Added clean-up, automation of test 1, aligned tests with specs (#746)
* fixed path to /src in test 1+ minor spec fix -updated supported platforms, duplicates * mv hello.c to /src (delete file) * sample c script (moved from root directory) * Automated test 1, added clean-up to all 3 tests -Automated test 1 (Make and modify file from C Source) -added clean-up to all 3 tests -added touch command to make 'default file' on tests 2 and 3 (in case no other file provided) * added PathToAtomic varible per reviewer, added fix to avoid changing file in atomics folder * Update T1166.yaml Co-authored-by: Carrie Roberts <clr2of8@gmail.com> Co-authored-by: Keith McCammon <keith@mccammon.org>
This commit is contained in:
JB
+25
-13
@@ -3,9 +3,9 @@ attack_technique: T1166
|
||||
display_name: Setuid and Setgid
|
||||
|
||||
atomic_tests:
|
||||
- name: Setuid and Setgid
|
||||
- name: Make and modify binary from C source
|
||||
description: |
|
||||
Setuid and Setgid
|
||||
Make, change owner, and change file attributes on a C source code file
|
||||
|
||||
supported_platforms:
|
||||
- macos
|
||||
@@ -15,18 +15,22 @@ atomic_tests:
|
||||
payload:
|
||||
description: hello.c payload
|
||||
type: path
|
||||
default: hello.c
|
||||
|
||||
default: PathToAtomicsFolder/T1166/src/hello.c
|
||||
|
||||
executor:
|
||||
name: manual
|
||||
steps: |
|
||||
1. make hello
|
||||
|
||||
2. sudo chown root hello
|
||||
|
||||
3. sudo chmod u+s hello
|
||||
|
||||
4. ./hello
|
||||
name: sh
|
||||
elevation_required: true
|
||||
command: |
|
||||
copy #{payload} /tmp/hello.c
|
||||
cd /tmp
|
||||
sudo chown root hello.c
|
||||
sudo make hello
|
||||
sudo chown root hello
|
||||
sudo chmod u+s hello
|
||||
./hello
|
||||
cleanup_command: |
|
||||
sudo rm ./hello
|
||||
sudo rm /tmp/hello.c
|
||||
|
||||
- name: Set a SetUID flag on file
|
||||
description: |
|
||||
@@ -42,9 +46,13 @@ atomic_tests:
|
||||
default: /tmp/evilBinary
|
||||
executor:
|
||||
name: sh
|
||||
elevation_required: true
|
||||
command: |
|
||||
sudo touch #{file_to_setuid}
|
||||
sudo chown root #{file_to_setuid}
|
||||
sudo chmod u+s #{file_to_setuid}
|
||||
cleanup_command: |
|
||||
sudo rm #{file_to_setuid}
|
||||
|
||||
- name: Set a SetGID flag on file
|
||||
description: |
|
||||
@@ -60,6 +68,10 @@ atomic_tests:
|
||||
default: /tmp/evilBinary
|
||||
executor:
|
||||
name: sh
|
||||
elevation_required: true
|
||||
command: |
|
||||
sudo touch #{file_to_setuid}
|
||||
sudo chown root #{file_to_setuid}
|
||||
sudo chmod g+s #{file_to_setuid}
|
||||
cleanup_command: |
|
||||
sudo rm #{file_to_setuid}
|
||||
|
||||
Reference in New Issue
Block a user