mirror of
https://github.com/LOLBAS-Project/LOLBAS
synced 2025-07-27 12:42:19 +02:00
MD files generate from Script, and adjustments to readme
This commit is contained in:
Oddvar Moe
19
yml/OSBinaries/Presentationhost.yml
Normal file
19
yml/OSBinaries/Presentationhost.yml
Normal file
@@ -0,0 +1,19 @@
|
||||
---
|
||||
Name: PresentationHost.exe
|
||||
Description: Execute
|
||||
Author: ''
|
||||
Created: '2018-05-25'
|
||||
Categories: []
|
||||
Commands:
|
||||
- Command: Presentationhost.exe C:\temp\Evil.xbap
|
||||
Description: Executes the target XAML Browser Application (XBAP) file.
|
||||
Full Path:
|
||||
- 'c:\windows\system32\PresentationHost.exe '
|
||||
- 'c:\windows\sysWOW64\PresentationHost.exe '
|
||||
Code Sample: []
|
||||
Detection: []
|
||||
Resources:
|
||||
- https://github.com/api0cradle/ShmooCon-2015/blob/master/ShmooCon-2015-Simple-WLEvasion.pdf
|
||||
- https://oddvar.moe/2017/12/21/applocker-case-study-how-insecure-is-it-really-part-2/
|
||||
Notes: Thanks to Casey Smith - @subtee
|
||||
|
||||
Reference in New Issue
Block a user