Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v2.3.0 #93

Merged
merged 75 commits into from
Aug 9, 2022
Merged

v2.3.0 #93

merged 75 commits into from
Aug 9, 2022

Commits on May 3, 2022

  1. refactor: development version 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed May 3, 2022
    Configuration menu
    Copy the full SHA
    501e5fe View commit details
    Browse the repository at this point in the history

Commits on May 10, 2022

  1. Merge branch 'feature/github-actions' into develop

    @tclahr
    tclahr committed May 10, 2022
    Configuration menu
    Copy the full SHA
    d489733 View commit details
    Browse the repository at this point in the history

  2. refactor: remove profiles 

    Remove 'full-with-memory-dump' and 'memory-dump-only' profiles.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed May 10, 2022
    Configuration menu
    Copy the full SHA
    641abbf View commit details
    Browse the repository at this point in the history

  3. refactor: remove -o command line option 

    '-o' command line option was replaced by/renamed to '-s'.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed May 10, 2022
    Configuration menu
    Copy the full SHA
    2569dde View commit details
    Browse the repository at this point in the history

Commits on May 22, 2022

  1. refactor: change sentence 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed May 22, 2022
    Configuration menu
    Copy the full SHA
    b3641fa View commit details
    Browse the repository at this point in the history

Commits on Jun 14, 2022

  1. style: change to exclude_name_pattern description text 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jun 14, 2022
    Configuration menu
    Copy the full SHA
    367939c View commit details
    Browse the repository at this point in the history

Commits on Jul 6, 2022

  1. style: spell check corrections 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 6, 2022
    Configuration menu
    Copy the full SHA
    43059ae View commit details
    Browse the repository at this point in the history

  2. refactor: update new features 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 6, 2022
    Configuration menu
    Copy the full SHA
    aa046ff View commit details
    Browse the repository at this point in the history

  3. refactor: update to new features section 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 6, 2022
    Configuration menu
    Copy the full SHA
    8c43c00 View commit details
    Browse the repository at this point in the history

  4. feat: function was replaced by parse_artifact_list 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 6, 2022
    Configuration menu
    Copy the full SHA
    e930e71 View commit details
    Browse the repository at this point in the history

  5. feat: add multiple -a and -p options 

    -a and -p can be used multiple times to build an even more customized
collection. Artifacts will be collected in the order they were provided
in the command line.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 6, 2022
    Configuration menu
    Copy the full SHA
    32ceda8 View commit details
    Browse the repository at this point in the history

  6. feat: remove -type f 

    remove '-type f' from 'find' because some systems that use specific versions
of busybox do not support it.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 6, 2022
    Configuration menu
    Copy the full SHA
    0aff16a View commit details
    Browse the repository at this point in the history

  7. Merge pull request #71 from tclahr/feature/issue-46 

    Feature/issue 46
    @tclahr
    tclahr authored Jul 6, 2022
    Configuration menu
    Copy the full SHA
    670968c View commit details
    Browse the repository at this point in the history

  8. Merge pull request #73 from tclahr/feature/github-actions 

    feat: add multiple -a and -p tests
    @tclahr
    tclahr authored Jul 6, 2022
    Configuration menu
    Copy the full SHA
    600d8bd View commit details
    Browse the repository at this point in the history

  9. feat: add 'find' params info to uac.log 

    add logging information about which parameters are supported by 'find'.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 6, 2022
    Configuration menu
    Copy the full SHA
    bb24f09 View commit details
    Browse the repository at this point in the history

  10. fix: 'find -type' support 

    Check if 'find' supports '-type' parameter.
Also, skip if target system does not support it.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 6, 2022
    Configuration menu
    Copy the full SHA
    7a26bdd View commit details
    Browse the repository at this point in the history

  11. Merge pull request #74 from tclahr/feature/issue-64 

    Feature/issue 64
    @tclahr
    tclahr authored Jul 6, 2022
    Configuration menu
    Copy the full SHA
    5d80cfd View commit details
    Browse the repository at this point in the history

Commits on Jul 13, 2022

  1. feat: add additional log messages 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 13, 2022
    Configuration menu
    Copy the full SHA
    9c3caf5 View commit details
    Browse the repository at this point in the history

  2. feat: change how parameter is handled 

    Change how -type and -perm are handled. These parameters are crucial for
some artifacts, so they need to fail if they are not supported by the target system.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 13, 2022
    Configuration menu
    Copy the full SHA
    40c1a39 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #75 from tclahr/feature/issue-64 

    Feature/issue 64
    @tclahr
    tclahr authored Jul 13, 2022
    Configuration menu
    Copy the full SHA
    27725aa View commit details
    Browse the repository at this point in the history

  4. fix: remove /dev/ from the exclusion list 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 13, 2022
    Configuration menu
    Copy the full SHA
    2f227c4 View commit details
    Browse the repository at this point in the history

  5. Merge pull request #76 from tclahr/feature/issue-65 

    fix: remove /dev/ from the exclusion list
    @tclahr
    tclahr authored Jul 13, 2022
    Configuration menu
    Copy the full SHA
    f89a1ea View commit details
    Browse the repository at this point in the history

  6. feat: new artifacts 

    New artifacts.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 13, 2022
    Configuration menu
    Copy the full SHA
    db5d245 View commit details
    Browse the repository at this point in the history

  7. refactor: develop update 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 13, 2022
    Configuration menu
    Copy the full SHA
    9fd8def View commit details
    Browse the repository at this point in the history

Commits on Jul 14, 2022

  1. feat: do not delete temp dir during debug mode 

    UAC will not delete the temporary directory 'uac-data.tmp' after
creating the output file if --debug was provided.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 14, 2022
    Configuration menu
    Copy the full SHA
    af12529 View commit details
    Browse the repository at this point in the history

  2. feat: add root_output_directory to file collector 

    Add root_output_directory to file collector to make it possible of
working with is_file_path: true

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 14, 2022
    Configuration menu
    Copy the full SHA
    48fc527 View commit details
    Browse the repository at this point in the history

  3. feat: collect open files of (malicious) processes 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 14, 2022
    Configuration menu
    Copy the full SHA
    38cacd3 View commit details
    Browse the repository at this point in the history

  4. refactor: develop update 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 14, 2022
    Configuration menu
    Copy the full SHA
    fa15968 View commit details
    Browse the repository at this point in the history

  5. Merge pull request #77 from tclahr/feature/issue-65 

    Feature/issue 65
    @tclahr
    tclahr authored Jul 14, 2022
    Configuration menu
    Copy the full SHA
    075c937 View commit details
    Browse the repository at this point in the history

Commits on Jul 15, 2022

  1. feat: new artifact 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 15, 2022
    Configuration menu
    Copy the full SHA
    cbd7898 View commit details
    Browse the repository at this point in the history

  2. refactor: remove file system from exclusion list 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 15, 2022
    Configuration menu
    Copy the full SHA
    723cc75 View commit details
    Browse the repository at this point in the history

  3. fix: remove /* from path 

    Removing /* from path enables UAC to find hidden files as well.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 15, 2022
    Configuration menu
    Copy the full SHA
    d248c7f View commit details
    Browse the repository at this point in the history

  4. Merge pull request #78 from tclahr/fix/artifacts 

    fix: remove /* from path
    @tclahr
    tclahr authored Jul 15, 2022
    Configuration menu
    Copy the full SHA
    b724ed8 View commit details
    Browse the repository at this point in the history

Commits on Jul 16, 2022

  1. refactor: check if ran from untarred directory 

    Check if UAC is being executed from untarred directory.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 16, 2022
    Configuration menu
    Copy the full SHA
    17d3f55 View commit details
    Browse the repository at this point in the history

  2. artif: new artifact 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 16, 2022
    Configuration menu
    Copy the full SHA
    48964e4 View commit details
    Browse the repository at this point in the history

Commits on Jul 20, 2022

  1. artif: new artifact 

    New artifact that collects terse runtime status information about one or
more logged in users, followed by the most recent log data from the
journal.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 20, 2022
    Configuration menu
    Copy the full SHA
    181f093 View commit details
    Browse the repository at this point in the history

  2. artif: artifact update 

    New artifact to collect sessions files from /run/systemd/sessions. New
artifact to collect scope files from /run/systemd/transient.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 20, 2022
    Configuration menu
    Copy the full SHA
    ed6177c View commit details
    Browse the repository at this point in the history

  3. refactor: develop update 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 20, 2022
    Configuration menu
    Copy the full SHA
    7bf5060 View commit details
    Browse the repository at this point in the history

Commits on Jul 22, 2022

  1. refactor: remove -d option 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 22, 2022
    Configuration menu
    Copy the full SHA
    c308197 View commit details
    Browse the repository at this point in the history

  2. refactor: update avml to v0.7.0 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 22, 2022
    Configuration menu
    Copy the full SHA
    8b75857 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #79 from tclahr/feature/avml-update 

    Feature/avml update
    @tclahr
    tclahr authored Jul 22, 2022
    Configuration menu
    Copy the full SHA
    7d3fef2 View commit details
    Browse the repository at this point in the history

  4. fix: copy data to directory if tar not found 

    UAC now copies all collected artifacts to a destination directory if
'tar' tool is not available.

Fixes issue #63.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 22, 2022
    Configuration menu
    Copy the full SHA
    14306db View commit details
    Browse the repository at this point in the history

Commits on Jul 25, 2022

  1. feat: remove artifact 

    Artifacts are no longer available because the same artifacts are been
collected by files/system/library_preferences.yaml.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 25, 2022
    Configuration menu
    Copy the full SHA
    ab282d8 View commit details
    Browse the repository at this point in the history

  2. artif: update artifact 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 25, 2022
    Configuration menu
    Copy the full SHA
    5334019 View commit details
    Browse the repository at this point in the history

  3. artif: rename 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 25, 2022
    Configuration menu
    Copy the full SHA
    03ebdff View commit details
    Browse the repository at this point in the history

