Generated docs from job=generate-docs branch=master [ci skip]

redcanaryco · Apr 7, 2024 · 3bcc943 · 3bcc943
1 parent acd5bf3
commit 3bcc943
Show file tree

Hide file tree

Showing 7 changed files with 38 additions and 23 deletions.
diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
@@ -42143,7 +42143,7 @@ privilege-escalation:
           default: "/tmp/T1547.006"
         module_source_path:
           description: Path to download Gsecdump binary file
-          type: url
+          type: path
           default: PathToAtomicsFolder/T1547.006/src
       dependency_executor_name: bash
       dependencies:
@@ -64640,7 +64640,7 @@ persistence:
           default: "/tmp/T1547.006"
         module_source_path:
           description: Path to download Gsecdump binary file
-          type: url
+          type: path
           default: PathToAtomicsFolder/T1547.006/src
       dependency_executor_name: bash
       dependencies:
@@ -71005,7 +71005,7 @@ command-and-control:
           default: 127.0.0.1
         client_path:
           description: Client agent path
-          type: url
+          type: path
           default: PathToAtomicsFolder\T1071\bin\telnet_client.exe
         server_port:
           description: C2 server port
@@ -74743,15 +74743,19 @@ command-and-control:
       - macos
       input_arguments:
         proxy_server:
-          description: Proxy server URL (host:port)
+          description: Proxy server URL
           type: url
-          default: 127.0.0.1:8080
+          default: 127.0.0.1
+        proxy_port:
+          description: Proxy server port
+          type: integer
+          default: 8080
         proxy_scheme:
           description: Protocol to proxy (http or https)
           type: string
           default: http
       executor:
-        command: 'export #{proxy_scheme}_proxy=#{proxy_server}
+        command: 'export #{proxy_scheme}_proxy=#{proxy_server}:#{proxy_port}
 
           '
         cleanup_command: |
@@ -74785,8 +74789,9 @@ command-and-control:
         command: |
           networksetup -setwebproxy #{interface} #{proxy_server} #{proxy_port}
           networksetup -setsecurewebproxy #{interface} #{proxy_server} #{proxy_port}
-        cleanup_command: "networksetup -setwebproxystate #{interface} off\nnetworksetup
-          -setsecurewebproxystate #{interface} off  \n"
+        cleanup_command: |
+          networksetup -setwebproxystate #{interface} off
+          networksetup -setsecurewebproxystate #{interface} off
     - name: portproxy reg key
       auto_generated_guid: b8223ea9-4be2-44a6-b50a-9657a3d4e72a
       description: |

diff --git a/atomics/Indexes/linux-index.yaml b/atomics/Indexes/linux-index.yaml
@@ -23811,7 +23811,7 @@ privilege-escalation:
           default: "/tmp/T1547.006"
         module_source_path:
           description: Path to download Gsecdump binary file
-          type: url
+          type: path
           default: PathToAtomicsFolder/T1547.006/src
       dependency_executor_name: bash
       dependencies:
@@ -37313,7 +37313,7 @@ persistence:
           default: "/tmp/T1547.006"
         module_source_path:
           description: Path to download Gsecdump binary file
-          type: url
+          type: path
           default: PathToAtomicsFolder/T1547.006/src
       dependency_executor_name: bash
       dependencies:
@@ -43978,15 +43978,19 @@ command-and-control:
       - macos
       input_arguments:
         proxy_server:
-          description: Proxy server URL (host:port)
+          description: Proxy server URL
           type: url
-          default: 127.0.0.1:8080
+          default: 127.0.0.1
+        proxy_port:
+          description: Proxy server port
+          type: integer
+          default: 8080
         proxy_scheme:
           description: Protocol to proxy (http or https)
           type: string
           default: http
       executor:
-        command: 'export #{proxy_scheme}_proxy=#{proxy_server}
+        command: 'export #{proxy_scheme}_proxy=#{proxy_server}:#{proxy_port}
 
           '
         cleanup_command: |

diff --git a/atomics/Indexes/macos-index.yaml b/atomics/Indexes/macos-index.yaml
@@ -40615,15 +40615,19 @@ command-and-control:
       - macos
       input_arguments:
         proxy_server:
-          description: Proxy server URL (host:port)
+          description: Proxy server URL
           type: url
-          default: 127.0.0.1:8080
+          default: 127.0.0.1
+        proxy_port:
+          description: Proxy server port
+          type: integer
+          default: 8080
         proxy_scheme:
           description: Protocol to proxy (http or https)
           type: string
           default: http
       executor:
-        command: 'export #{proxy_scheme}_proxy=#{proxy_server}
+        command: 'export #{proxy_scheme}_proxy=#{proxy_server}:#{proxy_port}
 
           '
         cleanup_command: |
@@ -40657,8 +40661,9 @@ command-and-control:
         command: |
           networksetup -setwebproxy #{interface} #{proxy_server} #{proxy_port}
           networksetup -setsecurewebproxy #{interface} #{proxy_server} #{proxy_port}
-        cleanup_command: "networksetup -setwebproxystate #{interface} off\nnetworksetup
-          -setsecurewebproxystate #{interface} off  \n"
+        cleanup_command: |
+          networksetup -setwebproxystate #{interface} off
+          networksetup -setsecurewebproxystate #{interface} off
   T1102.001:
     technique:
       x_mitre_platforms:

diff --git a/atomics/Indexes/windows-index.yaml b/atomics/Indexes/windows-index.yaml
@@ -58391,7 +58391,7 @@ command-and-control:
           default: 127.0.0.1
         client_path:
           description: Client agent path
-          type: url
+          type: path
           default: PathToAtomicsFolder\T1071\bin\telnet_client.exe
         server_port:
           description: C2 server port

diff --git a/atomics/T1071/T1071.md b/atomics/T1071/T1071.md
@@ -27,7 +27,7 @@ An adversary may establish telnet communication from compromised endpoint to com
 | Name | Description | Type | Default Value |
 |------|-------------|------|---------------|
 | server_ip | C2 server IP or URL | url | 127.0.0.1|
-| client_path | Client agent path | url | PathToAtomicsFolder&#92;T1071&#92;bin&#92;telnet_client.exe|
+| client_path | Client agent path | path | PathToAtomicsFolder&#92;T1071&#92;bin&#92;telnet_client.exe|
 | server_port | C2 server port | integer | 23|
 
 

diff --git a/atomics/T1090.001/T1090.001.md b/atomics/T1090.001/T1090.001.md
@@ -32,15 +32,16 @@ Note that this test may conflict with pre-existing system configuration.
 #### Inputs:
 | Name | Description | Type | Default Value |
 |------|-------------|------|---------------|
-| proxy_server | Proxy server URL (host:port) | url | 127.0.0.1:8080|
+| proxy_server | Proxy server URL | url | 127.0.0.1|
+| proxy_port | Proxy server port | integer | 8080|
 | proxy_scheme | Protocol to proxy (http or https) | string | http|
 
 
 #### Attack Commands: Run with `sh`! 
 
 
 ```sh
-export #{proxy_scheme}_proxy=#{proxy_server}
+export #{proxy_scheme}_proxy=#{proxy_server}:#{proxy_port}
 ```
 
 #### Cleanup Commands:

diff --git a/atomics/T1547.006/T1547.006.md b/atomics/T1547.006/T1547.006.md
@@ -41,7 +41,7 @@ This test uses the insmod command to load a kernel module for Linux.
 | module_name | Name of the kernel module name. | string | T1547006|
 | module_path | Folder used to store the module. | path | /tmp/T1547.006/T1547006.ko|
 | temp_folder | Temp folder used to compile the code. | path | /tmp/T1547.006|
-| module_source_path | Path to download Gsecdump binary file | url | PathToAtomicsFolder/T1547.006/src|
+| module_source_path | Path to download Gsecdump binary file | path | PathToAtomicsFolder/T1547.006/src|
 
 
 #### Attack Commands: Run with `bash`!  Elevation Required (e.g. root or admin)