add level-14

docs/_docs/emulation_system.md

@@ -55,20 +55,22 @@ pre-installed configurations
 in Fig. 6 and whose configuration is listed in Table 4.
 
 
-| *Emulation configuration* | *Description*                                                                 |
-|---------------------------|-------------------------------------------------------------------------------|
-| `csle-level1-020`         | Emulation with 7 components, 3 flags, password vulnerabilities, no IDS.       |
-| `csle-level2-020`         | Emulation with 13 components, 6 flags, password vulnerabilities, no IDS.      |
-| `csle-level3-020`         | Emulation with 34 components, 6 flags, password vulnerabilities, no IDS.      |
-| `csle-level4-020`         | Emulation with 7 components, 3 flags, password vulnerabilities, IDS.          |
-| `csle-level5-020`         | Emulation with 13 components, 6 flags, password vulnerabilities, IDS.         |
-| `csle-level6-020`         | Emulation with 34 components, 6 flags, password vulnerabilities, IDS.         |
-| `csle-level7-020`         | Emulation with 7 components, 3 flags, password & RCE vulnerabilities, IDS.    |
-| `csle-level8-020`         | Emulation with 13 components, 6 flags, password & RCE vulnerabilities, IDS.   |
-| `csle-level9-020`         | Emulation with 34 components, 6 flags, password & RCE vulnerabilities, IDS.   |
-| `csle-level10-020`        | Emulation with 16 components, 12 flags, password & RCE vulnerabilities, IDS.  |
-| `csle-level11-020`        | Emulation with 36 components, 6 flags, password & RCE vulnerabilities, IDS.   |
-| `csle-level12-020`        | Emulation with 7 components, 3 flags, password RCE vulnerabilities, IDS, SDN. |
+| *Emulation configuration* | *Description*                                                                   |
+|---------------------------|---------------------------------------------------------------------------------|
+| `csle-level1-050`         | Emulation with 7 components, 3 flags, password vulnerabilities, no IDS.         |
+| `csle-level2-050`         | Emulation with 13 components, 6 flags, password vulnerabilities, no IDS.        |
+| `csle-level3-050`         | Emulation with 34 components, 6 flags, password vulnerabilities, no IDS.        |
+| `csle-level4-050`         | Emulation with 7 components, 3 flags, password vulnerabilities, IDS.            |
+| `csle-level5-050`         | Emulation with 13 components, 6 flags, password vulnerabilities, IDS.           |
+| `csle-level6-050`         | Emulation with 34 components, 6 flags, password vulnerabilities, IDS.           |
+| `csle-level7-050`         | Emulation with 7 components, 3 flags, password & RCE vulnerabilities, IDS.      |
+| `csle-level8-050`         | Emulation with 13 components, 6 flags, password & RCE vulnerabilities, IDS.     |
+| `csle-level9-050`         | Emulation with 34 components, 6 flags, password & RCE vulnerabilities, IDS.     |
+| `csle-level10-050`        | Emulation with 16 components, 12 flags, password & RCE vulnerabilities, IDS.    |
+| `csle-level11-050`        | Emulation with 36 components, 6 flags, password & RCE vulnerabilities, IDS.     |
+| `csle-level12-050`        | Emulation with 7 components, 3 flags, password RCE vulnerabilities, IDS, SDN.   |
+| `csle-level13-050`        | Emulation with 64 components, 6 flags, password RCE vulnerabilities, IDS, SDN.  |
+| `csle-level14-050`        | Emulation with 17 components, 12 flags, password RCE vulnerabilities, IDS, SDN. |
 
 
 <p class="captionFig">
@@ -101,7 +103,7 @@ Figure 6: Topology of the emulation configuration `csle-level9-020`
 
 <p class="captionFig">
 Table 4: Configuration of the emulation configuration 
-`csle-level9-020`, whose topology is shown in Fig. 6.
+`csle-level9-050`, whose topology is shown in Fig. 6.
 </p>
 
