Phishing email ignoring traffic rules

[jubois]

I noted that the phishing mails were "sent" to operational even if it was on a phase where operational couldn't be joined. It past throught the BlockTrafficZone action also. This issue seems to come from the check_routable function that ignore policy or firewall.

To reproduce, the seed 108 have a lot of phishing and I edited the policy function to return only policy_2. Blue is SleepAgent, Red is DiscoveryFSRed and Green is EnterpriseGreenAgent. Turn 15 should have a phishing mail in a host in operational zone A

For the firewall (if it's not intended) an addition of connection faillure flag like in efeb8c6 commit (lines 188 to 195) can patch this part of the issue.
But there is an infinite loop in PhishingEmail.py.
The infinite loop is like this, if there is no agent routable in the red_agents list, the list has a constant length so there is no termination condition in the while loop (lines 83 to 91), easy fix is to remove the r_agent from the red_agents list when it is not routable or to change the while to a for loop.

I can provide more detail on the firewall patch if wanted.

Thank you for your work

[MitchellKiely]

Hi @jubois,
Thanks for finding this bug for us. As there isn't long until the challenge concludes, we've decided to not implement a fix to this bug until after the challenge closes. This ensures all participants will be operating on the same environment until the challenge ends. Participants have been submitting agents which have been successfully evaluated. This suggests that it isn't a "game breaker" bug. I also don't believe this bug gives any one participant an advantage over others so I'm happy to let it remain until after the challenge closes.
Again, thanks for finding the error, if you have any further questions then please ask away.