public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-27 04:32:24 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #101 from leo1-1/master

Browse Source 
added command to certutil
This commit is contained in:
Conor Richard
2020-10-26 19:44:53 -04:00
committed by GitHub
parent 9a83179ddd 5806d33e70
commit d15172284a
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
yml/OSBinaries/Certutil.yml
View File

@@ -44,6 +44,14 @@ Commands:
MitreID: T1140
MitreLink: https://attack.mitre.org/wiki/Technique/T1140
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
- Command: certutil --decodehex encoded_hexadecimal_InputFileName
Description: Command to decode a hexadecimal-encoded file decodedOutputFileName
Usecase: Decode files to evade defensive measures
Category: Decode
Privileges: User
MitreID: T1140
MitreLink: https://attack.mitre.org/wiki/Technique/T1140
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
Full_Path:
- Path: C:\Windows\System32\certutil.exe
- Path: C:\Windows\SysWOW64\certutil.exe
@@ -64,4 +72,5 @@ Acknowledgement:
Handle: '@Moriarty_Meng'
- Person: egre55
Handle: '@egre55'
- Person: Lior Adar
---