From 9f9bf4c184077a75c379c6e0d0d7ff12cd340ff6 Mon Sep 17 00:00:00 2001
From: op7ic <3172590+op7ic@users.noreply.github.com>
Date: Mon, 16 Jul 2018 15:22:31 +0100
Subject: [PATCH] tests added

---
 README.md    |  8 ++++----
 runtests.bat | 25 +++++++++++++++++++++++--
 2 files changed, 27 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 534c446..64e2229 100644
--- a/README.md
+++ b/README.md
@@ -37,10 +37,10 @@ The script executes only calc.exe through numerous methods. You can replace this
 | T1128  | Shdocvw |
 | T1085  | csc.exe |
 | T1130  | advpack.dll |
-| T1191  | 
-| T1202  |
-| T1028  |
-| T1053  |
+| T1191  | Scriptrunner |
+| T1202  | sc |
+| T1028  | Register-cimprovider |
+| T1053  | control.exe |
 | T1216  |
 | T1218  |
 | T1033  | 
diff --git a/runtests.bat b/runtests.bat
index ebbd5d1..2017edf 100644
--- a/runtests.bat
+++ b/runtests.bat
@@ -394,12 +394,33 @@ echo Command Excuted: C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe /o
 echo Command Excuted: C:\Windows\Microsoft.NET\Framework\v4.0.30319\Csc.exe /out:payload.exe payload.cs
 echo Command Excuted: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Csc.exe /out:payload.exe payload.cs
 echo Command Excuted: payload.exe 
-
+sleep 3
 echo %time% %date% [+] Testing advpack exec
 start "" cmd /c rundll32.exe advpack.dll,RegisterOCX calc.exe
 echo Execution Finished at %time% %date%
 echo Command Excuted: rundll32.exe advpack.dll,RegisterOCX calc.exe
-
+sleep 3
+echo %time% %date% [+] Testing Scriptrunner exec
+start "" cmd /c scriptrunner.exe -appvscript calc.exe   
+echo Execution Finished at %time% %date%
+echo Command Excuted: scriptrunner.exe -appvscript calc.exe
+sleep 3
+echo %time% %date% [+] Testing SC exec
+start "" cmd /c sc create evilservice binPath= "C:\windows\system32\cmd.exe /c calc.exe" DisplayName= "evilservice" start= auto     
+start "" cmd /c sc start evilservice     
+echo Execution Finished at %time% %date%
+echo Command Excuted: sc create evilservice binPath= "C:\windows\system32\cmd.exe /c calc.exe" DisplayName= "evilservice" start= auto  
+echo Command Excuted: sc start evilservice
+sleep 3
+echo %time% %date% [+] Testing Register-cimprovider exec
+start "" cmd /c Register-cimprovider -path "AllTheThings.dll"   
+echo Execution Finished at %time% %date%
+echo Command Excuted: Register-cimprovider -path "AllTheThings.dll"   
+sleep 3
+echo %time% %date% [+] Testing control.exe exec
+start "" cmd /c control.exe AllTheThings.dll
+echo Execution Finished at %time% %date%
+echo Command Excuted: control.exe AllTheThings.dll
 
 echo [+] Let tasks finish before killing all the files