Add default shells in Host Information for FreeBSD

[Carlos Lopez]

HI all,

 Another thing that I think it needs to be fixed is “Shell” option under Host information for FreeBSD. By default FreeBSD offers the following shells:

/bin/sh

/bin/csh

/bin/tcsh

 In my case, bash is installed and it is located in /usr/local/bin, but selecting “bash” option it doesn’t work also. 

 And error returned by Velociraptor is:

{"level":"debug","msg":"Received request: session_id:\"F.C2GEBFH5LE2BK\"  request_id:1  urgent:true  source:\"VelociraptorServer\"  auth_state:AUTHENTICATED  task_id:1621157310747067  VQLClientAction:{env:{key:\"Command\"  value:\"ls -la\"}  Query:{VQL:\"LET Linux_Sys_BashShell_0_0=SELECT * FROM execve(argv= [\\\"/bin/bash\\\", \\\"-c\\\", Command])\"}  Query:{Name:\"$176374969eb24a84e8c9df9b78c8c9f1b4568cc22ae883cf1657bc58447d6dfc\"  VQL:\"SELECT * FROM Linux_Sys_BashShell_0_0\"}  max_row:1000}","time":"2021-05-16T09:28:30Z"}

{"level":"info","msg":"vql: shell: Running external command [/bin/bash -c ls -la]\n","time":"2021-05-16T09:28:30Z"}

{"level":"info","msg":"vql: shell: fork/exec /bin/bash: no such file or directory\n","time":"2021-05-16T09:28:30Z”}

 As you can see, FreeBSD is treated as a Linux machine, which will cause many errors.

 I have attached a screenshot.

Best regards,

C. L. Martinez