Skip to content

Secure File Transfer Protocol (sFTP) Configuration

Sample Configuration

The sample configuration below is also available in the [GHOSTS GitHub repository](https://github.com/cmu-sei/GHOSTS/blob/master/src/Ghosts.Client/Sample%20Timelines/clicks

Each CommandArg is of the formation shown below, if multiple CommandArgs are present a random one is chosen for execution on each cycle.

  • Credential handling is done in the same manner as the SSH handler, see that sample timeline for documentation
  • After the cred_key is a ';' delimited list of SFTP commands that are executed in sequence during a cycle.
  • Downloaded files are placed in the user's default downloads directory

Supported commands:

  • get [remotefile] - downloads random remote file from remote host. Can specify absolute/relative path instead of [remotefile]
  • put [localfile] - uploads random remote file from local upload directory to remote host. Can specify absolute/relative path instead of [localfile]
  • cd [remotedir] - change to random directory in current directory on remote host. Can specify absolute/relative path instead of [remotedir]
  • rm [remotefile] - deletes random remote file from remote host. Can specify absolute/relative path instead of [remotefile]
  • ls [remotedir] - list remote contents of current directory, if no directory specified use current directory. Can specify absolute/relative path instead of [remotedir]
  • mkdir [randomname] - make a random directory in cwd on remote host. Can specify absolute/relative path instead of [randomname]
{
  "Status": "Run",
  "TimeLineHandlers": [
    {
      "HandlerType": "Sftp",
      "HandlerArgs": {
        "TimeBetweenCommandsMax": 5000, //max,min between individual SFTP commands
        "TimeBetweenCommandsMin": 1000,
        "CredentialsFile": "<path to credentials>", //required, file path to a JSON file containing the SSH credentials
        "UploadDirectory": "<path to uploads directory>", //optional, directory that contains files for upload, it not specified user Downloads directory is used
        "delay-jitter": 0 //optional, default =0, range 0 to 50, if specified, DelayAfter varied by delay-%jitter*delay to delay+%jitter*delay
      },
      "Initial": "",
      "UtcTimeOn": "00:00:00",
      "UtcTimeOff": "24:00:00",
      "Loop": "True",
      "TimeLineEvents": [
        {
          "Command": "random",
          "CommandArgs": [
            "<someIp>|<credKey>|<a_cmd>;<a_cmd>;<a_cmd>....;<a_cmd>"
          ],
          "DelayAfter": 20000,
          "DelayBefore": 0
        }
      ]
    } 

  ]
}