Generated docs from job=generate-docs branch=master [ci skip]

redcanaryco · Oct 12, 2024 · d64a63d · d64a63d
1 parent 9a962c8
commit d64a63d
Show file tree

Hide file tree

Showing 12 changed files with 55 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
 
 # Atomic Red Team
 
-![GitHub Action Status](https://github.com/redcanaryco/atomic-red-team/actions/workflows/validate-atomics.yml/badge.svg?branch=master) ![Atomics](https://img.shields.io/badge/Atomics-1652-flat.svg) ![GitHub Action Status](https://github.com/redcanaryco/atomic-red-team/actions/workflows/generate-docs.yml/badge.svg?branch=master)
+![GitHub Action Status](https://github.com/redcanaryco/atomic-red-team/actions/workflows/validate-atomics.yml/badge.svg?branch=master) ![Atomics](https://img.shields.io/badge/Atomics-1653-flat.svg) ![GitHub Action Status](https://github.com/redcanaryco/atomic-red-team/actions/workflows/generate-docs.yml/badge.svg?branch=master)
 
 Atomic Red Team™ is a library of tests mapped to the
 [MITRE ATT&CK®](https://attack.mitre.org/) framework. Security teams can use

diff --git a/atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer-windows.json b/atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer-windows.json
diff --git a/atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer.json b/atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer.json
diff --git a/atomics/Indexes/Indexes-CSV/index.csv b/atomics/Indexes/Indexes-CSV/index.csv
@@ -1821,6 +1821,7 @@ discovery,T1082,System Information Discovery,31,ESXi - VM Discovery using ESXCLI
 discovery,T1082,System Information Discovery,32,ESXi - Darkside system information discovery,f89812e5-67d1-4f49-86fa-cbc6609ea86a,command_prompt
 discovery,T1082,System Information Discovery,33,sysctl to gather macOS hardware info,c8d40da9-31bd-47da-a497-11ea55d1ef6c,sh
 discovery,T1082,System Information Discovery,34,operating system discovery ,70e13ef4-5a74-47e4-9d16-760b41b0e2db,powershell
+discovery,T1082,System Information Discovery,35,"Check OS version via ""ver"" command",f6ecb109-df24-4303-8d85-1987dbae6160,command_prompt
 discovery,T1016.002,System Network Configuration Discovery: Wi-Fi Discovery,1,Enumerate Stored Wi-Fi Profiles And Passwords via netsh,53cf1903-0fa7-4177-ab14-f358ae809eec,command_prompt
 discovery,T1010,Application Window Discovery,1,List Process Main Windows - C# .NET,fe94a1c3-3e22-4dc9-9fdf-3a8bdbc10dc4,command_prompt
 discovery,T1497.003,Time Based Evasion,1,Delay execution with ping,8b87dd03-8204-478c-bac3-3959f6528de3,sh

diff --git a/atomics/Indexes/Indexes-CSV/windows-index.csv b/atomics/Indexes/Indexes-CSV/windows-index.csv
@@ -1229,6 +1229,7 @@ discovery,T1082,System Information Discovery,30,BIOS Information Discovery throu
 discovery,T1082,System Information Discovery,31,ESXi - VM Discovery using ESXCLI,2040405c-eea6-4c1c-aef3-c2acc430fac9,command_prompt
 discovery,T1082,System Information Discovery,32,ESXi - Darkside system information discovery,f89812e5-67d1-4f49-86fa-cbc6609ea86a,command_prompt
 discovery,T1082,System Information Discovery,34,operating system discovery ,70e13ef4-5a74-47e4-9d16-760b41b0e2db,powershell
+discovery,T1082,System Information Discovery,35,"Check OS version via ""ver"" command",f6ecb109-df24-4303-8d85-1987dbae6160,command_prompt
 discovery,T1016.002,System Network Configuration Discovery: Wi-Fi Discovery,1,Enumerate Stored Wi-Fi Profiles And Passwords via netsh,53cf1903-0fa7-4177-ab14-f358ae809eec,command_prompt
 discovery,T1010,Application Window Discovery,1,List Process Main Windows - C# .NET,fe94a1c3-3e22-4dc9-9fdf-3a8bdbc10dc4,command_prompt
 discovery,T1217,Browser Bookmark Discovery,5,List Google Chrome / Opera Bookmarks on Windows with powershell,faab755e-4299-48ec-8202-fc7885eb6545,powershell

diff --git a/atomics/Indexes/Indexes-Markdown/index.md b/atomics/Indexes/Indexes-Markdown/index.md
@@ -2480,6 +2480,7 @@
   - Atomic Test #32: ESXi - Darkside system information discovery [windows]
   - Atomic Test #33: sysctl to gather macOS hardware info [macos]
   - Atomic Test #34: operating system discovery  [windows]
+  - Atomic Test #35: Check OS version via "ver" command [windows]
 - [T1016.002 System Network Configuration Discovery: Wi-Fi Discovery](../../T1016.002/T1016.002.md)
   - Atomic Test #1: Enumerate Stored Wi-Fi Profiles And Passwords via netsh [windows]
 - [T1010 Application Window Discovery](../../T1010/T1010.md)

diff --git a/atomics/Indexes/Indexes-Markdown/windows-index.md b/atomics/Indexes/Indexes-Markdown/windows-index.md
@@ -1737,6 +1737,7 @@
   - Atomic Test #31: ESXi - VM Discovery using ESXCLI [windows]
   - Atomic Test #32: ESXi - Darkside system information discovery [windows]
   - Atomic Test #34: operating system discovery  [windows]
+  - Atomic Test #35: Check OS version via "ver" command [windows]
 - [T1016.002 System Network Configuration Discovery: Wi-Fi Discovery](../../T1016.002/T1016.002.md)
   - Atomic Test #1: Enumerate Stored Wi-Fi Profiles And Passwords via netsh [windows]
 - [T1010 Application Window Discovery](../../T1010/T1010.md)

diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
@@ -102399,6 +102399,14 @@ discovery:
           ServicePackMajorVersion, OSArchitecture, CSName, WindowsDirectory | Out-null
         name: powershell
         elevation_required: false
+    - name: Check OS version via "ver" command
+      auto_generated_guid: f6ecb109-df24-4303-8d85-1987dbae6160
+      description: Ver command shows information about os version.
+      supported_platforms:
+      - windows
+      executor:
+        name: command_prompt
+        command: ver
   T1016.002:
     technique:
       modified: '2023-10-05T11:35:30.887Z'

diff --git a/atomics/Indexes/windows-index.yaml b/atomics/Indexes/windows-index.yaml
@@ -83854,6 +83854,14 @@ discovery:
           ServicePackMajorVersion, OSArchitecture, CSName, WindowsDirectory | Out-null
         name: powershell
         elevation_required: false
+    - name: Check OS version via "ver" command
+      auto_generated_guid: f6ecb109-df24-4303-8d85-1987dbae6160
+      description: Ver command shows information about os version.
+      supported_platforms:
+      - windows
+      executor:
+        name: command_prompt
+        command: ver
   T1016.002:
     technique:
       modified: '2023-10-05T11:35:30.887Z'

diff --git a/atomics/T1082/T1082.md b/atomics/T1082/T1082.md
@@ -76,6 +76,8 @@ Infrastructure as a Service (IaaS) cloud providers such as AWS, GCP, and Azure a
 
 - [Atomic Test #34 - operating system discovery ](#atomic-test-34---operating-system-discovery-)
 
+- [Atomic Test #35 - Check OS version via "ver" command](#atomic-test-35---check-os-version-via-ver-command)
+
 
 <br/>
 
@@ -1222,4 +1224,32 @@ Get-CimInstance Win32_OperatingSystem | Select-Object Caption, Version, ServiceP
 
 
 
+<br/>
+<br/>
+
+## Atomic Test #35 - Check OS version via "ver" command
+Ver command shows information about os version.
+
+**Supported Platforms:** Windows
+
+
+**auto_generated_guid:** f6ecb109-df24-4303-8d85-1987dbae6160
+
+
+
+
+
+
+#### Attack Commands: Run with `command_prompt`! 
+
+
+```cmd
+ver
+```
+
+
+
+
+
+
 <br/>
diff --git a/atomics/T1082/T1082.yaml b/atomics/T1082/T1082.yaml
@@ -539,6 +539,7 @@ atomic_tests:
     name: powershell
     elevation_required: false
 - name: Check OS version via "ver" command
+  auto_generated_guid: f6ecb109-df24-4303-8d85-1987dbae6160
   description: Ver command shows information about os version.
   supported_platforms:
   - windows

diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt
@@ -1681,3 +1681,4 @@ f8160cde-4e16-4c8b-8450-6042d5363eb0
 d9c32b3b-7916-45ad-aca5-6c902da80319
 8b87dd03-8204-478c-bac3-3959f6528de3
 ad4b73c2-d6e2-4d8b-9868-4c6f55906e01
+f6ecb109-df24-4303-8d85-1987dbae6160