swagger_path='/api/docs',
url='/api/docs/swagger.json',
static_path='/static/swagger')
app_svc.application.middlewares.append(
apispec_request_validation_middleware)
app_svc.application.middlewares.append(validation_middleware)
return app_svc
parser = argparse.ArgumentParser('Welcome to the system')
parser.add_argument('-E',
'--environment',
required=False,
default='local',
help='Select an env. file to use')
parser.add_argument('--fresh',
action='store_true',
required=False,
default=False,
help='remove object_store on start')
args = parser.parse_args()
config = args.environment if pathlib.Path(
'conf/%s.yml' % args.environment).exists() else 'default'
with open('conf/%s.yml' % config) as c:
BaseWorld.apply_config(yaml.load(c, Loader=yaml.FullLoader))
data_svc = DataService()
contact_svc = ContactService(
BaseWorld.strip_yml('conf/agents.yml')[0]['agent_config'])
planning_svc = PlanningService()
rest_svc = RestService()
auth_svc = AuthService()
file_svc = FileSvc(
BaseWorld.strip_yml('conf/payloads.yml')[0]['payload_config'])
learning_svc = LearningService()
app_svc = AppService(application=web.Application())
if args.fresh:
asyncio.get_event_loop().run_until_complete(data_svc.destroy())
run_tasks(services=app_svc.get_services())
def reset_config(self):
BaseWorld.apply_config(**self.default_config)
yield
BaseWorld._app_configuration = dict()
async def enable(services):
BaseWorld.apply_config(
'build',
BaseWorld.strip_yml('plugins/builder/conf/environments.yml')[0])
build_svc = BuildService(services)
await build_svc.stage_enabled_dockers()
'Start caldera with insecure default config values. Equivalent to "-E default".'
)
args = parser.parse_args()
setup_logger(getattr(logging, args.logLevel))
if args.insecure:
logging.warning(
'--insecure flag set. Caldera will use the default.yml config file.'
)
args.environment = 'default'
elif args.environment == 'local':
ensure_local_config()
main_config_path = 'conf/%s.yml' % args.environment
BaseWorld.apply_config('main', BaseWorld.strip_yml(main_config_path)[0])
logging.info('Using main config from %s' % main_config_path)
BaseWorld.apply_config('agents', BaseWorld.strip_yml('conf/agents.yml')[0])
BaseWorld.apply_config('payloads',
BaseWorld.strip_yml('conf/payloads.yml')[0])
data_svc = DataService()
knowledge_svc = KnowledgeService()
contact_svc = ContactService()
planning_svc = PlanningService(global_variable_owners=[
Executor, Agent, Link, AppConfigGlobalVariableIdentifier
])
rest_svc = RestService()
auth_svc = AuthService()
file_svc = FileSvc()
learning_svc = LearningService()
def init_base_world():
with open('conf/default.yml') as c:
BaseWorld.apply_config('main', yaml.load(c, Loader=yaml.FullLoader))
BaseWorld.apply_config('agents', BaseWorld.strip_yml('conf/agents.yml')[0])
BaseWorld.apply_config('payloads',
BaseWorld.strip_yml('conf/payloads.yml')[0])
setup_logger()
parser = argparse.ArgumentParser('Welcome to the system')
parser.add_argument('-E',
'--environment',
required=False,
default='local',
help='Select an env. file to use')
parser.add_argument('--fresh',
action='store_true',
required=False,
default=False,
help='remove object_store on start')
args = parser.parse_args()
config = args.environment if pathlib.Path(
'conf/%s.yml' % args.environment).exists() else 'default'
BaseWorld.apply_config('default',
BaseWorld.strip_yml('conf/%s.yml' % config)[0])
BaseWorld.apply_config('agents', BaseWorld.strip_yml('conf/agents.yml')[0])
BaseWorld.apply_config('payloads',
BaseWorld.strip_yml('conf/payloads.yml')[0])
data_svc = DataService()
contact_svc = ContactService()
planning_svc = PlanningService()
rest_svc = RestService()
auth_svc = AuthService()
file_svc = FileSvc()
learning_svc = LearningService()
app_svc = AppService(application=web.Application())
if args.fresh:
asyncio.get_event_loop().run_until_complete(data_svc.destroy())
