Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]

2021-11-19 18:43:15 +00:00
parent 4a5881e343
commit 4b1bc4557e
10 changed files with 84 additions and 68 deletions
@@ -4361,17 +4361,15 @@ credential-access:
          default: ens33
      dependency_executor_name: bash
      dependencies:
-      - description: 'Check if at least one of the tools are installed on the machine.
+      - description: 'Check if at least one of tcpdump or tshark is installed.

 '
        prereq_command: 'if [ ! -x "$(command -v tcpdump)" ] && [ ! -x "$(command
          -v tshark)" ]; then exit 1; else exit 0; fi;

 '
-        get_prereq_command: 'echo "Install tcpdump and/or tshark for the test to run.";
-          exit 1;
-
-'
+        get_prereq_command: "(which yum && yum -y epel-release tcpdump tshark)||(which
+          apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y tcpdump tshark)\n"
      executor:
        command: |
          tcpdump -c 5 -nnni #{interface}
@@ -4393,17 +4391,15 @@ credential-access:
          default: en0A
      dependency_executor_name: bash
      dependencies:
-      - description: 'Check if at least one of the tools are installed on the machine.
+      - description: 'Check if at least one of tcpdump or tshark is installed.

 '
        prereq_command: 'if [ ! -x "$(command -v tcpdump)" ] && [ ! -x "$(command
          -v tshark)" ]; then exit 1; else exit 0; fi;

 '
-        get_prereq_command: 'echo "Install tcpdump and/or tshark for the test to run.";
-          exit 1;
-
-'
+        get_prereq_command: "(which yum && yum -y epel-release tcpdump tshark)||(which
+          apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y tcpdump tshark)\n"
      executor:
        command: "sudo tcpdump -c 5 -nnni #{interface}    \nif [ -x \"$(command -v
          tshark)\" ]; then sudo tshark -c 5 -i #{interface}; fi;\n"
@@ -7571,7 +7567,7 @@ collection:
          description: Path that should be compressed into our output file, may include
            wildcards
          type: Path
-          default: "$HOME/*.txt"
+          default: "/var/log/{w,b}tmp"
        output_file:
          description: Path that should be output as a zip archive
          type: Path
@@ -7580,14 +7576,13 @@ collection:
      - description: 'Files to zip must exist (#{input_files})

 '
-        prereq_command: 'if [ $(ls #{input_files} | wc -l) > 0 ]; then exit 0; else
-          exit 1; fi;
-
-'
-        get_prereq_command: 'echo Please set input_files argument to include files
-          that exist
+        prereq_command: 'if [ $(ls #{input_files} | wc -l) > 0 ] && [ -x $(which zip)
+          ] ; then exit 0; else exit 1; fi;

 '
+        get_prereq_command: |
+          (which yum && yum -y epel-release zip)||(which apt-get && apt-get install -y zip)
+          echo Please set input_files argument to include files that exist
      executor:
        name: sh
        elevation_required: false
@@ -7692,9 +7687,8 @@ collection:
          ]; then exit 1; fi;

 '
-        get_prereq_command: 'echo "Install gpg and zip to run the test"; exit 1;
-
-'
+        get_prereq_command: "(which yum && yum -y epel-release zip gpg)||(which apt-get
+          && apt-get install -y zip gpg)\n"
      executor:
        name: sh
        elevation_required: false
@@ -22255,12 +22249,12 @@ defense-evasion:
      - description: 'Install sshpass and create user account used for excuting

 '
-        prereq_command: |
-          /usr/sbin/useradd testuser1
-          echo pwd101! | passwd testuser1 --stdin
+        prereq_command: "$(getent passwd testuser1 >/dev/null) && $(which sshpass
+          >/dev/null)\n"
        get_prereq_command: |
-          yum -y install epel-release
-          yum -y install sshpass
+          /usr/sbin/useradd testuser1
+          echo -e 'pwd101!\npwd101!' | passwd testuser1
+          (which yum && yum -y install epel-release sshpass)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y sshpass)
      executor:
        command: 'sshpass -p ''pwd101!'' ssh testuser1@localhost -T hostname

@@ -25097,13 +25091,15 @@ defense-evasion:
      - linux
      input_arguments:
        package_checker:
-          description: Package checking command for linux. Default rpm
+          description: Package checking command for linux.
          type: String
-          default: rpm -q rsyslog
+          default: "(rpm -q rsyslog 2>&1 >/dev/null) || (dpkg -s rsyslog | grep -q
+            installed)"
        package_installer:
          description: Package installer command for linux. Default yum
          type: String
-          default: yum install -y rsyslog
+          default: "(which yum && yum -y epel-release rsyslog)||(which apt-get &&
+            apt-get install -y rsyslog)"
        flavor_command:
          description: Command to disable syslog collection. Default newer rsyslog
            commands. i.e older command = service rsyslog stop ; chkconfig off rsyslog
@@ -50572,7 +50568,8 @@ impact:
        prereq_command: 'which_gpg=`which gpg`

 '
-        get_prereq_command: ''
+        get_prereq_command: "(which yum && yum -y epel-release gpg)||(which apt-get
+          && DEBIAN_FRONTEND=noninteractive apt-get install -y gpg)\n"
      executor:
        name: bash
        elevation_required: false
@@ -50657,7 +50654,8 @@ impact:
          which_ccencrypt=`which ccencrypt`
          which_ccdecrypt=`which ccdecrypt`
          if [[ $USER == "root" ]]; then cp #{root_input_file_path} #{cped_file_path}; else cp #{user_input_file_path} #{cped_file_path}; fi
-        get_prereq_command: ''
+        get_prereq_command: "(which yum && yum -y epel-release ccrypt)||(which apt-get
+          && DEBIAN_FRONTEND=noninteractive apt-get install -y ccrypt)\n"
      executor:
        name: bash
        elevation_required: false
@@ -54569,10 +54567,8 @@ discovery:
          fi;

 '
-        get_prereq_command: 'echo "Install nmap on the machine to run the test.";
-          exit 1;
-
-'
+        get_prereq_command: "(which yum && yum -y epel-release nmap)||(which apt-get
+          && DEBIAN_FRONTEND=noninteractive apt-get install -y nmap)\n"
      executor:
        command: |
          nmap -sS #{network_range} -p #{port}
@@ -54725,11 +54721,12 @@ discovery:
        package_checker:
          description: Package checking command. Debian - dpkg -s samba
          type: String
-          default: rpm -q samba
+          default: "(rpm -q samba &>/dev/null) || (dpkg -s samba | grep -q installed)"
        package_installer:
          description: Package installer command. Debian - apt install samba
          type: String
-          default: yum install -y samba
+          default: "(which yum && yum -y epel-release samba)||(which apt-get && DEBIAN_FRONTEND=noninteractive
+            apt-get install -y samba)"
      dependency_executor_name: bash
      dependencies:
      - description: 'Package with smbstatus (samba) must exist on device
@@ -54881,17 +54878,15 @@ discovery:
          default: ens33
      dependency_executor_name: bash
      dependencies:
-      - description: 'Check if at least one of the tools are installed on the machine.
+      - description: 'Check if at least one of tcpdump or tshark is installed.

 '
        prereq_command: 'if [ ! -x "$(command -v tcpdump)" ] && [ ! -x "$(command
          -v tshark)" ]; then exit 1; else exit 0; fi;

 '
-        get_prereq_command: 'echo "Install tcpdump and/or tshark for the test to run.";
-          exit 1;
-
-'
+        get_prereq_command: "(which yum && yum -y epel-release tcpdump tshark)||(which
+          apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y tcpdump tshark)\n"
      executor:
        command: |
          tcpdump -c 5 -nnni #{interface}
@@ -54913,17 +54908,15 @@ discovery:
          default: en0A
      dependency_executor_name: bash
      dependencies:
-      - description: 'Check if at least one of the tools are installed on the machine.
+      - description: 'Check if at least one of tcpdump or tshark is installed.

