From b0191df2e711559d58cccfd39869dbd01ed0e8a3 Mon Sep 17 00:00:00 2001 From: CircleCI Atomic Red Team doc generator Date: Fri, 19 Jun 2020 22:46:37 +0000 Subject: [PATCH] Generate docs from job=validate_atomics_generate_docs branch=master --- atomics/Indexes/index.yaml | 12 ++++++------ atomics/T1197/T1197.md | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml index 3539bc9d..a69b86e8 100644 --- a/atomics/Indexes/index.yaml +++ b/atomics/Indexes/index.yaml @@ -8948,7 +8948,7 @@ persistence: local_file: description: Local file path to save downloaded file type: path - default: "%temp%\\bitsadmin_flag.ps1" + default: "%temp%\\bitsadmin1_flag.ps1" executor: command: 'bitsadmin.exe /transfer /Download /priority Foreground #{remote_file} #{local_file} @@ -8975,7 +8975,7 @@ persistence: local_file: description: Local file path to save downloaded file type: path - default: "$env:TEMP\\bitsadmin_flag.ps1" + default: "$env:TEMP\\bitsadmin2_flag.ps1" executor: command: 'Start-BitsTransfer -Priority foreground -Source #{remote_file} -Destination #{local_file} @@ -9012,7 +9012,7 @@ persistence: command_line: description: Command line to execute type: string - default: "%temp%\\bitsadmin_flag.ps1" + default: "%temp%\\bitsadmin3_flag.ps1" executor: command: | bitsadmin.exe /create #{bits_job_name} @@ -20109,7 +20109,7 @@ defense-evasion: local_file: description: Local file path to save downloaded file type: path - default: "%temp%\\bitsadmin_flag.ps1" + default: "%temp%\\bitsadmin1_flag.ps1" executor: command: 'bitsadmin.exe /transfer /Download /priority Foreground #{remote_file} #{local_file} @@ -20136,7 +20136,7 @@ defense-evasion: local_file: description: Local file path to save downloaded file type: path - default: "$env:TEMP\\bitsadmin_flag.ps1" + default: "$env:TEMP\\bitsadmin2_flag.ps1" executor: command: 'Start-BitsTransfer -Priority foreground -Source #{remote_file} -Destination #{local_file} @@ -20173,7 +20173,7 @@ defense-evasion: command_line: description: Command line to execute type: string - default: "%temp%\\bitsadmin_flag.ps1" + default: "%temp%\\bitsadmin3_flag.ps1" executor: command: | bitsadmin.exe /create #{bits_job_name} diff --git a/atomics/T1197/T1197.md b/atomics/T1197/T1197.md index ecdf3785..b8cc56ba 100644 --- a/atomics/T1197/T1197.md +++ b/atomics/T1197/T1197.md @@ -32,7 +32,7 @@ and execute a payload | Name | Description | Type | Default Value | |------|-------------|------|---------------| | remote_file | Remote file to download | url | https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1197/T1197.md| -| local_file | Local file path to save downloaded file | path | %temp%\bitsadmin_flag.ps1| +| local_file | Local file path to save downloaded file | path | %temp%\bitsadmin1_flag.ps1| #### Attack Commands: Run with `command_prompt`! @@ -69,7 +69,7 @@ Upon execution you will find a github markdown file downloaded to the Temp direc | Name | Description | Type | Default Value | |------|-------------|------|---------------| | remote_file | Remote file to download | url | https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1197/T1197.md| -| local_file | Local file path to save downloaded file | path | $env:TEMP\bitsadmin_flag.ps1| +| local_file | Local file path to save downloaded file | path | $env:TEMP\bitsadmin2_flag.ps1| #### Attack Commands: Run with `powershell`! @@ -107,7 +107,7 @@ and execute a payload in multiple steps. This job will remain in the BITS queue | bits_job_name | Name of BITS job | string | AtomicBITS| | local_file | Local file path to save downloaded file | path | %temp%\bitsadmin_flag.ps1| | remote_file | Remote file to download | url | https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1197/T1197.md| -| command_line | Command line to execute | string | %temp%\bitsadmin_flag.ps1| +| command_line | Command line to execute | string | %temp%\bitsadmin3_flag.ps1| #### Attack Commands: Run with `command_prompt`!