public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-27 12:42:19 +02:00
Code Issues Projects Releases Wiki Activity

Addressing @bohops's feedback

Browse Source
This commit is contained in:
Wietze
2022-05-05 11:12:22 +01:00
parent 085aaa37b1
commit b92ee99627
11 changed files with 25 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OSBinaries/Mmc.yml
View File

@@ -10,7 +10,7 @@ Commands:
Category: Execute
Privileges: User
MitreID: T1218.014
OperatingSystem: Windows 10 (and possibly earlier versions)
OperatingSystem: Windows 10 (and possibly earlier versions), Windows 11
- Command: mmc.exe gpedit.msc
Description: Load an arbitrary payload DLL by configuring COR Profiler registry settings and launching MMC to bypass UAC.
Usecase: Modify HKCU\Environment key in Registry with COR profiler values then launch MMC to load the payload DLL.