From 07a3e9853bf1024e61f60f8439cc2e851722762f Mon Sep 17 00:00:00 2001 From: Florian Roth Date: Wed, 21 Feb 2018 19:36:42 +0100 Subject: [PATCH] v0.5 with Menu for test-set selection --- .gitignore | 2 ++ APTSimulator.bat | 69 +++++++++++++++++++++++++++++++----------------- build_pack.bat | 5 ++-- welcome.txt | 7 +++++ 4 files changed, 57 insertions(+), 26 deletions(-) create mode 100644 welcome.txt diff --git a/.gitignore b/.gitignore index 0f2eeb0..99fa81c 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ dist out.tmp build +enc-files.7z +enc-toolset.7z diff --git a/APTSimulator.bat b/APTSimulator.bat index bcfd38b..a3872bc 100644 --- a/APTSimulator.bat +++ b/APTSimulator.bat @@ -1,10 +1,6 @@ @ECHO OFF color 0C ECHO. -ECHO =========================================================================== -ECHO APT Simulator -ECHO Florian Roth, v0.4.4 February 2018 -ECHO =========================================================================== SET CWD="%~dp0" cd %CWD% @@ -21,6 +17,9 @@ SET PASS=aptsimulator SET APTDIR=C:\TMP SET WWWROOT=C:\inetpub\wwwroot +CLS +ECHO =========================================================================== +ECHO WARNING! ECHO. ECHO This program is meant to simulate an APT on the local system by ECHO distributing traces of typical APT attacks. @@ -35,42 +34,64 @@ ECHO 4.) DO NOT upload contents of this archive to VIRUSTOTAL or a similar ECHO online service as they provide backend views in which researchers and ECHO attackers get access to the uploaded files. ECHO. - ECHO =========================================================================== ECHO Let's go ahead ... The next steps will manipulate the local system. ECHO. setlocal :PROMPT -SET /P AREYOUSURE=Are you sure to proceed (Y/[N])? +SET /P AREYOUSURE=Are you sure to proceed (Y/[N])? IF /I "%AREYOUSURE%" NEQ "Y" GOTO END -:: Run the test sets +:MENU +CLS +color 07 +ECHO =========================================================================== +TYPE welcome.txt +ECHO. +ECHO Select the test-set that you want to run: +ECHO. +ECHO 0 - RUN EVERY TEST +ECHO 1 - Collection +ECHO 2 - Command and Control +ECHO 3 - Credential Access +ECHO 4 - Defense Evasion +ECHO 5 - Discovery +ECHO 6 - Execution +ECHO 7 - Lateral Movement +ECHO 8 - Persistence +ECHO 9 - Privilege Escalation +ECHO E - EXIT +ECHO. + +SET /P M=Your selection (then press ENTER): +IF %M%==0 SET list="collection" "command-and-control" "credential-access" "defense-evasion" "discovery" "execution" "lateral-movement" "persistence" "privilege-escalation" +IF %M%==1 SET list="collection" +IF %M%==2 SET list="command-and-control" +IF %M%==3 SET list="credential-access" +IF %M%==4 SET list="defense-evasion" +IF %M%==5 SET list="discovery" +IF %M%==6 SET list="execution" +IF %M%==7 SET list="lateral-movement" +IF %M%==8 SET list="persistence" +IF %M%==9 SET list="privilege-escalation" +IF %M%==e GOTO END +IF %M%==E GOTO END -for %%i in ( - "collection" - "command-and-control" - "credential-access" - "defense-evasion" - "discovery" - "execution" - "lateral-movement" - "persistence" - "privilege-escalation" -) do ( +:: Running all test sets +for %%i in (%list%) do ( ECHO. ECHO ########################################################################### ECHO RUNNING SET: %%i ECHO. - for /f "delims=" %%x in ('dir /b /a-d .\test-sets\%%i\*.bat') do call ".\test-sets\%%i\%%x" + for /f "delims=" %%x in ('dir /b /a-d .\test-sets\%%i\*.bat') do call ".\test-sets\%%i\%%x" ) -GOTO END - -:END -ECHO. ECHO =========================================================================== ECHO Finished! ECHO Check for errors and make sure you opened the command line as 'Administrator' +PAUSE +GOTO MENU + +:END ECHO. -pause color 07 endlocal diff --git a/build_pack.bat b/build_pack.bat index db50b3f..4d4cfa0 100644 --- a/build_pack.bat +++ b/build_pack.bat @@ -10,6 +10,7 @@ MKDIR %BUILD% :: Script copy APTSimulator.bat %BUILD% +copy welcome.txt %BUILD% :: HELPERS del /Q %BUILD%\helpers\*.* @@ -23,13 +24,13 @@ xcopy /S /Y .\test-sets %BUILD%\test-sets\ :: Compress and encrypt toolset %ZIP% u -bb3 -t7z -r -mx=9 -mmt=4 -mhe=on -p%PASS% enc-toolset.7z ./toolset/ :: Copy it to the build dir -move enc-toolset.7z %BUILD% +copy enc-toolset.7z %BUILD% :: FILES :: Compress and encrypt workfiles %ZIP% u -bb3 -t7z -r -mx=9 -mmt=4 -mhe=on -p%PASS% enc-files.7z ./workfiles/ :: Copy it to the build dir -move enc-files.7z %BUILD% +copy enc-files.7z %BUILD% :: PACK ren build APTSimulator diff --git a/welcome.txt b/welcome.txt new file mode 100644 index 0000000..17ef5d5 --- /dev/null +++ b/welcome.txt @@ -0,0 +1,7 @@ + ___ ____ ___________ _ __ __ + / | / __ \/_ __/ ___/(_)___ ___ __ __/ /___ _/ /_____ _____ + / /| | / /_/ / / / \__ \/ / __ `__ \/ / / / / __ `/ __/ __ \/ ___/ + / ___ |/ ____/ / / ___/ / / / / / / / /_/ / / /_/ / /_/ /_/ / / + /_/ |_/_/ /_/ /____/_/_/ /_/ /_/\__,_/_/\__,_/\__/\____/_/ + + Florian Roth, Nextron Systems, v0.5