From 223cc1901ec06c8a346a83edf54aa25e94c90b2e Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team doc generator <email>
Date: Mon, 23 Dec 2019 16:00:25 +0000
Subject: [PATCH] Generate docs from job=validate_atomics_generate_docs
 branch=master

---
 atomics/T1216/T1216.md |  2 +-
 atomics/index.yaml     | 12 ++++++++----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/atomics/T1216/T1216.md b/atomics/T1216/T1216.md
index 8df9785f..eebb0b19 100644
--- a/atomics/T1216/T1216.md
+++ b/atomics/T1216/T1216.md
@@ -26,7 +26,7 @@ Executes the signed PubPrn.vbs script with options to download and execute an ar
 #### Inputs
 | Name | Description | Type | Default Value | 
 |------|-------------|------|---------------|
-| remote_payload | A remote payload to execute using PubPrn.vbs. | Url | https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1216/payloads/T1216.sct|
+| remote_payload | A remote payload to execute using PubPrn.vbs. | Url | https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1216/src/T1216.sct|
 
 #### Run it with `command_prompt`! 
 ```
diff --git a/atomics/index.yaml b/atomics/index.yaml
index f042ecfd..61554705 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -11772,7 +11772,7 @@ defense-evasion:
         remote_payload:
           description: A remote payload to execute using PubPrn.vbs.
           type: Url
-          default: https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1216/payloads/T1216.sct
+          default: https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1216/src/T1216.sct
       executor:
         name: command_prompt
         elevation_required: false
@@ -11817,7 +11817,9 @@ defense-evasion:
         command: |
           set comspec=#{command_to_execute}
           cscript manage-bde.wsf
-        cleanup_command: set comspec=C:\Windows\System32\cmd.exe
+        cleanup_command: 'set comspec=C:\Windows\System32\cmd.exe
+
+'
   T1151:
     technique:
       x_mitre_data_sources:
@@ -23177,7 +23179,7 @@ execution:
         remote_payload:
           description: A remote payload to execute using PubPrn.vbs.
           type: Url
-          default: https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1216/payloads/T1216.sct
+          default: https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1216/src/T1216.sct
       executor:
         name: command_prompt
         elevation_required: false
@@ -23222,7 +23224,9 @@ execution:
         command: |
           set comspec=#{command_to_execute}
           cscript manage-bde.wsf
-        cleanup_command: set comspec=C:\Windows\System32\cmd.exe
+        cleanup_command: 'set comspec=C:\Windows\System32\cmd.exe
+
+'
   T1153:
     technique:
       x_mitre_data_sources: