security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

expand description (#2227)

Browse Source 
* expand description

* add cve number and link
This commit is contained in:
Carrie Roberts
2022-11-10 11:58:47 -05:00
committed by GitHub
parent 6d0287a984
commit 956a699a65
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/T1003.002/T1003.002.yaml
+3 -3
View File
@@ -105,8 +105,8 @@ atomic_tests:
- name: dump volume shadow copy hives with certutil
auto_generated_guid: eeb9751a-d598-42d3-b11c-c122d9c3f6c7
description: |
Dump hives from volume shadow copies with the certutil utility
This can be done with a non-admin user account
Dump hives from volume shadow copies with the certutil utility, exploiting a vulnerability known as "HiveNightmare" or "SeriousSAM".
This can be done with a non-admin user account. [CVE-2021-36934](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36934)
supported_platforms:
- windows
input_arguments:
@@ -139,7 +139,7 @@ atomic_tests:
- name: dump volume shadow copy hives with System.IO.File
auto_generated_guid: 9d77fed7-05f8-476e-a81b-8ff0472c64d0
description: |
Dump hives from volume shadow copies with System.IO.File
Dump hives from volume shadow copies with System.IO.File. [CVE-2021-36934](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36934)
supported_platforms:
- windows
input_arguments: