public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-28 15:58:24 +01:00
Code Issues Projects Releases Wiki Activity

Odbcconf realign to T1218.008, hh.exe to T1218.001

Browse Source
This commit is contained in:
Wietze 2021-11-16 14:08:04 +00:00
parent 23dd0236ae
commit f7b30775a4
No known key found for this signature in database
GPG Key ID: E17630129FF993CF
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OSBinaries/Hh.yml
View File

@ -16,7 +16,7 @@ Commands:
Usecase: Execute process with HH.exe Usecase: Execute process with HH.exe
Category: Execute Category: Execute
Privileges: User Privileges: User
MitreID: T1202 MitreID: T1218.001
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10 OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
Full_Path: Full_Path:
- Path: C:\Windows\System32\hh.exe - Path: C:\Windows\System32\hh.exe

4
yml/OSBinaries/Odbcconf.yml
View File

@ -9,14 +9,14 @@ Commands:
Usecase: Execute dll file using technique that can evade defensive counter measures Usecase: Execute dll file using technique that can evade defensive counter measures
Category: Execute Category: Execute
Privileges: User Privileges: User
MitreID: T1218 MitreID: T1218.008
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10 OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
- Command: odbcconf /a {REGSVR c:\test\test.dll} - Command: odbcconf /a {REGSVR c:\test\test.dll}
Description: Execute DllREgisterServer from DLL specified. Description: Execute DllREgisterServer from DLL specified.
Usecase: Execute dll file using technique that can evade defensive counter measures Usecase: Execute dll file using technique that can evade defensive counter measures
Category: Execute Category: Execute
Privileges: User Privileges: User
MitreID: T1218 MitreID: T1218.008
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10 OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
Full_Path: Full_Path:
- Path: C:\Windows\System32\odbcconf.exe - Path: C:\Windows\System32\odbcconf.exe