Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Collect /var/tmp and /dev/shm? #68

Closed
tclahr opened this issue Jul 4, 2022 Discussed in #66 · 2 comments
Closed

Collect /var/tmp and /dev/shm? #68

tclahr opened this issue Jul 4, 2022 Discussed in #66 · 2 comments
Assignees
@tclahr
Labels
status: development In development phase type: artifact Improvements or additions to artifacts

Comments

@tclahr
Copy link
Owner

tclahr commented Jul 4, 2022

Discussed in #66

Originally posted by halpomeranz July 1, 2022
Right now the tool collects files in /tmp. I would suggest adding /var/tmp and /dev/shm as targets. I've seen attackers stage files in both directories.
@tclahr tclahr self-assigned this Jul 4, 2022
@tclahr tclahr added the type: artifact Improvements or additions to artifacts label Jul 4, 2022
@tclahr
Copy link
Owner Author

tclahr commented Jul 6, 2022

/run/shm will also be added to the list.

@tclahr tclahr added the status: development In development phase label Jul 13, 2022
@tclahr
Copy link
Owner Author

tclahr commented Jul 13, 2022

Done!
Merged into develop branch.

@tclahr tclahr closed this as completed Jul 13, 2022
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@tclahr tclahr

Labels
status: development In development phase type: artifact Improvements or additions to artifacts
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tclahr