The privilege escalation action should work as follows.
Input: IP address or hostname
Implementation:
This should be implemented by running "sudo" on the victim machine.
We assume that in order to run this action, the attacker has previously established an ssh connection to the victim machine; currently, the only way to establish this ssh connection is for the attacker to run the "exploit network services" action.
After running sudo, we need to return the result of running "explore host" on the victim machine. This should result in a collection of tuples of the form "interface name" : "ip address". For instance, "enp0s8" : "10.10.20.11". We can ensure that each node has this expected information by explicitly installing routes onto each node (the expected routes are listed in the CybORG scenario configuration file and can be added either in the Heat template (long-term preferred solution).
Output: success/failure and outcome of explore host {interface: IpAdddress}. This should result in a collection of tuples of the form {"interface name" : "ip address"}. For instance, {"enp0s8" : "10.10.20.11"}.
balasub
commented
1 week ago
The privilege escalation action should work as follows.
Input: IP address or hostname
Implementation:
Output: success/failure and outcome of explore host {interface: IpAdddress}. This should result in a collection of tuples of the form {"interface name" : "ip address"}. For instance, {"enp0s8" : "10.10.20.11"}.