-
-
Save D4stiny/2b0ef7ddb8375205de120c9146290265 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8"?> | |
| <CyberPatriotResource> | |
| <ResourceID>Win7_TR</ResourceID> | |
| <Tier/> | |
| <Branding>CyberPatriot</Branding> | |
| <Title>CP-X Windows 7 Training Image</Title> | |
| <TeamKey>CyberPatriot9</TeamKey> | |
| <ScoringUrl>http://54.243.223.132/ccs/upload</ScoringUrl> | |
| <ScoreboardUrl>http://54.235.154.203</ScoreboardUrl> | |
| <HideScoreboard>true</HideScoreboard> | |
| <ReadmeUrl/> | |
| <SupportUrl/> | |
| <TimeServers> | |
| <Primary>http://54.235.154.203/message.php</Primary> | |
| <Secondary>http://time.is/UTC</Secondary> | |
| <Secondary>http://nist.time.gov/</Secondary> | |
| <Secondary>http://www.zulutime.net/</Secondary> | |
| <Secondary>http://time1.ucla.edu/home.php</Secondary> | |
| <Secondary>http://viv.ebay.com/ws/eBayISAPI.dll?EbayTime</Secondary> | |
| <Secondary>http://worldtime.io/current/utc_netherlands/8554</Secondary> | |
| <Secondary>http://www.timeanddate.com/worldclock/timezone/utc</Secondary> | |
| <Secondary>http://www.thetimenow.com/utc/coordinated_universal_time</Secondary> | |
| <Secondary>http://www.worldtimeserver.com/current_time_in_UTC.aspx</Secondary> | |
| </TimeServers> | |
| <DestructImage> | |
| <Before>2017-09-10 06:00</Before> | |
| <After>2017-10-11 06:00</After> | |
| <Uptime/> | |
| <Playtime/> | |
| <InvalidClient>true</InvalidClient> | |
| <InvalidTeam/> | |
| </DestructImage> | |
| <DisableFeedback> | |
| <Before>2017-09-10 06:00</Before> | |
| <After>2017-10-11 06:00</After> | |
| <Uptime/> | |
| <Playtime/> | |
| <NoConnection>true</NoConnection> | |
| <InvalidClient>true</InvalidClient> | |
| <InvalidTeam>false</InvalidTeam> | |
| </DisableFeedback> | |
| <WarnAfter/> | |
| <StopImageAfter/> | |
| <StopTeamAfter/> | |
| <StartupTime>60</StartupTime> | |
| <IntervalTime>60</IntervalTime> | |
| <UploadTimeout>24</UploadTimeout> | |
| <OnPointsGained> | |
| <Execute>C:\CyberPatriot\sox.exe C:\CyberPatriot\gain.wav -d -q</Execute> | |
| <Execute>C:\CyberPatriot\CyberPatriotNotify.exe You Gained Points!</Execute> | |
| </OnPointsGained> | |
| <OnPointsLost> | |
| <Execute>C:\CyberPatriot\sox.exe C:\CyberPatriot\alarm.wav -d -q</Execute> | |
| <Execute>C:\CyberPatriot\CyberPatriotNotify.exe You Lost Points.</Execute> | |
| </OnPointsLost> | |
| <AutoDisplayPoints>true</AutoDisplayPoints> | |
| <InstallPath>C:\CyberPatriot</InstallPath> | |
| <TeamConfig>ScoringConfig</TeamConfig> | |
| <HtmlReport>ScoringReport</HtmlReport> | |
| <HtmlReportTemplate>ScoringReportTemplate</HtmlReportTemplate> | |
| <XmlReport>ScoringData/ScoringReport</XmlReport> | |
| <RedShirt>tempfile</RedShirt> | |
| <OnInstall> | |
| <Execute>cmd.exe /c echo Running installation commands</Execute> | |
| </OnInstall> | |
| <ValidClient> | |
| <ResourcePath>C:\CyberPatriot\ScoringResource.dat</ResourcePath> | |
| <ClientPath>C:\CyberPatriot\CCSClient.exe</ClientPath> | |
| <ClientHash>97730CF6A894FFF14D0248F777BC1FB52F8923CE5CE39E9E2D556A148F03F273</ClientHash> | |
| <ProductID>Windows 7 Professional 32-bit</ProductID> | |
| <DiskID>30C5E9AD</DiskID> | |
| <InstallDate>2015-Jul-30 14:49:12</InstallDate> | |
| </ValidClient> | |
| <Check> | |
| <CheckID>FOR_Q1</CheckID> | |
| <Description>29665E692A36A3E9EC3A76A27F507B0113B73B9718384777F4996AF3D464F5608DDCD2D294E165E5C0EA388CE120D1F99E99C3AC8B535C57BAE8A0AF810D4B9F</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Type>file</Type> | |
| <Name>T1</Name> | |
| <FilePath>C:\Users\CyberPatriot\Desktop\Scored Questions.txt</FilePath> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T1> | |
