def new_machine(scenario_id):
if request.method == 'POST':
form = NewMachineForm(request.form)
logger.info(request.form)
if not form.validate() or not is_pyro_running():
flash_form_errors(form)
os_list = OS.query.all()
exploits, vulns = get_files_from_scenario(scenario_id)
return render_template('configMachine.html',
scenario_id=scenario_id,
os_list=os_list,
machine_types=MachineTypeEnum,
network_types=NetworkTypeEnum,
form=form,
exploits=exploits,
vulns=vulns)
rdp_ip = get_rdp_ip()
machine = Machine(name=form.name.data,
machine_ip='',
rdp_ip=rdp_ip,
rdp_port=5000,
machine_type=form.machine_type.data,
processors=form.processors.data,
memory=form.memory.data,
scenario_id=scenario_id,
os_id=form.vm_os.data,
network_type=form.network_type.data,
cmd_line=form.cmd_line.data,
cmd_order=form.cmd_order.data)
if form.network_name:
machine.network_name = form.network_name.data
files = get_files(form.exploits.data, form.vulns.data)
machine.file = files
db.session.add(machine)
db.session.commit()
scenario = Scenario.query.filter_by(id=scenario_id).first()
machine1 = Machine.query.filter_by(id=machine.id).first()
machine1.machine_ip = machine_gen.generate_ip(scenario.id, machine1.id)
machine1.rdp_port = machine_gen.generate_port(machine.id)
db.session.commit()
rdpManager = RDPManager(username=scenario.id, password=scenario.id)
rdpManager.add_connection(name=machine.id,
username=machine.machine_username,
password=machine.machine_password,
hostname=machine.rdp_ip,
port=machine.rdp_port)
connection_id = rdpManager.get_connection_id(str(machine.id))
connection_link = rdpManager.get_connection_link(connection_id)
machine.connection_link = connection_link
machine.connection_id = connection_id
db.session.commit()
flash("Machine created", 'success')
return redirect(url_for('configure', id=scenario_id))
if request.method == 'GET':
is_pyro_running()
os_list = OS.query.all()
exploits, vulns = get_files_from_scenario(scenario_id)
return render_template('configMachine.html',
scenario_id=scenario_id,
os_list=os_list,
machine_types=MachineTypeEnum,
network_types=NetworkTypeEnum,
exploits=exploits,
vulns=vulns)
def new_scenario():
exploits = File.query.filter_by(file_type=FileTypeEnum.pov).all()
vulns = File.query.filter_by(file_type=FileTypeEnum.vuln).all()
if request.method == 'GET':
is_pyro_running()
return render_template('newScenario.html',
exploits=exploits,
vulns=vulns)
else:
form = NewScenarioForm(request.form)
logger.info(request.form)
if not is_pyro_running():
return render_template('newScenario.html',
exploits=exploits,
vulns=vulns,
form=form)
if not form.validate():
logger.info(form.errors)
flash_form_errors(form)
return render_template('newScenario.html',
exploits=exploits,
vulns=vulns,
form=form)
scenario = Scenario(name=form.name.data,
description=form.description.data,
cve_number=form.cve_number.data)
files = get_files(form.exploits.data, form.vulns.data)
scenario.file = files
db.session.add(scenario)
db.session.commit()
rdpManager = RDPManager()
rdpManager.add_user(scenario.id, scenario.id)
guacUser = GuacUser(guac_username=scenario.id,
guac_password=scenario.id,
scenario_id=scenario.id)
db.session.add(guacUser)
db.session.commit()
exploits = form.exploits.data
for index, exploit in enumerate(exploits):
f = File.query.filter_by(name=exploit).first()
if f:
rdp_ip = get_rdp_ip()
os_rec = scenario_gen.generate_os_rec(f)
rec_machine = Machine(name=scenario.name + '-Exploits' +
str(index + 1),
scenario_id=scenario.id,
rdp_ip=rdp_ip)
rec_machine.file.append(f)
db.session.add(rec_machine)
db.session.commit()
machine_gen.generate(scenario, rec_machine, os_rec, vulns)
db.session.commit()
rdpManager = RDPManager(username=scenario.id,
password=scenario.id)
rdpManager.add_connection(
name=rec_machine.id,
username=rec_machine.machine_username,
password=rec_machine.machine_password,
hostname=rec_machine.rdp_ip,
port=rec_machine.rdp_port)
print(scenario.id)
# machine_gen.generate(scenario, rec_machine, os_rec, vulns)
# db.session.commit()
connection_id = rdpManager.get_connection_id(
str(rec_machine.id))
connection_link = rdpManager.get_connection_link(connection_id)
# print(connection_link)
rec_machine.connection_link = connection_link
rec_machine.connection_id = connection_id
db.session.commit()
return redirect(url_for('configure', id=scenario.id))
