Create an `AgentPlugin` class

[mssalvatore]

Description

Create a new class that will contain all of the information about a plugin, including the plugin itself. This will be used by the Island to store/retrieve agent plugins, as well as by the agent to load and use plugins in the puppet.

Suggestion:

class AgentPluginManifest:
    name: str
    supported_operating_systems: Tuple[OperatingSystem, ...]
    type: PluginType

class AgentPlugin:
    plugin_manifest: AgentPluginManifest
    config_schema: JSONSerializable
    src_archive: bytes

Note

Consider this class to be a first draft. We want to get it reasonably close, but we don't need to agonize over every decision. We can improve and modify it as our plugin framework develops.

Tasks

• [x] Evaluate current exploiters and add determine if the AgentPluginManifest proposed above is missing any necessary fields (0d) - @VakarisZ
• [x] Implement the AgentPluginManifest class as a pydantic model (0d) - @VakarisZ
• [x] Implement the AgentPlugin class as a pydantic model (0d) - @VakarisZ
• [x] Handle serialization of src_archive(bytes). You may need to use base64 encoding or some other scheme to send bytes as JSON. (0d) - @VakarisZ

[VakarisZ]

Plugin configurations and manifests

Manifest

We need a manifest to describe the plugin. This includes, but is not limited to

• Name
• Title (like name, but human readable. We could parse it from name, but probably not worth it)
• Description
• Link to the documentation
• Is it safe?
• Enabled by default?
• Supported operating systems
• Plugin type

This base manifest can then be expanded per plugin type, it can have additional fields like

• Default port
• Supported stealth levels
• Attack technique tags?

The source of the manifest can be in any format. It's probably best if it's defined in python. The creator of the plugin can import the AgentPluginManifest and build it with his own parameters, validating it as it's being defined.

Config schema

Each plugin might contain options. These options need to be defined. Metainformation, like description, title are needed as well as validation rules. Configuration schema should be in jsonschema format, as it's easier to display and common.

Configuration values

Each plugin might contain options. The default value for options needs to be defined. The default values from the schema can be used to generate this, but that's not the purpose of the default values in jsonschema. It's probably better to have this.

Data, loaded into class

Definition of classes required:

Manifest

from typing import Tuple, Optional

from common import OperatingSystem
from common.types import PluginType

class AgentPluginManifest:
    name: str
    type: PluginType
    supported_operating_systems: Tuple[OperatingSystem, ...] = [OperatingSystem.WINDOWS,
                                                                OperatingSystem.LINUX]
    title: Optional[str]
    description: Optional[str]
    link_to_documentation: Optional[str]
    safe: bool = False

Plugin

from common.types import JSONSerializable

class AgentPlugin:
    plugin_manifest: AgentPluginManifest
    config_schema: JSONSerializable
    default_config: JSONSerializable
    source_archive: bytes