Have you heard of Continuous Penetration Testing?
A guide to installing and running your first operation with MITRE CALDERA.
This Content was created in 2018 and Caldera has changed a lot since then. Content and steps might be outdated.
MITRE's CALDERA project rocks! It emulates adversarial actions on a network. These instructions will guide you through installing and running your first operation. These instructions also work as-is for a Raspberry pi! The performance on the pi is limiting, but its worth it for portability and demos for clients. I don't recommend using CALDERA on a pi if testing in a lab with more than 5 hosts, perhaps an odroid would work better.
You'll need the following:
apt-get -y install python3-dev python3-pip git-core mongodb
Make sure setup-tools in up to date
pip3 install --upgrade setuptools
git clone https://github.com/mitre/caldera
Install CALDERA. cd into the caldera/caldera directory and run:
pip3 install -r requirements.txt
echo "replSet = caldera" >> /etc/mongodb.conf
Restart the database with
systemctl restart mongodb.service.
Download crater, CALDERA's RAT.
Make sure you are in the caldera directory (not caldera/caldera), then run:
mkdir -p dep/crater/crater && cd dep/crater/crater wget https://github.com/mitre/caldera-crater/releases/download/v0.1.0/CraterMainWin7.exe wget https://github.com/mitre/caldera-crater/releases/download/v0.1.0/CraterMainWin8up.exe ln -s CraterMainWin8up.exe CraterMain.exe
Run CALDERA from the following directory caldera/caldera.
You should be able to login to the UI at
https://CALDERAIP:8888 Note: default credentials are
Optional - In preparation for step 2. You can download the required agent software (cagent and visual c++ redistributable) to the server so agents can easily download locally. Handy for a portable setup on the pi.
cd ~/ wget https://download.microsoft.com/download/9/3/F/93FCF1E7-E6A4-478B-96E7-D4B285925B00/vc_redist.x64.exe wget https://github.com/mitre/caldera-agent/releases/download/v0.1.0/cagent.exe
You can host a python web server to download these:
python -m SimpleHTTPServer
On your lab systems:
Install Visual C++ Redistributable
c:\Program Files\cagent. Download the agent's configuration file from your CALDERA server
https://YOUR-CALDERA-SERVER:8888/conf.yml and save it to the c:\program files\cagent directory.
Download and save the agent.
NOTE: you may need to edit the
conf.yml if DNS doesn't work in your lab.
Open an administrative command prompt, and in the c:\program files\cagent directory perform the following:
cagent.exe --startup auto install cagent.exe start
If all goes well you'll see the agent under Debug>Connected Agents
You can verify agents are working by sending commands to the agent under Debug>Send Command feature.
CALDERA needs to know 3 things before you can launch an operation.
Setup your network and assign hosts
Creat an adversary (or choose a builtin)
Create an operation
After you create the operation, CALDERA automatically kicks off the operation after you create it. Here it is in action:
CALDERA github repo
BlackHat presenation on CALDERA by Andy Applebaum and Doug Miller
comp configuration > admin templates > windows components > windows defender
cagent.exe --username DOMAIN\bjames --password SECRET start
Protect your company with Sprocket
When your environment changes, or new threats affect your attack surface, we perform security testing. There is a lot more value from this modern approach to testing.