Proxy Flask Application skeleton

etz69 commented 6 years ago

Create the Proxy C2 flask application skeleton. It should support:

Virtualenv (Python 3.0)
SQLAlchemy with support for SQLite, MySQL at least
Initialization scripts
Authentication
[ ] Skeleton structure
[ ] Init scripts
[ ] CRUD
[ ] Authentication

etz69 commented 6 years ago

Proxy models (DRAFT)

C2Node

    id = Column(Integer, primary_key=True)
    name = Column(String(50), unique=True, nullable=False)
    description = Column(String(120), unique=True, nullable=False)
    create_date = Column(DateTime, nullable=False,
                            default=datetime.datetime.utcnow())

    fqdn = Column(String(120), unique=True, nullable=True)
    #Node type master/relay
    type = Column(String(120), unique=True, nullable=False)
    local = Column(Boolean(), nullable=False)
    enabled = Column(Boolean(), nullable=False)

Job

    id = Column(Integer, primary_key=True)
    origin_ip = Column(String(120), unique=False, nullable=True)
    origin_type = Column(String(120), unique=False, nullable=True)
    create_date = Column(DateTime, nullable=False,
                            default=datetime.datetime.utcnow())
    end_date = Column(DateTime, nullable=True,)
    #in progress etc..
    state = Column(String(120), unique=False, nullable=True)

    #Success/Fail
    status = Column(String(120), unique=False, nullable=True)
    c2_command = Column(String(500), unique=False, nullable=True)
    c2_response = Column(String(500), unique=False, nullable=True)

    #These hashes are basically all the c2 cmds without the date fields
    c2_command_hash = Column(String(120), unique=False, nullable=True)
    c2_response_hash = Column(String(120), unique=False, nullable=True)

Actuator
    id = Column(Integer, primary_key=True)
    create_date = Column(DateTime, nullable=False,
                            default=datetime.datetime.utcnow())

    # Friendly name for the host
    name = Column(String(255), unique=True, nullable=False)
    description = Column(String(255), unique=True, nullable=False)

    # OpenC2 Actuator type - eg. network-ids
    #Load from https://github.com/OpenC2-org/jadn/blob/master/schema/openc2.jadn
    type = Column(String(255), unique=False, nullable=False)

    # Actuator extra parameters JSON. this can be API key, username etc..
    config = Column(Text, unique=False, nullable=True)

Capability

    id = Column(Integer, primary_key=True)
    create_date = Column(DateTime, nullable=False,
                            default=datetime.datetime.utcnow())
    # Descriptor
    name = Column(String(255), unique=False, nullable=False)

    # Actuator
    #actuators = Column(Integer, ForeignKey('actuator.id'),
    #                      nullable=False)

    actuator_id = Column(Integer,
        ForeignKey("actuator.id"), nullable=False)
    actuator = relationship(Actuator,
        backref=backref('capabilities'))

    # Openc2 action - eg. DENY
    #Load from https://github.com/OpenC2-org/jadn/blob/master/schema/openc2.jadn
    action = Column(String(50), unique=False, nullable=False)

    # Openc2Type
    #Load from https://github.com/OpenC2-org/jadn/blob/master/schema/openc2.jadn

    target_type = Column(String(255), unique=False, nullable=False)

    # Which profile executes this code????
    profile = Column(String(200), unique=False, nullable=False)

etz69 commented 6 years ago

@teotsiou89 Is this good to start with ?

ttsiouts commented 6 years ago

Yes I'm starting with this..

etz69 / kratos_c2_proxy

Proxy Flask Application skeleton #1