* fix: Updating atomics YAML file structure to align with the new JSON schema definition.
This also fixes some white space issues and general line formatting across all impacted atomics.
* fix: One additional change needed
---------
Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* ChallengeBounty T1615 LOLB Get-GPO cmdlet
* Added changes
Took out variableInput and put in $ENV:userdnsdomain, on attack command also made the CheckPreqs say people need to install RSAT manually for GroupPolicy and ActiveDirectory. The cleanUp command won't take those RSAT modules out, but instead will remove the gpo_output file. The GetPrereq might need a little work but shouldn't need it..... since the -CheckPrereq says to Manually install on Windows 10. Hope that works out.
* Update T1615.yaml
Glad you showed me the PreReq "if" command trick, I would of struggled with it, thank you. Thanks for pointing out the GetPreqs need to be in there separate areas, I don't think I've had to do that before. Ya, glad you had me look more into getting the Win10 to work; I was just going for win server but its nice to have both as an option, thanks for kindly suggesting.
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* Create T1615.yaml
Quick test for a new technique
* Update T1615.yaml
Fixed format of executor object
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Atomic Red Team doc generator