I was trying to follow the installation steps given to reproduce the APT 29 attack.
I'm currently on a MacOS BigSur version 11.2.1
and running a zsh shell, although that shouldn't be a problem given that the script interpreters use /bin/bash
Go version: go version go1.16.2 darwin/amd64
Python version: Python 3.7.7
One of setup instructions is to update appropriately ./data/sources/4fb34bde-b06d-445a-a146-8e35f79ce546.yml:
Next, update the CALDERA facts located here ./data/sources/4fb34bde-b06d-445a-a146-8e35f79ce546.yml with the appropriate values for your environment. Keys to update include:
This file comes from the CALDERA_DIY/evals/data/sources/ folder which we copy into our caldera folder with this command:
Here we're copying the the evals folder in caldera/plugins.
I'm a bit confused as to whether we want to copy the file /caldera/plugins/evals/data/sources/4fb34bde-b06d-445a-a146-8e35f79ce546.yml to /caldera/data/sources/ and then edit it appropriately, or leave the file in /caldera/plugins/evals/data/sources/ and edit it there.
Hope this helps! Thanks in advance for your help and time. Please let me know if you need anything else.
Hi,
I was trying to follow the installation steps given to reproduce the APT 29 attack. I'm currently on a MacOS BigSur version 11.2.1 and running a zsh shell, although that shouldn't be a problem given that the script interpreters use /bin/bash Go version: go version go1.16.2 darwin/amd64 Python version: Python 3.7.7
One of setup instructions is to update appropriately
./data/sources/4fb34bde-b06d-445a-a146-8e35f79ce546.yml
:Next, update the CALDERA facts located here ./data/sources/4fb34bde-b06d-445a-a146-8e35f79ce546.yml with the appropriate values for your environment. Keys to update include:
This file comes from the CALDERA_DIY/evals/data/sources/ folder which we copy into our caldera folder with this command:
cp -R attack-arsenal/adversary_emulation/APT29/CALDERA_DIY/evals caldera/plugins/
Here we're copying the the evals folder in caldera/plugins.
I'm a bit confused as to whether we want to copy the file
/caldera/plugins/evals/data/sources/4fb34bde-b06d-445a-a146-8e35f79ce546.yml
to/caldera/data/sources/
and then edit it appropriately, or leave the file in/caldera/plugins/evals/data/sources/
and edit it there.Hope this helps! Thanks in advance for your help and time. Please let me know if you need anything else.
Leonardo