add encode.py to docs

mitre · Aug 3, 2018 · af90159 · af90159
1 parent 0b2c9e0
commit af90159
Show file tree

Hide file tree

Showing 6 changed files with 56 additions and 9 deletions.
diff --git a/docs/add_technique.rst b/docs/add_technique.rst
@@ -105,7 +105,9 @@ Here is the second precondition:
 The first item names the precondition: :code:`'host'`. The second item starts with :code:`OPHost`, specifying that this 
 precondition refers to objects that are `Hosts`. The next part of the expression
 denotes conditions on the :code:`OPHost`. :code:`OPVar` is a special keyword which matches to a previously defined 
-precondition. The entire expression, :code:`OPVar("rat.host")`, matches to the `host` field of the previously defined `rat` precondition. In plain terms, the precondition :code:`OPHost(OPVar("rat.host"))` matches to an of object of type :code:`OPHost` that is the same object as the :code'`host` field of the :code:`rat` precondition.
+precondition. The entire expression, :code:`OPVar("rat.host")`, matches to the `host` field of the previously defined
+`rat` precondition. In plain terms, the precondition :code:`OPHost(OPVar("rat.host"))` matches to an of object of
+type :code:`OPHost` that is the same object as the :code:`host` field of the :code:`rat` precondition.
 
 In psuedocode this would look something like this:
 
@@ -119,7 +121,7 @@ Now that you understand these preconditions, we're going to jump down a bit to a
    :pyobject: DirListCollection
    :lines: 28
 
-This defines the Step's :code:`action` function. The action function is called when CALERA decides to
+This defines the Step's :code:`action` function. The action function is called when CALDERA decides to
 execute the Step. Notice the parameters :code:`rat` and :code:`host` these match the preconditions that 
 are defined above (because they match the precondition's names). When the Step is called, objects that
 match the :code:`rat` and :code:`host` preconditions will be passed into the :code:`action` function.
@@ -160,7 +162,8 @@ The class variable :code:`significant_parameters` allows the user to specify whi
    :pyobject: DirListCollection
    :lines: 19
 
-By default CALDERA will not re-run an action if all of the parameters are the same as an action that has previously been executed.
+By default CALDERA will not re-run an action if all of the parameters are the same as an action that has previously
+been executed.
 However, this behavior can be overridden using the :code:`significant_parameters` class variable.
 Here we set the significant_parameter as "host" because we want this Step to only be performed 
 once per host. If we had left
@@ -275,7 +278,7 @@ computer.
 
 
 We only want this to be run once per host, so we'd like to set the significant parameters to be
-the host that the Step is being exceuted on, which is the Rat's host (that is, :code:`rat.host`), 
+the host that the Step is being exceuted on, which is the Rat's host (that is, :code:`rat.host`),
 however we need to have the host as a named precondition in order to do this, so we will also
 have to modify our preconditions to create a new precondition to refer to the Rat's host.  
 

diff --git a/docs/commands.rst b/docs/commands.rst
@@ -19,8 +19,6 @@ CommandLine generators
 
 .. automodule:: caldera.app.commands.cmd
    :members:
-.. automodule:: caldera.app.commands.footprint
-   :members:
 .. automodule:: caldera.app.commands.mimikatz
    :members:
 .. automodule:: caldera.app.commands.nbtstat

diff --git a/docs/encoding_external_files.rst b/docs/encoding_external_files.rst
@@ -0,0 +1,44 @@
+=======================
+Encoding External Files
+=======================
+
+CALDERA uses a simple encoding scheme to disguise some of the external
+scripts and tools used by the project. This can be useful in preventing
+AV software from interfering with the operation
+of the CALDERA server.
+
+
+Using the script editor
+-----------------------
+
+Small changes to external scripts can be made via the
+CALDERA web application via the built-in Script Editor.
+
+Manually with encode.py
+-----------------------
+
+For larger changes and encoding binary files ``scripts/encode.py`` can be
+used.  This script will read in a file specified with the ``-i`` option
+and output an encoded file to a path specified with the ``-o`` option.
+
+
+Example
+^^^^^^^
+
+The following series of commands are an example of downloading and encoding
+a new version of powerview using the ``encode.py`` script.
+
+    .. code-block:: bash
+
+        cd scripts/
+
+        # Download a version of powerview from Empire's dev branch
+        curl -L -o powerview.ps1 https://github.com/EmpireProject/Empire/raw/dev/data/module_source/situational_awareness/network/powerview.ps1
+
+        # Encode the powershell script
+        python encode.py -i powerview.ps1  -o powerview-ps1
+
+        mv powervew-ps1 ../caldera/files
+
+        # remove the downloaded file
+        rm powerview.ps1
diff --git a/docs/index.rst b/docs/index.rst
@@ -37,6 +37,7 @@ CALDERA User Documentation
    :caption: Developer Information
 
    techniques
+   encoding_external_files
    legal
    developer
    build

diff --git a/docs/installation.rst b/docs/installation.rst
@@ -174,7 +174,7 @@ If you would like to install without docker, please follow the below instruction
 #. *Install CraterMain.exe*
     The `CraterMain.exe` binary needs to be accessible to CALDERA. It should be placed
     in: `caldera/dep/crater/crater/CraterMain.exe` on the computer that the CALDERA server is installed on.
-    Pre-built copies of CraterMain.exe are available `here <https://github.com/mitre/caldera-crater/releases>`_.
+    Pre-built copies of CraterMain.exe are available `here <https://github.com/mitre/caldera-crater/releases>`__.
 
 #. *Start the CALDERA server*
     The Caldera server can now be started by navigating to the `caldera/caldera` directory and running
@@ -212,7 +212,7 @@ CALDERA Agent Installation
 The CALDERA Agent or cagent, is installed on every computer participating in the Adversary Emulation. It should be
 accessible over the network to the CALDERA server. Once configured, each cagent will register with the CALDERA server
 making its computer available as an option in an operation. Pre-built cagent binaries are available 
-`here <https://github.com/mitre/caldera-agent/releases>`_.
+`here <https://github.com/mitre/caldera-agent/releases>`__.
 
 Operating System Support
 ------------------------

diff --git a/docs/techniques.rst b/docs/techniques.rst
@@ -3,4 +3,5 @@ Techniques
 ==========
 
 .. automodule:: caldera.app.operation.operation_steps
-    :members:
+   :members:
+