💡 [REQUEST] - User defined success criteria #92
Comments
l50
added
the
question
l50
added
enhancement
|
@d3sch41n @CrimsonK1ng there are a couple of unresolved questions above that will provide a good starting point for this question/potential feature request. |
|
What is the proposal for success criteria, what does success criteria mean to you? Do you have a better example, something that highlights the use case? What would that look like in your configuration? Using string match for success, what strings are we checking? Is it just the current step output or another command output. How are you intending to handle file lookups ? What is the difference between checking for success in a step using a separate field vs building in the success check into the bash script for instance. |
Do you have a better example, something that highlights the use case? What would that look like in your configuration? More involved example: ---
name: Hello World
description: |
Print hello world
steps:
- name: hello
file: ./ttps/privilege-escalation/credential-theft/hello-world/hello-world.sh
cleanup:
name: cleanup
inline: |
echo "cleaned up!"
success_criteria:
- "Hello*"
- "cleaned up!"In this example, running this TTP will return as a successful operation IFF "Hello*" and "cleaned up!" are in the TTP output.
I was thinking all of the output from running a given TTP.
Maybe I'm not understanding your question as these seem like too obvious of an answer: // Check if file exists
os.Stat("filethatneedstoexist.txt")func checkIfFileContainsString(filePath, searchString string) bool {
file, err := os.Open(filePath)
if err != nil {
fmt.Printf("Error opening file: %v\n", err)
return false
}
defer file.Close()
scanner := bufio.NewScanner(file)
for scanner.Scan() {
if strings.Contains(scanner.Text(), searchString) {
return true
}
}
if err := scanner.Err(); err != nil {
fmt.Printf("Error reading file: %v\n", err)
return false
}
return false
}
// Check if file contains "success yay!"
filePath := "example.txt"
searchString := "success yay!"
found := checkIfFileContainsString(filePath, searchString)
fmt.Printf("String %q found in file: %v\n", searchString, found)
Checking for success for a TTP governs the state of the overall TTP vs. success in a step which can be used to determine if the next step should run, etc. |
|
How would you represent that in yaml? Do you want the success criteria to have another value that uses a file keyword? How would you distinguish between a string and a file for success criteria? Your example only highlights the simple case of string matches. What would a file success look like? |
|
Here's a more complete proposed example that also includes the file success criteria as well: ---
name: Hello World
description: |
Print hello world
steps:
- name: hello
file: ./ttps/privilege-escalation/credential-theft/hello-world/hello-world.sh
cleanup:
name: cleanup
inline: |
echo "cleaned up!"
success_criteria:
output_matches:
- "Hello*"
- "cleaned up!"
file_exists:
- "./output/file1.txt"
file_contains:
- path: "./output/file2.txt"
pattern: "*sample content*"As you can see, Thoughts? Anything else missing @CrimsonK1ng ? |
|
I see the use case for this, as long as we don't make it too complicated and try to stretch too far to support weird Some thoughts that may be helpful:
|
|
Will be taking this on in the next sprint. I will add the requested
Item (4) already exists via |
Implementation PR
N/A
Reference Issues
N/A
Summary
Provide TTPForge users with the means to define "success criteria" for a TTP.
Basic Example
High-level example ideas:
Drawbacks
None that I can think of
Unresolved questions
The text was updated successfully, but these errors were encountered: