diff --git a/atomics/T1118/T1118.md b/atomics/T1118/T1118.md index 7d539d8c..c8525237 100644 --- a/atomics/T1118/T1118.md +++ b/atomics/T1118/T1118.md @@ -78,6 +78,18 @@ Remove-Item -Path $InstallerAssemblyFullPath ``` +#### Dependencies: Run with `powershell`! +##### Description: InstallUtil test harness script must be installed at specified location (#{test_harness}) +##### Check Prereq Commands: +``` +if (Test-Path "#{test_harness}") {exit 0} else {exit 1} +``` +##### Get Prereq Commands: +``` +New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null +Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" +``` + @@ -139,6 +151,18 @@ Remove-Item -Path $InstallerAssemblyFullPath ``` +#### Dependencies: Run with `powershell`! +##### Description: InstallUtil test harness script must be installed at specified location (#{test_harness}) +##### Check Prereq Commands: +``` +if (Test-Path "#{test_harness}") {exit 0} else {exit 1} +``` +##### Get Prereq Commands: +``` +New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null +Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" +``` + @@ -200,6 +224,18 @@ Remove-Item -Path $InstallerAssemblyFullPath ``` +#### Dependencies: Run with `powershell`! +##### Description: InstallUtil test harness script must be installed at specified location (#{test_harness}) +##### Check Prereq Commands: +``` +if (Test-Path "#{test_harness}") {exit 0} else {exit 1} +``` +##### Get Prereq Commands: +``` +New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null +Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" +``` + @@ -261,6 +297,18 @@ Remove-Item -Path $InstallerAssemblyFullPath ``` +#### Dependencies: Run with `powershell`! +##### Description: InstallUtil test harness script must be installed at specified location (#{test_harness}) +##### Check Prereq Commands: +``` +if (Test-Path "#{test_harness}") {exit 0} else {exit 1} +``` +##### Get Prereq Commands: +``` +New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null +Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" +``` + @@ -322,6 +370,18 @@ Remove-Item -Path $InstallerAssemblyFullPath ``` +#### Dependencies: Run with `powershell`! +##### Description: InstallUtil test harness script must be installed at specified location (#{test_harness}) +##### Check Prereq Commands: +``` +if (Test-Path "#{test_harness}") {exit 0} else {exit 1} +``` +##### Get Prereq Commands: +``` +New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null +Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" +``` + @@ -383,6 +443,18 @@ Remove-Item -Path $InstallerAssemblyFullPath ``` +#### Dependencies: Run with `powershell`! +##### Description: InstallUtil test harness script must be installed at specified location (#{test_harness}) +##### Check Prereq Commands: +``` +if (Test-Path "#{test_harness}") {exit 0} else {exit 1} +``` +##### Get Prereq Commands: +``` +New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null +Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" +``` + @@ -444,6 +516,18 @@ Remove-Item -Path $InstallerAssemblyFullPath ``` +#### Dependencies: Run with `powershell`! +##### Description: InstallUtil test harness script must be installed at specified location (#{test_harness}) +##### Check Prereq Commands: +``` +if (Test-Path "#{test_harness}") {exit 0} else {exit 1} +``` +##### Get Prereq Commands: +``` +New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null +Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" +``` + @@ -507,6 +591,18 @@ Remove-Item -Path "$Env:windir\System32\Tasks\notepad.exe" ``` +#### Dependencies: Run with `powershell`! +##### Description: InstallUtil test harness script must be installed at specified location (#{test_harness}) +##### Check Prereq Commands: +``` +if (Test-Path "#{test_harness}") {exit 0} else {exit 1} +``` +##### Get Prereq Commands: +``` +New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null +Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" +``` + diff --git a/atomics/index.yaml b/atomics/index.yaml index 20447b8a..bd2e039a 100644 --- a/atomics/index.yaml +++ b/atomics/index.yaml @@ -9145,6 +9145,13 @@ defense-evasion: or CheckIfInstallable type: String default: CheckIfInstallable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -9204,6 +9211,13 @@ defense-evasion: or CheckIfInstallable type: String default: InstallHelper + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -9264,6 +9278,13 @@ defense-evasion: or CheckIfInstallable type: String default: Executable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -9324,6 +9345,13 @@ defense-evasion: or CheckIfInstallable type: String default: Executable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -9384,6 +9412,13 @@ defense-evasion: or CheckIfInstallable type: String default: Executable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -9445,6 +9480,13 @@ defense-evasion: or CheckIfInstallable type: String default: Executable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -9505,6 +9547,13 @@ defense-evasion: or CheckIfInstallable type: String default: Executable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -9553,6 +9602,13 @@ defense-evasion: description: location of the test harness script - Invoke-BuildAndInvokeInstallUtilAssembly type: Path default: PathToAtomicsFolder\T1118\src\InstallUtilTestHarness.ps1 + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -22252,6 +22308,13 @@ execution: or CheckIfInstallable type: String default: CheckIfInstallable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -22311,6 +22374,13 @@ execution: or CheckIfInstallable type: String default: InstallHelper + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -22371,6 +22441,13 @@ execution: or CheckIfInstallable type: String default: Executable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -22431,6 +22508,13 @@ execution: or CheckIfInstallable type: String default: Executable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -22491,6 +22575,13 @@ execution: or CheckIfInstallable type: String default: Executable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -22552,6 +22643,13 @@ execution: or CheckIfInstallable type: String default: Executable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -22612,6 +22710,13 @@ execution: or CheckIfInstallable type: String default: Executable + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false @@ -22660,6 +22765,13 @@ execution: description: location of the test harness script - Invoke-BuildAndInvokeInstallUtilAssembly type: Path default: PathToAtomicsFolder\T1118\src\InstallUtilTestHarness.ps1 + dependencies: + - description: InstallUtil test harness script must be installed at specified + location (#{test_harness}) + prereq_command: if (Test-Path "#{test_harness}") {exit 0} else {exit 1} + get_prereq_command: |- + New-Item -Type Directory (split-path #{test_harness}) -ErrorAction ignore | Out-Null + Invoke-WebRequest 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1118/src/InstallUtilTestHarness.ps1' -OutFile "#{test_harness}" executor: name: powershell elevation_required: false