From 8ecc20c992ec0b544089d31b4c91ca5155eec76f Mon Sep 17 00:00:00 2001 From: biot Date: Tue, 22 Jun 2021 14:34:01 +0100 Subject: [PATCH 1/3] added GnuPG to T1552.004_& tidyup --- atomics/T1552.004/T1552.004.yaml | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) diff --git a/atomics/T1552.004/T1552.004.yaml b/atomics/T1552.004/T1552.004.yaml index 91df1ceb..8e5dab70 100644 --- a/atomics/T1552.004/T1552.004.yaml +++ b/atomics/T1552.004/T1552.004.yaml @@ -32,7 +32,6 @@ atomic_tests: executor: command: | find #{search_path} -name id_rsa >> #{output_file} - find #{search_path} -name id_dsa >> #{output_file} cleanup_command: | rm #{output_file} name: sh @@ -55,7 +54,6 @@ atomic_tests: command: | mkdir #{output_folder} find #{search_path} -name id_rsa -exec cp --parents {} #{output_folder} \; - find #{search_path} -name id_dsa -exec cp --parents {} #{output_folder} \; cleanup_command: | rm #{output_folder} name: sh @@ -79,8 +77,29 @@ atomic_tests: command: | mkdir #{output_folder} find #{search_path} -name id_rsa -exec rsync -R {} #{output_folder} \; - find #{search_path} -name id_dsa -exec rsync -R {} #{output_folder} \; cleanup_command: | rm -rf #{output_folder} name: sh - \ No newline at end of file +- name: Copy the users GnuPG directory with rsync + auto_generated_guid: + description: | + Copy the users GnuPG (.gnupg) directory on a Mac or Linux system to a staging folder using the `rsync` command. + supported_platforms: + - macos + - linux + input_arguments: + search_path: + description: Path where to start searching from + type: path + default: ~/ + output_folder: + description: Output folder containing a copy of the .gnupg directory + type: path + default: /tmp/GnuPG + executor: + command: | + mkdir #{output_folder} + find #{search_path} -type d -name '.gnupg' -exec rsync -R {} #{output_folder} \; + cleanup_command: | + rm -rf #{output_folder} + name: sh From 795d6fee543cc630f03d193055d0e851d19c761c Mon Sep 17 00:00:00 2001 From: biot Date: Tue, 22 Jun 2021 16:00:26 +0100 Subject: [PATCH 2/3] added GnuPG to T1552.004_& tidyup --- atomics/T1552.004/T1552.004.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/atomics/T1552.004/T1552.004.yaml b/atomics/T1552.004/T1552.004.yaml index 8e5dab70..1d01b9e2 100644 --- a/atomics/T1552.004/T1552.004.yaml +++ b/atomics/T1552.004/T1552.004.yaml @@ -81,7 +81,6 @@ atomic_tests: rm -rf #{output_folder} name: sh - name: Copy the users GnuPG directory with rsync - auto_generated_guid: description: | Copy the users GnuPG (.gnupg) directory on a Mac or Linux system to a staging folder using the `rsync` command. supported_platforms: From 103efec49d7ce1270b696534c71ba046bdb4905b Mon Sep 17 00:00:00 2001 From: biot Date: Tue, 22 Jun 2021 16:33:13 +0100 Subject: [PATCH 3/3] added GnuPG to T1552.004_& tidyup --- atomics/T1552.004/T1552.004.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/atomics/T1552.004/T1552.004.yaml b/atomics/T1552.004/T1552.004.yaml index 1d01b9e2..2889da96 100644 --- a/atomics/T1552.004/T1552.004.yaml +++ b/atomics/T1552.004/T1552.004.yaml @@ -90,7 +90,7 @@ atomic_tests: search_path: description: Path where to start searching from type: path - default: ~/ + default: / output_folder: description: Output folder containing a copy of the .gnupg directory type: path @@ -98,7 +98,7 @@ atomic_tests: executor: command: | mkdir #{output_folder} - find #{search_path} -type d -name '.gnupg' -exec rsync -R {} #{output_folder} \; + find #{search_path} -type d -name '.gnupg' -exec rsync -Rr {} #{output_folder} \; cleanup_command: | rm -rf #{output_folder} name: sh