 An *emulation execution* consists of a set of running containers and virtual networks, 

emulation-system/base_images/docker_files/ovs_base/README.md

@@ -0,0 +1,10 @@
+# Useful commands
+
+```bash
+ovs-vsctl list-br
+ovs-vsctl list-ports <bridge>
+ovs-vsctl get-manager <bridge>
+ovs-vsctl get-controller <bridge>
+ovs-vsctl list <table>
+ovsdb-tool show-log
+```

emulation-system/envs/050/level_10/README.MD

@@ -47,4 +47,4 @@ Kim Hammar <[email protected]>
 
 Creative Commons
 
-(C) 2021, Kim Hammar
+(C) 2020-2024, Kim Hammar

emulation-system/envs/050/level_13/README.MD

@@ -1,9 +1,9 @@
 # Capture the Flag - Level 13
 
-TODO
+The target infrastructure in https://link.springer.com/chapter/10.1007/978-3-031-50670-3_9.
 
-- Number of nodes: 7
-- Number of OVS switches: 3
+- Number of nodes: 64
+- Number of OVS switches: 24
 - Number of SDN controllers: 1
 - IDS: Yes (Snort)
 - Traffic generation: Yes

emulation-system/envs/050/level_14/.gitignore

@@ -0,0 +1,3 @@
+*.zip
+*.json
+containers

emulation-system/envs/050/level_14/Makefile

@@ -0,0 +1,13 @@
+
+# Installs the configuration in the metastore
+install:
+	python config.py --install
+
+# Uninstalls the configuration from the metastore
+uninstall:
+	python config.py --uninstall
+
+# Cleans all configuration files
+clean_config:
+	rm -rf ./config.json
+	rm -rf ./containers

emulation-system/envs/050/level_14/README.MD

@@ -0,0 +1,52 @@
+# Level 14
+
+An emulation environment with a set of nodes that run common networked services such as SSH, FTP, Telnet, IRC, Kafka,
+etc. Some of the services are vulnerable to different network attacks
+such as the SambaCry exploit, Shellshock, CVE-2015-1427, CVE-2015-3306, CVE-2016-100033_1,and SQL injection.
+Moreover, some nodes are vulnerable to privilege escalation attacks (e.g. CVE-2010-0426 and CVE-2015-5602)
+which can be used by the attacker to extend his privileges after compromising the host.    
+The task of an attacker agent is to identify the vulnerabilities and
+exploit them and discover hidden flags
+on the nodes. Conversely, the task of the defender is to harden the defense of the nodes and to detect the
+attacker.
+
+- Number of nodes: 17
+- Number of OVS switches: 1
+- Number of SDN controllers: 1
+- IDS: Yes (Snort)
+- Traffic generation: Yes
+- Number of flags: 12
+- Vulnerabilities: SambaCry, Shellshock, CVE-2015-1427, CVE-2015-3306, CVE-2016-100033_1,and SQL injection., Pengine RCE vulnerability, as well as SSH, FTP, Telnet servers that can be compromised using dictionary attacks
+
+## Architecture
+
+<p align="center">
+<img src="env.png" width="600">
+</p>
+
+## Useful commands
+
+```bash
+make install # Install the emulation in the metastore
+make uninstall # Uninstall the emulation from the metastore
+make clean_config # Clean config files 
+docker container ls --all # list all running containers
+docker image ls --all # list all images
+docker system prune # remove unused images and containers
+docker container prune # remove stopped containers
+sudo useradd -rm -d /home/csle_admin -s /bin/bash -g root -G sudo -p "$(openssl passwd -1 'csle@admin-pw_191')" csle_admin
+docker run --name=iperf3 -d --restart=unless-stopped -p 5201:5201/tcp -p 5201:5201/udp mlabbe/iperf3 # Start the iperf server on the host
+iperf3 -R -c <SERVER> # network performance, where <SERVER> is the IP where the iperf server is running e.g. the host 172.31.212.92   
+```
+
+## Author & Maintainer
+
+Kim Hammar <[email protected]>
+
+## Copyright and license
+
+[LICENSE](../../../../../LICENSE.md)
+
+Creative Commons
+
+(C) 2020-2024, Kim Hammar