Update Dotnet.yml tags

Added Tags:
Execute: .NetDLL
Execute: Fsharp
Execute: CSProj
This commit is contained in:
hegusung 2024-10-13 22:09:40 +02:00 committed by GitHub
parent bd6667bc9a
commit b24f3ab6ab
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -11,6 +11,8 @@ Commands:
Privileges: User Privileges: User
MitreID: T1218 MitreID: T1218
OperatingSystem: Windows 7 and up with .NET installed OperatingSystem: Windows 7 and up with .NET installed
Tags:
- Execute: .NetDLL
- Command: dotnet.exe [PATH_TO_DLL] - Command: dotnet.exe [PATH_TO_DLL]
Description: dotnet.exe will execute any DLL. Description: dotnet.exe will execute any DLL.
Usecase: Execute DLL Usecase: Execute DLL
@ -18,6 +20,8 @@ Commands:
Privileges: User Privileges: User
MitreID: T1218 MitreID: T1218
OperatingSystem: Windows 7 and up with .NET installed OperatingSystem: Windows 7 and up with .NET installed
Tags:
- Execute: .NetDLL
- Command: dotnet.exe fsi - Command: dotnet.exe fsi
Description: dotnet.exe will open a console which allows for the execution of arbitrary F# commands Description: dotnet.exe will open a console which allows for the execution of arbitrary F# commands
Usecase: Execute arbitrary F# code Usecase: Execute arbitrary F# code
@ -25,6 +29,8 @@ Commands:
Privileges: User Privileges: User
MitreID: T1059 MitreID: T1059
OperatingSystem: Windows 10 and up with .NET SDK installed OperatingSystem: Windows 10 and up with .NET SDK installed
Tags:
- Execute: Fsharp
- Command: dotnet.exe msbuild [Path_TO_XML_CSPROJ] - Command: dotnet.exe msbuild [Path_TO_XML_CSPROJ]
Description: dotnet.exe with msbuild (SDK Version) will execute unsigned code Description: dotnet.exe with msbuild (SDK Version) will execute unsigned code
Usecase: Execute code bypassing AWL Usecase: Execute code bypassing AWL
@ -32,6 +38,8 @@ Commands:
Privileges: User Privileges: User
MitreID: T1218 MitreID: T1218
OperatingSystem: Windows 10 and up with .NET Core installed OperatingSystem: Windows 10 and up with .NET Core installed
Tags:
- Execute: CSProj
Full_Path: Full_Path:
- Path: 'C:\Program Files\dotnet\dotnet.exe' - Path: 'C:\Program Files\dotnet\dotnet.exe'
Detection: Detection: