Skip to content

Commit

Permalink
Generate docs from job=validate_atomics_generate_docs branch=master
Browse files Browse the repository at this point in the history
  • Loading branch information
CircleCI Atomic Red Team doc generator committed Mar 16, 2020
1 parent 6ec7d4b commit 9ed5a8b
Show file tree
Hide file tree
Showing 3 changed files with 928 additions and 926 deletions.
8 changes: 5 additions & 3 deletions atomics/T1121/T1121.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,8 @@ Executes the Uninstall Method, No Admin Rights Required

#### Attack Commands: Run with `command_prompt`!

```

```cmd
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /r:System.EnterpriseServices.dll /out:"#{output_file}" /target:library #{source_file}
C:\Windows\Microsoft.NET\Framework\v4.0.30319\regasm.exe /U #{output_file}
```
Expand Down Expand Up @@ -71,9 +72,10 @@ Executes the Uninstall Method, No Admin Rights Required, Requires SNK
| source_file | Location of the CSharp source_file | Path | PathToAtomicsFolder\T1121\src\T1121.cs|



#### Attack Commands: Run with `powershell`! Elevation Required (e.g. root or admin)
```


```powershell
$key = 'BwIAAAAkAABSU0EyAAQAAAEAAQBhXtvkSeH85E31z64cAX+X2PWGc6DHP9VaoD13CljtYau9SesUzKVLJdHphY5ppg5clHIGaL7nZbp6qukLH0lLEq/vW979GWzVAgSZaGVCFpuk6p1y69cSr3STlzljJrY76JIjeS4+RhbdWHp99y8QhwRllOC0qu/WxZaffHS2te/PKzIiTuFfcP46qxQoLR8s3QZhAJBnn9TGJkbix8MTgEt7hD1DC2hXv7dKaC531ZWqGXB54OnuvFbD5P2t+vyvZuHNmAy3pX0BDXqwEfoZZ+hiIk1YUDSNOE79zwnpVP1+BN0PK5QCPCS+6zujfRlQpJ+nfHLLicweJ9uT7OG3g/P+JpXGN0/+Hitolufo7Ucjh+WvZAU//dzrGny5stQtTmLxdhZbOsNDJpsqnzwEUfL5+o8OhujBHDm/ZQ0361mVsSVWrmgDPKHGGRx+7FbdgpBEq3m15/4zzg343V9NBwt1+qZU+TSVPU0wRvkWiZRerjmDdehJIboWsx4V8aiWx8FPPngEmNz89tBAQ8zbIrJFfmtYnj1fFmkNu3lglOefcacyYEHPX/tqcBuBIg/cpcDHps/6SGCCciX3tufnEeDMAQjmLku8X4zHcgJx6FpVK7qeEuvyV0OGKvNor9b/WKQHIHjkzG+z6nWHMoMYV5VMTZ0jLM5aZQ6ypwmFZaNmtL6KDzKv8L1YN2TkKjXEoWulXNliBpelsSJyuICplrCTPGGSxPGihT3rpZ9tbLZUefrFnLNiHfVjNi53Yg4='
$Content = [System.Convert]::FromBase64String($key)
Set-Content $env:Temp\key.snk -Value $Content -Encoding Byte
Expand Down
2 changes: 1 addition & 1 deletion atomics/T1158/T1158.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -242,7 +242,7 @@ Create an Alternate Data Stream with the command prompt. Write access is require
```cmd
echo "Normal Text." > #{file_name}
echo cmd /c echo "Shell code execution."> #{file_name}:#{ads_filename}
for /f "usebackq delims=φ" %i in (#{file_name}:#{ads_filename}) do %i
for /f "usebackq delims=φ" %i in (#{file_name}:#{ads_filename}) do %i
```

#### Cleanup Commands:
Expand Down
Loading

0 comments on commit 9ed5a8b

Please sign in to comment.