From fe6cd2b076525312411dde018f674b322915019d Mon Sep 17 00:00:00 2001 From: Shreya Date: Tue, 4 Aug 2020 17:28:32 +0530 Subject: [PATCH] Cleanup folder/file --- .../modify_powershell_startup_file.ps1 | 23 +++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/monkey/infection_monkey/post_breach/shell_startup_files/windows/modify_powershell_startup_file.ps1 b/monkey/infection_monkey/post_breach/shell_startup_files/windows/modify_powershell_startup_file.ps1 index 72a925e52..864be5311 100644 --- a/monkey/infection_monkey/post_breach/shell_startup_files/windows/modify_powershell_startup_file.ps1 +++ b/monkey/infection_monkey/post_breach/shell_startup_files/windows/modify_powershell_startup_file.ps1 @@ -2,10 +2,25 @@ param ( [string]$startup_file_path = $profile ) -If (!(Test-Path $startup_file_path)) { # create profile.ps1 file if it doesn't exist already - New-Item -Path $startup_file_path -ItemType "file" -Force + +# check if paths exist already +$startup_file_prev_exists = Test-Path $startup_file_path +$startup_file_folder_path = ($startup_file_path -split '\\')[0..(($startup_file_path -split '\\').count -2)] -join '\' +$startup_file_folder_prev_exists = Test-Path $startup_file_folder_path + +# carry out pba +If (!($startup_file_prev_exists)) { # create profile.ps1 file if it doesn't exist already + [Void](New-Item -Path $startup_file_path -ItemType "file" -Force) } Add-Content $startup_file_path "# Successfully modified $startup_file_path" ; # add line to $Profile cat $startup_file_path | Select -last 1 ; # print last line of $Profile -$OldProfile = cat $startup_file_path | Select -skiplast 1 ; -Set-Content $startup_file_path -Value $OldProfile ; +$OldProfile = cat $startup_file_path | Select -skiplast 1 ; # get file's original content +Set-Content $startup_file_path -Value $OldProfile ; # restore file's original content + +# cleanup +If (!($startup_file_prev_exists)) { # remove file if it didn't exist previously + Remove-Item -Path $startup_file_path -Force ; +} +If (!($startup_file_folder_prev_exists)) { # remove folder if it didn't exist previously + Remove-Item -Path $startup_file_folder_path -Force -Recurse ; +}