  4. feat: add excluded artifacts 

    Excluded artifacts were added to keep track what has been removed
comparing to full profile.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 25, 2022
    Configuration menu
    Copy the full SHA
    e7be7d8 View commit details
    Browse the repository at this point in the history

  5. artif: new artifact 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 25, 2022
    Configuration menu
    Copy the full SHA
    0fa4b9d View commit details
    Browse the repository at this point in the history

  6. refactor: update changelog 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 25, 2022
    Configuration menu
    Copy the full SHA
    994f9f5 View commit details
    Browse the repository at this point in the history

  7. Merge pull request #80 from tclahr/feature/new-artifacts 

    Feature/new artifacts
    @tclahr
    tclahr authored Jul 25, 2022
    Configuration menu
    Copy the full SHA
    32e145e View commit details
    Browse the repository at this point in the history

  8. Merge branch 'develop' into fix/issue-63

    @tclahr
    tclahr committed Jul 25, 2022
    Configuration menu
    Copy the full SHA
    452db1b View commit details
    Browse the repository at this point in the history

  9. Merge pull request #81 from tclahr/fix/issue-63 

    Fix/issue 63
    @tclahr
    tclahr authored Jul 25, 2022
    Configuration menu
    Copy the full SHA
    6039847 View commit details
    Browse the repository at this point in the history

  10. artif: new artifact 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 25, 2022
    Configuration menu
    Copy the full SHA
    997f969 View commit details
    Browse the repository at this point in the history

  11. artif: rename artifact 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 25, 2022
    Configuration menu
    Copy the full SHA
    202dd19 View commit details
    Browse the repository at this point in the history

Commits on Jul 27, 2022

  1. artif: new artifact 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    6d32beb View commit details
    Browse the repository at this point in the history

  2. refactor: add no 'tar' and 'gzip' test 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    c91768a View commit details
    Browse the repository at this point in the history

  3. Merge branch 'feature/github-actions' into develop

    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    6202ccb View commit details
    Browse the repository at this point in the history

  4. Merge pull request #84 from tclahr/feature/github-actions 

    fix: rm gzip and tar
    @tclahr
    tclahr authored Jul 27, 2022
    Configuration menu
    Copy the full SHA
    bfdbffd View commit details
    Browse the repository at this point in the history

  5. Merge pull request #87 from tclahr/feature/github-actions 

    Feature/GitHub actions
    @tclahr
    tclahr authored Jul 27, 2022
    Configuration menu
    Copy the full SHA
    cf40129 View commit details
    Browse the repository at this point in the history

  6. Merge branch 'feature/github-actions' into develop

    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    2156d2b View commit details
    Browse the repository at this point in the history

  7. Merge branch 'feature/github-actions' into develop

    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    74b8023 View commit details
    Browse the repository at this point in the history

  8. Merge branch 'feature/github-actions' into develop

    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    5b897ea View commit details
    Browse the repository at this point in the history

  9. Merge branch 'feature/github-actions' into develop

    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    44a898e View commit details
    Browse the repository at this point in the history

  10. Merge branch 'feature/github-actions' into develop

    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    23bc470 View commit details
    Browse the repository at this point in the history

  11. refactor: add vagrant_ssh_shell option 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    d5e9e1a View commit details
    Browse the repository at this point in the history

  12. Merge branch 'feature/github-actions' into develop

    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    6d55d86 View commit details
    Browse the repository at this point in the history

  13. artif: split sgid and suid artifacts 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    aecae5c View commit details
    Browse the repository at this point in the history

  14. artif: split artifact 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    d2f3559 View commit details
    Browse the repository at this point in the history

  15. refactor: develop update 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    e21fc8f View commit details
    Browse the repository at this point in the history

  16. refactor: v2.3.0-rc1 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    d4c7326 View commit details
    Browse the repository at this point in the history

Commits on Aug 2, 2022

  1. refactor: v2.3.0-rc2 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Aug 2, 2022
    Configuration menu
    Copy the full SHA
    216c22a View commit details
    Browse the repository at this point in the history

  2. artif: delete artifact 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Aug 2, 2022
    Configuration menu
    Copy the full SHA
    b225489 View commit details
    Browse the repository at this point in the history

Commits on Aug 3, 2022

  1. refactor: add -r to sftp transfer 

    Add recursive (-r) to sftp so it can transfer directories when 'tar' is
not available.

Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Aug 3, 2022
    Configuration menu
    Copy the full SHA
    079cc13 View commit details
    Browse the repository at this point in the history

Commits on Aug 6, 2022

  1. artif: new artifact 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Aug 6, 2022
    Configuration menu
    Copy the full SHA
    579d4fb View commit details
    Browse the repository at this point in the history

  2. refactor: v2.3.0-rc3 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Aug 6, 2022
    Configuration menu
    Copy the full SHA
    894e453 View commit details
    Browse the repository at this point in the history

Commits on Aug 9, 2022

  1. refactor: v2.3.0 

    Signed-off-by: Thiago Canozzo Lahr <tclahr@br.ibm.com>
    @tclahr
    tclahr committed Aug 9, 2022
    Configuration menu
    Copy the full SHA
    bda2662 View commit details
    Browse the repository at this point in the history