| <Condition>Contains</Condition> | |
| <Equals>(?i)ANSWER:\s*(C:\\|\\)?Users\\Ken(?-i)</Equals> | |
| </T1> | |
| </PassIf> | |
| </Check> | |
| <Check> | |
| <CheckID>USR_LYLE</CheckID> | |
| <Description>760F8E1795D284EA6A39A8B1DE9DB1DAE61B17246BA4EF8D4807D396E3F50F26FAA233DAE03771E3C0989DA8F95E0DD9CD013EA083691562138225C0265E95EAF8AB0B4DCD</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>user</Type> | |
| <UserName>Lyle</UserName> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T1> | |
| <Condition>Admin</Condition> | |
| <Equals>false</Equals> | |
| </T1> | |
| </PassIf> | |
| </Check> | |
| <Check> | |
| <CheckID>USR_PWD</CheckID> | |
| <Description>9C4AD4F6FC51B3F4D1464747CC276FA2F5641DCAA7C5E08B49827FAE17D6FBEA0461EB89916614359516E17644DCD4C0794485E07CDFD4FCB3FA0C538C7F27BBD0BC44C159A1B40C</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>user</Type> | |
| <UserName>Max</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T2</Name> | |
| <Type>user</Type> | |
| <UserName>Mae</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T3</Name> | |
| <Type>user</Type> | |
| <UserName>Anri</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T4</Name> | |
| <Type>user</Type> | |
| <UserName>Diane</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T5</Name> | |
| <Type>user</Type> | |
| <UserName>Lyle</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T6</Name> | |
| <Type>user</Type> | |
| <UserName>Ken</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T7</Name> | |
| <Type>user</Type> | |
| <UserName>Luke</UserName> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T2> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T2> | |
| <T3> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T3> | |
| <T4> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T4> | |
| <T5> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T5> | |
| <T6> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T6> | |
| <T7> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T7> | |
| <T1> | |
| <Condition>Password</Condition> | |
| <NotEquals/> | |
| </T1> | |
| <T2> | |
| <Condition>Password</Condition> | |
| <NotEquals/> | |
| </T2> | |
| <T3> | |
| <Condition>Password</Condition> | |
| <NotEquals/> | |
| </T3> | |
| <T4> | |
| <Condition>Password</Condition> | |
| <NotEquals/> | |
| </T4> | |
| <T5> | |
| <Condition>Password</Condition> | |
| <NotEquals/> | |
| </T5> | |
| <T6> | |
| <Condition>Password</Condition> | |
| <NotEquals/> | |
| </T6> | |
| <T7> | |
| <Condition>Password</Condition> | |
| <NotEquals/> | |
| </T7> | |
| </PassIf> | |
| </Check> | |
| <Check> | |
| <CheckID>USR_GUEST</CheckID> | |
| <Description>DA78AB9BA54A831909DF6B1F1066558F39235E0E3B98B535EEEB75669DFE9089A10D92CD26BF0AD02B974ED5BF2363D97DB7CF3EC720BDF764FC9D9BD0F2CE59</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>user</Type> | |
| <UserName>Guest</UserName> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T1> | |
| </PassIf> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T1> | |
| <Condition>Enabled</Condition> | |
| <Equals>false</Equals> | |
| </T1> | |
| </PassIf> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T1> | |
| <Condition>Password</Condition> | |
| <NotEquals/> | |
| </T1> | |
| </PassIf> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T1> | |
| <Condition>Password</Condition> | |
| <Equals/> | |
| </T1> | |
| <T1> | |
| <Condition>LogonInteractiveEnabled</Condition> | |
| <Equals>false</Equals> | |
| </T1> | |
| </PassIf> | |
| </Check> | |
| <Check> | |
| <CheckID>ACT_HIST</CheckID> | |
