From 9184e421e96a1eacb397c771852cd5f11cf65b69 Mon Sep 17 00:00:00 2001
From: D4rkCiph3r <102921060+D4rkCiph3r@users.noreply.github.com>
Date: Fri, 17 Feb 2023 18:19:33 +0530
Subject: [PATCH 1/2] Added new test case - T1027.001

Added a new test case.
Minor changes to the existing test case.
---
 atomics/T1027.001/T1027.001.yaml | 32 +++++++++++++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

diff --git a/atomics/T1027.001/T1027.001.yaml b/atomics/T1027.001/T1027.001.yaml
index a84f631e..266a1043 100644
--- a/atomics/T1027.001/T1027.001.yaml
+++ b/atomics/T1027.001/T1027.001.yaml
@@ -25,7 +25,37 @@ atomic_tests:
       cp /bin/ls #{file_to_pad}
   executor:
     command: |
-      dd if=/dev/zero bs=1 count=1 >> #{file_to_pad}
+      dd if=/dev/zero bs=1 count=1 >> #{file_to_pad} #adds null bytes
+      dd if=/dev/random bs=1 count=1 >> #{file_to_pad} #adds high-quality random data
+      dd if=/dev/urandom bs=1 count=1 >> #{file_to_pad} #adds low-quality random data
+    cleanup_command: |
+      rm #{file_to_pad}
+    name: sh
+    
+- name: Pad Binary to Change Hash using truncate command - Linux/macOS
+  description: |
+    Uses truncate to add number of bytes to the binary to change the hash.
+
+    Upon successful execution, truncate will modify `/tmp/evil-binary`, therefore the expected hash will change.
+  supported_platforms:
+  - macos
+  - linux
+  input_arguments:
+    file_to_pad:
+      description: Path of binary to be padded
+      type: path
+      default: /tmp/evil-binary
+  dependency_executor_name: bash
+  dependencies:
+  - description: |
+      The binary must exist on disk at specified location (#{file_to_pad})
+    prereq_command: |
+      if [ -f #{file_to_pad} ]; then exit 0; else exit 1; fi;
+    get_prereq_command: |
+      cp /bin/ls #{file_to_pad}
+  executor:
+    command: |
+      truncate -s +1 #{file_to_pad} #adds a byte to the file size
     cleanup_command: |
       rm #{file_to_pad}
     name: sh

From 4b2ddac4231ad77549919ffeea0a222022ff6036 Mon Sep 17 00:00:00 2001
From: D4rkCiph3r <102921060+D4rkCiph3r@users.noreply.github.com>
Date: Sat, 18 Mar 2023 08:22:10 +0530
Subject: [PATCH 2/2] Update T1027.001.yaml

Updated the test descriptions for atomic test #1 and #2.
---
 atomics/T1027.001/T1027.001.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/atomics/T1027.001/T1027.001.yaml b/atomics/T1027.001/T1027.001.yaml
index 266a1043..47608365 100644
--- a/atomics/T1027.001/T1027.001.yaml
+++ b/atomics/T1027.001/T1027.001.yaml
@@ -4,7 +4,7 @@ atomic_tests:
 - name: Pad Binary to Change Hash - Linux/macOS dd
   auto_generated_guid: ffe2346c-abd5-4b45-a713-bf5f1ebd573a
   description: |
-    Uses dd to add a zero to the binary to change the hash.
+    Uses dd to add a zero byte, high-quality random data, and low-quality random data to the binary to change the hash.
 
     Upon successful execution, dd will modify `/tmp/evil-binary`, therefore the expected hash will change.
   supported_platforms:
@@ -34,7 +34,7 @@ atomic_tests:
     
 - name: Pad Binary to Change Hash using truncate command - Linux/macOS
   description: |
-    Uses truncate to add number of bytes to the binary to change the hash.
+    Uses truncate to add a byte to the binary to change the hash.
 
     Upon successful execution, truncate will modify `/tmp/evil-binary`, therefore the expected hash will change.
   supported_platforms: