CircleCI Atomic Red Team doc generator
56 lines
1.4 KiB
Markdown
56 lines
1.4 KiB
Markdown
# T1065 - Uncommonly Used Port
|
|
## [Description from ATT&CK](https://attack.mitre.org/wiki/Technique/T1065)
|
|
<blockquote>Adversaries may conduct C2 communications over a non-standard port to bypass proxies and firewalls that have been improperly configured.</blockquote>
|
|
|
|
## Atomic Tests
|
|
|
|
- [Atomic Test #1 - Testing usage of uncommonly used port with PowerShell](#atomic-test-1---testing-usage-of-uncommonly-used-port-with-powershell)
|
|
|
|
- [Atomic Test #2 - Testing usage of uncommonly used port](#atomic-test-2---testing-usage-of-uncommonly-used-port)
|
|
|
|
|
|
<br/>
|
|
|
|
## Atomic Test #1 - Testing usage of uncommonly used port with PowerShell
|
|
Testing uncommonly used port utilizing PowerShell
|
|
|
|
**Supported Platforms:** Windows
|
|
|
|
|
|
#### Inputs
|
|
| Name | Description | Type | Default Value |
|
|
|------|-------------|------|---------------|
|
|
| port | Specify uncommon port number | String | 8081|
|
|
| domain | Specify target hostname | String | google.com|
|
|
|
|
#### Run it with `powershell`!
|
|
```
|
|
test-netconnection -ComputerName #{domain} -port #{port}
|
|
```
|
|
|
|
|
|
|
|
<br/>
|
|
<br/>
|
|
|
|
## Atomic Test #2 - Testing usage of uncommonly used port
|
|
Testing uncommonly used port utilizing telnet.
|
|
|
|
**Supported Platforms:** Linux, macOS
|
|
|
|
|
|
#### Inputs
|
|
| Name | Description | Type | Default Value |
|
|
|------|-------------|------|---------------|
|
|
| port | Specify uncommon port number | String | 8081|
|
|
| domain | Specify target hostname | String | google.com|
|
|
|
|
#### Run it with `sh`!
|
|
```
|
|
telnet #{domain} #{port}
|
|
```
|
|
|
|
|
|
|
|
<br/>
|