From nobody Sat Feb 17 21:30:20 2024 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TchmF1pqMz59kw6; Sat, 17 Feb 2024 21:30:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TchmF1Bx3z4gCC; Sat, 17 Feb 2024 21:30:21 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708205421; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1R0kyLWq2rKDJRNYJSCMK3ulRG3x0LwWSr3XY7c3/9U=; b=x/LRji40111vq6GYvK0f39NvCSWuIWzS4ktjgAqs9LiDRcZFn23dWjudOckgH4W3mJNquq KSvtJ3dgmDZ7/Bgbe/F3KDfwlu5976TkpWdB996SqAU48o21FRqk1YYbBO3oIc+VUYwWgT z7cUoDEKe/2u8DrRddImDDJp9Hq9HCDVc1h23gSg5fCBLJFcQYxVA4jgl3qCBRDyfWB4PQ tkp15FbOrYKaWiQ+Mw3fyVsgz9m1AanU8EphdAlG9nW5G6OsEWcTdA/Zrxnh25L9QdpOwh xcK+bnGKp0XGtmdruyUPRGKncBSfSPz/7SxkexJEK6IhpwvTIcPfBB+b9HbpmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708205421; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1R0kyLWq2rKDJRNYJSCMK3ulRG3x0LwWSr3XY7c3/9U=; b=UrsA5PwPMZ0bRJ6gb2r/1Bk7A083/E6cq4bjXEzfuerrJjDd0q0k9rXnn/wGdKBbN1mhTb MpDx2gfPApptRdHB6woCKlfs0kqF0Q/H3ZsP+UvssZ5JDWFaYuJ7rgLHZdo3QmadS3wlEN rKRsgoUPoPibgYpQaPIWORPGAF0fYNeuF4Kc+q1pZyNiht5vsB9Sgh19rRcg5ov6mzG0pN 2HmsK3CUsQv5travmBlGqwbBtNL4uo9d5twSlRRQP87m2b+UqnU5QqS5mncodtxtRzKaHp /wFLtibIbSfhVv4cZse1DvTse1ZSzfZpmin4KlZSYQGRmVbKI8iU3RXmMFsAXQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1708205421; a=rsa-sha256; cv=none; b=AEP17wFvCnbvgx16sGSITI5Va4e2BovLl6UJ7ZFNdP+paO3/lcWWRAV/9vGw7A/iaeXrUo uritpwZgEQavtZawUARgYduvcDQ/mUXDF1CaoM0ML5sgr/FyA0iSnyH3TgzXeLEO15fqQC Z4FWTXbxmQxY9VeC1nPIullg4ZpUv2KF4zH04Ufe/Xlaw48pOX6HyOC4KYPB2DofXgnqie asslrhCoAQqn5W74Jye+K0ZjEUM4MuSA/EwVxorXmYZXjGj7v/nEy/ljyhP7mManid+Ixh qMbNNh5gTpQ4vKwMowiTM7pM77RJxRowtYs6TfUu+AsH5RD3Ow7AANl+gu4GDg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TchmF0DggzPJN; Sat, 17 Feb 2024 21:30:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 41HLUK1P012604; Sat, 17 Feb 2024 21:30:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 41HLUKUX012601; Sat, 17 Feb 2024 21:30:20 GMT (envelope-from git) Date: Sat, 17 Feb 2024 21:30:20 GMT Message-Id: <202402172130.41HLUKUX012601@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Jose Alonso Cardenas Marquez Subject: git: a7058a34e044 - main - security/caldera: Update to 5.0.0 List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: acm X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a7058a34e04498acc384664fbb5a5ee9188f69eb Auto-Submitted: auto-generated The branch main has been updated by acm: URL: https://cgit.FreeBSD.org/ports/commit/?id=a7058a34e04498acc384664fbb5a5ee9188f69eb commit a7058a34e04498acc384664fbb5a5ee9188f69eb Author: Jose Alonso Cardenas Marquez AuthorDate: 2024-02-17 21:29:08 +0000 Commit: Jose Alonso Cardenas Marquez CommitDate: 2024-02-17 21:29:08 +0000 security/caldera: Update to 5.0.0 ChangeLog at: https://github.com/mitre/caldera/releases/tag/5.0.0 --- security/caldera/Makefile | 98 ++++++++++++++---- security/caldera/distinfo | 70 +++++++------ .../files/patch-plugins_human_gui_views_human.vue | 59 +++++++++++ .../files/patch-plugins_human_templates_human.html | 113 ++++++++++++++------- ...src_components_abilities_AbilityChartStatus.vue | 16 +++ ...gma_src_components_adversaries_DetailsTable.vue | 10 ++ ...ins_magma_src_components_agents_DeployModal.vue | 30 ++++++ .../caldera/files/patch-plugins_magma_src_main.js | 15 +++ .../files/patch-plugins_sandcat_update-agents.sh | 7 +- .../patch-plugins_stockpile_payloads_ragdoll.py | 11 -- security/caldera/files/pkg-message.in | 39 +++++-- 11 files changed, 353 insertions(+), 115 deletions(-) diff --git a/security/caldera/Makefile b/security/caldera/Makefile index c874359a5f63..91015e2c905e 100644 --- a/security/caldera/Makefile +++ b/security/caldera/Makefile @@ -1,12 +1,13 @@ PORTNAME= caldera -DISTVERSION= 4.2.0 -PORTREVISION= 4 +DISTVERSION= 5.0.0 CATEGORIES= security python MAINTAINER= acm@FreeBSD.org COMMENT= Automated Adversary Emulation Platform WWW= https://github.com/mitre/caldera +CONFLICTS= caldera4 + LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE @@ -35,6 +36,7 @@ RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiohttp>0:www/py-aiohttp@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}dnspython>0:dns/py-dnspython@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}asyncssh>0:security/py-asyncssh@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}aioftp>0:ftp/py-aioftp@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}packaging>0:devel/py-packaging@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pyautogui>0:x11/py-pyautogui@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}selenium>0:www/py-selenium@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}webdriver_manager>0:www/py-webdriver_manager@${PY_FLAVOR} \ @@ -49,27 +51,27 @@ RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiohttp>0:www/py-aiohttp@${PY_FLAVOR} \ USE_GITHUB= yes GH_ACCOUNT= mitre GH_PROJECT= ${PORTNAME} -GH_TUPLE= mitre:access:0e67776:access/plugins/access \ - mitre:atomic:9e2c958:atomic/plugins/atomic \ - mitre:builder:f2ce67c:builder/plugins/builder \ - mitre:compass:fb88e02:compass/plugins/compass \ - mitre:debrief:e4d4f9e:debrief/plugins/debrief \ - mitre:emu:02a0f3e:emu/plugins/emu \ - mitre:fieldmanual:c286e77:fieldmanual/plugins/fieldmanual \ - mitre:gameboard:3d98c32:gameboard/plugins/gameboard \ - mitre:human:4368dea:human/plugins/human \ - mitre:manx:e7205ea:manx/plugins/manx \ - mitre:response:889213a:response/plugins/response \ - mitre:sandcat:7c326bd:sandcat/plugins/sandcat \ - mitre:ssl:ac5bfcb:ssl/plugins/ssl \ - mitre:stockpile:960f9ad:stockpile/plugins/stockpile \ - mitre:training:b058b67:training/plugins/training - -USES= dos2unix go:run python +GH_TUPLE= mitre:access:775181b:access/plugins/access \ + mitre:atomic:4f489bb:atomic/plugins/atomic \ + mitre:builder:de24b68:builder/plugins/builder \ + mitre:compass:85e2ebf:compass/plugins/compass \ + mitre:debrief:eba44d5:debrief/plugins/debrief \ + mitre:emu:7215768:emu/plugins/emu \ + mitre:fieldmanual:cb53f2b:fieldmanual/plugins/fieldmanual \ + mitre:gameboard:dacb6ce:gameboard/plugins/gameboard \ + mitre:human:0e344ea:human/plugins/human \ + mitre:magma:99f0056:magma/plugins/magma \ + mitre:manx:a7e83a6:manx/plugins/manx \ + mitre:response:8ea6ab5:response/plugins/response \ + mitre:sandcat:b408f3f:sandcat/plugins/sandcat \ + mitre:ssl:1ae8431:ssl/plugins/ssl \ + mitre:stockpile:fe0c5b7:stockpile/plugins/stockpile \ + mitre:training:37f998f:training/plugins/training + +USES= dos2unix go:run nodejs:18,build python USE_PYTHON= cryptography NO_ARCH= yes -NO_BUILD= yes DOS2UNIX_REGEX= .*\.