Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

T1005 Find and dump sqlite databases (Linux) #2402

Merged
merged 16 commits into from
Nov 9, 2023
Merged

T1005 Find and dump sqlite databases (Linux) #2402

merged 16 commits into from
Nov 9, 2023

Conversation

biot-2131
Copy link
Contributor

Details:
Ive added the T1005 technique as a whole, the directory and yaml but not the markdown, is this correct or are there extra steps?
Testing:
Tested on Ubuntu and Redhat. Apart from the apt/yum install commands, it will work on any system because sqlite3 is a stand alone application. Please see screen shots.

T1005-01
T1005-02
T1005-03
T1005-04

@clr2of8 clr2of8 added the linux label Apr 24, 2023
@biot-2131
Update sqlite_dump.sh
2252747 
removed hard coded file name :-)
@biot-2131
Copy link
Contributor Author

biot-2131 commented May 31, 2023
edited
Loading

Hi

I getting this error:

	'Url' is not one of ['integer', 'float']
	'https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1005/src' is not of type 'number', 'null'
	'Url' is not one of ['path', 'url', 'string']

is this because the T1005 directory doesn't exist, because its a new technique?

@cyberbuff
Copy link
Collaborator

Hi

I getting this error:

	'Url' is not one of ['integer', 'float']
	'https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1005/src' is not of type 'number', 'null'
	'Url' is not one of ['path', 'url', 'string']

is this because the T1005 directory doesn't exist, because its a new technique?

Hey,

Thanks for your contribution. This is because, it expects url and not Url. If you could rename it, that would be great.

@josehelps josehelps removed their assignment Jun 2, 2023
@github-actions
Copy link

This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.

@github-actions github-actions bot added the Stale label Jul 21, 2023
@github-actions
Copy link

github-actions bot commented Aug 1, 2023

This PR was closed because it has been stalled for 10 days with no activity.

@github-actions github-actions bot closed this Aug 1, 2023
@cyberbuff cyberbuff reopened this Aug 2, 2023
@github-actions github-actions bot removed the Stale label Aug 3, 2023
@svc-github-aws-opensource svc-github-aws-opensource force-pushed the master branch 2 times, most recently from f785739 to ca7374a Compare August 15, 2023 01:06
@svc-github-aws-opensource svc-github-aws-opensource force-pushed the master branch 3 times, most recently from 3ceb1e3 to 5e4a0ce Compare October 3, 2023 17:49
@cyberbuff cyberbuff merged commit 07225ec into redcanaryco:master Nov 9, 2023
3 checks passed
@cyberbuff
Copy link
Collaborator

Hello @biot-2131 Thank you for your first-time contribution. Keep it up! Don't forget to claim your free Atomic Red Team t-shirt

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cyberbuff cyberbuff cyberbuff approved these changes

Assignees

@josehelps josehelps

@cyberbuff cyberbuff

Labels
linux
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@biot-2131 @cyberbuff @josehelps @MSAdministrator @clr2of8