From c247febb2ab9fa046b52222bc0dc675443c2d396 Mon Sep 17 00:00:00 2001 From: op7ic <3172590+op7ic@users.noreply.github.com> Date: Mon, 16 Jul 2018 15:41:44 +0100 Subject: [PATCH] added new exec method --- README.md | 2 +- runtests.bat | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 64e2229..693a2fc 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ The script executes only calc.exe through numerous methods. You can replace this | T1202 | sc | | T1028 | Register-cimprovider | | T1053 | control.exe | -| T1216 | +| T1216 | manage-bde.wsf | | T1218 | | T1033 | | T1140 | diff --git a/runtests.bat b/runtests.bat index 2017edf..17f6c1d 100644 --- a/runtests.bat +++ b/runtests.bat @@ -422,6 +422,15 @@ start "" cmd /c control.exe AllTheThings.dll echo Execution Finished at %time% %date% echo Command Excuted: control.exe AllTheThings.dll +echo %time% %date% [+] Testing manage-bde.wsf exec +set comspec=C:\windows\system32\calc.exe +start "" cmd /c cscript C:\windows\system32\manage-bde.wsf +echo Execution Finished at %time% %date% +echo Command Excuted: set comspec=C:\windows\system32\calc.exe +echo Command Excuted: cscript C:\windows\system32\manage-bde.wsf +REM Reset ComSpec +set comspec=C:\WINDOWS\system32\cmd.exe + echo [+] Let tasks finish before killing all the files sleep 90