search

darmado / attack-macOS

A library of MacOS scripts based on threat emulation, community research, CTI, atomic-red-team, and MITRE ATT&CK.
Apache License 2.0
1 stars 0 forks source link

accounts.sh | msg: missing when output is encoded and --log is used #1

Open darmado opened 1 week ago

darmado commented 1 week ago

problem

When --log is combined with --encode the msg is not written to the log file.

--log and encode=*

Steps to Reproduce

run the script and observe the log output in T1087_accounts_discovery.log sh accounts.sh -i --log --encode=b64

Actual log output:

Expected output

`[2024-09-14 22:55:47]: user: darmado; msg: Obtained current user info; command: "id": WzIwMjQtMDktMTQgMjI6NDk6MjFdOiB1c2VyOiBkYXJtYWRvOyBtc2c6IE9idGFpbmVkIGN1cnJlbnQgdXNlciBpbmZvOyBjb21tYW5kOiAiaWQiCnVpZD01MDEoZGFybWFkbykgZ2lkPTIwKHN0YWZmKSBncm91cHM9MjAoc3RhZmYpLDEyKGV2ZXJ5b25lKSw2MShsb2NhbGFjY291bnRzKSw3OShfYXBwc2VydmVydXNyKSw4MChhZG1pbiksODEoX2FwcHNlcnZlcmFkbSksOTgoX2xwYWRtaW4pLDMzKF9hcHBzdG9yZSksMTAwKF9scG9wZXJhdG9yKSwyMDQoX2RldmVsb3BlciksMjUwKF9hbmFseXRpY3N1c2VycyksMzk1KGNvbS5hcHBsZS5hY2Nlc3NfZnRwKSwzOTgoY29tLmFwcGxlLmFjY2Vzc19zY3JlZW5zaGFyaW5nKSwzOTkoY29tLmFwcGxlLmFjY2Vzc19zc2gpLDQwMChjb20uYXBwbGUuYWNjZXNzX3JlbW90ZV9hZSksNzAxKGNvbS5hcHBsZS5zaGFyZXBvaW50Lmdyb3VwLjEpCgo=

`