search

mitre / caldera

Automated Adversary Emulation Platform
https://caldera.mitre.org
Apache License 2.0
5.34k stars 1.03k forks source link

EMU PLUGIN NOT WORKING #2610

Closed juansanjose closed 1 year ago

juansanjose commented 2 years ago

Describe the bug When I install de emu plugin in caldera, caldera says that it can't find the payloads asociated to the emu's adversaries To Reproduce Steps to reproduce the behavior:

  1. Activate the emu plugin
  2. Restart Caldera

Expected behavior

Screenshots These are the screenshots I get when I start Caldera: image image

Desktop (please complete the following information):

IOTech17 commented 2 years ago

On my side I am seing this error message as well :

2022-06-20T20:58:28.971184341Z 2022-06-20 20:58:28 - DEBUG (emu_svc.py:51 decrypt_payloads) attempting to decrypt plan payloads from plugins/emu/data/adversary-emulation-plans/carbanak/Resources using plugins/emu/data/adversary-emulation-plans/carbanak/Resources/utilities/crypt_executables.py with the password "malware" 2022-06-20T20:58:29.007833461Z File "/usr/src/app/plugins/emu/data/adversary-emulation-plans/carbanak/Resources/utilities/crypt_executables.py", line 149, in 2022-06-20T20:58:29.007897689Z File "/usr/src/app/plugins/emu/data/adversary-emulation-plans/carbanak/Resources/utilities/crypt_executables.py", line 137, in main 2022-06-20T20:58:29.007901887Z 2022-06-20 20:58:29 - DEBUG (emu_svc.py:59 decrypt_payloads) [i] Decompressing file: plugins/emu/data/adversary-emulation-plans/carbanak/Resources/utilities/payment_transfer_system_delta.exe.zip 2022-06-20T20:58:29.008013094Z File "/usr/src/app/plugins/emu/data/adversary-emulation-plans/carbanak/Resources/utilities/crypt_executables.py", line 78, in zip_decrypt_file 2022-06-20T20:58:29.012639429Z 2022-06-20 20:58:29 - ERROR (c_plugin.py:70 enable) Error enabling plugin=emu, Command '['/usr/bin/python3', 'plugins/emu/data/adversary-emulation-plans/carbanak/Resources/utilities/crypt_executables.py', '-i', 'plugins/emu/data/adversary-emulation-plans/carbanak/Resources', '-p', 'malware', '--decrypt']' returned non-zero exit status 1.

shinsugarfj commented 2 years ago

If CALDERA is running on Python 3.10, pyminizip needs to be upgraded. /requirements.txt should be modified as follows:

- pyminizip==0.2.4
+ pyminizip==0.2.6

After fixing it, deploy CALDERA again.

IOTech17 commented 2 years ago

If CALDERA is running on Python 3.10, pyminizip needs to be upgraded. /requirements.txt should be modified as follows:

- pyminizip==0.2.4
+ pyminizip==0.2.6

After fixing it, deploy CALDERA again.

Thank you for this, it corrected some error but not all with the emu plugin :

2022-06-22 13:24:35 - ERROR (c_plugin.py:70 enable) Error enabling plugin=emu, Command '['git', 'clone', '--depth', '1', 'https://github.com/center-for-threat-informed-defense/adversary_emulation_library', 'plugins/emu/data/adversary-emulation-plans']' returned non-zero exit status 128.

github-actions[bot] commented 1 year ago

This issue is stale because it has been open 20 days with no activity. Remove stale label or comment or this will be closed in 5 days

clenk commented 1 year ago

@AC-WhiteGlint One solution is to clone the emulation plans repo with ssh yourself: git clone --depth 1 git@github.com:center-for-threat-informed-defense/adversary_emulation_library.git plugins/emu/data/adversary-emulation-plans Alternatively, you could try some of the answers here: https://stackoverflow.com/questions/38378914/how-to-fix-git-error-rpc-failed-curl-56-gnutls

Seif-AW commented 3 months ago

Dear @clenk , can you provide details how to clone the directory with ssh , where to clone it to complete the emu missing plugins.