|
1 | | -from django.core.management.base import BaseCommand |
| 1 | +from .base_lab_seeder import LabSeederCommand |
2 | 2 |
|
3 | | -from website.models import Labs, TaskContent, Tasks |
4 | 3 |
|
| 4 | +class Command(LabSeederCommand): |
| 5 | + help = "Creates Command Injection lab tasks" |
| 6 | + lab_name = "Command Injection" |
5 | 7 |
|
6 | | -class Command(BaseCommand): |
7 | | - help = "Create Command Injection lab tasks" |
8 | | - |
9 | | - def handle(self, *args, **options): |
10 | | - command_injection_lab, created = Labs.objects.get_or_create( |
11 | | - name="Command Injection", |
12 | | - defaults={ |
13 | | - "description": "Learn about command injection vulnerabilities and how to exploit them", |
14 | | - "difficulty": "Intermediate", |
15 | | - "is_active": True, |
16 | | - }, |
17 | | - ) |
18 | | - |
19 | | - if created: |
20 | | - self.stdout.write(self.style.SUCCESS(f"Created lab: {command_injection_lab.name}")) |
21 | | - else: |
22 | | - self.stdout.write(self.style.WARNING(f"Lab already exists: {command_injection_lab.name}")) |
23 | | - |
24 | | - tasks_data = [ |
25 | | - { |
26 | | - "order": 1, |
27 | | - "name": "Understanding Command Injection", |
28 | | - "description": "Learn the basics of command injection vulnerabilities", |
29 | | - "task_type": "theory", |
30 | | - "theory_content": """ |
| 8 | + tasks_data = [ |
| 9 | + { |
| 10 | + "order": 1, |
| 11 | + "name": "Understanding Command Injection", |
| 12 | + "description": "Learn the basics of command injection vulnerabilities", |
| 13 | + "task_type": "theory", |
| 14 | + "theory_content": """ |
31 | 15 | <h2>What is Command Injection?</h2> |
32 | 16 | <p>Command injection allows an attacker to execute arbitrary OS commands on the server by manipulating inputs to insecure system calls.</p> |
33 | | - """, |
34 | | - "mcq_question": "What is Command Injection?", |
35 | | - "mcq_options": [ |
36 | | - "A) Injecting OS commands via user input", |
37 | | - "B) Improving system performance", |
38 | | - "C) Backing up data", |
39 | | - "D) Writing database queries", |
40 | | - ], |
41 | | - "correct_answer": "A", |
42 | | - }, |
43 | | - { |
44 | | - "order": 2, |
45 | | - "name": "Command Injection Types", |
46 | | - "description": "Understand different types of command injection", |
47 | | - "task_type": "theory", |
48 | | - "theory_content": """ |
| 17 | + """, |
| 18 | + "mcq_question": "What is Command Injection?", |
| 19 | + "mcq_options": [ |
| 20 | + "A) Injecting OS commands via user input", |
| 21 | + "B) Improving system performance", |
| 22 | + "C) Backing up data", |
| 23 | + "D) Writing database queries", |
| 24 | + ], |
| 25 | + "correct_answer": "A", |
| 26 | + }, |
| 27 | + { |
| 28 | + "order": 2, |
| 29 | + "name": "Command Injection Types", |
| 30 | + "description": "Understand different types of command injection", |
| 31 | + "task_type": "theory", |
| 32 | + "theory_content": """ |
49 | 33 | <h2>Types of Command Injection</h2> |
50 | 34 | <ul> |
51 | 35 | <li>Blind command injection</li> |
52 | 36 | <li>Time-based command injection</li> |
53 | 37 | <li>Out-of-band command injection</li> |
54 | 38 | </ul> |
55 | | - """, |
56 | | - "mcq_question": "Which of the following is NOT a type of command injection?", |
57 | | - "mcq_options": [ |
58 | | - "A) Blind command injection", |
59 | | - "B) Time-based command injection", |
60 | | - "C) Out-of-band command injection", |
61 | | - "D) Cross-site command injection", |
| 39 | + """, |
| 40 | + "mcq_question": "Which of the following is NOT a type of command injection?", |
| 41 | + "mcq_options": [ |
| 42 | + "A) Blind command injection", |
| 43 | + "B) Time-based command injection", |
| 44 | + "C) Out-of-band command injection", |
| 45 | + "D) Cross-site command injection", |
| 46 | + ], |
| 47 | + "correct_answer": "D", |
| 48 | + }, |
| 49 | + { |
| 50 | + "order": 3, |
| 51 | + "name": "Basic Command Injection", |
| 52 | + "description": "Practice basic command injection with simple payloads", |
| 53 | + "task_type": "simulation", |
| 54 | + "simulation_config": { |
| 55 | + "scenario": "ping_feature", |
| 56 | + "vulnerable_parameters": ["ip_address"], |
| 57 | + "success_criteria": "Execute a command that shows the current directory contents", |
| 58 | + "success_payload": "127.0.0.1; ls", |
| 59 | + "hints": [ |
| 60 | + "Use command separators like ; to chain commands", |
62 | 61 | ], |
63 | | - "correct_answer": "D", |
64 | | - }, |
65 | | - { |
66 | | - "order": 3, |
67 | | - "name": "Basic Command Injection", |
68 | | - "description": "Practice basic command injection with simple payloads", |
69 | | - "task_type": "simulation", |
70 | | - "simulation_config": { |
71 | | - "scenario": "ping_feature", |
72 | | - "vulnerable_parameters": ["ip_address"], |
73 | | - "success_criteria": "Execute a command that shows the current directory contents", |
74 | | - "success_payload": "127.0.0.1; ls", |
75 | | - "hints": [ |
76 | | - "Use command separators like ; to chain commands", |
77 | | - ], |
78 | | - "difficulty": "beginner", |
79 | | - }, |
| 62 | + "difficulty": "beginner", |
80 | 63 | }, |
81 | | - { |
82 | | - "order": 4, |
83 | | - "name": "Command Injection with Pipes", |
84 | | - "description": "Use pipe operators for command injection", |
85 | | - "task_type": "simulation", |
86 | | - "simulation_config": { |
87 | | - "scenario": "ping_filter_semicolon", |
88 | | - "vulnerable_parameters": ["ip_address"], |
89 | | - "success_criteria": "Execute a command that shows system information", |
90 | | - "success_payload": "127.0.0.1 | uname -a", |
91 | | - "hints": [ |
92 | | - "Try the pipe operator (|) to feed output into commands", |
93 | | - ], |
94 | | - "difficulty": "beginner", |
95 | | - }, |
| 64 | + }, |
| 65 | + { |
| 66 | + "order": 4, |
| 67 | + "name": "Command Injection with Pipes", |
| 68 | + "description": "Use pipe operators for command injection", |
| 69 | + "task_type": "simulation", |
| 70 | + "simulation_config": { |
| 71 | + "scenario": "ping_filter_semicolon", |
| 72 | + "vulnerable_parameters": ["ip_address"], |
| 73 | + "success_criteria": "Execute a command that shows system information", |
| 74 | + "success_payload": "127.0.0.1 | uname -a", |
| 75 | + "hints": [ |
| 76 | + "Try the pipe operator (|) to feed output into commands", |
| 77 | + ], |
| 78 | + "difficulty": "beginner", |
96 | 79 | }, |
97 | | - { |
98 | | - "order": 5, |
99 | | - "name": "Blind Command Injection", |
100 | | - "description": "Practice blind command injection techniques", |
101 | | - "task_type": "simulation", |
102 | | - "simulation_config": { |
103 | | - "scenario": "blind_injection", |
104 | | - "vulnerable_parameters": ["ip_address"], |
105 | | - "success_criteria": "Cause a measurable time delay", |
106 | | - "success_payload": "127.0.0.1; sleep 5", |
107 | | - "hints": [ |
108 | | - "Use time delays like sleep to confirm injection", |