 '
        prereq_command: 'if [ ! -x "$(command -v tcpdump)" ] && [ ! -x "$(command
          -v tshark)" ]; then exit 1; else exit 0; fi;

 '
-        get_prereq_command: 'echo "Install tcpdump and/or tshark for the test to run.";
-          exit 1;
-
-'
+        get_prereq_command: "(which yum && yum -y epel-release tcpdump tshark)||(which
+          apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y tcpdump tshark)\n"
      executor:
        command: "sudo tcpdump -c 5 -nnni #{interface}    \nif [ -x \"$(command -v
          tshark)\" ]; then sudo tshark -c 5 -i #{interface}; fi;\n"
@@ -55569,9 +55562,8 @@ discovery:
          fi;

 '
-        get_prereq_command: 'echo "Install arp on the machine."; exit 1;
-
-'
+        get_prereq_command: "(which yum && yum -y install net-tools)||(which apt-get
+          && apt-get install -y net-tools)\n"
      executor:
        command: 'arp -a | grep -v ''^?''

@@ -56488,6 +56480,17 @@ discovery:
      supported_platforms:
      - macos
      - linux
+      dependency_executor_name: sh
+      dependencies:
+      - description: 'Check if arp command exists on the machine
+
+'
+        prereq_command: 'if [ -x "$(command -v arp)" ]; then exit 0; else exit 1;
+          fi;
+
+'
+        get_prereq_command: "(which yum && yum -y install net-tools)||(which apt-get
+          && DEBIAN_FRONTEND=noninteractive apt-get install -y net-tools)\n"
      executor:
        command: |
          if [ -x "$(command -v arp)" ]; then arp -a; else echo "arp is missing from the machine. skipping..."; fi;
@@ -117,6 +117,18 @@ if [ -x "$(command -v netstat)" ]; then netstat -ant | awk '{print $NF}' | grep



+#### Dependencies:  Run with `sh`!
+##### Description: Check if arp command exists on the machine
+##### Check Prereq Commands:
+```sh
+if [ -x "$(command -v arp)" ]; then exit 0; else exit 1; fi;
+```
+##### Get Prereq Commands:
+```sh
+(which yum && yum -y install net-tools)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y net-tools)
+```
+
+


 <br/>
@@ -220,7 +220,7 @@ if [ -x "$(command -v arp)" ]; then exit 0; else exit 1; fi;
 ```
 ##### Get Prereq Commands:
 ```sh
-echo "Install arp on the machine."; exit 1;
+(which yum && yum -y install net-tools)||(which apt-get && apt-get install -y net-tools)
 ```


@@ -51,14 +51,14 @@ tshark -c 5 -i #{interface}


 #### Dependencies:  Run with `bash`!
-##### Description: Check if at least one of the tools are installed on the machine.
+##### Description: Check if at least one of tcpdump or tshark is installed.
 ##### Check Prereq Commands:
 ```bash
 if [ ! -x "$(command -v tcpdump)" ] && [ ! -x "$(command -v tshark)" ]; then exit 1; else exit 0; fi;
 ```
 ##### Get Prereq Commands:
 ```bash
-echo "Install tcpdump and/or tshark for the test to run."; exit 1;
+(which yum && yum -y epel-release tcpdump tshark)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y tcpdump tshark)
 ```


@@ -99,14 +99,14 @@ if [ -x "$(command -v tshark)" ]; then sudo tshark -c 5 -i #{interface}; fi;


 #### Dependencies:  Run with `bash`!
-##### Description: Check if at least one of the tools are installed on the machine.
+##### Description: Check if at least one of tcpdump or tshark is installed.
 ##### Check Prereq Commands:
 ```bash
 if [ ! -x "$(command -v tcpdump)" ] && [ ! -x "$(command -v tshark)" ]; then exit 1; else exit 0; fi;
 ```
 ##### Get Prereq Commands:
 ```bash
-echo "Install tcpdump and/or tshark for the test to run."; exit 1;
+(which yum && yum -y epel-release tcpdump tshark)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y tcpdump tshark)
 ```


@@ -92,7 +92,7 @@ if [ -x "$(command -v nmap)" ]; then exit 0; else exit 1; fi;
 ```
 ##### Get Prereq Commands:
 ```sh
-echo "Install nmap on the machine to run the test."; exit 1;
+(which yum && yum -y epel-release nmap)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y nmap)
 ```


