public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-12 21:43:43 +02:00
Code Issues Projects Releases Wiki Activity

Update Mofcomp.yml

Browse Source 
Correcting YAML errors
This commit is contained in:
Conor Richard 2023-10-06 21:58:12 -04:00 committed by GitHub
parent dc1bdf0ff9
commit 81688557d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
yml/OSBinaries/Mofcomp.yml
View File

@ -11,7 +11,6 @@ Commands:
Privileges: User Privileges: User
MitreID: T1047 MitreID: T1047
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11 & Windows Server 2008 and above OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11 & Windows Server 2008 and above
Commands:
- Command: mofcomp.exe C:\Programdata\x.mof - Command: mofcomp.exe C:\Programdata\x.mof
Description: Abuse of mofcomp.exe to parse a file which contains MOF statements in order create new classes as part of the WMI repository Description: Abuse of mofcomp.exe to parse a file which contains MOF statements in order create new classes as part of the WMI repository
Usecase: Threat actors can use mofcomp.exe to decompile a BMOF binary and then register a malicious class in the WMI repository Usecase: Threat actors can use mofcomp.exe to decompile a BMOF binary and then register a malicious class in the WMI repository