Skip to content

fix: enable scenario attack execution and correct scenario status#17

Open
vinhhoala wants to merge 2 commits into
mainfrom
fix/scenario-attack-execution
Open

fix: enable scenario attack execution and correct scenario status#17
vinhhoala wants to merge 2 commits into
mainfrom
fix/scenario-attack-execution

Conversation

@vinhhoala

@vinhhoala vinhhoala commented Jun 19, 2026

Copy link
Copy Markdown

Summary

Three backend fixes that make Scenario-based attack execution work end-to-end, verified live on mmt-pentester.montimage.eu with a contained lab target (nmap recon, Hydra SSH brute-force, dirb HTTP content discovery — all run and complete correctly).

Changes

  • ProcessManager allowlist — add nmap, hydra, dirb so reconnaissance and the attack labs are permitted to run (previously rejected with "Command not allowed").
  • ProcessManager argument handling — for network CLI tools (nmap, hydra, dirb, masscan, netcat, gobuster, sqlmap, nikto) use the command produced by buildAttackCommand as-is, instead of appending every scenario parameter as --key=value. The appended flags were invalid options that made the tools exit immediately.
  • ScenarioService.finalizeScenario — keep the scenario RUNNING while any attack is still running, instead of defaulting to FAILED. checkScenarioCompletion then sets the real status on process exit. Previously every scenario showed failed even when its attack completed (because finalize ran before the async tool process finished, and the later completion update was gated on status === RUNNING).

Verification

  • Recon scenario: running → completed (previously stuck at failed).
  • Hydra SSH brute-force: executes and recovers the weak credential against the lab SSH target.
  • dirb: executes and discovers web paths against the lab HTTP target.

Notes

  • No functional changes outside these two services; backend type-check passes (tsc --noEmit).
  • The same fixes were applied to the running server; this PR brings the repository in sync so they are not lost on the next deploy.

🤖 Generated with Claude Code

Vinh Hoa La and others added 2 commits May 29, 2026 17:40
@claude
feat: integrate Montimage Attack Generator (MAG)
16b3c64 
Add mmt-attacker CLI (pip install mmt-attacker) as 7th tool with
14 attack variants across 5 categories:
- Network layer: SYN/UDP/ICMP flood, Ping of Death, ARP spoof, DHCP starvation
- Application layer: HTTP DoS, HTTP flood, Slowloris
- Credentials: SSH and FTP brute force
- Amplification: DNS (50-100x) and NTP (500x)
- Protocol/replay: PCAP replay

Adds tools/mag/setup.sh (auto-installs mag if missing) and
tools/mag/run_mag.sh (thin forwarding wrapper). CategorySelector
updated to reflect 7 tools / 3 frameworks.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
fix: enable scenario attack execution and correct scenario status
4dd52d4 
Three fixes required to make Scenario-based attack execution work end-to-end
(verified live on mmt-pentester.montimage.eu):

- ProcessManager: allow nmap/hydra/dirb in the command allowlist so recon and
  the attack labs can run.
- ProcessManager: for network CLI tools (nmap, hydra, dirb, masscan, netcat,
  gobuster, sqlmap, nikto) use the command built by buildAttackCommand as-is
  instead of appending every parameter as --key=value (which produced invalid
  flags and made the tools exit immediately).
- ScenarioService.finalizeScenario: keep the scenario RUNNING while any attack
  is still running, instead of defaulting to FAILED. checkScenarioCompletion
  then finalizes the real status on process exit. Previously every scenario
  showed "failed" even when its attack completed.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vinhhoala