Tony M Lambert
70 lines
1.3 KiB
YAML
70 lines
1.3 KiB
YAML
---
|
|
attack_technique: T1166
|
|
display_name: Setuid and Setgid
|
|
|
|
atomic_tests:
|
|
- name: Setuid and Setgid
|
|
description: |
|
|
Setuid and Setgid
|
|
|
|
supported_platforms:
|
|
- macos
|
|
- centos
|
|
- ubuntu
|
|
- linux
|
|
|
|
input_arguments:
|
|
payload:
|
|
description: hello.c payload
|
|
type: path
|
|
default: hello.c
|
|
|
|
executor:
|
|
name: manual
|
|
steps: |
|
|
1. make hello
|
|
|
|
2. sudo chown root hello
|
|
|
|
3. sudo chmod u+s hello
|
|
|
|
4. ./hello
|
|
|
|
- name: Set a SetUID flag on file
|
|
description: |
|
|
This test sets the SetUID flag on a file in Linux and macOS.
|
|
supported_platforms:
|
|
- macos
|
|
- centos
|
|
- ubuntu
|
|
- linux
|
|
input_arguments:
|
|
file_to_setuid:
|
|
description: Path of file to set SetUID flag
|
|
type: path
|
|
default: /tmp/evilBinary
|
|
executor:
|
|
name: sh
|
|
command: |
|
|
sudo chown root #{file_to_setuid}
|
|
sudo chmod u+s #{file_to_setuid}
|
|
|
|
- name: Set a SetGID flag on file
|
|
description: |
|
|
This test sets the SetGID flag on a file in Linux and macOS.
|
|
supported_platforms:
|
|
- macos
|
|
- centos
|
|
- ubuntu
|
|
- linux
|
|
input_arguments:
|
|
file_to_setuid:
|
|
description: Path of file to set SetGID flag
|
|
type: path
|
|
default: /tmp/evilBinary
|
|
executor:
|
|
name: sh
|
|
command: |
|
|
sudo chown root #{file_to_setuid}
|
|
sudo chmod g+s #{file_to_setuid}
|