def dns_contact_base_world(): BaseWorld.apply_config(name='main', config={ 'app.contact.dns.domain': 'mycaldera.caldera', 'app.contact.dns.socket': '0.0.0.0:53', 'plugins': ['sandcat', 'stockpile'], 'crypt_salt': 'BLAH', 'api_key': 'ADMIN123', 'encryption_key': 'ADMIN123', 'exfil_dir': '/tmp' }) BaseWorld.apply_config(name='agents', config={ 'sleep_max': 5, 'sleep_min': 5, 'untrusted_timer': 90, 'watchdog': 0, 'implant_name': 'splunkd', 'bootstrap_abilities': ['43b3754c-def4-4699-a673-1d85648fda6a'] })
def ssh_contact_base_world(): BaseWorld.apply_config(name='main', config={ 'app.contact.tunnel.ssh.user_name': 'sandcat', 'app.contact.tunnel.ssh.user_password': '******', 'app.contact.tunnel.ssh.socket': '0.0.0.0:8122', 'app.contact.tunnel.ssh.host_key_file': 'REPLACE_WITH_KEY_FILE_PATH,', 'app.contact.tunnel.ssh.host_key_passphrase': 'REPLACE_WITH_KEY_FILE_PASSPHRASE', 'plugins': ['sandcat', 'stockpile'], 'crypt_salt': 'BLAH', 'api_key': 'ADMIN123', 'encryption_key': 'ADMIN123', 'exfil_dir': '/tmp' }) BaseWorld.apply_config(name='agents', config={ 'sleep_max': 5, 'sleep_min': 5, 'untrusted_timer': 90, 'watchdog': 0, 'implant_name': 'splunkd', 'bootstrap_abilities': ['43b3754c-def4-4699-a673-1d85648fda6a'] })
def setup_rest_svc_test(loop, data_svc): BaseWorld.apply_config(name='default', config={ 'app.contact.http': '0.0.0.0', 'plugins': ['sandcat', 'stockpile'], 'crypt_salt': 'BLAH', 'api_key': 'ADMIN123', 'encryption_key': 'ADMIN123', 'exfil_dir': '/tmp' }) loop.run_until_complete( data_svc.store( Ability(ability_id='123', test=BaseWorld.encode_string('curl #{app.contact.http}'), variations=[]))) loop.run_until_complete( data_svc.store( Adversary(adversary_id='123', name='test', description='test', phases=[]))) loop.run_until_complete( data_svc.store(Agent(paw='123', sleep_min=2, sleep_max=8, watchdog=0))) loop.run_until_complete( data_svc.store( Planner(planner_id='123', name='test', module='test', params=dict()))) loop.run_until_complete( data_svc.store(Source(identifier='123', name='test', facts=[])))
async def initialize(): with open(Path(__file__).parents[2] / 'conf' / 'default.yml', 'r') as fle: BaseWorld.apply_config('main', yaml.safe_load(fle)) with open(Path(__file__).parents[2] / 'conf' / 'payloads.yml', 'r') as fle: BaseWorld.apply_config('payloads', yaml.safe_load(fle)) app_svc = AppService(web.Application()) _ = DataService() _ = RestService() _ = PlanningService() _ = LearningService() auth_svc = AuthService() _ = ContactService() _ = FileSvc() services = app_svc.get_services() os.chdir(str(Path(__file__).parents[2])) await app_svc.register_contacts() await app_svc.load_plugins(['sandcat', 'ssl']) _ = await RestApi(services).enable() await auth_svc.apply(app_svc.application, auth_svc.get_config('users')) await auth_svc.set_login_handlers(services) return app_svc.application
def dns_c2(loop, app_svc, contact_svc, data_svc, obfuscator): BaseWorld.apply_config(name='main', config={ 'app.contact.dns.domain': 'mycaldera.caldera', 'app.contact.dns.socket': '0.0.0.0:53', 'plugins': ['sandcat', 'stockpile'], 'crypt_salt': 'BLAH', 'api_key': 'ADMIN123', 'encryption_key': 'ADMIN123', 'exfil_dir': '/tmp' }) BaseWorld.apply_config(name='agents', config={ 'sleep_max': 5, 'sleep_min': 5, 'untrusted_timer': 90, 'watchdog': 0, 'implant_name': 'splunkd', 'bootstrap_abilities': ['43b3754c-def4-4699-a673-1d85648fda6a'] }) services = app_svc(loop).get_services() dns_c2 = DnsContact(services) return dns_c2
def base_world(app_config, agent_config): BaseWorld.clear_config() BaseWorld.apply_config('main', app_config) BaseWorld.apply_config('agents', agent_config) yield BaseWorld BaseWorld.clear_config()
def test_apply_and_retrieve_config(self): new_config = dict(name='newconfig', config={ 'app.unit.test': 'abcd12345', 'plugins': ['stockpile'] }) BaseWorld.apply_config(**new_config) assert BaseWorld.get_config(name='newconfig') == new_config['config']
def setup_rest_svc_test(loop, data_svc): BaseWorld.apply_config(name='main', config={ 'app.contact.http': '0.0.0.0', 'plugins': ['sandcat', 'stockpile'], 'crypt_salt': 'BLAH', 'api_key': 'ADMIN123', 'encryption_key': 'ADMIN123', 'exfil_dir': '/tmp' }) loop.run_until_complete( data_svc.store( Ability(ability_id='123', test=BaseWorld.encode_string('curl #{app.contact.http}'), variations=[], executor='psh', platform='windows'))) adversary = Adversary(adversary_id='123', name='test', description='test', atomic_ordering=[]) loop.run_until_complete(data_svc.store(adversary)) agent = Agent(paw='123', sleep_min=2, sleep_max=8, watchdog=0, executors=['pwsh', 'psh'], platform='windows') loop.run_until_complete(data_svc.store(agent)) loop.run_until_complete( data_svc.store( Planner(planner_id='123', name='test', module='test', params=dict()))) source = Source(id='123', name='test', facts=[], adjustments=[]) loop.run_until_complete(data_svc.store(source)) loop.run_until_complete( data_svc.store( Operation(name='test', agents=[agent], adversary=adversary, id='123', source=source))) loop.run_until_complete( data_svc.store( Obfuscator( name='plain-text', description= 'Does no obfuscation to any command, instead running it in plain text', module='plugins.stockpile.app.obfuscators.plain_text')))
async def enable(services): BaseWorld.apply_config('response', BaseWorld.strip_yml('plugins/response/conf/response.yml')[0]) response_svc = ResponseService(services) app = services.get('app_svc').application app.router.add_route('GET', '/plugin/responder/gui', response_svc.splash) app.router.add_route('POST', '/plugin/responder/update', response_svc.update_responder) _register_agent('1837b43e-4fff-46b2-a604-a602f7540469') # Elasticat agent await response_svc.register_handler(services.get('event_svc'))
async def enable(services): BaseWorld.apply_config('gameboard', BaseWorld.strip_yml('plugins/gameboard/conf/gameboard.yml')[0]) gameboard_svc = GameboardService(services) gameboard_api = GameboardApi(services) app = services.get('app_svc').application app.router.add_route('GET', '/plugin/gameboard/gui', gameboard_api.splash) app.router.add_route('POST', '/plugin/gameboard/pieces', gameboard_api.get_pieces) app.router.add_route('POST', '/plugin/gameboard/pin', gameboard_api.update_pin) app.router.add_route('POST', '/plugin/gameboard/analytic', gameboard_api.analytic) app.router.add_route('POST', '/plugin/gameboard/detection', gameboard_api.verify_detection)
def test_retrieve_config(self, loop, app_svc): BaseWorld.apply_config(name='main', config={'app.contact.gist': 'arandomkeythatisusedtoconnecttogithubapi', 'plugins': ['sandcat', 'stockpile'], 'crypt_salt': 'BLAH', 'api_key': 'ADMIN123', 'encryption_key': 'ADMIN123', 'exfil_dir': '/tmp'}) gist_c2 = Gist(app_svc(loop).get_services()) loop.run_until_complete(gist_c2.start()) assert gist_c2.retrieve_config() == 'arandomkeythatisusedtoconnecttogithubapi'
def setUp(self): self.initialize() BaseWorld.apply_config({ 'app.contact.http': '0.0.0.0', 'plugins': ['sandcat', 'stockpile'] }) self.run_async( self.data_svc.store( Ability( ability_id='123', test=BaseWorld.encode_string('curl #{app.contact.http}'))))
async def enable(services): environments = BaseWorld.strip_yml( 'plugins/builder/conf/environments.yml')[0] BaseWorld.apply_config('build', environments) build_svc = BuildService(services) await build_svc.stage_enabled_dockers() envs = environments['enabled'] builder_gui = BuilderGUI(services, name, description, envs) app = services.get('app_svc').application app.router.add_route('GET', '/plugin/builder/gui', builder_gui.splash)
async def enable(services): BaseWorld.apply_config('debrief', BaseWorld.strip_yml('plugins/debrief/conf/default.yml')[0]) app = services.get('app_svc').application debrief_gui = DebriefGui(services) app.router.add_static('/debrief', 'plugins/debrief/static/', append_version=True) app.router.add_static('/logodebrief', 'plugins/debrief/uploads/', append_version=True) app.router.add_route('GET', '/plugin/debrief/gui', debrief_gui.splash) app.router.add_route('POST', '/plugin/debrief/report', debrief_gui.report) app.router.add_route('*', '/plugin/debrief/graph', debrief_gui.graph) app.router.add_route('POST', '/plugin/debrief/pdf', debrief_gui.download_pdf) app.router.add_route('POST', '/plugin/debrief/json', debrief_gui.download_json) app.router.add_route('GET', '/plugin/debrief/logos', debrief_gui.all_logos) app.router.add_route('POST', '/plugin/debrief/logo', debrief_gui.upload_logo)
def base_world(): BaseWorld.apply_config( name='main', config={ 'app.foo': 'foo', 'app.bar': 'bar', 'auth.baz': 'not an app. item' } ) yield BaseWorld BaseWorld.clear_config()
def base_world(): BaseWorld.clear_config() BaseWorld.apply_config( name='main', config={ 'users': { 'red': {'reduser': '******'}, 'blue': {'blueuser': '******'} } } ) yield BaseWorld BaseWorld.clear_config()
def setup_rest_svc_test(loop, data_svc): BaseWorld.apply_config(name='main', config={'app.contact.http': '0.0.0.0', 'plugins': ['sandcat', 'stockpile'], 'crypt_salt': 'BLAH', 'api_key': 'ADMIN123', 'encryption_key': 'ADMIN123', 'exfil_dir': '/tmp'}) loop.run_until_complete(data_svc.store( Ability(ability_id='123', name='testA', executors=[ Executor(name='psh', platform='windows', command='curl #{app.contact.http}') ]) )) loop.run_until_complete(data_svc.store( Ability(ability_id='456', name='testB', executors=[ Executor(name='sh', platform='linux', command='whoami') ]) )) loop.run_until_complete(data_svc.store( Ability(ability_id='789', name='testC', executors=[ Executor(name='sh', platform='linux', command='hostname') ]) )) adversary = Adversary(adversary_id='123', name='test', description='test', atomic_ordering=[]) loop.run_until_complete(data_svc.store(adversary)) agent = Agent(paw='123', sleep_min=2, sleep_max=8, watchdog=0, executors=['pwsh', 'psh'], platform='windows') loop.run_until_complete(data_svc.store(agent)) loop.run_until_complete(data_svc.store( Objective(id='495a9828-cab1-44dd-a0ca-66e58177d8cc', name='default', goals=[Goal()]) )) loop.run_until_complete(data_svc.store( Planner(planner_id='123', name='test', module='test', params=dict()) )) source = Source(id='123', name='test', facts=[], adjustments=[]) loop.run_until_complete(data_svc.store(source)) loop.run_until_complete(data_svc.store( Operation(name='test', agents=[agent], adversary=adversary, id='123', source=source) )) loop.run_until_complete(data_svc.store( Obfuscator(name='plain-text', description='Does no obfuscation to any command, instead running it in plain text', module='plugins.stockpile.app.obfuscators.plain_text') ))
def base_world(): BaseWorld.clear_config() BaseWorld.apply_config( name='main', config={ CONFIG_API_KEY_RED: 'abc123', 'users': { 'red': {'reduser': '******'}, 'blue': {'blueuser': '******'} } } ) yield BaseWorld BaseWorld.clear_config()
