New Atomic test 29 - iwr download (#2172)
* New Atomic test 29 - iwr download iwr or Invoke Web-Request download. Use 'iwr' or "Invoke-WebRequest" -URI argument to download a file from the web. Note: without -URI also works in some versions. * Update T1105.yaml * Update T1105.yaml at 793 added line for elevation required : true, as it was missed to include earlier * Update T1105.yaml Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
This commit is contained in:
sourabhsharmasourabh
committed by
GitHub
GitHub
parent
9e5b12c491
commit
d081d1dc33
@@ -769,4 +769,24 @@ atomic_tests:
|
||||
Copy-Item $env:temp\nim\nim-1.6.6\bin\nimgrab.exe #{local_nimgrab}
|
||||
Remove-Item $env:temp\nim
|
||||
Remove-Item $env:temp\nim.zip
|
||||
|
||||
- name: iwr or Invoke Web-Request download
|
||||
description: |
|
||||
Use 'iwr' or "Invoke-WebRequest" -URI argument to download a file from the web. Note: without -URI also works in some versions.
|
||||
supported_platforms:
|
||||
- windows
|
||||
input_arguments:
|
||||
remote_file:
|
||||
description: URL of file to copy
|
||||
type: Url
|
||||
default: https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/LICENSE.txt
|
||||
local_path:
|
||||
description: Local path to place file
|
||||
type: Path
|
||||
default: '%temp%\Atomic-license.txt'
|
||||
executor:
|
||||
command: |
|
||||
powershell.exe iwr -URI #{remote_file} -Outfile #{local_path}
|
||||
cleanup_command: |
|
||||
del %temp%\Atomic-license.txt >nul 2>&1
|
||||
name: command_prompt
|
||||
elevation_required: true
|
||||
|
||||
Reference in New Issue
Block a user