([yml]) CALDERA_USER= caldera @@ -77,6 +79,7 @@ CALDERA_GROUP= caldera USERS= ${CALDERA_USER} GROUPS= ${CALDERA_GROUP} +PLIST= ${WRKDIR}/pkg-plist USE_RC_SUBR= ${PORTNAME:S/-/_/} SUB_FILES= pkg-message SUB_LIST= PYTHON_CMD=${PYTHON_CMD} \ @@ -85,16 +88,69 @@ SUB_LIST= PYTHON_CMD=${PYTHON_CMD} \ OPTIONS_DEFINE= HAPROXY OPTIONS_DEFAULT=HAPROXY HAPROXY_DESC= Support for HTTPS -HAPROXY_RUN_DEPENDS=haproxy20>0:net/haproxy20 +HAPROXY_RUN_DEPENDS=haproxy24>0:net/haproxy24 + +NPM_BIN= ${LOCALBASE}/bin/npm + +# to rebuild the deps archive: +# 1. set DEV_UPDATE_MODE=yes +# 2. make makesum build +# 3. upload the *-cache archive +# 4. set DEV_UPDATE_MODE=no +# 5. make clean makesum + +DEV_UPDATE_MODE= no +DEPS_CACHE_DIR= ${WRKSRC}/plugins/magma + +.if (${DEV_UPDATE_MODE} == "yes") +NPM_ARGS= install +post-build: + @cd ${DEPS_CACHE_DIR} && ${TAR} czf ${DISTDIR}/${DIST_SUBDIR}/${PORTNAME}-cache-${DISTVERSION}${EXTRACT_SUFX} node_modules + @${ECHO} "(!!!) Please upload the cache archive: ${DISTDIR}/${DIST_SUBDIR}/${PORTNAME}-cache-${DISTVERSION}${EXTRACT_SUFX}" +.else +MASTER_SITES+= LOCAL/acm/caldera/:npm_cache +DISTFILES+= ${PORTNAME}-cache-${DISTVERSION}${EXTRACT_SUFX}:npm_cache +NPM_ARGS= run build post-extract: + @${MV} ${WRKDIR}/node_modules ${WRKSRC}/plugins/magma/ ${RM} -R ${WRKSRC}/.github cd ${WRKSRC} && ${RM} .coveragerc .dockerignore .eslintrc.js .flake8 \ .git* .pre* .stylelintrc.json Dockerfile +.endif post-patch: cd ${WRKSRC} && \ ${FIND} . -type f -name "*.orig" -exec ${RM} "{}" \; + ${REINPLACE_CMD} -i "" -e 's|4.2.0|${PORTVERSION}|g' ${WRKSRC}/app/version.py + +do-build: + @cd ${WRKSRC}/plugins/magma && \ + ${NPM_BIN} ${NPM_ARGS} + +post-build: + ${RM} -r ${WRKSRC}/plugins/magma/node_modules + +pre-install: + @${RM} -f ${PLIST} + + @${ECHO_CMD} "@mode 640" > ${PLIST} + @${ECHO_CMD} "@owner caldera" >> ${PLIST} + @${ECHO_CMD} "@group caldera" >> ${PLIST} + + @cd ${WRKSRC} && \ + ${FIND} * -type f | ${SORT} | ${SED} -e 's|^|%%WWWDIR%%/|' >> ${PLIST} + + @${ECHO_CMD} "@mode 750" >> ${PLIST} + @${ECHO_CMD} "@owner caldera" >> ${PLIST} + @${ECHO_CMD} "@group caldera" >> ${PLIST} + + @cd ${WRKSRC} && \ + ${FIND} * -type d | ${SORT} -r | ${SED} -e 's|^|@dir %%WWWDIR%%/|' >> ${PLIST} + + @${ECHO_CMD} "@mode" >> ${PLIST} + @${ECHO_CMD} "@owner" >> ${PLIST} + @${ECHO_CMD} "@group" >> ${PLIST} do-install: @cd ${WRKSRC} && ${COPYTREE_SHARE} . ${STAGEDIR}/${WWWDIR} diff --git a/security/caldera/distinfo b/security/caldera/distinfo index 7542fc288b4e..05683bff9379 100644 --- a/security/caldera/distinfo +++ b/security/caldera/distinfo @@ -1,33 +1,37 @@ -TIMESTAMP = 1687320760 -SHA256 (mitre-caldera-4.2.0_GH0.tar.gz) = 2c93501ca05fe89cd18a038376c278e50d371881dfe84824a0f98dc3d9023fd9 -SIZE (mitre-caldera-4.2.0_GH0.tar.gz) = 3777586 -SHA256 (mitre-access-0e67776_GH0.tar.gz) = dc80b9c5cb92f75fa6d18f618f64a4d3c5ddd1b08b020d86feb70fbaa0f4c43d -SIZE (mitre-access-0e67776_GH0.tar.gz) = 8494 -SHA256 (mitre-atomic-9e2c958_GH0.tar.gz) = 0fbd0c3bb2c3c621afcb8f271b76df0f6ac2bacd72a7f8d9771c94b9a3f5d085 -SIZE (mitre-atomic-9e2c958_GH0.tar.gz) = 15142 -SHA256 (mitre-builder-f2ce67c_GH0.tar.gz) = da9d987a2a656bb9eb5d1c0d36115c8fb8fe740503fa1a43a1bfcce1018f461b -SIZE (mitre-builder-f2ce67c_GH0.tar.gz) = 7944 -SHA256 (mitre-compass-fb88e02_GH0.tar.gz) = 6187446551f4041ac0a0c33689b4a62a39a02b285d988bd6f17647d89d98ce16 -SIZE (mitre-compass-fb88e02_GH0.tar.gz) = 5907 -SHA256 (mitre-debrief-e4d4f9e_GH0.tar.gz) = 721b262744118b91b812ec0e098fa0c75f845a7814d8fa58fa52a2ace04432ee -SIZE (mitre-debrief-e4d4f9e_GH0.tar.gz) = 998929 -SHA256 (mitre-emu-02a0f3e_GH0.tar.gz) = 9dd6b46fe93ba12467612e4bf4a45df5513dad1709a72addc3898c430b8ec1ad -SIZE (mitre-emu-02a0f3e_GH0.tar.gz) = 17467 -SHA256 (mitre-fieldmanual-c286e77_GH0.tar.gz) = 6f086d0d4f519d0dcf49fbded87ee8095622c3028461d745d2e7eea422d68d57 -SIZE (mitre-fieldmanual-c286e77_GH0.tar.gz) = 7828491 -SHA256 (mitre-gameboard-3d98c32_GH0.tar.gz) = 8415bbbc64fe78836afea2e364fe655cc364a5d70dcf3fbcb748617fc9b9ad0a -SIZE (mitre-gameboard-3d98c32_GH0.tar.gz) = 14753 -SHA256 (mitre-human-4368dea_GH0.tar.gz) = 4710f3d6c7b3f728274187c36cda53232b3609d8177ccad6b1968ae99d83724a -SIZE (mitre-human-4368dea_GH0.tar.gz) = 22846 -SHA256 (mitre-manx-e7205ea_GH0.tar.gz) = 5b39a00ff8bbe7b20d4cfcab6161edbbafd94fa9bd62af4741975f7759f7a470 -SIZE (mitre-manx-e7205ea_GH0.tar.gz) = 7352820 -SHA256 (mitre-response-889213a_GH0.tar.gz) = 4067efd0c4bddeed799255838a80316d96ba0c4cac84625d7d0257e44c00c4ee -SIZE (mitre-response-889213a_GH0.tar.gz) = 24463 -SHA256 (mitre-sandcat-7c326bd_GH0.tar.gz) = 60049cf759e8b31b29e84832a112c87be8101e303d088e0f2b9da4647f79855f -SIZE (mitre-sandcat-7c326bd_GH0.tar.gz) = 7816391 -SHA256 (mitre-ssl-ac5bfcb_GH0.tar.gz) = 01067db5fe9a32d07d13bbea4ffb6f3bd2907a57f2d50a7c7e9c5f2bdc823a12 -SIZE (mitre-ssl-ac5bfcb_GH0.tar.gz) = 6395 -SHA256 (mitre-stockpile-960f9ad_GH0.tar.gz) = 516d28ae26d66049e2273f60bbae0254b071152b613f259a7ff596ad2d92461f -SIZE (mitre-stockpile-960f9ad_GH0.tar.gz) = 4781396 -SHA256 (mitre-training-b058b67_GH0.tar.gz) = 44c5ee5f682918f1f8ace4ff4ea3b8e16d24795ff8b8fb5896d68c585d33b8c0 -SIZE (mitre-training-b058b67_GH0.tar.gz) = 491615 +TIMESTAMP = 1708127632 +SHA256 (caldera-cache-5.0.0.tar.gz) = c0f160ec5431b0096a9ce8e2adde062de97be96e66e9e8756b4646e4d8c2a9a9 +SIZE (caldera-cache-5.0.0.tar.gz) = 41756498 +SHA256 (mitre-caldera-5.0.0_GH0.tar.gz) = a4e122f6862ea3cb7e856889a4a2b68ce297f74189fd845b0a51c02e1fa8c716 +SIZE (mitre-caldera-5.0.0_GH0.tar.gz) = 3820616 +SHA256 (mitre-access-775181b_GH0.tar.gz) = 2ae6e4cbd9e6c143cc76b65c0be3dd332228ab59161422291050eb6f4c4b1d17 +SIZE (mitre-access-775181b_GH0.tar.gz) = 11646 +SHA256 (mitre-atomic-4f489bb_GH0.tar.gz) = 340c7931fbee16ce1bf788044018fcf75fe403bf641665bb4aec53d3b1479b2d +SIZE (mitre-atomic-4f489bb_GH0.tar.gz) = 15041 +SHA256 (mitre-builder-de24b68_GH0.tar.gz) = bca2a28b23d72cf987878aa519d0f108b2153156391821bfb137c79ac5c5bcc2 +SIZE (mitre-builder-de24b68_GH0.tar.gz) = 8349 +SHA256 (mitre-compass-85e2ebf_GH0.tar.gz) = 4760171cf05a7fccfd4300815f358d9d42affb2c741e6e555515f07eb50c9f34 +SIZE (mitre-compass-85e2ebf_GH0.tar.gz) = 7055 +SHA256 (mitre-debrief-eba44d5_GH0.tar.gz) = 62cbfd77cbf3573675bc79426171f136628f26a1ee3f931c02f36d53bda8012e +SIZE (mitre-debrief-eba44d5_GH0.tar.gz) = 1006448 +SHA256 (mitre-emu-7215768_GH0.tar.gz) = 13dedefc0c3e9a443221886d2030effdc5b741a62a5a4ebd830ca613d183025f +SIZE (mitre-emu-7215768_GH0.tar.gz) = 19410 +SHA256 (mitre-fieldmanual-cb53f2b_GH0.tar.gz) = 8dbac757e4d70bb415c38684997969ceda3a886ddf6aa3028ee8720d7a44e01a +SIZE (mitre-fieldmanual-cb53f2b_GH0.tar.gz) = 9659796 +SHA256 (mitre-gameboard-dacb6ce_GH0.tar.gz) = 55e521c4dfc6acc9b8ed37b7622d1c20248cd1fe43a9410e339b8c24729d22ac +SIZE (mitre-gameboard-dacb6ce_GH0.tar.gz) = 20333 +SHA256 (mitre-human-0e344ea_GH0.tar.gz) = 83ae25ee09a9a7c463cc94e673cb572bef78fdd91b7b019fd845f73e18d5e610 +SIZE (mitre-human-0e344ea_GH0.tar.gz) = 25937 +SHA256 (mitre-magma-99f0056_GH0.tar.gz) = a1ab40360288d4818abfb3e73cf7361686f6e7072de9dd8a7633da3f55a18558 +SIZE (mitre-magma-99f0056_GH0.tar.gz) = 10138171 +SHA256 (mitre-manx-a7e83a6_GH0.tar.gz) = ec144af8d794c11e68c7bacb6da4b84e81c3278fd90045e8f5660408652799c7 +SIZE (mitre-manx-a7e83a6_GH0.tar.gz) = 7359477 +SHA256 (mitre-response-8ea6ab5_GH0.tar.gz) = f2275a11ebb631b84da2921e370bf5e5957c304265621c78d27f212269fdc9b5 +SIZE (mitre-response-8ea6ab5_GH0.tar.gz) = 25334 +SHA256 (mitre-sandcat-b408f3f_GH0.tar.gz) = 15bee4622b0ce40ad66b99804ee87e7eb4074ec564fc719b72c397e74a63f0f5 +SIZE (mitre-sandcat-b408f3f_GH0.tar.gz) = 8294185 +SHA256 (mitre-ssl-1ae8431_GH0.tar.gz) = 608596a05a3c833ac10c230cf4bf0863f0e31540414a66b382ff159f97d7629f +SIZE (mitre-ssl-1ae8431_GH0.tar.gz) = 6806 +SHA256 (mitre-stockpile-fe0c5b7_GH0.tar.gz) = dea568de5067cc20cc54ca57d270d01ef092b329dad61c2e53369fd1524512a3 +SIZE (mitre-stockpile-fe0c5b7_GH0.tar.gz) = 4780570 +SHA256 (mitre-training-37f998f_GH0.tar.gz) = 41fe37233c02d77435e747e6d34017eeba6c592805382176afaf6f2d1f8f6a46 +SIZE (mitre-training-37f998f_GH0.tar.gz) = 496302 diff --git a/security/caldera/files/patch-plugins_human_gui_views_human.vue b/security/caldera/files/patch-plugins_human_gui_views_human.vue new file mode 100644 index 000000000000..97b7d95f2c24 --- /dev/null +++ b/security/caldera/files/patch-plugins_human_gui_views_human.vue @@ -0,0 +1,59 @@ +--- plugins/human/gui/views/human.vue 2024-02-16 18:15:08.873254000 -0500 ++++ plugins/human/gui/views/human.vue 2024-02-16 18:16:20.156979000 -0500 +@@ -232,7 +232,7 @@ + return; + } + +- const validPlatforms = ["linux", "windows-psh", "darwin"]; ++ const validPlatforms = ["linux", "windows-psh", "darwin", "freebsd"]; + if (!validPlatforms.includes(this.selectedPlatform)) { + toast({ + message: "Please select a valid platform", +@@ -346,6 +346,31 @@ + this.humans[this.selectedHuman].task_cluster_interval + } --extra ${extra}`; + break; ++ case "freebsd": ++ this.commandBlock = `curl -sk -o '${ ++ this.humans[this.selectedHuman].name ++ }.tar.gz' -X POST -H 'file:${ ++ this.humans[this.selectedHuman].name ++ }.tar.gz' ${this.serverIp}/file/download 2>&1 && mkdir '${ ++ this.humans[this.selectedHuman].name ++ }' && tar -C '${this.humans[this.selectedHuman].name}' -zxvf '${ ++ this.humans[this.selectedHuman].name ++ }.tar.gz' && virtualenv -p python3 '${ ++ this.humans[this.selectedHuman].name ++ }' && '${this.humans[this.selectedHuman].name}/bin/pip' install -r '${ ++ this.humans[this.selectedHuman].name ++ }/requirements.txt' && '${ ++ this.humans[this.selectedHuman].name ++ }/bin/python3.9' '${ ++ this.humans[this.selectedHuman].name ++ }/human.py' --clustersize ${ ++ this.humans[this.selectedHuman].tasks_per_cluster ++ } --taskinterval ${ ++ this.humans[this.selectedHuman].task_interval ++ } --taskgroupinterval ${ ++ this.humans[this.selectedHuman].task_cluster_interval ++ } --extra ${extra}`; ++ break; + case "windows-psh": + this.commandBlock = `$server='${ + this.serverIp +@@ -382,6 +407,7 @@ + extra.forEach((command) => { + switch (platform) { + case "darwin": ++ case "freebsd": + case "linux": + command = command.replace(/\\/g, "\\\\"); + command = command.replace(/"/g, '\\"'); +@@ -444,6 +470,7 @@ + select(v-model="selectedPlatform", id="base-platform") + option(value="", disabled) Select target OS + option(value="darwin") MacOS ++ option(value="freebsd") FreeBSD + option(value="linux") Linux + option(value="windows-psh") Windows (PowerShell) + hr diff --git a/security/caldera/files/patch-plugins_human_templates_human.html b/security/caldera/files/patch-plugins_human_templates_human.html index 9bc604e58123..8c233fdb6245 100644 --- a/security/caldera/files/patch-plugins_human_templates_human.html +++ b/security/caldera/files/patch-plugins_human_templates_human.html @@ -1,40 +1,75 @@ ---- plugins/human/templates/human.html.orig 2022-09-06 17:33:12 UTC -+++ plugins/human/templates/human.html -@@ -60,6 +60,7 @@ - -@@ -257,6 +258,11 @@ - ' && virtualenv -p python3 \''+humanName+'\' && \''+humanName+'/bin/pip\' install -r \''+humanName+'/requirements.txt\' && \''+humanName+'/bin/python\' \''+humanName+'/human.py\' --clustersize '+taskCount+' ' + - '--taskinterval '+taskInterval+' --taskgroupinterval '+taskClusterInterval+' --extra '+extra; - break; +--- plugins/human/templates/human.html 2024-02-16 15:54:12.707381000 -0500 ++++ plugins/human/templates/human.html 2024-02-16 16:00:05.903013000 -0500 +@@ -106,6 +106,7 @@ + +@@ -349,7 +350,8 @@ + if ( + this.selectedPlatform != "linux" && + this.selectedPlatform != "windows-psh" && +- this.selectedPlatform != "darwin" ++ this.selectedPlatform != "darwin" && ++ this.selectedPlatform != "freebsd" + ) { + toast("Please select a platform", false); + return; +@@ -435,8 +437,42 @@ + this.humans[this.selectedHuman].task_cluster_interval + + " --extra " + + extra; +- + break; ++ case "freebsd": ++ this.commandBlock = ++ "curl -sk -o '" + ++ this.humans[this.selectedHuman].name + ++ ".tar.gz' -X POST -H 'file:" + ++ this.humans[this.selectedHuman].name + ++ ".tar.gz' " + ++ this.serverIp + ++ "/file/download 2>&1 && mkdir '" + ++ this.humans[this.selectedHuman].name + ++ "' && tar -C '" + ++ this.humans[this.selectedHuman].name + ++ "' -zxvf '" + ++ this.humans[this.selectedHuman].name + ++ ".tar.gz' " + ++ " && virtualenv -p python3.9 '" + ++ this.humans[this.selectedHuman].name + ++ "' && '" + ++ this.humans[this.selectedHuman].name + ++ "/bin/pip' install -r '" + ++ this.humans[this.selectedHuman].name + ++ "/requirements.txt' && '" + ++ this.humans[this.selectedHuman].name + ++ "/bin/python' '" + ++ this.humans[this.selectedHuman].name + ++ "/human.py' --clustersize " + ++ this.humans[this.selectedHuman].tasks_per_cluster + ++ " " + ++ "--taskinterval " + ++ this.humans[this.selectedHuman].task_interval + ++ " --taskgroupinterval " + ++ this.humans[this.selectedHuman].task_cluster_interval + ++ " --extra " + ++ extra; ++ break; + case "linux": + this.commandBlock = + "curl -sk -o '" + +@@ -514,6 +550,10 @@ + extra.forEach((command) => { + switch (platform) { + case "darwin": ++ command = command.replace(/\\/g, "\\\\"); ++ command = command.replace(/"/g, '\\"'); ++ break; + case "freebsd": -+ baseHuman = 'curl -sk -o \''+humanName+'.tar.gz\' -X POST -H \'file:'+humanName+'.tar.gz\' '+http+'/file/download 2>&1 && mkdir \''+humanName+'\' && tar -C \''+humanName+'\' -zxvf \''+humanName+'.tar.gz\' ' + -+ ' && virtualenv -p python3.9 \''+humanName+'\' && \''+humanName+'/bin/pip\' install -r \''+humanName+'/requirements.txt\' && \''+humanName+'/bin/python\' \''+humanName+'/human.py\' --clustersize '+taskCount+' ' + -+ '--taskinterval '+taskInterval+' --taskgroupinterval '+taskClusterInterval+' --extra '+extra; -+ break; - case "linux": - baseHuman = 'curl -sk -o \''+humanName+'.tar.gz\' -X POST -H \'file:'+humanName+'.tar.gz\' '+http+'/file/download 2>&1 && mkdir \''+humanName+'\' && tar -C \''+humanName+'\' -zxvf \''+humanName+'.tar.gz\' ' + - ' && virtualenv -p python3 \''+humanName+'\' && \''+humanName+'/bin/pip\' install -r \''+humanName+'/requirements.txt\' && \''+humanName+'/bin/python\' \''+humanName+'/human.py\' --clustersize '+taskCount+' ' + -@@ -293,6 +299,10 @@ - $.each(extra, function(i, command) { - switch (platform) { - case "darwin": -+ command = command.replace(/\\/g, '\\\\'); -+ command = command.replace(/"/g, '\\\"'); -+ break; -+ case "freebsd": - command = command.replace(/\\/g, '\\\\'); - command = command.replace(/"/g, '\\\"'); - break; -@@ -317,4 +327,4 @@ - return provided_value || default_value; - } - -- -\ No newline at end of file -+ + command = command.replace(/\\/g, "\\\\"); + command = command.replace(/"/g, '\\"'); + break; diff --git