@@ -306,13 +306,13 @@ userdel -f testuser1
 ##### Description: Install sshpass and create user account used for excuting
 ##### Check Prereq Commands:
 ```sh
-/usr/sbin/useradd testuser1
-echo pwd101! | passwd testuser1 --stdin
+$(getent passwd testuser1 >/dev/null) && $(which sshpass >/dev/null)
 ```
 ##### Get Prereq Commands:
 ```sh
-yum -y install epel-release
-yum -y install sshpass
+/usr/sbin/useradd testuser1
+echo -e 'pwd101!\npwd101!' | passwd testuser1
+(which yum && yum -y install epel-release sshpass)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y sshpass)
 ```


@@ -71,8 +71,8 @@ Network Share Discovery using smbstatus
 #### Inputs:
 | Name | Description | Type | Default Value |
 |------|-------------|------|---------------|
-| package_checker | Package checking command. Debian - dpkg -s samba | String | rpm -q samba|
-| package_installer | Package installer command. Debian - apt install samba | String | yum install -y samba|
+| package_checker | Package checking command. Debian - dpkg -s samba | String | (rpm -q samba &>/dev/null) || (dpkg -s samba | grep -q installed)|
+| package_installer | Package installer command. Debian - apt install samba | String | (which yum && yum -y epel-release samba)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y samba)|


 #### Attack Commands: Run with `bash`!  Elevation Required (e.g. root or admin) 
@@ -64,7 +64,7 @@ which_gpg=`which gpg`
 ```
 ##### Get Prereq Commands:
 ```bash
-
+(which yum && yum -y epel-release gpg)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y gpg)
 ```


@@ -170,7 +170,7 @@ if [[ $USER == "root" ]]; then cp #{root_input_file_path} #{cped_file_path}; els
 ```
 ##### Get Prereq Commands:
 ```bash
-
+(which yum && yum -y epel-release ccrypt)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y ccrypt)
 ```


@@ -257,7 +257,7 @@ An adversary may compress data (e.g., sensitive documents) that is collected pri
 #### Inputs:
 | Name | Description | Type | Default Value |
 |------|-------------|------|---------------|
-| input_files | Path that should be compressed into our output file, may include wildcards | Path | $HOME/*.txt|
+| input_files | Path that should be compressed into our output file, may include wildcards | Path | /var/log/{w,b}tmp|
 | output_file | Path that should be output as a zip archive | Path | $HOME/data.zip|


@@ -279,10 +279,11 @@ rm -f #{output_file}
 ##### Description: Files to zip must exist (#{input_files})
 ##### Check Prereq Commands:
 ```sh
-if [ $(ls #{input_files} | wc -l) > 0 ]; then exit 0; else exit 1; fi;
+if [ $(ls #{input_files} | wc -l) > 0 ] && [ -x $(which zip) ] ; then exit 0; else exit 1; fi;
 ```
 ##### Get Prereq Commands:
 ```sh
+(which yum && yum -y epel-release zip)||(which apt-get && apt-get install -y zip)
 echo Please set input_files argument to include files that exist
 ```

@@ -426,7 +427,7 @@ if [ ! -x "$(command -v gpg)" ] || [ ! -x "$(command -v zip)" ]; then exit 1; fi
 ```
 ##### Get Prereq Commands:
 ```sh
-echo "Install gpg and zip to run the test"; exit 1;
+(which yum && yum -y epel-release zip gpg)||(which apt-get && apt-get install -y zip gpg)
 ```


@@ -72,8 +72,8 @@ Disables syslog collection
 #### Inputs:
 | Name | Description | Type | Default Value |
 |------|-------------|------|---------------|
-| package_checker | Package checking command for linux. Default rpm | String | rpm -q rsyslog|
-| package_installer | Package installer command for linux. Default yum | String | yum install -y rsyslog|
+| package_checker | Package checking command for linux. | String | (rpm -q rsyslog 2>&1 >/dev/null) || (dpkg -s rsyslog | grep -q installed)|
+| package_installer | Package installer command for linux. Default yum | String | (which yum && yum -y epel-release rsyslog)||(which apt-get && apt-get install -y rsyslog)|
 | flavor_command | Command to disable syslog collection. Default newer rsyslog commands. i.e older command = service rsyslog stop ; chkconfig off rsyslog | String | systemctl stop rsyslog ; systemctl disable rsyslog|
 | cleanup_command | Command to enable syslog collection. Default newer rsyslog commands. i.e older command = service rsyslog start ; chkconfig rsyslog on | String | systemctl start rsyslog ; systemctl enable rsyslog|