Generated docs from job=generate-docs branch=master [ci skip]
This commit is contained in:
Atomic Red Team doc generator
@@ -9886,20 +9886,10 @@ defense-evasion:
|
||||
description: Path of reference file to read timestamps from
|
||||
type: path
|
||||
default: "/bin/sh"
|
||||
dependencies:
|
||||
- description: 'The file must exist in order to be timestomped
|
||||
|
||||
'
|
||||
prereq_command: 'test -e #{target_file_path} && exit 0 || exit 1
|
||||
|
||||
'
|
||||
get_prereq_command: 'echo ''T1070.006 reference file timestomp test'' > #{target_file_path}
|
||||
|
||||
'
|
||||
executor:
|
||||
command: 'touch -acmr #{reference_file_path} #{target_file_path}
|
||||
|
||||
'
|
||||
command: |
|
||||
touch #{target_file_path}
|
||||
touch -acmr #{reference_file_path} #{target_file_path}
|
||||
cleanup_command: 'rm -f #{target_file_path}
|
||||
|
||||
'
|
||||
|
||||
@@ -5705,20 +5705,10 @@ defense-evasion:
|
||||
description: Path of reference file to read timestamps from
|
||||
type: path
|
||||
default: "/bin/sh"
|
||||
dependencies:
|
||||
- description: 'The file must exist in order to be timestomped
|
||||
|
||||
'
|
||||
prereq_command: 'test -e #{target_file_path} && exit 0 || exit 1
|
||||
|
||||
'
|
||||
get_prereq_command: 'echo ''T1070.006 reference file timestomp test'' > #{target_file_path}
|
||||
|
||||
'
|
||||
executor:
|
||||
command: 'touch -acmr #{reference_file_path} #{target_file_path}
|
||||
|
||||
'
|
||||
command: |
|
||||
touch #{target_file_path}
|
||||
touch -acmr #{reference_file_path} #{target_file_path}
|
||||
cleanup_command: 'rm -f #{target_file_path}
|
||||
|
||||
'
|
||||
|
||||
@@ -5215,20 +5215,10 @@ defense-evasion:
|
||||
description: Path of reference file to read timestamps from
|
||||
type: path
|
||||
default: "/bin/sh"
|
||||
dependencies:
|
||||
- description: 'The file must exist in order to be timestomped
|
||||
|
||||
'
|
||||
prereq_command: 'test -e #{target_file_path} && exit 0 || exit 1
|
||||
|
||||
'
|
||||
get_prereq_command: 'echo ''T1070.006 reference file timestomp test'' > #{target_file_path}
|
||||
|
||||
'
|
||||
executor:
|
||||
command: 'touch -acmr #{reference_file_path} #{target_file_path}
|
||||
|
||||
'
|
||||
command: |
|
||||
touch #{target_file_path}
|
||||
touch -acmr #{reference_file_path} #{target_file_path}
|
||||
cleanup_command: 'rm -f #{target_file_path}
|
||||
|
||||
'
|
||||
|
||||
@@ -196,6 +196,7 @@ This technique was used by the threat actor Rocke during the compromise of Linux
|
||||
|
||||
|
||||
```sh
|
||||
touch #{target_file_path}
|
||||
touch -acmr #{reference_file_path} #{target_file_path}
|
||||
```
|
||||
|
||||
@@ -206,18 +207,6 @@ rm -f #{target_file_path}
|
||||
|
||||
|
||||
|
||||
#### Dependencies: Run with `sh`!
|
||||
##### Description: The file must exist in order to be timestomped
|
||||
##### Check Prereq Commands:
|
||||
```sh
|
||||
test -e #{target_file_path} && exit 0 || exit 1
|
||||
```
|
||||
##### Get Prereq Commands:
|
||||
```sh
|
||||
echo 'T1070.006 reference file timestomp test' > #{target_file_path}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
<br/>
|
||||
|
||||
Reference in New Issue
Block a user