public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-27 12:42:19 +02:00
Code Issues Projects Releases Wiki Activity

Standardise date formats (see https://yaml.org/type/timestamp.html)

Browse Source
This commit is contained in:
Wietze
2021-01-10 15:04:52 +00:00
parent de50a47957
commit 14dca38278
147 changed files with 407 additions and 407 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
yml/OSBinaries/Eventvwr.yml
View File

@@ -2,11 +2,11 @@
Name: Eventvwr.exe
Description: Displays Windows Event Logs in a GUI window.
Author: 'Jacob Gajek'
Created: '2018-11-01'
Created: 2018-11-01
Commands:
- Command: eventvwr.exe
Description: During startup, eventvwr.exe checks the registry value HKCU\Software\Classes\mscfile\shell\open\command for the location of mmc.exe, which is used to open the eventvwr.msc saved console file. If the location of another binary or script is added to this registry value, it will be executed as a high-integrity process without a UAC prompt being displayed to the user.
Usecase: Execute a binary or script as a high-integrity process without a UAC prompt.
Usecase: Execute a binary or script as a high-integrity process without a UAC prompt.
Category: UAC bypass
Privileges: User
MitreID: T1088