From cc6735d7f74889823f02e6b62cf1436bb64ed0f0 Mon Sep 17 00:00:00 2001
From: JB <35406993+cherokeejb@users.noreply.github.com>
Date: Wed, 22 Jan 2020 21:08:15 -0600
Subject: [PATCH] Added clean-up, automation of test 1, aligned tests with
 specs  (#746)

* fixed path to /src in test 1+ minor spec fix

-updated supported platforms, duplicates

* mv hello.c to /src (delete file)

* sample c script (moved from root directory)

* Automated test 1, added clean-up to all 3 tests

-Automated test 1 (Make and modify file from C Source)
-added clean-up to all 3 tests
-added touch command to make 'default file' on tests 2 and 3 (in case no other file provided)

* added PathToAtomic varible per reviewer, added fix to avoid changing file in atomics folder

* Update T1166.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Co-authored-by: Keith McCammon <keith@mccammon.org>
---
 atomics/T1166/T1166.yaml        | 38 ++++++++++++++++++++++-----------
 atomics/T1166/{ => src}/hello.c |  0
 2 files changed, 25 insertions(+), 13 deletions(-)
 rename atomics/T1166/{ => src}/hello.c (100%)

diff --git a/atomics/T1166/T1166.yaml b/atomics/T1166/T1166.yaml
index 8789eda3..0af4057c 100644
--- a/atomics/T1166/T1166.yaml
+++ b/atomics/T1166/T1166.yaml
@@ -3,9 +3,9 @@ attack_technique: T1166
 display_name: Setuid and Setgid
 
 atomic_tests:
-- name: Setuid and Setgid
+- name: Make and modify binary from C source
   description: |
-    Setuid and Setgid
+    Make, change owner, and change file attributes on a C source code file
 
   supported_platforms:
     - macos
@@ -15,18 +15,22 @@ atomic_tests:
     payload:
       description: hello.c payload
       type: path
-      default: hello.c
-
+      default: PathToAtomicsFolder/T1166/src/hello.c
+      
   executor:
-    name: manual
-    steps: |
-      1. make hello
-
-      2. sudo chown root hello
-
-      3. sudo chmod u+s hello
-
-      4. ./hello
+    name: sh
+    elevation_required: true
+    command: |
+      copy #{payload} /tmp/hello.c
+      cd /tmp
+      sudo chown root hello.c
+      sudo make hello
+      sudo chown root hello
+      sudo chmod u+s hello
+      ./hello
+    cleanup_command: |
+      sudo rm ./hello
+      sudo rm /tmp/hello.c
 
 - name: Set a SetUID flag on file
   description: |
@@ -42,9 +46,13 @@ atomic_tests:
       default: /tmp/evilBinary
   executor:
     name: sh
+    elevation_required: true
     command: |
+      sudo touch #{file_to_setuid}
       sudo chown root #{file_to_setuid}
       sudo chmod u+s #{file_to_setuid}
+    cleanup_command: |
+      sudo rm #{file_to_setuid}
 
 - name: Set a SetGID flag on file
   description: |
@@ -60,6 +68,10 @@ atomic_tests:
       default: /tmp/evilBinary
   executor:
     name: sh
+    elevation_required: true
     command: |
+      sudo touch #{file_to_setuid}
       sudo chown root #{file_to_setuid}
       sudo chmod g+s #{file_to_setuid}
+    cleanup_command: |
+      sudo rm #{file_to_setuid}
diff --git a/atomics/T1166/hello.c b/atomics/T1166/src/hello.c
similarity index 100%
rename from atomics/T1166/hello.c
rename to atomics/T1166/src/hello.c