Brian Beyer
48 lines
1.3 KiB
YAML
48 lines
1.3 KiB
YAML
---
|
|
attack_technique: t1136
|
|
display_name: Create Account
|
|
|
|
atomic_tests:
|
|
- name: Create a user account on a Linux system
|
|
description: |
|
|
Create a user via useradd
|
|
supported_platforms:
|
|
- linux
|
|
input_arguments:
|
|
username:
|
|
description: Username of the user to create
|
|
type: String
|
|
default: evil_user
|
|
comment:
|
|
description: Comment to record when creating the user
|
|
type: String
|
|
default: Evil Account
|
|
executor:
|
|
name: bash
|
|
command: |
|
|
useradd -M -N -r -s /bin/bash -c "#{comment}" #{username}
|
|
|
|
- name: Create a user account on a MacOS system
|
|
description: |
|
|
Creates a user on a MacOS system with dscl
|
|
supported_platforms:
|
|
- macos
|
|
args:
|
|
username:
|
|
description: Username of the user to create
|
|
type: String
|
|
default: evil_user
|
|
realname:
|
|
description: "'realname' to record when creating the user"
|
|
type: String
|
|
default: Evil Account
|
|
executor:
|
|
name: bash
|
|
command: |
|
|
dscl . -create /Users/#{username}
|
|
dscl . -create /Users/#{username} UserShell /bin/bash
|
|
dscl . -create /Users/#{username} RealName "#{realname}"
|
|
dscl . -create /Users/#{username} UniqueID "1010"
|
|
dscl . -create /Users/#{username} PrimaryGroupID 80
|
|
dscl . -create /Users/#{username} NFSHomeDirectory /Users/#{username}
|