| <Description>97AAF213F75AEBB339236C2A9C0502919AB9B987EA2E8D5FFAF51204D0FD90671EFB3449A32C56639C2CA24B597F3297851C76CADC0A4E3D62EECDE0D0F544643A0D35C2D3D4B464185EF77C747928</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>password_policy</Type> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T1> | |
| <Condition>PasswordHistLen</Condition> | |
| <GreaterThan>2</GreaterThan> | |
| </T1> | |
| </PassIf> | |
| </Check> | |
| <Check> | |
| <CheckID>ACT_MINL</CheckID> | |
| <Description>2ABE4936EEEDA3F71C8162386DC8A3D3D60694577F602668DF405C01EF2CAB6339F99664F466012C5F1F1161463525F60EDF5E1F3A4C05A73C8372EE2479B3310A5A3AA48A5BB4A9207295CAF410224E</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>password_policy</Type> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T1> | |
| <Condition>MinPasswordLen</Condition> | |
| <GreaterThan>7</GreaterThan> | |
| </T1> | |
| </PassIf> | |
| </Check> | |
| <Check> | |
| <CheckID>FIL_HWEBS</CheckID> | |
| <Description>83F4D0442CF505D8ACBB2AAFA98606609030FBEB9C8FF91C711A09C19AD300214F2E2C143C90B1ECFB938206FF96A5CAC51BBE24188918973EC1CB</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Program Files\Home Series\Home Web Server\HomeWebServer.exe</FilePath> | |
| </Test> | |
| <Test> | |
| <Name>T2</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Program Files</FilePath> | |
| </Test> | |
| <Test> | |
| <Name>T3</Name> | |
| <Type>process</Type> | |
| <ProcessName>\HomeWebServer.exe</ProcessName> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T1> | |
| <T2> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T2> | |
| <T3> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T3> | |
| </PassIf> | |
| </Check> | |
| <Check> | |
| <CheckID>FIL_MP3</CheckID> | |
| <Description>F25DA83BA15672B5EDD44427FDDA6A029B127F51C04334F684DC482DEE50F4C03E345D0FC63F2E5FA27AEBCA04209711080E6022D5380F4151EF468C61001DEF8B8481EDD46D51A2D3E26D708545B50C6914158585C87D68A862BA</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Users\Ken\BallGame.mp3</FilePath> | |
| </Test> | |
| <Test> | |
| <Name>T2</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Users\Ken\TheEntertainer.mp3</FilePath> | |
| </Test> | |
| <Test> | |
| <Name>T3</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Users\Ken</FilePath> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T1> | |
| <T2> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T2> | |
| <T3> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T3> | |
| </PassIf> | |
| </Check> | |
| <Check> | |
| <CheckID>SRV_TLNT</CheckID> | |
| <Description>B265B634E680CFEB913931EF8F9DEBD748F1189E0428A79BD4771743F63816655EF0E6C5800C4FF8ED8CC90A88DA1B6A317C4F8FBA7239EA578BB75D53650E2849F35680505595918FE32963AD4B7F05</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>service</Type> | |
| <ServiceName>TlntSvr</ServiceName> | |
| </Test> | |
| <Test> | |
| <Name>T2</Name> | |
| <Type>registry</Type> | |
| <Key>HKEY_LOCAL_MACHINE</Key> | |
| <KeyPath>SYSTEM\CurrentControlSet\Services\TlntSvr</KeyPath> | |
| <KeyName>Start</KeyName> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T1> | |
| <Condition>State</Condition> | |
| <NotEquals>Running</NotEquals> | |
| </T1> | |
| <T2> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T2> | |
| <T2> | |
| <Condition>Value</Condition> | |
| <GreaterThan>2</GreaterThan> | |
| </T2> | |
| </PassIf> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T1> | |
| <T2> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T2> | |
| </PassIf> | |
| </Check> | |
| <Check> | |
| <CheckID>OUP_AUTO</CheckID> | |