def base_world(): main_conf = { 'app.contact.dns.domain': 'mycaldera.caldera', 'app.contact.dns.socket': '0.0.0.0:8853', 'app.contact.html': '/weather', 'app.contact.http': 'http://0.0.0.0:8888', 'app.contact.tcp': '0.0.0.0:7010', 'app.contact.tunnel.ssh.socket': '0.0.0.0:8022', 'app.contact.udp': '0.0.0.0:7013', 'app.contact.websocket': '0.0.0.0:7012', 'exfil_dir': '/tmp/caldera', 'plugins': ['stockpile', 'atomic'], 'reports_dir': '/tmp', 'host': '0.0.0.0', 'auth.login.handler.module': 'default', 'users': { 'red': { 'red': 'password-foo' }, 'blue': { 'blue': 'password-bar' } } } agents_conf = { 'sleep_min': '30', 'sleep_max': '60', 'untrusted_timer': '90', 'watchdog': '0', 'implant_name': 'splunkd', 'deadman_abilities': ['this-is-a-fake-ability'], 'bootstrap_abilities': ['this-is-another-fake-ability'] } BaseWorld.clear_config() BaseWorld.apply_config('main', main_conf) BaseWorld.apply_config('agents', agents_conf) yield BaseWorld BaseWorld.clear_config()
def setup_rest_svc_test(loop, data_svc): BaseWorld.apply_config(name='default', config={ 'app.contact.http': '0.0.0.0', 'plugins': ['sandcat', 'stockpile'], 'crypt_salt': 'BLAH', 'api_key': 'ADMIN123', 'exfil_dir': '/tmp' }) loop.run_until_complete( data_svc.store( Ability(ability_id='123', test=BaseWorld.encode_string('curl #{app.contact.http}'), variations=[]))) loop.run_until_complete( data_svc.store( Adversary(adversary_id='123', name='test', description='test', phases=[])))
def base_world(): BaseWorld.clear_config() BaseWorld.apply_config(name='main', config={'app.contact.ftp.host': '0.0.0.0', 'app.contact.ftp.port': '2222', 'app.contact.ftp.pword': 'caldera', 'app.contact.ftp.server.dir': 'ftp_dir', 'app.contact.ftp.user': '******', 'plugins': ['sandcat', 'stockpile'], 'crypt_salt': 'BLAH', 'api_key': 'ADMIN123', 'encryption_key': 'ADMIN123'}) BaseWorld.apply_config(name='agents', config={'sleep_max': 5, 'sleep_min': 5, 'untrusted_timer': 90, 'watchdog': 0, 'implant_name': 'splunkd', 'bootstrap_abilities': [ '43b3754c-def4-4699-a673-1d85648fda6a' ]}) yield BaseWorld BaseWorld.clear_config()
def base_world(): BaseWorld.apply_config( name='main', config={ CONFIG_API_KEY_RED: cakr, 'users': { 'red': { 'reduser': '******' }, 'blue': { 'blueuser': '******' } }, 'crypt_salt': 'thisisdefinitelynotkosher', # Salt for file service instantiation 'encryption_key': 'andneitheristhis' # fake encryption key for file service instantiation }) yield BaseWorld BaseWorld.clear_config()
def init_base_world(): with open(os.path.join(CONFIG_DIR, 'default.yml')) as c: BaseWorld.apply_config('main', yaml.load(c, Loader=yaml.FullLoader)) BaseWorld.apply_config( 'agents', BaseWorld.strip_yml(os.path.join(CONFIG_DIR, 'agents.yml'))[0]) BaseWorld.apply_config( 'payloads', BaseWorld.strip_yml(os.path.join(CONFIG_DIR, 'payloads.yml'))[0])
async def initialize(): with open(Path(__file__).parents[1] / 'conf' / 'default.yml', 'r') as fle: BaseWorld.apply_config('main', yaml.safe_load(fle)) with open(Path(__file__).parents[1] / 'conf' / 'payloads.yml', 'r') as fle: BaseWorld.apply_config('payloads', yaml.safe_load(fle)) app_svc = AppService(web.Application(client_max_size=5120**2)) _ = DataService() _ = RestService() _ = PlanningService() _ = LearningService() auth_svc = AuthService() _ = FileSvc() _ = EventService() services = app_svc.get_services() os.chdir(str(Path(__file__).parents[1])) _ = await RestApi(services).enable() await app_svc.register_contacts() await auth_svc.apply(app_svc.application, auth_svc.get_config('users')) await auth_svc.set_login_handlers(services) app_svc.register_subapp('/api/v2', make_app(svcs=services)) aiohttp_apispec.setup_aiohttp_apispec(app=app_svc.application, title='CALDERA', version=version.get_version(), swagger_path='/api/docs', url='/api/docs/swagger.json', static_path='/static/swagger') app_svc.application.middlewares.append( apispec_request_validation_middleware) app_svc.application.middlewares.append(validation_middleware) return app_svc
parser = argparse.ArgumentParser('Welcome to the system') parser.add_argument('-E', '--environment', required=False, default='local', help='Select an env. file to use') parser.add_argument('--fresh', action='store_true', required=False, default=False, help='remove object_store on start') args = parser.parse_args() config = args.environment if pathlib.Path( 'conf/%s.yml' % args.environment).exists() else 'default' with open('conf/%s.yml' % config) as c: BaseWorld.apply_config(yaml.load(c, Loader=yaml.FullLoader)) data_svc = DataService() contact_svc = ContactService( BaseWorld.strip_yml('conf/agents.yml')[0]['agent_config']) planning_svc = PlanningService() rest_svc = RestService() auth_svc = AuthService() file_svc = FileSvc( BaseWorld.strip_yml('conf/payloads.yml')[0]['payload_config']) learning_svc = LearningService() app_svc = AppService(application=web.Application()) if args.fresh: asyncio.get_event_loop().run_until_complete(data_svc.destroy()) run_tasks(services=app_svc.get_services())
def reset_config(self): BaseWorld.apply_config(**self.default_config) yield BaseWorld._app_configuration = dict()
async def enable(services): BaseWorld.apply_config( 'build', BaseWorld.strip_yml('plugins/builder/conf/environments.yml')[0]) build_svc = BuildService(services) await build_svc.stage_enabled_dockers()
'Start caldera with insecure default config values. Equivalent to "-E default".' ) args = parser.parse_args() setup_logger(getattr(logging, args.logLevel)) if args.insecure: logging.warning( '--insecure flag set. Caldera will use the default.yml config file.' ) args.environment = 'default' elif args.environment == 'local': ensure_local_config() main_config_path = 'conf/%s.yml' % args.environment BaseWorld.apply_config('main', BaseWorld.strip_yml(main_config_path)[0]) logging.info('Using main config from %s' % main_config_path) BaseWorld.apply_config('agents', BaseWorld.strip_yml('conf/agents.yml')[0]) BaseWorld.apply_config('payloads', BaseWorld.strip_yml('conf/payloads.yml')[0]) data_svc = DataService() knowledge_svc = KnowledgeService() contact_svc = ContactService() planning_svc = PlanningService(global_variable_owners=[ Executor, Agent, Link, AppConfigGlobalVariableIdentifier ]) rest_svc = RestService() auth_svc = AuthService() file_svc = FileSvc() learning_svc = LearningService()
def init_base_world(): with open('conf/default.yml') as c: BaseWorld.apply_config('main', yaml.load(c, Loader=yaml.FullLoader)) BaseWorld.apply_config('agents', BaseWorld.strip_yml('conf/agents.yml')[0]) BaseWorld.apply_config('payloads', BaseWorld.strip_yml('conf/payloads.yml')[0])
setup_logger() parser = argparse.ArgumentParser('Welcome to the system') parser.add_argument('-E', '--environment', required=False, default='local', help='Select an env. file to use') parser.add_argument('--fresh', action='store_true', required=False, default=False, help='remove object_store on start') args = parser.parse_args() config = args.environment if pathlib.Path( 'conf/%s.yml' % args.environment).exists() else 'default' BaseWorld.apply_config('default', BaseWorld.strip_yml('conf/%s.yml' % config)[0]) BaseWorld.apply_config('agents', BaseWorld.strip_yml('conf/agents.yml')[0]) BaseWorld.apply_config('payloads', BaseWorld.strip_yml('conf/payloads.yml')[0]) data_svc = DataService() contact_svc = ContactService() planning_svc = PlanningService() rest_svc = RestService() auth_svc = AuthService() file_svc = FileSvc() learning_svc = LearningService() app_svc = AppService(application=web.Application()) if args.fresh: asyncio.get_event_loop().run_until_complete(data_svc.destroy())