public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-27 04:32:24 +02:00
Code Issues Projects Releases Wiki Activity

Changed alternate data stream to ADS as category

Browse Source
This commit is contained in:
Oddvar Moe
2018-09-26 09:34:01 +02:00
parent 7961a99173
commit d48273583e
19 changed files with 28 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OSBinaries/Print.yml
View File

@@ -7,7 +7,7 @@ Commands:
- Command: print /D:C:\ADS\File.txt:file.exe C:\ADS\File.exe
Description: Copy file.exe into the Alternate Data Stream (ADS) of file.txt.
Usecase: Hide binary file in alternate data stream to potentially bypass defensive counter measures
Category: Alternate data streams
Category: ADS
Privileges: User
MitreID: T1096
MitreLink: https://attack.mitre.org/wiki/Technique/T1096