From 828f909f0b84a7b21b6b358d10080a956cca3c8c Mon Sep 17 00:00:00 2001 From: whotwagner Date: Tue, 3 Dec 2024 11:08:37 +0100 Subject: [PATCH 01/20] Update metadata.py --- src/attackmate/metadata.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/attackmate/metadata.py b/src/attackmate/metadata.py index 12af946b..fb4b35ee 100644 --- a/src/attackmate/metadata.py +++ b/src/attackmate/metadata.py @@ -8,7 +8,7 @@ __license__ = 'GPLv3' __maintainer__ = 'Wolfgang Hotwagner, Max Landauer, Markus Wurzenberger, Florian Skopik' __status__ = 'Production' -__version__ = '0.2.1' +__version__ = '0.3.2' __version_string__ = ( f'(Austrian Institute of Technology)\t' f'{__website__}\tVersion: {__version__}') From ce0f80a3c07e93e5ea1f348cd9bbc0d9d1dde3fc Mon Sep 17 00:00:00 2001 From: whotwagner Date: Tue, 3 Dec 2024 11:09:05 +0100 Subject: [PATCH 02/20] Update conf.py --- docs/source/conf.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/conf.py b/docs/source/conf.py index f405e78d..0131272e 100644 --- a/docs/source/conf.py +++ b/docs/source/conf.py @@ -13,7 +13,7 @@ project = 'AttackMate' copyright = '2023, Wolfgang Hotwagner' author = 'Wolfgang Hotwagner' -release = '0.2.1' +release = '0.3.2' # -- General configuration --------------------------------------------------- # https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration From 24da16249d2996b0f6aa1b6fe995219d062c26a1 Mon Sep 17 00:00:00 2001 From: whotwagner Date: Tue, 3 Dec 2024 11:09:44 +0100 Subject: [PATCH 03/20] Update conf.py --- docs/source/conf.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/conf.py b/docs/source/conf.py index 0131272e..286619c5 100644 --- a/docs/source/conf.py +++ b/docs/source/conf.py @@ -13,7 +13,7 @@ project = 'AttackMate' copyright = '2023, Wolfgang Hotwagner' author = 'Wolfgang Hotwagner' -release = '0.3.2' +release = '0.4.0' # -- General configuration --------------------------------------------------- # https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration From a816d264c6b9edd7625e440c30f8891d63b800f3 Mon Sep 17 00:00:00 2001 From: whotwagner Date: Tue, 3 Dec 2024 11:10:20 +0100 Subject: [PATCH 04/20] Update metadata.py --- src/attackmate/metadata.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/attackmate/metadata.py b/src/attackmate/metadata.py index fb4b35ee..53e978ef 100644 --- a/src/attackmate/metadata.py +++ b/src/attackmate/metadata.py @@ -8,7 +8,7 @@ __license__ = 'GPLv3' __maintainer__ = 'Wolfgang Hotwagner, Max Landauer, Markus Wurzenberger, Florian Skopik' __status__ = 'Production' -__version__ = '0.3.2' +__version__ = '0.4.0' __version_string__ = ( f'(Austrian Institute of Technology)\t' f'{__website__}\tVersion: {__version__}') From ab6a83cdb77468eec5407f7767bb58b23d79c8a8 Mon Sep 17 00:00:00 2001 From: skopikf <62601486+skopikf@users.noreply.github.com> Date: Tue, 14 Jan 2025 16:17:23 +0100 Subject: [PATCH 05/20] Update README.md updated funding options --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index f3db26e1..7d622f28 100644 --- a/README.md +++ b/README.md @@ -67,3 +67,7 @@ a command injection. Keep that in mind! ## License [GPL-3.0](LICENSE) + +## Financial Support + +Funded by the European Union under GA no. 101121403 (NEWSROOM) and GA no. 101103385 (AInception). Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Commission. Neither the European Union nor the granting authority can be held responsible for them. Further supported by the Horizon Europe project MIRANDA (101168144). Co-funded by the Austrian FFG Kiras projects ASOC (FO999905301) and Testcat (FO999911248). From 4dcfcee944c255411be543a1f24c6d7f877ce87c Mon Sep 17 00:00:00 2001 From: skopikf <62601486+skopikf@users.noreply.github.com> Date: Tue, 14 Jan 2025 16:20:24 +0100 Subject: [PATCH 06/20] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7d622f28..712a88da 100644 --- a/README.md +++ b/README.md @@ -70,4 +70,4 @@ a command injection. Keep that in mind! ## Financial Support -Funded by the European Union under GA no. 101121403 (NEWSROOM) and GA no. 101103385 (AInception). Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Commission. Neither the European Union nor the granting authority can be held responsible for them. Further supported by the Horizon Europe project MIRANDA (101168144). Co-funded by the Austrian FFG Kiras projects ASOC (FO999905301) and Testcat (FO999911248). +Funded by the European Union under GA no. 101121403 (NEWSROOM) and GA no. 101103385 (AInception). Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Commission. Neither the European Union nor the granting authority can be held responsible for them. Further supported by the Horizon Europe project MIRANDA (101168144). Co-funded by the Austrian security research programme KIRAS of the Federal Ministry of Finance (BMF) in course of the projecs ASOC (FO999905301) and Testcat (FO999911248). From 24f54269307e2af013c345b71b9f866523b50e4a Mon Sep 17 00:00:00 2001 From: skopikf <62601486+skopikf@users.noreply.github.com> Date: Wed, 15 Jan 2025 19:51:15 +0100 Subject: [PATCH 07/20] Update README.md fixed typos --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 712a88da..1bff0c93 100644 --- a/README.md +++ b/README.md @@ -70,4 +70,4 @@ a command injection. Keep that in mind! ## Financial Support -Funded by the European Union under GA no. 101121403 (NEWSROOM) and GA no. 101103385 (AInception). Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Commission. Neither the European Union nor the granting authority can be held responsible for them. Further supported by the Horizon Europe project MIRANDA (101168144). Co-funded by the Austrian security research programme KIRAS of the Federal Ministry of Finance (BMF) in course of the projecs ASOC (FO999905301) and Testcat (FO999911248). +Funded by the European Union under GA no. 101121403 (NEWSROOM) and GA no. 101103385 (AInception). Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Commission. Neither the European Union nor the granting authority can be held responsible for them. Further supported by the Horizon Europe project MIRANDA (101168144). Co-funded by the Austrian security research programme KIRAS of the Federal Ministry of Finance (BMF) in course of the projects ASOC (FO999905301) and Testcat (FO999911248). From d6b4279e63ec322fb2ef65549a922f3139ebea98 Mon Sep 17 00:00:00 2001 From: whotwagner Date: Thu, 27 Feb 2025 14:37:52 +0100 Subject: [PATCH 08/20] Update metadata.py Set version to 0.5.0 --- src/attackmate/metadata.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/attackmate/metadata.py b/src/attackmate/metadata.py index 53e978ef..e60eace1 100644 --- a/src/attackmate/metadata.py +++ b/src/attackmate/metadata.py @@ -8,7 +8,7 @@ __license__ = 'GPLv3' __maintainer__ = 'Wolfgang Hotwagner, Max Landauer, Markus Wurzenberger, Florian Skopik' __status__ = 'Production' -__version__ = '0.4.0' +__version__ = '0.5.0' __version_string__ = ( f'(Austrian Institute of Technology)\t' f'{__website__}\tVersion: {__version__}') From 142612f3835fe39691aaa7dafd1d3ed9e7408540 Mon Sep 17 00:00:00 2001 From: whotwagner Date: Thu, 27 Feb 2025 14:39:56 +0100 Subject: [PATCH 09/20] Update conf.py --- docs/source/conf.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/conf.py b/docs/source/conf.py index 286619c5..4e7a01c2 100644 --- a/docs/source/conf.py +++ b/docs/source/conf.py @@ -13,7 +13,7 @@ project = 'AttackMate' copyright = '2023, Wolfgang Hotwagner' author = 'Wolfgang Hotwagner' -release = '0.4.0' +release = '0.5.0' # -- General configuration --------------------------------------------------- # https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration From cd0d95952d831fcb8b2ebb2c4696a772de9cb489 Mon Sep 17 00:00:00 2001 From: whotwagner Date: Thu, 27 Feb 2025 16:14:08 +0100 Subject: [PATCH 10/20] Update Jenkinsfile --- Jenkinsfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 6a0410ce..ed8b05cf 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -32,8 +32,9 @@ pipeline { } dir("docs") { sh "id" + sh "adduser adduser --system --uid=112 --gid=112 --home /home/jenkins --shell /bin/bash jenkins" sh "ls -la /docs" - sh "make html" + sh "su - jenkins -c 'make html'" } } } From 46b4b7e3b5660faf4bf5c0606b55b2b783b48186 Mon Sep 17 00:00:00 2001 From: whotwagner Date: Thu, 27 Feb 2025 16:17:07 +0100 Subject: [PATCH 11/20] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index ed8b05cf..61cac6ad 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -32,7 +32,7 @@ pipeline { } dir("docs") { sh "id" - sh "adduser adduser --system --uid=112 --gid=112 --home /home/jenkins --shell /bin/bash jenkins" + sh "adduser --system --uid=112 --gid=112 --home /home/jenkins --shell /bin/bash jenkins" sh "ls -la /docs" sh "su - jenkins -c 'make html'" } From edb9449323dac942905196faa9d7d90da932772d Mon Sep 17 00:00:00 2001 From: whotwagner Date: Thu, 27 Feb 2025 16:18:48 +0100 Subject: [PATCH 12/20] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 61cac6ad..99858d17 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -32,7 +32,7 @@ pipeline { } dir("docs") { sh "id" - sh "adduser --system --uid=112 --gid=112 --home /home/jenkins --shell /bin/bash jenkins" + sh "useradd --system --uid=112 --gid=112 --home /home/jenkins --shell /bin/bash jenkins" sh "ls -la /docs" sh "su - jenkins -c 'make html'" } From 3d0813efa7c03f9f7b497bce0c66857ef785c9c8 Mon Sep 17 00:00:00 2001 From: whotwagner Date: Thu, 27 Feb 2025 16:20:52 +0100 Subject: [PATCH 13/20] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 99858d17..59607f50 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -32,7 +32,7 @@ pipeline { } dir("docs") { sh "id" - sh "useradd --system --uid=112 --gid=112 --home /home/jenkins --shell /bin/bash jenkins" + sh "useradd --system --uid=112 -U --home /home/jenkins --shell /bin/bash jenkins" sh "ls -la /docs" sh "su - jenkins -c 'make html'" } From fce6028d65419bf793c58408d0676ee799affa37 Mon Sep 17 00:00:00 2001 From: whotwagner Date: Thu, 27 Feb 2025 16:22:35 +0100 Subject: [PATCH 14/20] Update Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 59607f50..0d31ea99 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -32,7 +32,7 @@ pipeline { } dir("docs") { sh "id" - sh "useradd --system --uid=112 -U --home /home/jenkins --shell /bin/bash jenkins" + sh "useradd --system --uid=112 -U --home /home/jenkins -m --shell /bin/bash jenkins" sh "ls -la /docs" sh "su - jenkins -c 'make html'" } From 52f6eb983b87daa3e76e0ab4e6d590bcfb6501fd Mon Sep 17 00:00:00 2001 From: whotwagner Date: Thu, 27 Feb 2025 16:32:39 +0100 Subject: [PATCH 15/20] Update Jenkinsfile --- Jenkinsfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 0d31ea99..443b401e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -34,7 +34,8 @@ pipeline { sh "id" sh "useradd --system --uid=112 -U --home /home/jenkins -m --shell /bin/bash jenkins" sh "ls -la /docs" - sh "su - jenkins -c 'make html'" + sh "make html" + sh "chown -R jenkins *" } } } From 4b410c8aa93b1cf0a60d640e5e5778c666017546 Mon Sep 17 00:00:00 2001 From: thorinaboenke Date: Tue, 16 Dec 2025 17:00:44 +0100 Subject: [PATCH 16/20] add keep_serving option to webserv command --- docs/source/playbook/commands/webserv.rst | 9 ++++++++- src/attackmate/executors/http/webservexecutor.py | 9 ++++++++- src/attackmate/schemas/http.py | 1 + 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/docs/source/playbook/commands/webserv.rst b/docs/source/playbook/commands/webserv.rst index 9e683e4c..ba9ea6a4 100644 --- a/docs/source/playbook/commands/webserv.rst +++ b/docs/source/playbook/commands/webserv.rst @@ -3,7 +3,7 @@ webserv ======= Start a http-server and share a file. This command -will return after the first HTTP-request. +will return after the first HTTP-request. To keep serving the file instead set keep_serving to True. .. code-block:: yaml @@ -35,3 +35,10 @@ will return after the first HTTP-request. :type: str :default: ``0.0.0.0`` + +.. confval:: keep_servng + + Keep serving