This is an assessment for Kabletown but targets NBC assets. The goal is to answer specific questions prior to Kabletown absorbing NBC.
", + "note_rt": "", "slack_channel": "#ghostwriter", "complete": False, "start_time": "09:00:00", @@ -33,6 +34,7 @@ "email": "dad@kabletown.family", "phone": "(212) 664-4444", "note": 'A self-described "family man," Vietnam veteran, and head of Kabletown. He always seems happy on the surface (laughing incessantly), while directing thinly-veiled insults and threats to subordinates. Handle with care.
', + "note_rt": "", }, { "name": "John Francis Donaghy", @@ -41,12 +43,16 @@ "email": "jack@nbc.com", "phone": "(212) 664-4444", "note": 'Prefers to go by "Jack."
', + "note_rt": "", }, ], "name": "Kabletown, Inc.", "short_name": "KTOWN", "codename": "Totally Not Comcast", "note": "Philadelphia-based cable company Kabletown, a fictionalized depiction of the acquisition of NBC Universal by Comcast.
", + "note_rt": "", + "address": "30 Rockefeller Plaza New York City, New York 10112", + "address_rt": "", }, "team": [ { @@ -58,6 +64,7 @@ "timezone": "America/Los_Angeles", "phone": "(212) 664-4444", "note": "Benny will lead the assessment for the full duration.
", + "note_rt": "", }, { "role": "Assessment Oversight", @@ -68,6 +75,7 @@ "timezone": "America/Los_Angeles", "phone": "(212) 664-4444", "note": "Christopher will provide oversight and assistance (as needed).
", + "note_rt": "", }, ], "objectives": [ @@ -213,6 +221,7 @@ } ], "note": "Domain for the first phishing campaign
", + "note_rt": "", }, { "activity": "Command and Control", @@ -228,6 +237,7 @@ } ], "note": "Domain for long-haul C2 comms
", + "note_rt": "", }, { "activity": "Command and Control", @@ -243,6 +253,7 @@ } ], "note": "Domain for the short-haul C2 comms (phishing)
", + "note_rt": "", }, ], "servers": [ @@ -258,6 +269,7 @@ {"domain": "ghostwriter.wiki", "endpoint": "", "subdomain": "www"} ], "note": "Long-haul C2 server
", + "note_rt": "", }, { "name": "CC-02", @@ -275,6 +287,7 @@ } ], "note": "Short-haul C2 server for phishing
", + "note_rt": "", }, ], "cloud": [ @@ -286,6 +299,7 @@ "ip_address": "30.49.38.30", "name": "SMTP01", "note": "SMTP server for phishing emails; running Gophish
", + "note_rt": "", } ], }, diff --git a/ghostwriter/modules/reportwriter.py b/ghostwriter/modules/reportwriter.py index 36545f229..3031edf04 100644 --- a/ghostwriter/modules/reportwriter.py +++ b/ghostwriter/modules/reportwriter.py @@ -1696,6 +1696,29 @@ def render_subdocument(section, finding): ) finding["references_rt"] = render_subdocument(finding["references"], finding) + # Client Notes + context["client"]["note_rt"] = render_subdocument(context["client"]["note"], finding=None) + context["client"]["address_rt"] = render_subdocument(context["client"]["address"], finding=None) + + # Project Notes + context["project"]["note_rt"] = render_subdocument(context["project"]["note"], finding=None) + + # Assignments + for assignment in context["team"]: + if isinstance(assignment, dict): + if assignment["note"]: + assignment["note_rt"] = render_subdocument( + assignment["note"], finding=None + ) + + # Contacts + for contact in context["client"]["contacts"]: + if isinstance(contact, dict): + if contact["note"]: + contact["note_rt"] = render_subdocument( + contact["note"], finding=None + ) + # Objectives for objective in context["objectives"]: if isinstance(objective, dict): @@ -1730,6 +1753,13 @@ def render_subdocument(section, finding): if card["description"]: card["description_rt"] = render_subdocument(card["description"], finding=None) + # Infrastructure + for asset_type in context["infrastructure"]: + for asset in context["infrastructure"][asset_type]: + if isinstance(asset, dict): + if asset["note"]: + asset["note_rt"] = render_subdocument(asset["note"], finding=None) + return context def process_text_xlsx(self, html, text_format, finding):