public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-25 22:39:27 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #70 from cnotin/patch-1

Browse Source 
sqldumper: minor fix mis-typed words
This commit is contained in:
Oddvar Moe 2020-07-03 14:34:02 +02:00 committed by GitHub
commit c31053e6bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
yml/OtherMSBinaries/Sqldumper.yml
View File

@ -6,15 +6,15 @@ Created: '2018-05-25'
Commands: Commands:
- Command: sqldumper.exe 464 0 0x0110 - Command: sqldumper.exe 464 0 0x0110
Description: Dump process by PID and create a dump file (Appears to create a dump file called SQLDmprXXXX.mdmp). Description: Dump process by PID and create a dump file (Appears to create a dump file called SQLDmprXXXX.mdmp).
Usecase: Dump process uisng PID. Usecase: Dump process using PID.
Category: Dump Category: Dump
Privileges: Administrator Privileges: Administrator
MitreID: T1003 MitreID: T1003
MitreLink: https://attack.mitre.org/wiki/Technique/T1003 MitreLink: https://attack.mitre.org/wiki/Technique/T1003
OperatingSystem: Windows OperatingSystem: Windows
- Command: sqldumper.exe 540 0 0x01100:40 - Command: sqldumper.exe 540 0 0x01100:40
Description: 0x01100:40 flag will create a Mimikatz compatibile dump file. Description: 0x01100:40 flag will create a Mimikatz compatible dump file.
Usecase: Dump LSASS.exe to Mimikatz compatable dump uisng PID. Usecase: Dump LSASS.exe to Mimikatz compatible dump using PID.
Category: Dump Category: Dump
Privileges: Administrator Privileges: Administrator
MitreID: T1003 MitreID: T1003
@ -34,4 +34,4 @@ Resources:
Acknowledgement: Acknowledgement:
- Person: Luis Rocha - Person: Luis Rocha
Handle: '@countuponsec' Handle: '@countuponsec'
--- ---