Skip to content

Commit

Permalink
Merge branch 'premaster'
Browse files Browse the repository at this point in the history
  • Loading branch information
mfthomps committed Dec 23, 2022
2 parents bd1abed + a2aec4c commit d5d2b5c
Show file tree
Hide file tree
Showing 7 changed files with 68 additions and 2 deletions.
4 changes: 4 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,10 @@ The installation script and the update-designer.sh script set environment variab
so you may want to logout/login, or start a new bash shell before using Labtainers the
first time.

December 21, 2022
- Fix xforge results criteria to not expect pathname, and add check to see if POST issued to edit profile. And fix attacker
http server to run from the home directory.

December 19, 2022
- Add strace lab to introduce system call tracing.
- X11 DISPLAY value was incorrect if multiple devices in the /tmp/.X11-unix directory.
Expand Down
Binary file modified docs/labdesigner/labdesigner.pdf
Binary file not shown.
38 changes: 38 additions & 0 deletions docs/labdesigner/labdesigner.tex
Original file line number Diff line number Diff line change
Expand Up @@ -3143,6 +3143,44 @@ \subsection{SimLab application notes}

Firefox is brittle when it restarts. See the {\tt fixfirefox.txt} SimLab script for the snort lab
for an example of avoiding errors when Firefox restarts.
\subsection{Common x11 keys}
Here's the common ones:

\begin{verbatim}
Home → Home
End → End
PageUp → Prior
PageDown → Next
↑ arrow → Up
↓ arrow → Down
→ arrow → Right
← arrow → Left
Return → Return
Space → space
Tab → Tab
Backspace ⌫ → Backspace
Delete ⌦ → Delete
Escape → Escape
F1 → F1
F2 → F2
F3 → F3
▤ Menu → Menu
PrintScreen → Print
ScrollLock → Scroll_Lock
Pause → Pause/Break
NumLock → Num_Lock
keypad + → KP_Add
keypad - → KP_Subtract
keypad * → KP_Multiply
keypad / → KP_Divide
keypad enter → KP_Enter
keypad . → KP_Decimal
keypad 0 → KP_0
keypad 1 → KP_1
keypad 2 → KP_2
\end{verbatim}


\subsection{Regression testing with smoketest.py}
\label{smoketest}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ Description=HTTP Service
[Service]
Type=simple
ExecStart=/home/attacker/MyHTTPServer.py
WorkingDirectory=/home/attacker/
StandardOutput=null

[Install]
Expand Down
6 changes: 4 additions & 2 deletions labs/xforge/instr_config/results.config
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
# results.config
#
# DOC: Determines if student configured the attacker site with the Elgg add friend function
# DOC: by checking the logs on the vulnerable website.
friend_get = vuln-site:/var/www/csrflabelgg.com/requests.log : FILE_REGEX_TS : 172.25.0.2.*GET \/action\/friends\/add\?friend=40 HTTP\/1\.1.*302.*http:\/\/www\.csrflabattacker\.com\/home\/attacker.*
# by checking the logs on the vulnerable website.
friend_get = vuln-site:/var/www/csrflabelgg.com/requests.log : FILE_REGEX_TS : 172.25.0.2.*GET \/action\/friends\/add\?friend=40 HTTP\/1\.1.*302.*http:\/\/www\.csrflabattacker\.com.*
# DOC: Was there a POST to edit a profile coming from bobby's IP?
post_profile = vuln-site:/var/www/csrflabelgg.com/requests.log : FILE_REGEX_TS : 172.25.0.3.*POST \/action\/profile\/edit HTTP/1.1" 302 - "http:\/\/www.csrflabattacker.com.*
20 changes: 20 additions & 0 deletions scripts/labtainer-student/bin/checkwork
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,8 @@ import logging
import LabtainerLogging
import CurrentLab
import argparse
import subprocess
import shlex
import imp
here = os.path.dirname(os.path.abspath(__file__))
lab_bin_dir = os.path.join(here, '../lab_bin')
Expand All @@ -57,6 +59,23 @@ orig_dir=os.getcwd()
os.chdir(student_dir)
gradelab = imp.load_source('gradelab', grade_lab_path)

def checkRunning(logger):
command = "docker ps"
logger.debug("GetListRunningLab Command to execute is (%s)" % command)
ps = subprocess.Popen(shlex.split(command), stdout=subprocess.PIPE,stderr=subprocess.PIPE)
output = ps.communicate()
if len(output[1].decode('utf-8').strip()) > 0:
logger.error('Fail to get a list of running containers, error returned %s' % output[1].decode('utf-8'))
sys.exit(1)
if len(output[0].decode('utf-8')) > 0:
docker_ps_output = output[0].decode('utf-8').split('\n')
for line in docker_ps_output:
if len(line.strip()) > 0:
name = line.split()[-1]
if name.endswith('-igrader'):
print('%s is currently running, it will be stopped before a new checkwork is started.' % (name))
cmd = 'docker stop %s' % name
labutils.DockerCmd(cmd)

def main():
parser = argparse.ArgumentParser(description='Check your work for a lab. If no lab name is given, the currently running lab is checked')
Expand All @@ -66,6 +85,7 @@ def main():
labname = None
lablist = []
labutils.logger = LabtainerLogging.LabtainerLogging("/tmp/checkwork.log", 'checkwork', "../../config/labtainer.config")
checkRunning(labutils.logger)
lablist = labutils.GetListRunningLab()
if args.lab is not None:
labname = args.lab
Expand Down
1 change: 1 addition & 0 deletions testsets/bin/skip_test.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
metasploit
cyberciege
pubkey
xforge

0 comments on commit d5d2b5c

Please sign in to comment.