109 | | - ], |
110 | | - "difficulty": "intermediate", |
111 | | - }, |
| 80 | + }, |
| 81 | + { |
| 82 | + "order": 5, |
| 83 | + "name": "Blind Command Injection", |
| 84 | + "description": "Practice blind command injection techniques", |
| 85 | + "task_type": "simulation", |
| 86 | + "simulation_config": { |
| 87 | + "scenario": "blind_injection", |
| 88 | + "vulnerable_parameters": ["ip_address"], |
| 89 | + "success_criteria": "Cause a measurable time delay", |
| 90 | + "success_payload": "127.0.0.1; sleep 5", |
| 91 | + "hints": [ |
| 92 | + "Use time delays like sleep to confirm injection", |
| 93 | + ], |
| 94 | + "difficulty": "intermediate", |
112 | 95 | }, |
113 | | - { |
114 | | - "order": 6, |
115 | | - "name": "Command Injection Prevention", |
116 | | - "description": "Learn how to prevent command injection vulnerabilities", |
117 | | - "task_type": "theory", |
118 | | - "theory_content": """ |
| 96 | + }, |
| 97 | + { |
| 98 | + "order": 6, |
| 99 | + "name": "Command Injection Prevention", |
| 100 | + "description": "Learn how to prevent command injection vulnerabilities", |
| 101 | + "task_type": "theory", |
| 102 | + "theory_content": """ |
119 | 103 | <h2>Prevention</h2> |
120 | 104 | <ul> |
121 | 105 | <li>Validate and sanitize all inputs</li> |
122 | 106 | <li>Use safe, parameterized APIs instead of shell calls</li> |
123 | 107 | <li>Avoid invoking system commands entirely when possible</li> |
124 | 108 | </ul> |
125 | | - """, |
126 | | - "mcq_question": "What is the BEST way to prevent command injection?", |
127 | | - "mcq_options": [ |
128 | | - "A) Input validation only", |
129 | | - "B) Parameterized commands only", |
130 | | - "C) Avoid system commands only", |
131 | | - "D) All of the above combined", |
| 109 | + """, |
| 110 | + "mcq_question": "What is the BEST way to prevent command injection?", |
| 111 | + "mcq_options": [ |
| 112 | + "A) Input validation only", |
| 113 | + "B) Parameterized commands only", |
| 114 | + "C) Avoid system commands only", |
| 115 | + "D) All of the above combined", |
| 116 | + ], |
| 117 | + "correct_answer": "D", |
| 118 | + }, |
| 119 | + { |
| 120 | + "order": 7, |
| 121 | + "name": "Advanced Command Injection", |
| 122 | + "description": "Practice advanced command injection with encoding", |
| 123 | + "task_type": "simulation", |
| 124 | + "simulation_config": { |
| 125 | + "scenario": "filter_bypass", |
| 126 | + "vulnerable_parameters": ["ip_address"], |
| 127 | + "success_criteria": "Execute a command that shows the current user", |
| 128 | + "success_payload": "127.0.0.1${IFS}&&${IFS}whoami", |
| 129 | + "hints": [ |
| 130 | + "Use ${IFS} instead of spaces to bypass filters", |
132 | 131 | ], |
133 | | - "correct_answer": "D", |
134 | | - }, |
135 | | - { |
136 | | - "order": 7, |
137 | | - "name": "Advanced Command Injection", |
138 | | - "description": "Practice advanced command injection with encoding", |
139 | | - "task_type": "simulation", |
140 | | - "simulation_config": { |
141 | | - "scenario": "filter_bypass", |
142 | | - "vulnerable_parameters": ["ip_address"], |
143 | | - "success_criteria": "Execute a command that shows the current user", |
144 | | - "success_payload": "127.0.0.1${IFS}&&${IFS}whoami", |
145 | | - "hints": [ |
146 | | - "Use ${IFS} instead of spaces to bypass filters", |
147 | | - ], |
148 | | - "difficulty": "advanced", |
149 | | - }, |
| 132 | + "difficulty": "advanced", |
