From 5c4214e60a8932466a328cdc3d99bf4494311db1 Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Wed, 7 Apr 2021 06:52:35 -0400
Subject: [PATCH] Swimm: update exercise Add details about your new PBA (id:
 JFXftJml8DpmuCPBA9rL).

---
 .swm/JFXftJml8DpmuCPBA9rL.swm | 96 +++++++++++++++++------------------
 1 file changed, 47 insertions(+), 49 deletions(-)

diff --git a/.swm/JFXftJml8DpmuCPBA9rL.swm b/.swm/JFXftJml8DpmuCPBA9rL.swm
index d0206a862..925e662f9 100644
--- a/.swm/JFXftJml8DpmuCPBA9rL.swm
+++ b/.swm/JFXftJml8DpmuCPBA9rL.swm
@@ -1,54 +1,52 @@
 {
     "id": "JFXftJml8DpmuCPBA9rL",
     "name": "Add details about your new PBA",
-    "dod": "You should add your new PBA's details to the configuration.",
-    "description": "In order to make sure that the new `ScheduleJobs` PBA is shown in the configuration on the Monkey Island, you need to add its details to the configuration file(s). <br><br>\n\nSince this particular PBA is related to the MITRE techniques [T1168](https://attack.mitre.org/techniques/T1168) and [T1053](https://attack.mitre.org/techniques/T1053), make sure to link the PBA with these techniques in the configuration as well. <br><br>\n\nEach part of the configuration has an important role  \n- *enum* — contains the relevant PBA's class name(s)\n- *title* — holds the name of the PBA which is displayed in the configuration on the Monkey Island\n- *info* — consists of an elaboration on the PBA's working which is displayed in the configuration on the Monkey Island\n- *attack_techniques* — has the IDs of the MITRE techniques associated with the PBA\n\n## Manual test  \nOnce you think you're done...\n- Run the Monkey Island\n- You should be able to see your new PBA under the \"Monkey\" tab in the configuration, along with its information when you click on it\n- Further, when you enable/disable the associated MITRE techniques under the ATT&CK tab in the configuration, the PBA should also be enabled/disabled\n\n<img src=\"https://i.imgur.com/a5VSkL5.gif\" height=400>",
-    "summary": "- The PBA details in this file are reflected on the Monkey Island in the PBA configuration.\n- PBAs are also linked to the relevant MITRE techniques in this file, whose results can then be seen in the MITRE ATT&CK report on the Monkey Island.",
-    "hunksOrder": [
-        "monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py_0"
-    ],
-    "tests": [],
-    "hints": [
-        "Have a look at the details of the other techniques."
-    ],
-    "play_mode": "all",
-    "swimmPatch": {
-        "monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py": {
-            "diffType": "MODIFIED",
-            "fileDiffHeader": "diff --git a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py\nindex f1fe0f6f..b231f96c 100644\n--- a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py\n+++ b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py",
-            "hunks": [
-                {
-                    "swimmHunkMetadata": {
-                        "hunkComments": []
-                    },
-                    "hunkDiffLines": [
-                        "@@ -68,16 +68,7 @@",
-                        "                     \"Removes the file afterwards.\",",
-                        "             \"attack_techniques\": [\"T1166\"]",
-                        "         },",
-                        "-        {",
-                        "+        # Swimmer: ADD DETAILS HERE!",
-                        "-            \"type\": \"string\",",
-                        "-            \"enum\": [",
-                        "-                \"ScheduleJobs\"",
-                        "-            ],",
-                        "-            \"title\": \"Job scheduling\",",
-                        "-            \"safe\": True,",
-                        "-            \"info\": \"Attempts to create a scheduled job on the system and remove it.\",",
-                        "-            \"attack_techniques\": [\"T1168\", \"T1053\"]",
-                        "-        },",
-                        "         {",
-                        "             \"type\": \"string\",",
-                        "             \"enum\": ["
-                    ]
-                }
-            ]
-        }
+    "task": {
+        "dod": "You should add your new PBA's details to the configuration.",
+        "tests": [],
+        "hints": [
+            "Have a look at the details of the other techniques."
+        ]
     },
-    "app_version": "0.3.5-1",
-    "file_version": "1.0.4",
-    "hunksOrder": [
-        "monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py_0"
+    "content": [
+        {
+            "type": "text",
+            "text": "In order to make sure that the new `ScheduleJobs` PBA is shown in the configuration on the Monkey Island, you need to add its details to the configuration file(s). <br><br>\n\nSince this particular PBA is related to the MITRE techniques [T1168](https://attack.mitre.org/techniques/T1168) and [T1053](https://attack.mitre.org/techniques/T1053), make sure to link the PBA with these techniques in the configuration as well. <br><br>\n\nEach part of the configuration has an important role  \n- *enum* — contains the relevant PBA's class name(s)\n- *title* — holds the name of the PBA which is displayed in the configuration on the Monkey Island\n- *info* — consists of an elaboration on the PBA's working which is displayed in the configuration on the Monkey Island\n- *attack_techniques* — has the IDs of the MITRE techniques associated with the PBA\n\n## Manual test  \nOnce you think you're done...\n- Run the Monkey Island\n- You should be able to see your new PBA under the \"Monkey\" tab in the configuration, along with its information when you click on it\n- Further, when you enable/disable the associated MITRE techniques under the ATT&CK tab in the configuration, the PBA should also be enabled/disabled\n\n<img src=\"https://i.imgur.com/a5VSkL5.gif\" height=400>"
+        },
+        {
+            "type": "snippet",
+            "path": "monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py",
+            "comments": [],
+            "firstLineNumber": 56,
+            "lines": [
+                "             \"Removes the file afterwards.\",",
+                "             \"attack_techniques\": [\"T1166\"],",
+                "         },",
+                "*        {",
+                "+        # Swimmer: ADD DETAILS HERE!",
+                "*            \"type\": \"string\",",
+                "*            \"enum\": [\"ScheduleJobs\"],",
+                "*            \"title\": \"Job scheduling\",",
+                "*            \"safe\": True,",
+                "*            \"info\": \"Attempts to create a scheduled job on the system and remove it.\",",
+                "*            \"attack_techniques\": [\"T1168\", \"T1053\"],",
+                "*        },",
+                "         {",
+                "             \"type\": \"string\",",
+                "             \"enum\": [\"Timestomping\"],"
+            ]
+        },
+        {
+            "type": "text",
+            "text": "- The PBA details in this file are reflected on the Monkey Island in the PBA configuration.\n- PBAs are also linked to the relevant MITRE techniques in this file, whose results can then be seen in the MITRE ATT&CK report on the Monkey Island."
+        }
     ],
-    "last_commit_sha_for_swimm_patch": "9d9e8168fb2c23367b9947273aa1a041687b3e2e"
-}
\ No newline at end of file
+    "symbols": {},
+    "file_version": "2.0.1",
+    "meta": {
+        "app_version": "0.4.1-1",
+        "file_blobs": {
+            "monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py": "ea9b18aba7f71da12c9c82ac39d8a0cf2c472a9c"
+        }
+    }
+}