From 9e71e2adcbaae7bf15632acf722d359e58d80e53 Mon Sep 17 00:00:00 2001 From: JB <35406993+cherokeejb@users.noreply.github.com> Date: Mon, 23 Dec 2019 09:59:58 -0600 Subject: [PATCH] moved remote file used in test to src - no other changes (#754) * updating per spec to src directory -note did not change to PathToAtomic, because the author's idea here was to download the payload "remotely" * moved file Co-authored-by: Carrie Roberts --- atomics/T1216/T1216.yaml | 4 ++-- atomics/T1216/{payloads => src}/T1216.sct | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) rename atomics/T1216/{payloads => src}/T1216.sct (98%) diff --git a/atomics/T1216/T1216.yaml b/atomics/T1216/T1216.yaml index dc422440..44f26aec 100644 --- a/atomics/T1216/T1216.yaml +++ b/atomics/T1216/T1216.yaml @@ -14,7 +14,7 @@ atomic_tests: remote_payload: description: A remote payload to execute using PubPrn.vbs. type: Url - default: https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1216/payloads/T1216.sct + default: https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1216/src/T1216.sct executor: name: command_prompt @@ -62,4 +62,4 @@ atomic_tests: set comspec=#{command_to_execute} cscript manage-bde.wsf cleanup_command: | # you can remove the cleanup_command section if there are no cleanup commands - set comspec=C:\Windows\System32\cmd.exe \ No newline at end of file + set comspec=C:\Windows\System32\cmd.exe diff --git a/atomics/T1216/payloads/T1216.sct b/atomics/T1216/src/T1216.sct similarity index 98% rename from atomics/T1216/payloads/T1216.sct rename to atomics/T1216/src/T1216.sct index b08f92ef..bc1e4c5c 100644 --- a/atomics/T1216/payloads/T1216.sct +++ b/atomics/T1216/src/T1216.sct @@ -20,4 +20,4 @@ ]]> - \ No newline at end of file +