Merge pull request #181 from Res260/dscl

Change dscl

LOOBins/dscl.yml

@@ -6,30 +6,42 @@ created: 2023-04-25
 example_use_cases:
   - name: Local user enumeration
     description: Enumerate all local users.
-    code: dscl . -list /Users
+    code: |
+      dscl . -list /Users
+      dscl . list /Users
+      dscl . ls /Users
     tactics:
       - Discovery
     tags:
       - users
   - name: Active Directory user enumeration
     description: Enumerate all Active Directory users.
-    code: dscl "/Active Directory/TEST/All Domains" -list /Users
+    code: |
+      dscl "/Active Directory/TEST/All Domains" -list /Users
+      dscl "/Active Directory/TEST/All Domains" list /Users
+      dscl "/Active Directory/TEST/All Domains" ls /Users
     tactics:
       - Discovery
     tags:
       - network
       - users
   - name: Local user information gathering
     description: Gain useful local user information such as when their password was last set, their keyboard layout, their avatar, their home directory, UID and default shell.
-    code: dscl . -read /Users/$USERNAME
+    code: |
+      dscl . -read /Users/$USERNAME
+      dscl . read /Users/$USERNAME
+      dscl . cat /Users/$USERNAME
     tactics:
     - Discovery
     tags:
     - users
     - configuration
   - name: Active Directory user information gathering
     description: Gain useful Active Directory user information such as when their password was last set, their keyboard layout, their avatar, their home directory, UID and default shell.
-    code: dscl "/Active Directory/TEST/All Domains" -read /Users/$USERNAME
+    code: |
+      dscl "/Active Directory/TEST/All Domains" -read /Users/$USERNAME
+      dscl "/Active Directory/TEST/All Domains" read /Users/$USERNAME
+      dscl "/Active Directory/TEST/All Domains" cat /Users/$USERNAME
     tactics:
     - Discovery
     tags:
@@ -38,30 +50,42 @@ example_use_cases:
     - configuration
   - name: Local group enumeration
     description: Enumerate all local groups.
-    code: dscl . -list /Groups
+    code: |
+      dscl . -list /Groups
+      dscl . list /Groups
+      dscl . ls /Groups
     tactics:
     - Discovery
     tags:
     - groups
   - name: Active Directory group enumeration
     description: Enumerate all Active Directory groups.
-    code: dscl "/Active Directory/TEST/All Domains" -list /Groups
+    code: |
+      dscl "/Active Directory/TEST/All Domains" -list /Groups
+      dscl "/Active Directory/TEST/All Domains" list /Groups
+      dscl "/Active Directory/TEST/All Domains" ls /Groups
     tactics:
     - Discovery
     tags:
     - network
     - groups
   - name: Local group information gathering
     description: Gain useful local group information such as which users belong to that group, SMB SIDs and group ID. Especially useful for the "admin" group.
-    code: dscl . -read /Groups/$GROUPNAME
+    code: |
+      dscl . -read /Groups/$GROUPNAME
+      dscl . read /Groups/$GROUPNAME
+      dscl . cat /Groups/$GROUPNAME
     tactics:
     - Discovery
     tags:
     - groups
     - configuration
   - name: Active Directory group information gathering
     description: Gain useful Active Directory group information such as which users belong to that group, SMB SIDs and group ID. Especially useful for the "admin" group.
-    code: dscl "/Active Directory/TEST/All Domains" -read /Groups/$GROUPNAME
+    code: |
+      dscl "/Active Directory/TEST/All Domains" -read /Groups/$GROUPNAME
+      dscl "/Active Directory/TEST/All Domains" read /Groups/$GROUPNAME
+      dscl "/Active Directory/TEST/All Domains" cat /Groups/$GROUPNAME
     tactics:
     - Discovery
     tags:
@@ -70,23 +94,32 @@ example_use_cases:
     - configuration
   - name: Computer enumration
     description: Enumerate all computers in an Active Directory.
-    code: dscl  "/Active Directory/TEST/All Domains" -list /Computers
+    code: |
+      dscl  "/Active Directory/TEST/All Domains" -list /Computers
+      dscl  "/Active Directory/TEST/All Domains" list /Computers
+      dscl  "/Active Directory/TEST/All Domains" ls /Computers
     tactics:
     - Discovery
     tags:
     - network
     - shares
   - name: Share enumration
     description: Enumerate all shares.
-    code: dscl . -list /SharePoints
+    code: |
+      dscl . -list /SharePoints
+      dscl . list /SharePoints
+      dscl . ls /SharePoints
     tactics:
     - Discovery
     tags:
     - network
     - shares
   - name: Password policy discovery
     description: Gain password policy information
-    code: dscl . -read /Config/shadowhash
+    code: |
+      dscl . -read /Config/shadowhash
+      dscl . read /Config/shadowhash
+      dscl . cat /Config/shadowhash
     tactics:
     - Discovery
     tags: