Merge pull request #181 from cyberbuff/master

Fix Encoding

.github/workflows/check-installation.yml

@@ -20,3 +20,4 @@ jobs:
           }
           IEX (IWR 'https://raw.githubusercontent.com/${{ github.event.pull_request.head.repo.full_name }}/${{ github.event.pull_request.head.ref }}/install-atomicsfolder.ps1' -UseBasicParsing);
           Install-AtomicsFolder -Force
+          Invoke-AtomicTest All -ShowDetailsBrief

Invoke-AtomicRedTeam.psd1

@@ -1,4 +1,4 @@
-@{
+@{
 
     # Script module or binary module file associated with this manifest.
     RootModule        = 'Invoke-AtomicRedTeam.psm1'

Invoke-AtomicRedTeam.psm1

@@ -20,4 +20,4 @@ Foreach ($import in @($Public + $Private)) {
     Catch {
         Write-Error -Message "Failed to import function $($import.fullname): $_"
     }
-}
+}

PSScriptAnalyzerSettings.psd1

@@ -2,4 +2,4 @@
 @{
     ExcludeRules=@('PSUseSingularNouns',
                 'PSAvoidUsingWriteHost')
-}
+}

Private/AtomicClassSchema.ps1

@@ -52,4 +52,4 @@ class AtomicTechnique {
     [String[]] $attack_technique
     [String] $display_name
     [AtomicTest[]] $atomic_tests
-}
+}

Private/Get-PrereqExecutor.ps1

@@ -1,5 +1,5 @@
-function Get-PrereqExecutor ($test) {
+function Get-PrereqExecutor ($test) {
     if ($nul -eq $test.dependency_executor_name) { $executor = $test.executor.name }
     else { $executor = $test.dependency_executor_name }
     $executor
-}
+}

Private/Get-TargetInfo.ps1

@@ -1,4 +1,4 @@
-function Get-TargetInfo($Session) {
+function Get-TargetInfo($Session) {
     $tmpDir = "$env:TEMP\"
     $isElevated = $false
     $targetHostname = hostname
@@ -40,4 +40,4 @@
 
     }
     $targetPlatform, $isElevated, $tmpDir, $targetHostname, $targetUser
-}
+}

Private/Invoke-ExecuteCommand.ps1

@@ -1,4 +1,4 @@
-function Invoke-ExecuteCommand ($finalCommand, $executor, $executionPlatform, $TimeoutSeconds, $session = $null, $interactive) {
+function Invoke-ExecuteCommand ($finalCommand, $executor, $executionPlatform, $TimeoutSeconds, $session = $null, $interactive) {
     $null = @(
         if ($null -eq $finalCommand) { return 0 }
         $finalCommand = $finalCommand.trim()

Private/Invoke-Process.ps1

@@ -1,4 +1,4 @@
-# The Invoke-Process function is loosely based on code from https://github.com/guitarrapc/PowerShellUtil/blob/master/Invoke-Process/Invoke-Process.ps1
+# The Invoke-Process function is loosely based on code from https://github.com/guitarrapc/PowerShellUtil/blob/master/Invoke-Process/Invoke-Process.ps1
 function Invoke-Process {
     [OutputType([PSCustomObject])]
     [CmdletBinding()]

Private/Show-Details.ps1

@@ -1,4 +1,4 @@
-function Invoke-CleanupDescription() {
+function Invoke-CleanupDescription() {
     $ret1 = $test.description.ToString().trim() -replace '(?<!\n)\n(?!\n)', ' ' #replace single linefeeds with a space
     $ret1 -replace '\n\n', "`n" #replace double linefeeds with a single linefeed
 }
@@ -48,4 +48,4 @@ function Show-Details ($test, $testCount, $technique, $customInputArgs, $PathToA
     # Footer
     Write-Host -ForegroundColor Magenta "[!!!!!!!!END TEST!!!!!!!]`n`n"
 
-}
+}

Private/Write-KeyValue.ps1

@@ -10,4 +10,4 @@ function Write-KeyValue ($key, $value) {
         }
     }
     Write-Host ""
-}
+}

Private/Write-PrereqResults.ps1

@@ -11,4 +11,4 @@ function Write-PrereqResults ($FailureReasons, $testId) {
         Write-Host -ForegroundColor Cyan -NoNewline "-GetPrereqs"
         Write-Host -ForegroundColor Yellow  " switch"
     }
-}
+}

Public/Attire-ExecutionLogger.psm1

@@ -1,4 +1,4 @@
-# Attire-ExecutionLogger.psm1
+# Attire-ExecutionLogger.psm1
 # Copyright 2023 Security Risk Advisors
 
 # Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”),

Public/Default-ExecutionLogger.psm1

@@ -1,4 +1,4 @@
-function Start-ExecutionLog($startTime, $logPath, $targetHostname, $targetUser, $commandLine, $isWindows) {
+function Start-ExecutionLog($startTime, $logPath, $targetHostname, $targetUser, $commandLine, $isWindows) {
 
 }
 
@@ -28,4 +28,4 @@ function Write-ExecutionLog($startTime, $stopTime, $technique, $testNum, $testNa
 
 function Stop-ExecutionLog($startTime, $logPath, $targetHostname, $targetUser, $isWindows) {
 
-}
+}

Public/Get-AtomicTechnique.ps1

@@ -1,4 +1,4 @@
-filter Get-AtomicTechnique {
+filter Get-AtomicTechnique {
     <#
     .SYNOPSIS
 

Public/Get-PreferredIPAddress.ps1

@@ -1,4 +1,4 @@
-function Get-PreferredIPAddress($isWindows) {
+function Get-PreferredIPAddress($isWindows) {
     if ($isWindows) {
         return (Get-NetIPAddress | Where-Object { $_.PrefixOrigin -ne "WellKnown" }).IPAddress
     }

Public/Invoke-AtomicRunner.ps1

@@ -1,4 +1,4 @@
-. "$PSScriptRoot\Invoke-RunnerScheduleMethods.ps1"
+. "$PSScriptRoot\Invoke-RunnerScheduleMethods.ps1"
 
 function Invoke-AtomicRunner {
     [CmdletBinding(
@@ -247,4 +247,4 @@ function Invoke-AtomicRunner {
         Rename-ThisComputer $tr $artConfig.basehostname
 
     }
-}
+}

Public/Invoke-AtomicTest.ps1

@@ -1,4 +1,4 @@
-function Invoke-AtomicTest {
+function Invoke-AtomicTest {
     [CmdletBinding(DefaultParameterSetName = 'technique',
         SupportsShouldProcess = $true,
         PositionalBinding = $false,
@@ -526,4 +526,4 @@
 
     } # End of PROCESS block
     END { } # Intentionally left blank and can be removed
-}
+}

Public/Invoke-FetchFromZip.ps1

@@ -1,4 +1,4 @@
-function Invoke-FetchFromZip {
+function Invoke-FetchFromZip {
     Param(
         [Parameter(Mandatory = $true, Position = 0)]
         [String]

Public/Invoke-KickoffAtomicRunner.ps1

@@ -1,4 +1,4 @@
-function Invoke-KickoffAtomicRunner {
+function Invoke-KickoffAtomicRunner {
 
     #log rotation function
     function Rotate-Log {
@@ -44,4 +44,4 @@ function LogRunnerMsg ($message) {
     $now = "[{0:MM/dd/yy} {0:HH:mm:ss}]" -f (Get-Date)
     Write-Host -fore cyan $message
     Add-Content $artConfig.logFile "$now`: $message"
-}
+}

Public/Invoke-RunnerScheduleMethods.ps1

@@ -1,4 +1,4 @@
-# Loop through all atomic yaml files to load into list of objects
+# Loop through all atomic yaml files to load into list of objects
 function Loop($fileList, $atomicType) {
     $AllAtomicTests = New-Object System.Collections.ArrayList
 
@@ -142,4 +142,4 @@ function Invoke-RefreshExistingSchedule() {
     $schedule = Get-ScheduleRefresh
     $schedule | Export-Csv $artConfig.scheduleFile -NoTypeInformation
     Write-Host -ForegroundColor Green "Refreshed schedule written to $($artConfig.scheduleFile)"
-}
+}