a/security/caldera/files/patch-plugins_magma_src_components_abilities_AbilityChartStatus.vue b/security/caldera/files/patch-plugins_magma_src_components_abilities_AbilityChartStatus.vue new file mode 100644 index 000000000000..303fd8f02d7a --- /dev/null +++ b/security/caldera/files/patch-plugins_magma_src_components_abilities_AbilityChartStatus.vue @@ -0,0 +1,16 @@ +--- plugins/magma/src/components/abilities/AbilityChartStatus.vue.orig 2024-02-16 18:23:17.915545000 -0500 ++++ plugins/magma/src/components/abilities/AbilityChartStatus.vue 2024-02-16 18:23:59.841718000 -0500 +@@ -101,6 +101,13 @@ + itemStyle: { color: "#F7DB89" }, + }, + { ++ name: "freebsd", ++ value: Object.values(abilityStore.abilities).filter( ++ (ability) => getAbilityPlatforms(ability).indexOf("freebsd") >= 0 ++ ).length, ++ itemStyle: { color: "#9D2A11" }, ++ }, ++ { + name: "darwin", + value: Object.values(abilityStore.abilities).filter( + (ability) => getAbilityPlatforms(ability).indexOf("darwin") >= 0 diff --git a/security/caldera/files/patch-plugins_magma_src_components_adversaries_DetailsTable.vue b/security/caldera/files/patch-plugins_magma_src_components_adversaries_DetailsTable.vue new file mode 100644 index 000000000000..e41e282ea1b3 --- /dev/null +++ b/security/caldera/files/patch-plugins_magma_src_components_adversaries_DetailsTable.vue @@ -0,0 +1,10 @@ +--- plugins/magma/src/components/adversaries/DetailsTable.vue 2024-02-16 18:25:56.033533000 -0500 ++++ plugins/magma/src/components/adversaries/DetailsTable.vue 2024-02-16 18:26:25.865321000 -0500 +@@ -395,6 +395,7 @@ + span.icon.is-small.mr-2 + font-awesome-icon(v-if="platform.includes('windows')" icon="fab fa-windows") + font-awesome-icon(v-if="platform.includes('darwin')" icon="fab fa-apple") ++ font-awesome-icon(v-if="platform.includes('freebsd')" icon="fab fa-freebsd") + font-awesome-icon(v-if="platform.includes('linux')" icon="fab fa-linux") + td.has-text-centered(:class="{ 'unlock': onHoverUnlocks.indexOf(ability.ability_id) > -1 }") + span(v-if="abilityDependencies[ability.ability_id] && getExecutorDetail('requirements', ability)" v-tooltip="`This ability has requirements: (${abilityDependencies[ability.ability_id].requireTypes})`") diff --git a/security/caldera/files/patch-plugins_magma_src_components_agents_DeployModal.vue b/security/caldera/files/patch-plugins_magma_src_components_agents_DeployModal.vue new file mode 100644 index 000000000000..a149339b5584 --- /dev/null +++ b/security/caldera/files/patch-plugins_magma_src_components_agents_DeployModal.vue @@ -0,0 +1,30 @@ +--- plugins/magma/src/components/agents/DeployModal.vue.orig 2024-02-16 18:38:55.910370000 -0500 ++++ plugins/magma/src/components/agents/DeployModal.vue 2024-02-16 18:38:22.148726000 -0500 +@@ -142,6 +142,11 @@ + font-awesome-icon(icon="fab fa-apple").fa-2x + br + span darwin ++ .has-text-centered.platform(v-if="platforms.includes('freebsd')" :class="{ 'selected': selectedPlatform === 'freebsd' }" @click="changePlatform('freebsd')") ++ span.icon.is-large ++ font-awesome-icon(icon="fab fa-freebsd").fa-2x ++ br ++ span freebsd + form.mt-4 + div(v-for="field in agentFields" :key="field.name") + .field.is-horizontal.mb-2 +@@ -162,6 +167,7 @@ + span.icon + font-awesome-icon(v-if="command.platform === 'windows'" icon="fab fa-windows") + font-awesome-icon(v-if="command.platform === 'darwin'" icon="fab fa-apple") ++ font-awesome-icon(v-if="command.platform === 'freebsd'" icon="fab fa-freebsd") + font-awesome-icon(v-if="command.platform === 'linux'" icon="fab fa-linux") + span {{ command.platform }} + span.tag {{ command.executor }} +@@ -180,6 +186,7 @@ + span.icon + font-awesome-icon(v-if="command.platform === 'windows'" icon="fab fa-windows") + font-awesome-icon(v-if="command.platform === 'darwin'" icon="fab fa-apple") ++ font-awesome-icon(v-if="command.platform === 'freebsd'" icon="fab fa-freebsd") + font-awesome-icon(v-if="command.platform === 'linux'" icon="fab fa-linux") + span {{ command.platform }} + span.tag {{ command.executor }} diff --git a/security/caldera/files/patch-plugins_magma_src_main.js b/security/caldera/files/patch-plugins_magma_src_main.js new file mode 100644 index 000000000000..3e6823e73ff1 --- /dev/null +++ b/security/caldera/files/patch-plugins_magma_src_main.js @@ -0,0 +1,15 @@ +--- plugins/magma/src/main.js.orig 2024-02-16 18:19:33.493026000 -0500 ++++ plugins/magma/src/main.js 2024-02-16 18:19:57.472456000 -0500 +@@ -53,10 +53,10 @@ + faCircle, faCircleQuestion, faCopy, farFlag + ); + import { +- faApple, faLinux, faWindows ++ faApple, faLinux, faWindows, faFreebsd + } from '@fortawesome/free-brands-svg-icons'; + library.add( +- faApple, faLinux, faWindows ++ faApple, faLinux, faWindows, faFreebsd + ); + + app.component('font-awesome-icon', FontAwesomeIcon); diff --git a/security/caldera/files/patch-plugins_sandcat_update-agents.sh b/security/caldera/files/patch-plugins_sandcat_update-agents.sh index 1d3129337293..eaa43c49a8fa 100644 --- a/security/caldera/files/patch-plugins_sandcat_update-agents.sh +++ b/security/caldera/files/patch-plugins_sandcat_update-agents.sh @@ -1,6 +1,6 @@ ---- plugins/sandcat/update-agents.sh.orig 2022-07-20 19:48:00 UTC -+++ plugins/sandcat/update-agents.sh -@@ -1,10 +1,11 @@ +--- plugins/sandcat/update-agents.sh.orig 2024-02-13 17:44:40.000000000 -0500 ++++ plugins/sandcat/update-agents.sh 2024-02-16 16:03:09.225623000 -0500 +@@ -1,11 +1,12 @@ -#!/bin/bash +#!/bin/sh # generates payloads for each os @@ -10,6 +10,7 @@ GOOS=windows go build -o ../payloads/sandcat.go-windows -ldflags="-s -w" sandcat.go GOOS=linux go build -o ../payloads/sandcat.go-linux -ldflags="-s -w" sandcat.go GOOS=darwin go build -o ../payloads/sandcat.go-darwin -ldflags="-s -w" sandcat.go + GOOS=darwin GOARCH=arm64 go build -o ../payloads/sandcat.go-darwin-arm64 -ldflags="-s -w" sandcat.go +GOOS=freebsd go build -o ../payloads/sandcat.go-freebsd -ldflags="-s -w" sandcat.go } cd gocat && build diff --git a/security/caldera/files/patch-plugins_stockpile_payloads_ragdoll.py b/security/caldera/files/patch-plugins_stockpile_payloads_ragdoll.py deleted file mode 100644 index 13f037f6db8b..000000000000 --- a/security/caldera/files/patch-plugins_stockpile_payloads_ragdoll.py +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/stockpile/payloads/ragdoll.py.orig 2023-05-16 23:53:18 UTC -+++ plugins/stockpile/payloads/ragdoll.py -@@ -63,7 +63,7 @@ class OperationLoop: - def _execute_instruction(self, i): - print('[+] Running instruction: %s' % i['id']) - cmd = self._decode_bytes(i['command']) -- execution_timestamp = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S') -+ execution_timestamp = datetime.datetime.now().strftime('%Y-%m-%dT%H:%M:%SZ') - try: - output = subprocess.check_output(cmd, shell=True, timeout=i['timeout']) - except subprocess.CalledProcessError as e: diff --git a/security/caldera/files/pkg-message.in b/security/caldera/files/pkg-message.in index 5662ac917f51..dfd4fd953b9a 100644 --- a/security/caldera/files/pkg-message.in +++ b/security/caldera/files/pkg-message.in @@ -1,7 +1,7 @@ [ { type: install message: <