security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1 from W00glin/T1613MD

Browse Source 
Update T1613.md
This commit is contained in:
BF
2024-02-12 10:35:55 -08:00
committed by GitHub
parent 86c88bc4d1 3f7f18183e
commit ba36a83807
1 changed files with 60 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/T1613/T1613.md
+60 -11
View File
@@ -6,21 +6,15 @@ These resources can be viewed within web applications such as the Kubernetes das
## Atomic Tests
- [Atomic Test #1 - Container and ResourceDiscovery](#atomic-test-1---container-and-resourcediscovery)
- [Atomic Test #1 - Docker Container and ResourceDiscovery](#atomic-test-1---container-and-resourcediscovery)
- [Atomic Test #2 - Podman Container and ResourceDiscovery](#atomic-test-2---podman-container-and-resourcediscovery)
<br/>
## Atomic Test #1 - Container and ResourceDiscovery
Adversaries may attempt to discover containers and other resources that are available within a containers environment.
**Supported Platforms:** Containers
**auto_generated_guid:** 8a895923-f99f-4668-acf2-6cc59a44f05e
## Atomic Test #1 - Docker Container and ResourceDiscovery
Adversaries may attempt to discover Docker containers and other resources that are available within a containers environment.
**Supported Platforms:** Docker, Containers
@@ -64,6 +58,61 @@ sudo systemctl start docker
```
## Atomic Test #2 - Podman Container and ResourceDiscovery
Adversaries may attempt to discover Podman containers and other resources that are available within a containers environment.
**Supported Platforms:** Podman, Containers
#### Attack Commands: Run with `sh`!
```sh
podman build -t t1613 $PathtoAtomicsFolder/T1613/src/
podman run --name t1613_container -d -t t1613
podman ps
podman stats --no-stream
podman inspect $(podman ps -l -q --filter ancestor=t1613)
```
#### Cleanup Commands:
```sh
podman stop t1613_container
podman rmi -f t1613_container
```
#### Dependencies: Run with `sh`!
##### Description: Verify podman is installed.
##### Check Prereq Commands:
```sh
which podman
```
##### Get Prereq Commands:
```sh
if [ "" == "`which podman`" ]; then
echo "Podman Not Found"
if [ -n "`which apt-get`" ]; then
sudo apt-get -y install podman
elif [ -n "`which yum`" ]; then
sudo yum -y install podman
fi
else
echo "Podman installed"
fi
```
##### Description: Verify docker service is running.
##### Check Prereq Commands:
```sh
sudo systemctl status podman --no-pager
```
##### Get Prereq Commands:
```sh
sudo systemctl start podman
```
<br/>