Closed unclesp1d3r closed 2 weeks ago
We kinda do this now using manual settings. We can enhance this more, though.
We don't currently support prioritizing campaigns, but we should. Later on, we should give some sort of automatic prioritization option.
Got rid of the manual settings, so we should definitely work on this soon.
OK, the strategy I came up with is that Campaigns will be prioritized manually, and attacks will be prioritized automatically within the Campaign. The campaigns will have a scale of 1 to 5, using the words from CEBC lists. When a higher priority campaign is created, all lower priority campaigns are automatically paused and will be unpaused only when no higher priority campaigns exist. The attacks will be prioritized based on a calculation of attack complexity that is based on the following initial calculations:
Dictionary Attack: line count of word list line count of rule list Mask Attacks: Keyspace of mask for a manual attack and character count of mask list for mask lists Hybrid Attacks: line count of word list keyspace of mask
There's no good way to handle mask calculations, but this is an excellent first stab.
When agents request a new attack (not resuming a previously paused attack), they will be issued a task based on the hash that is fastest according to their benchmarks times the estimated attack complexity. This should prioritize easier attacks and prevent a very long, complex attack from blocking every other attack.
Since I don't know what to call the priority levels, and because I like the theatrics of it, I decided to use the STANAG 4406 levels:
I think we'll make it so that Campaigns cannot be directly assigned as Override and must be bumped up by an admin in the administrative dashboards. Otherwise, everyone will make everything Override and that would be pointless
We need to have manual prioritization in campaigns and attacks. The priorities for campaigns should be scoped globally. The priority of attacks should be scoped within the campaign.