public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-27 04:32:24 +02:00
Code Issues Projects Releases Wiki Activity

Adding Execute tags to most LOLBas (#405)

Browse Source
This commit is contained in:
hegusung
2024-12-29 18:31:01 +01:00
committed by GitHub
parent baaa5bbc73
commit b9a6cd6a87
129 changed files with 520 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
yml/OtherMSBinaries/AccCheckConsole.yml
View File

@@ -12,7 +12,7 @@ Commands:
MitreID: T1218
OperatingSystem: Windows
Tags:
- Execute: DLL
- Execute: DLL (.NET)
- Command: AccCheckConsole.exe -window "Untitled - Notepad" C:\path\to\your\lolbas.dll
Description: Load a managed DLL in the context of AccCheckConsole.exe. The -window switch value can be set to an arbitrary active window name.
Usecase: Local execution of managed code to bypass AppLocker.
@@ -21,7 +21,7 @@ Commands:
MitreID: T1218
OperatingSystem: Windows
Tags:
- Execute: DLL
- Execute: DLL (.NET)
Full_Path:
- Path: C:\Program Files (x86)\Windows Kits\10\bin\10.0.22000.0\x86\AccChecker\AccCheckConsole.exe
- Path: C:\Program Files (x86)\Windows Kits\10\bin\10.0.22000.0\x64\AccChecker\AccCheckConsole.exe