From c01259cceb46f93ee4f4f9f9a8e2d2a04a716773 Mon Sep 17 00:00:00 2001 From: Adam Chester Date: Wed, 4 Sep 2024 23:55:52 +0100 Subject: [PATCH] Updated README --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 3b077c8..c0091a1 100644 --- a/README.md +++ b/README.md @@ -9,10 +9,10 @@ CRED-1 can be broken down into the following steps: 1. Send a DHCP Request for the PXE image over UDP 4011 2. SCCM responds with image path and crypto keys to decrypt the referenced variables file -At this stage, two files are downloaded over TFTP: +At this stage, two files are downloaded over TFTP, for example: -1. -2. +1. `2024.09.03.23.35.22.0001.{FEF9DEEE-4C4A-43EF-92BF-2DD23F3CE837}.boot.var` +2. `2024.09.03.23.35.22.07.{FEF9DEEE-4C4A-43EF-92BF-2DD23F3CE837}.boot.bcd` Next CRED-1 takes the crypto keys also returned in the DHCP response, and takes one of two paths depending on the content: