From 7a3f747a109036bc0a0045f3ad3edbd0f60bee8b Mon Sep 17 00:00:00 2001
From: Shreya <shreya.malviya@gmail.com>
Date: Sun, 12 Apr 2020 17:48:42 +0530
Subject: [PATCH] Map "Back door user" PBA with "Create account" attack
 technique

"Create Account" turned off in the ATT&CK matrix config ->
"Back door user" turns off in the PBA config section
... and vice-versa
---
 .../cc/services/config_schema.py              |  3 ++-
 .../ui/src/components/pages/ConfigurePage.js  | 27 ++++++++++++++++++-
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/monkey/monkey_island/cc/services/config_schema.py b/monkey/monkey_island/cc/services/config_schema.py
index 3d0220ee2..8fc3d3bab 100644
--- a/monkey/monkey_island/cc/services/config_schema.py
+++ b/monkey/monkey_island/cc/services/config_schema.py
@@ -150,7 +150,7 @@ SCHEMA = {
                         "BackdoorUser"
                     ],
                     "title": "Back door user",
-                    "attack_techniques": []
+                    "attack_techniques": ["T1136"]
                 },
                 {
                     "type": "string",
@@ -378,6 +378,7 @@ SCHEMA = {
                                 "$ref": "#/definitions/post_breach_acts"
                             },
                             "default": [
+                                "BackdoorUser",
                                 "CommunicateAsNewUser"
                             ],
                             "description": "List of actions the Monkey will run post breach"
diff --git a/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js b/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js
index a49e198a6..14023472b 100644
--- a/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js
+++ b/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js
@@ -180,7 +180,19 @@ class ConfigurePageComponent extends AuthComponent {
       if (techType[1].properties.hasOwnProperty(technique)) {
         let tempMatrix = this.state.attackConfig;
         tempMatrix[techType[0]].properties[technique].value = value;
-        this.setState({attackConfig: tempMatrix});
+
+        if (technique == 'T1136') {
+          let newConfig = this.state.configuration;
+          if (value && !newConfig['monkey']['general']['post_breach_actions'].includes('BackdoorUser')) {
+              newConfig['monkey']['general']['post_breach_actions'].push('BackdoorUser');
+            }
+          else if (!value && newConfig['monkey']['general']['post_breach_actions'].includes('BackdoorUser')) {
+              let toRemoveIndex = newConfig['monkey']['general']['post_breach_actions'].indexOf('BackdoorUser');
+              newConfig['monkey']['general']['post_breach_actions'].splice(toRemoveIndex, 1);
+            }
+          this.setState({attackConfig: tempMatrix, configuration: newConfig});
+          this.configSubmit();
+      }
 
         // Toggle all mapped techniques
         if (!mapped) {
@@ -205,6 +217,19 @@ class ConfigurePageComponent extends AuthComponent {
   updateConfigSection = () => {
     let newConfig = this.state.configuration;
     if (Object.keys(this.currentFormData).length > 0) {
+
+      if (this.currentSection == 'monkey') {
+        let tempMatrix = this.state.attackConfig;
+        if (this.currentFormData['general']['post_breach_actions'].includes('BackdoorUser')) {
+          tempMatrix['persistence'].properties['T1136'].value = true;
+        }
+        else {
+          tempMatrix['persistence'].properties['T1136'].value = false;
+        }
+        this.setState({attackConfig: tempMatrix});
+        this.matrixSubmit();
+      }
+
       newConfig[this.currentSection] = this.currentFormData;
       this.currentFormData = {};
     }