Public/Invoke-SetupAtomicRunner.ps1

@@ -1,4 +1,4 @@
-function Invoke-SetupAtomicRunner {
+function Invoke-SetupAtomicRunner {
 
     # ensure running with admin privs
     if ($artConfig.OS -eq "windows") {

Public/Invoke-WebRequestVerifyHash.ps1

@@ -1,4 +1,4 @@
-function Invoke-WebRequestVerifyHash ($url, $outfile, $hash) {
+function Invoke-WebRequestVerifyHash ($url, $outfile, $hash) {
     $success = $false
     $null = @(
         New-Item -ItemType Directory (Split-Path $outfile) -Force | Out-Null

Public/New-Atomic.ps1

@@ -1,4 +1,4 @@
-# The class definitions that these functions rely upon are located in Private\AtomicClassSchema.ps1
+# The class definitions that these functions rely upon are located in Private\AtomicClassSchema.ps1
 
 function New-AtomicTechnique {
     <#

Public/Start-AtomicGUI.ps1

@@ -1,4 +1,4 @@
-function Start-AtomicGUI {
+function Start-AtomicGUI {
     param (
         [Int] $port = 8487
     )
@@ -266,4 +266,4 @@
 function Stop-AtomicGUI {
     Get-UDDashboard -Name 'AtomicGUI' | Stop-UDDashboard
     Write-Host "Stopped all AtomicGUI Dashboards"
-}
+}

Public/Syslog-ExecutionLogger.psm1

@@ -1,4 +1,4 @@
-function Start-ExecutionLog($startTime, $logPath, $targetHostname, $targetUser, $commandLine, $isWindows) {
+function Start-ExecutionLog($startTime, $logPath, $targetHostname, $targetUser, $commandLine, $isWindows) {
 
 }
 

Public/WinEvent-ExecutionLogger.psm1

@@ -1,4 +1,4 @@
-function Start-ExecutionLog($startTime, $logPath, $targetHostname, $targetUser, $commandLine, $isWindows) {
+function Start-ExecutionLog($startTime, $logPath, $targetHostname, $targetUser, $commandLine, $isWindows) {
     if ($isWindows -and -not [System.Diagnostics.EventLog]::Exists('Atomic Red Team')) {
         New-EventLog -Source "Applications and Services Logs" -LogName "Atomic Red Team"
     }

Public/config.ps1

@@ -1,4 +1,4 @@
-
+
 $artConfig = [PSCustomObject]@{
 
   # [optional] These two configs are calculated programatically, you probably don't need to change them
@@ -113,4 +113,4 @@ $scriptParam = @{
   Name        = "logFile"
   Value       = { Join-Path $artConfig.atomicLogsPath "log-$($artConfig.basehostname).txt" }
 }
-Add-Member @scriptParam
+Add-Member @scriptParam

docker/setup.ps1

@@ -13,4 +13,4 @@ Write-Output @"
 Import-Module "$ARTPath/invoke-atomicredteam/Invoke-AtomicRedTeam.psd1" -Force;
 `$PSDefaultParameterValues`["Invoke-AtomicTest:PathToAtomicsFolder"] = "$ARTPath/atomics";
 `$PSDefaultParameterValues`["Invoke-AtomicTest:ExecutionLogPath"]="1.csv";
-"@ > $PROFILE
+"@ > $PROFILE

sandbox/setupsandbox.ps1

@@ -1,4 +1,4 @@
-Set-ExecutionPolicy Bypass -Scope Process -Force;
+Set-ExecutionPolicy Bypass -Scope Process -Force;
 Write-Host "Installing NuGet"
 Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
 Write-Host "Installing Atomic Red Team"
@@ -15,4 +15,4 @@ Import-Module "$ARTPath/invoke-atomicredteam/Invoke-AtomicRedTeam.psd1" -Force;
 
 . $PROFILE
 
-Set-Location C:\AtomicRedTeam
+Set-Location C:\AtomicRedTeam