150 | 133 | }, |
151 | | - { |
152 | | - "order": 8, |
153 | | - "name": "Command Injection in Web Shells", |
154 | | - "description": "Understand how command injection relates to web shells", |
155 | | - "task_type": "theory", |
156 | | - "theory_content": """ |
| 134 | + }, |
| 135 | + { |
| 136 | + "order": 8, |
| 137 | + "name": "Command Injection in Web Shells", |
| 138 | + "description": "Understand how command injection relates to web shells", |
| 139 | + "task_type": "theory", |
| 140 | + "theory_content": """ |
157 | 141 | <h2>Web Shells</h2> |
158 | 142 | <p>Command injection can be leveraged to upload or execute web shells, providing persistent access.</p> |
159 | | - """, |
160 | | - "mcq_question": "How does command injection relate to web shells?", |
161 | | - "mcq_options": [ |
162 | | - "A) It can be used to upload/execute shells", |
163 | | - "B) Web shells are a type of command injection", |
164 | | - "C) They are unrelated", |
165 | | - "D) Web shells prevent injection", |
166 | | - ], |
167 | | - "correct_answer": "A", |
168 | | - }, |
169 | | - ] |
170 | | - |
171 | | - for task_data in tasks_data: |
172 | | - task, created = Tasks.objects.update_or_create( |
173 | | - lab=command_injection_lab, |
174 | | - order=task_data["order"], |
175 | | - defaults={ |
176 | | - "name": task_data["name"], |
177 | | - "description": task_data["description"], |
178 | | - "task_type": task_data["task_type"], |
179 | | - "is_active": True, |
180 | | - }, |
181 | | - ) |
182 | | - |
183 | | - if created: |
184 | | - self.stdout.write(self.style.SUCCESS(f"Created task: {task.name}")) |
185 | | - else: |
186 | | - self.stdout.write(self.style.WARNING(f"Updated task: {task.name}")) |
187 | | - |
188 | | - content_defaults = {} |
189 | | - if task_data["task_type"] == "theory": |
190 | | - content_defaults.update( |
191 | | - { |
192 | | - "theory_content": task_data.get("theory_content", ""), |
193 | | - "mcq_question": task_data.get("mcq_question", ""), |
194 | | - "mcq_options": task_data.get("mcq_options", []), |
195 | | - "correct_answer": task_data.get("correct_answer", ""), |
196 | | - } |
197 | | - ) |
198 | | - else: |
199 | | - content_defaults.update( |
200 | | - { |
201 | | - "simulation_config": task_data.get("simulation_config", {}), |
202 | | - } |
203 | | - ) |
204 | | - |
205 | | - content, content_created = TaskContent.objects.update_or_create( |
206 | | - task=task, |
207 | | - defaults=content_defaults, |
208 | | - ) |
209 | | - |
210 | | - if content_created: |
211 | | - self.stdout.write(self.style.SUCCESS(f"Created content for task: {task.name}")) |
212 | | - else: |
213 | | - self.stdout.write(self.style.WARNING(f"Updated content for task: {task.name}")) |
214 | | - |
215 | | - if hasattr(command_injection_lab, "update_total_tasks"): |
216 | | - command_injection_lab.update_total_tasks() |
217 | | - |
218 | | - self.stdout.write( |
219 | | - self.style.SUCCESS(f"Successfully created/updated {len(tasks_data)} tasks for Command Injection lab") |
220 | | - ) |
| 143 | + """, |
| 144 | + "mcq_question": "How does command injection relate to web shells?", |
| 145 | + "mcq_options": [ |
| 146 | + "A) It can be used to upload/execute shells", |
| 147 | + "B) Web shells are a type of command injection", |
| 148 | + "C) They are unrelated", |
| 149 | + "D) Web shells prevent injection", |
| 150 | + ], |
| 151 | + "correct_answer": "A", |
| 152 | + }, |
| 153 | + ] |
0 commit comments