Skip to content

Commit

Permalink
Merge pull request #115 from Pierre-Gronau-ndaal/master-5
Browse files Browse the repository at this point in the history 
Update audit.rules yash
  • Loading branch information
@Neo23x0
Neo23x0 authored Feb 5, 2024
2 parents db36864 + 19b8601 commit f93b05e
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions audit.rules
View file
Original file line number Diff line number Diff line change
Expand Up @@ -461,6 +461,10 @@
-w /bin/open -p x -k susp_shell
-w /bin/rbash -p x -k susp_shell

### https://gtfobins.github.io/gtfobins/yash/
-w /bin/yash -p x -k susp_shell
-w /usr/bin/yash -p x -k susp_shell

# Web Server Actvity
## Change the number "33" to the ID of your WebServer user. Default: www-data:x:33:33
-a always,exit -F arch=b64 -S execve -F euid=33 -k detect_execve_www
Expand Down

0 comments on commit f93b05e

Please sign in to comment.