:orphan: .. **************************************************************************** .. CUI .. .. The Advanced Framework for Simulation, Integration, and Modeling (AFSIM) .. .. The use, dissemination or disclosure of data in this file is subject to .. limitation or restriction. See accompanying README and LICENSE for details. .. **************************************************************************** WSF_CYBER_MAN_IN_THE_MIDDLE_EFFECT ---------------------------------- .. model:: cyber_effect WSF_CYBER_MAN_IN_THE_MIDDLE_EFFECT .. parsed-literal:: cyber_effect :model:`WSF_CYBER_MAN_IN_THE_MIDDLE_EFFECT` platform_type_ ... comm_effect_ commands target_list_ ... end_target_list all_ exfiltrate_ script :class:`WsfCyberMitmMessage` :command:`WSF_CYBER_MAN_IN_THE_MIDDLE_EFFECT.OnSend` ... script :class:`WsfCyberMitmMessage` :command:`WSF_CYBER_MAN_IN_THE_MIDDLE_EFFECT.OnReceive` ... end_platform_type platform_ ... comm_effect_ commands end_platform default_ ... comm_effect_ commands end_default end_cyber_effect Overview ======== :model:`WSF_CYBER_MAN_IN_THE_MIDDLE_EFFECT` is a cyber_effect that allows the injection of a man-in-the-middle attack on the victim. The effect will allow the user to drop, delay, and alter any incoming or outgoing messages from the victim platform. Commands ======== .. command:: platform_type ... end_platform_type Define the affected comms and effect behaviors for a platform type. This command may be repeated as necessary. .. command:: platform ... end_platform Define the affected comms and effect behaviors for a specific platform. This command may be repeated as necessary. .. command:: default ... end_default Define the default comms and behaviors of the attack if the victim is not of any previously specified platforms or platform types. .. _comm_effect: Common Victim Commands ^^^^^^^^^^^^^^^^^^^^^^ .. command:: target_list ... end_target_list Specifies comm devices by name on the victim platform that will be affected by this effect. If a comm is listed, but does not exist on the victim platform when the effect is applied, then it will be disregarded. .. command:: all Specifies that all comms on the victim platform will be affected by this effect. .. command:: exfiltrate Specifies that this comm should attempt to forward every message it receives back to the attacker. This will attempt to send the message to the first comm on the attacker that is reachable from the victim comm. Any message exfiltrated this way will be marked with an :code:`EXFILTRATED_MESSAGE` aux-data field. The forwarded message will be marked with the :code:`EXFILTRATION_MESSAGE` aux-data field. **Default** false .. command:: OnSend (script) A provided script that will be called when a specified comm attempts to send a message. This script allows for the ability to alter, delay, or drop a WsfMessage. An example to drop a message is as follows: .. parsed-literal:: script :class:`WsfCyberMitmMessage` OnSend(:class:`WsfMessage` aMessage) # Set drop to true to drop the message return WsfCyberMitmMessage.Construct(aMessage, 0, true); end_script .. command:: OnReceive (script) A provided script that will be called when a specified comm attempts to receive a message. This script allows for the ability to alter, delay, or drop a WsfMessage. An example to delay a message is as follows: .. parsed-literal:: script :class:`WsfCyberMitmMessage` OnReceive(:class:`WsfMessage` aMessage) # Delay the message by 10 seconds return WsfCyberMitmMessage.Construct(aMessage, 10, false); end_script