Update scripts with new template. Fixed mgmt script for webportal. Adjustments to existing yml files

2025-07-29 05:31:53 +02:00 · 2018-09-26 11:41:58 +02:00
parent d48273583e
commit bac3b9e56c
38 changed files with 405 additions and 245 deletions
--- a/yml/OSLibraries/Ieframe.yml
+++ b/yml/OSLibraries/Ieframe.yml
@@ -1,13 +1,13 @@
 ---
 Name: Ieaframe.dll
 Description: Internet Browser DLL for translating HTML code.
-Author: ''
+Author:
 Created: '2018-05-25'
 Commands:
  - Command: rundll32.exe ieframe.dll,OpenURL "C:\test\calc.url"
    Description: Launch an executable payload via proxy through a(n) URL (information) file by calling OpenURL.
    UseCase: Load an executable payload by calling a .url file with or without quotes.  The .url file extension can be renamed.
-    Category: Execution
+    Category: Execute
    Privileges: User
    MitreID: T1085
    MItreLink: https://attack.mitre.org/wiki/Technique/T1085
@@ -18,7 +18,7 @@ Full Path:
 Code Sample:
  - Code: https://gist.githubusercontent.com/bohops/89d7b11fa32062cfe31be9fdb18f050e/raw/1206a613a6621da21e7fd164b80a7ff01c5b64ab/calc.url
 Detection:
-  - IOC: ''
+  - IOC:
 Resources:
  - Link: http://www.hexacorn.com/blog/2018/03/15/running-programs-via-proxy-jumping-on-a-edr-bypass-trampoline-part-5/
  - Link: https://bohops.com/2018/03/17/abusing-exported-functions-and-exposed-dcom-interfaces-for-pass-thru-command-execution-and-lateral-movement/