even after a request has been processed + + :type: bool + :default: False diff --git a/src/attackmate/executors/http/webservexecutor.py b/src/attackmate/executors/http/webservexecutor.py index f66e1f1a..e206c162 100644 --- a/src/attackmate/executors/http/webservexecutor.py +++ b/src/attackmate/executors/http/webservexecutor.py @@ -61,7 +61,14 @@ def _exec_cmd(self, command: WebServCommand) -> Result: address = (command.address, CmdVars.variable_to_int('Port', command.port)) try: server = WebServe(address, WebRequestHandler, local_path=command.local_path) - server.handle_request() + if command.keep_serving: + self.logger.info('Keeping server alive to serve multiple requests') + try: + server.serve_forever() + except KeyboardInterrupt: + server.server_close() + else: + server.handle_request() except Exception as e: raise ExecException(e) diff --git a/src/attackmate/schemas/http.py b/src/attackmate/schemas/http.py index 1dbc741d..ac5d8776 100644 --- a/src/attackmate/schemas/http.py +++ b/src/attackmate/schemas/http.py @@ -10,6 +10,7 @@ class WebServCommand(BaseCommand): local_path: str port: StringNumber = '8000' address: str = '0.0.0.0' # nosec + keep_serving: bool = False @CommandRegistry.register('http-client') From cc4b179c874243217a1f0d7dc78d8bf759b65a56 Mon Sep 17 00:00:00 2001 From: thorinaboenke Date: Tue, 16 Dec 2025 17:02:55 +0100 Subject: [PATCH 17/20] add instruction on background mode to webserv docs --- docs/source/playbook/commands/webserv.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/playbook/commands/webserv.rst b/docs/source/playbook/commands/webserv.rst index ba9ea6a4..52a33299 100644 --- a/docs/source/playbook/commands/webserv.rst +++ b/docs/source/playbook/commands/webserv.rst @@ -4,7 +4,7 @@ webserv Start a http-server and share a file. This command will return after the first HTTP-request. To keep serving the file instead set keep_serving to True. - +The webserv command has to be run in background mode, otherwise the playbook execution will halt until a request is received. .. code-block:: yaml ### From 9ed1ef026ae2fdc0b43a5f88d1ae040619b24e62 Mon Sep 17 00:00:00 2001 From: thorinaboenke Date: Wed, 17 Dec 2025 08:19:21 +0100 Subject: [PATCH 18/20] update brwoser executor test --- test/units/test_browserexecutor.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/units/test_browserexecutor.py b/test/units/test_browserexecutor.py index 271c4ee3..66353bf3 100644 --- a/test/units/test_browserexecutor.py +++ b/test/units/test_browserexecutor.py @@ -176,7 +176,7 @@ def test_browser_executor_named_session(browser_executor): reuse_cmd = BrowserCommand( type='browser', cmd='click', - selector='a[href="https://www.iana.org/domains/example"]', + selector='a[href="http://www.iana.org/domains/example"]', session='my_session' ) result2 = browser_executor._exec_cmd(reuse_cmd) From 3176be73db110e343ce1c9d272e2adb03a6dd1ac Mon Sep 17 00:00:00 2001 From: Max Landauer Date: Mon, 16 Feb 2026 10:50:00 +0100 Subject: [PATCH 19/20] Add paper link in readme --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 1bff0c93..5aa464e9 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,7 @@ Please take a look at our documentation for how to install and use attackmate: * [Documentation](https://aeciddocs.ait.ac.at/attackmate/current) * [Command Reference](https://aeciddocs.ait.ac.at/attackmate/current/playbook/commands/index.html) * [Example Playbooks](https://aeciddocs.ait.ac.at/attackmate/current/playbook/examples.html) +* [Arxiv Paper](https://arxiv.org/pdf/2601.14108) ## Disclaimer From 22101ddf9c6dc70fba4497101d00f48992cda97e Mon Sep 17 00:00:00 2001 From: whotwagner Date: Thu, 26 Feb 2026 15:55:19 +0100 Subject: [PATCH 20/20] Added .python-version --- .python-version | 1 + 1 file changed, 1 insertion(+) create mode 100644 .python-version diff --git a/.python-version b/.python-version new file mode 100644 index 00000000..3b49f91e --- /dev/null +++ b/.python-version @@ -0,0 +1 @@ +cpython@3.12