mirror of
https://github.com/LOLBAS-Project/LOLBAS
synced 2024-12-30 16:54:00 +01:00
Update Adplus.yml Tags
Changed Tags: - Execute CMD - Execute EXE
This commit is contained in:
parent
16d84e33e6
commit
a01bab762e
@ -18,6 +18,8 @@ Commands:
|
|||||||
Privileges: User
|
Privileges: User
|
||||||
MitreID: T1127
|
MitreID: T1127
|
||||||
OperatingSystem: All Windows
|
OperatingSystem: All Windows
|
||||||
|
Tags:
|
||||||
|
- Execute: CMD
|
||||||
- Command: adplus.exe -c config-adplus.xml
|
- Command: adplus.exe -c config-adplus.xml
|
||||||
Description: Dump process memory using adplus config file (see Resources section for a sample file).
|
Description: Dump process memory using adplus config file (see Resources section for a sample file).
|
||||||
Usecase: Run commands under a trusted Microsoft signed binary
|
Usecase: Run commands under a trusted Microsoft signed binary
|
||||||
@ -32,6 +34,9 @@ Commands:
|
|||||||
Privileges: User
|
Privileges: User
|
||||||
MitreID: T1127
|
MitreID: T1127
|
||||||
OperatingSystem: All windows
|
OperatingSystem: All windows
|
||||||
|
Tags:
|
||||||
|
- Execute: CMD
|
||||||
|
- Execute: EXE
|
||||||
Full_Path:
|
Full_Path:
|
||||||
- Path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\adplus.exe
|
- Path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\adplus.exe
|
||||||
- Path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\adplus.exe
|
- Path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\adplus.exe
|
||||||
|
Loading…
Reference in New Issue
Block a user