* added -accepteula flag for PsExec
will make test seamless and fully automatable
ref https://github.com/redcanaryco/atomic-red-team/issues/1092
* Added reference to making tests not require interaction like -accepteula -q options
* added -accepteula to PsExec command
will make it automated
* Added /accepteula option to Autoruns execution in test 1
prior this may have prevented full automation of the test
* Update spec.yaml
* typo, nice catch cnotin
Co-authored-by: Clément Notin <clement@notin.org>
* fixing mystery text accidentally added to branch (rm'd)
* added -accepteula on psexec test, thanks @cnotin for the catch!
* added back in word, 'manually' removed in last pull acc.
thanks @cnotin
* removing /accepteula proposed previously, from test 1
Co-authored-by: Clément Notin <clement@notin.org>
* moving shell script file to /src directory to meet spec.yaml
* fixing path to script in test 2 (just moved file in prior commit)
* fixed newline added a few mins ago
* fixed newline
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* T1021.006 evil-winrm atomic
* Update T1021.006.yaml
* Update T1021.006.yaml
fixed input args
* Update T1021.006.yaml
added Prereqs for Ruby and moved Evil-WinRM to a Prereq
* Update T1021.006.yaml
removed duplicate description and changed Ctrl + C to exit.
* Updated yaml
updated descriptions for prereqs. removed un-needed "exit" from cleanup_command.
* $env:username replaced
$env:username replaced with $env:Temp to account for when people have who have user profiles in althernative locations than C and also download to TEMP instead of Desktop.
* Removing cleanup_command
Removing cleanup_command as the evil-winrm is a prereq gem. in the future, if a cleanup_prereq_command is implemented this may be worth adding back in(gem uninstall evil-winrm -x).
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Add a line to include/force TLS1.2 in order for the prereq function to work on win2k16
All the credit to clr2of8 for sending me the string
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Add a line to include/force TLS1.2 in order for the prereq function to work on win2k16
All the credit to clr2of8 for sending me the string
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Add a line to include/force TLS1.2 in order for the prereq function to work on win2k16
All the credit to clr2of8 for sending me the string
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* added a test for evading detection by excluding path from scanning
* added tests for evading process and extesnion scanning
* fixed syntax
* description correction
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Add a line to include/force TLS1.2 in order for the prereq function to work on win2k16
All the credit to clr2of8 for sending me the string
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
CircleCI Atomic Red Team doc generator