T1486 Improvements (#2950)

* Updates to Encrypt files using ccrypt (FreeBSD/Linux)
- Modified atomic logic to encrypt a copy of the target file rather than the target
- Tidied the prereq management to ensure the atomic is repeatable
- Supplied the encryption key as an argument to prevent the atomic from hanging during execution
- Cleaning encrypted file

* Updates to Encrypt files using openssl (FreeBSD/Linux)
- Included the which command in the executor to ensure the variable is available during single execution without getting prereqs

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>

atomics/T1486/T1486.yaml

@@ -79,44 +79,40 @@ atomic_tests:
 - name: Encrypt files using ccrypt (FreeBSD/Linux)
   auto_generated_guid: 08cbf59f-85da-4369-a5f4-049cffd7709f
   description: |
-    Attempts to encrypt data on target systems as root to simulate an inturruption authentication to target system. If root permissions are not available then attempts to encrypt data within user's home directory.
+    Attempts to encrypt data on target systems as root to simulate an interruption authentication to target system. If root permissions are not available then attempts to encrypt data within user's home directory.
   supported_platforms:
   - linux
   input_arguments:
     cped_file_path:
-      description: path where you want your copied file to be
+      description: Path where you want your copied file to be
       type: path
       default: /tmp/passwd
     root_input_file_path:
-      description: path to the file that you want to be encrypted if you are root
-        user
+      description: Path the target file to be encrypted. File will be copied to /tmp/ before encrypting
       type: path
       default: /etc/passwd
-    user_input_file_path:
-      description: path to file that you want to be encrypted if you are normal user
-      type: path
-      default: ~/.bash_history
-    impact_command:
-      description: command to show impact of encryption
+    pwd_for_encrypted_file:
+      description: Password to use for encryption
       type: string
-      default: sudo su
+      default: passwd
   dependency_executor_name: sh
   dependencies:
   - description: |
-      Finds where ccencrypt and ccdecrypt is located and copies input file
+      Finds where ccencrypt and ccdecrypt are located
     prereq_command: |
       which_ccencrypt=`which ccencrypt`
       which_ccdecrypt=`which ccdecrypt`
-      if [ $USER == "root" ]; then cp #{root_input_file_path} #{cped_file_path}; else cp #{user_input_file_path} #{cped_file_path}; fi
     get_prereq_command: |
       (which pkg && pkg install -y ccript)||(which yum && yum -y install epel-release ccrypt)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y ccrypt)
   executor:
     name: sh
     elevation_required: false
     command: |
-      if [ $USER == "root" ]; then $which_ccencrypt #{root_input_file_path}; file #{root_input_file_path}.cpt; #{impact_command}; else $which_ccencrypt #{user_input_file_path}; file #{user_input_file_path}.cpt; #{impact_command}; fi
+      which_ccencrypt=`which ccencrypt`
+      cp #{root_input_file_path} #{cped_file_path};
+      $which_ccencrypt -T -K #{pwd_for_encrypted_file} #{cped_file_path}
     cleanup_command: |
-      if [ $USER == "root" ]; then mv #{cped_file_path} #{root_input_file_path}; else cp #{cped_file_path} #{user_input_file_path}; fi 
+      rm #{cped_file_path}.cpt
 
 - name: Encrypt files using openssl (FreeBSD/Linux)
   auto_generated_guid: 142752dc-ca71-443b-9359-cf6f497315f1
@@ -156,6 +152,7 @@ atomic_tests:
     name: sh
     elevation_required: false
     command: |
+      which_openssl=`which openssl`
       $which_openssl genrsa -out #{private_key_path} #{encryption_bit_size}
       $which_openssl rsa -in #{private_key_path} -pubout -out #{public_key_path}
       $which_openssl rsautl -encrypt -inkey #{public_key_path} -pubin -in #{input_file_path} -out #{encrypted_file_path}