| <Description>F39E5C834B4C4DE77BE9B9F92BCB97D9140913C9E0AFFD23B8A816F0C86D5059722CFA2D8AD4BE7614E074AE9DB479452EFCD2B63DE5F11F5FC1FD4513642E0925203BFC994AA5C90A64EF45</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>registry</Type> | |
| <Key>HKEY_LOCAL_MACHINE</Key> | |
| <KeyPath>SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update</KeyPath> | |
| <KeyName>AUOptions</KeyName> | |
| </Test> | |
| <Test> | |
| <Name>T2</Name> | |
| <Type>registry</Type> | |
| <Key>HKEY_LOCAL_MACHINE</Key> | |
| <KeyPath>SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU</KeyPath> | |
| <KeyName>AUOptions</KeyName> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T1> | |
| <Condition>Value</Condition> | |
| <GreaterThan>1</GreaterThan> | |
| </T1> | |
| </PassIf> | |
| <PassIf> | |
| <T2> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T2> | |
| <T2> | |
| <Condition>Value</Condition> | |
| <GreaterThan>1</GreaterThan> | |
| </T2> | |
| </PassIf> | |
| </Check> | |
| <Penalty> | |
| <CheckID>PEN_RDSK</CheckID> | |
| <Description>212F20AE5D40CA1D6EADA2C8AAF1C48F29A8193CCBB211E46492F59BC26768DE0E7237A6077AF05F7C40B76BE25851FB6DA658D082E46103A18D496D3C0ED6AEFC806E21</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>registry</Type> | |
| <Key>HKEY_LOCAL_MACHINE</Key> | |
| <KeyPath>System\CurrentControlSet\Control\Terminal Server</KeyPath> | |
| <KeyName>fDenyTSConnections</KeyName> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T1> | |
| </PassIf> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>true</Equals> | |
| </T1> | |
| <T1> | |
| <Condition>Value</Condition> | |
| <NotEquals>0</NotEquals> | |
| </T1> | |
| </PassIf> | |
| </Penalty> | |
| <Penalty> | |
| <CheckID>PEN_USR</CheckID> | |
| <Description>DF66CC2E205666006CB57A25A2B9D136163CFBA50CC1414DC20D927566991209B07E27D88762337D7055220E71EB6C815A415B9F4F7C21E91B3BE34266CD63D382F10C43002314</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>user</Type> | |
| <UserName>Max</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T2</Name> | |
| <Type>user</Type> | |
| <UserName>Mae</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T3</Name> | |
| <Type>user</Type> | |
| <UserName>Anri</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T4</Name> | |
| <Type>user</Type> | |
| <UserName>Diane</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T5</Name> | |
| <Type>user</Type> | |
| <UserName>Lyle</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T6</Name> | |
| <Type>user</Type> | |
| <UserName>Ken</UserName> | |
| </Test> | |
| <Test> | |
| <Name>T7</Name> | |
| <Type>user</Type> | |
| <UserName>Luke</UserName> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T1> | |
| </PassIf> | |
| <PassIf> | |
| <T2> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T2> | |
| </PassIf> | |
| <PassIf> | |
| <T3> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T3> | |
| </PassIf> | |
| <PassIf> | |
| <T4> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T4> | |
| </PassIf> | |
| <PassIf> | |
| <T5> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T5> | |
| </PassIf> | |
| <PassIf> | |
| <T6> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T6> | |
| </PassIf> | |
| <PassIf> | |
| <T7> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T7> | |
| </PassIf> | |
| </Penalty> | |
| <Penalty> | |
| <CheckID>PEN_USRD</CheckID> | |
| <Description>F947CA7C6FCD5525CD9051CF084032A9BD35BE34DB7839D0AFDB3DA720B89CDE526D32100925CADDC8AFC1288295ADDCAA0F0D419B17155DF3A67E838B88F19A7F436ED7791C5E109AEAD3A7725BB2F0</Description> | |
| <Points>10</Points> | |
| <Test> | |
| <Name>T1</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Users\Max</FilePath> | |
| </Test> | |
| <Test> | |
| <Name>T2</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Users\Mae</FilePath> | |
| </Test> | |
| <Test> | |
| <Name>T3</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Users\Anri</FilePath> | |
| </Test> | |
| <Test> | |
| <Name>T4</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Users\Diane</FilePath> | |
| </Test> | |
| <Test> | |
| <Name>T5</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Users\Lyle</FilePath> | |
| </Test> | |
| <Test> | |
| <Name>T6</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Users\Ken</FilePath> | |
| </Test> | |
| <Test> | |
| <Name>T7</Name> | |
| <Type>file</Type> | |
| <FilePath>C:\Users\Luke</FilePath> | |
| </Test> | |
| <PassIf> | |
| <T1> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T1> | |
| </PassIf> | |
| <PassIf> | |
| <T2> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T2> | |
| </PassIf> | |
| <PassIf> | |
| <T3> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T3> | |
| </PassIf> | |
| <PassIf> | |
| <T4> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T4> | |
| </PassIf> | |
| <PassIf> | |
| <T5> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T5> | |
| </PassIf> | |
| <PassIf> | |
| <T6> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T6> | |
| </PassIf> | |
| <PassIf> | |
| <T7> | |
| <Condition>Exists</Condition> | |
| <Equals>false</Equals> | |
| </T7> | |
| </PassIf> | |
| </Penalty> | |
| <AllFiles> | |
| <FilePath>C:\</FilePath> | |
| <FilePath>C:\mytrojan.exe</FilePath> | |
| <FilePath>C:\rootkit.exe</FilePath> | |
| <FilePath>C:\Windows\</FilePath> | |
| <FilePath>C:\Windows\mytrojan.exe</FilePath> | |
| <FilePath>C:\Windows\en-US\</FilePath> | |
| <FilePath>C:\Windows\Media\</FilePath> | |
| <FilePath>C:\Windows\Microsoft.NET\Framework</FilePath> | |
| <FilePath>C:\Windows\PolicyDefinitions\</FilePath> | |
| <FilePath>C:\Windows\Prefetch\</FilePath> | |
| <FilePath>C:\Windows\servicing\</FilePath> | |
| <FilePath>C:\Windows\System32\rootkit.exe</FilePath> | |
| <FilePath>C:\Windows\System32\GroupPolicy\Machine\</FilePath> | |
| </AllFiles> | |
| <AllQueries> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\ComputerName</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\auditbasedirectories</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\auditbaseobjects</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\MaxPacketSize</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\MaxTokenSize</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem\NtfsDisableEncryption</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\HibernateEnabled</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SNMP\Parameters\ExtensionAgents</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Winlogon\Notifications\Components\TermSrv\</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Winlogon\Notifications\Components\TermSrv\ServiceName</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NETFramework\Performance\Library</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Browser\Parameters\ServiceDll</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\KeyIso\Security\Security</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Lsa\Performance\Library</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SNMPTRAP\Start</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tcpip\CurrentVersion\</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Build</Key> | |
| <Key>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\CleanupTime</Key> | |
| </AllQueries> | |
| </CyberPatriotResource> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment