From c5b2c92ad31e7014255d18daee39fcd286ff4432 Mon Sep 17 00:00:00 2001
From: Andrew Beers <apbeers@icloud.com>
Date: Tue, 19 Nov 2019 16:24:45 -0600
Subject: [PATCH] cleanup tests (#673)

* cleanup tests

* fix path issue and add elevation requirements

* fix format

* remove redundant tests
---
 atomics/T1158/T1158.yaml | 113 ++++++++++-----------------------------
 1 file changed, 27 insertions(+), 86 deletions(-)

diff --git a/atomics/T1158/T1158.yaml b/atomics/T1158/T1158.yaml
index 403000e9..a68023c2 100644
--- a/atomics/T1158/T1158.yaml
+++ b/atomics/T1158/T1158.yaml
@@ -11,84 +11,55 @@ atomic_tests:
     - macos
   executor:
     name: sh
+    elevation_required: false
     command: |
-      mkdir .hidden-directory
-      echo "this file is hidden" > .hidden-directory/.hidden-file
+      mkdir /var/tmp/.hidden-directory
+      echo "T1158" > /var/tmp/.hidden-directory/.hidden-file
+    cleanup_command: |
+      rm -rf /var/tmp/.hidden-directory/
 
 - name: Mac Hidden file
   description: |
     Hide a file on MacOS
-
   supported_platforms:
     - macos
-
   executor:
     name: sh
+    elevation_required: false
     command: |
-      sudo xattr -lr * / 2>&1 /dev/null | grep -C 2 "00 00 00 00 00 00 00 00 40 00 FF FF FF FF 00 00"
-
-- name: Hidden file
-  description: |
-    mv file to a .file
-
-  supported_platforms:
-    - macos
-    - linux
-
-  input_arguments:
-    filename:
-      description: path of file to hide
-      type: path
-      default: /tmp/evil
-    output_filename:
-      description: output path of file
-      type: path
-      default: /tmp/evil
-  executor:
-    name: sh
-    command: |
-      mv #{filename} .#{output_filename}
+      xattr -lr * / 2>&1 /dev/null | grep -C 2 "00 00 00 00 00 00 00 00 40 00 FF FF FF FF 00 00"
 
 - name: Create Windows System File with Attrib
   description: |
     Creates a file and marks it as a system file using the attrib.exe utility.
-
   supported_platforms:
     - windows
-
-  input_arguments:
-    filename:
-      description: path of file to mark as system
-      type: path
-      default: C:\Temp\sensitive_file.txt
   executor:
     name: command_prompt
-    elevation_required: false
+    elevation_required: true
     command: |
-      attrib.exe +s #{filename}
+      echo T1158 > %TEMP%\T1158.txt
+      attrib.exe +s %TEMP%\T1158.txt
+    cleanup_command: |
+      del /A:S %TEMP%\T1158.txt
 
 - name: Create Windows Hidden File with Attrib
   description: |
     Creates a file and marks it as hidden using the attrib.exe utility.
-
   supported_platforms:
     - windows
-
-  input_arguments:
-    filename:
-      description: path of file to mark as hidden
-      type: path
-      default: C:\Temp\sensitive_file.txt
   executor:
     name: command_prompt
     elevation_required: false
     command: |
-      attrib.exe +h #{filename}
+      echo T1158_hidden > %TEMP%\T1158_hidden.txt
+      attrib.exe +h %TEMP%\T1158_hidden.txt
+    cleanup_command: |
+      del /A:H %TEMP%\T1158_hidden.txt
 
 - name: Hidden files
   description: |
     Requires Apple Dev Tools
-
   supported_platforms:
     - macos
   input_arguments:
@@ -98,68 +69,36 @@ atomic_tests:
       default: /tmp/evil
   executor:
     name: sh
+    elevation_required: false
     command: |
       setfile -a V #{filename}
 
 - name: Hide a Directory
   description: |
     Hide a directory on MacOS
-
   supported_platforms:
     - macos
-  input_arguments:
-    filename:
-      description: path of file to hide
-      type: path
-      default: /tmp/evil
   executor:
     name: sh
+    elevation_required: false
     command: |
-      chflags hidden #{filename}
+      touch /var/tmp/T1158_mac.txt
+      chflags hidden /var/tmp/T1158_mac.txt
+    cleanup_command: |
+      rm /var/tmp/T1158_mac.txt
 
 - name: Show all hidden files
   description: |
     Show all hidden files on MacOS
-
   supported_platforms:
     - macos
-
   executor:
     name: sh
+    elevation_required: false
     command: |
       defaults write com.apple.finder AppleShowAllFiles YES
-
-- name: Create Visible Directories
-  description: |
-    Create visible directories on MacOS and Linux
-
-  supported_platforms:
-    - macos
-    - linux
-
-  executor:
-    name: sh
-    command: |
-      mkdir visible-directory
-      echo "this file is visible" > visible-directory/visible-file
-      ls
-      ls visible-directory
-
-- name: Create hidden directories and files
-  description: |
-    Create hidden directories and files on Nix platforms
-
-  supported_platforms:
-    - macos
-    - linux
-
-  executor:
-    name: sh
-    command: |
-      mkdir .hidden-directory
-      echo "this file is hidden" > .hidden-directory/.hidden-file
-      ls -la
-      ls -la .hidden-directory
+    cleanup_command: |
+      defaults write com.apple.finder AppleShowAllFiles NO
 
 - name: Create ADS command prompt
   description: |
@@ -207,3 +146,5 @@ atomic_tests:
       set-content -path #{file_name} -stream #{ads_filename} -value "test2"
       set-content -path . -stream #{ads_filename} -value "test3"
       ls -Recurse | %{ gi $_.Fullname -stream *} | where stream -ne ':$Data' | Select-Object pschildname
+    cleanup_command: |
+      Remove-Item -Path #{file_name}