Table of Contents
The configuration settings of the REVEN server are stored in two configuration files:
/usr/share/reven/build.rc: the default configuration which should not be edited./home/reven/reven.rc: the user configuration, which overrides defaults.
Global configuration
The build.rc file stores the global configuration options of REVEN. The following options are available:
| Option | Description |
|---|---|
reven_default_config_path | The path of the default configuration. |
reven_user_config_path | The path of the user configuration. |
projects_path | The path of the REVEN project data |
WARNING: It is not recommended to modify the files in /usr/share/reven, as those files will be overriden when REVEN is upgraded. Instead, these options should be customized in the user configuration file.
User configuration
The user configuration file location (/home/reven/reven.rc by default) is defined in the build.rc configuration file described above. It is where you can customize and setup REVEN behavior. Please note that:
- Options set in this file will override those in the build configuration file.
- Sample settings are provided in the default configuration file
/usr/share/reven/default.rc. - Configuration file changes take effect once the REVEN server has been reloaded.
The configuration options are split into multiple sections. Here is a detailed descriptions of each configuration entry.
Limits section
Within the [limits] section you can set memory usage limits for REVEN processes. It is not recommended to change these unless you know exactly what you are doing.
The following options are available:
| Option | Description |
|---|---|
stack_limit | Maximum size of the stack for a REVEN process, in Mbytes |
heap_limit | Maximum size of the heap for a REVEN process, in Mbytes |
VirtualBox section
Within the [vbox] section you can set which virtual machines can be used for scenario generation. Only one option is available:
| Options | Description |
|---|---|
vms | A comma separated list of virtual machines names to register in REVEN |
Virtual machine sections
Each Virtual machine options are registered within their own arbitrary section, they specify scenario generation options. Example for a section with a vbox_name option set to vmdebian:
| Option | Description |
|---|---|
os | The operating system type. Either 'windows' or 'linux'. |
vbox_name | Optional. Name of the virtual machine as known by VirtualBox. Defaults to the section name. |
display | The name displayed in the Axion client. |
preloaders | Optional. A list of files deployed in the guest os, must include loaders. |
dynamic_launch | Optional. The dynamic executable loader. |
static_launch | Optional. The static executable loader. |
stopper | Optional. The program used to stop the vm from the guest os. |
segment | The value of the userland code segment (cs) value. |
vnc_password | Optional. The password used by the VirtualBox vnc server. Defaults to a random password (displayed in the scenario generation ui). |
vnc_port | Optional. The port of the vnc server. In order to use multiple virtual machines at the same time, use different vnc ports. Default is 5900. |
pdb_path | Optional. The path used for importing windows symbols file, see Symbols from PDB files. Default is none. |
preloaders, dynamic_launch and static_launch options are needed for automatic scenario generation. If they are not specified, the user will have to generate the scenario manually with VirtualBox key bindings. If the VM hangs indefinitely during scenario generation, you can use VNC to stop the VM manually. If a stopper program is set in the stopper entry, it will appear in a command prompt, so that you just have to confirm to stop scenario generation.
Changes to the pdb_path option are not reflected on projects created before the change. For the changes to take effect, create a new project, then copy the content of the existing project's input directory.
Example of User configuration
This example describes two virtual machines, named vmdebian and vmwin8. Note that these virtual machines must have been previously created in VirtualBox, with names matching exactly the vbox_name attribute.