public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-10-23 00:58:42 +02:00
Code Issues Projects Releases Wiki Activity

Moved Wsl.yml location to OtherMSBinaries and added another example for possible usecases.

Browse Source
This commit is contained in:
NotoriousRebel 2019-06-28 09:20:56 -04:00
parent ff7dd5893b
commit ff0155f599
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
yml/OSBinaries/Wsl.yml → yml/OtherMSBinaries/Wsl.yml
View File

@ -12,6 +12,14 @@ Commands:
MitreID: T1202
MitreLink: https://attack.mitre.org/techniques/T1202
OperatingSystem: Windows 10, Windows 19 Server
- Command: wsl.exe -u root -e cat /etc/shadow
Description: Cats /etc/shadow file as root
Usecase: Performs execution of arbitrary Linux commands as root without need for password.
Category: Execute
Privileges: User
MitreID: T1202
MitreLink: https://attack.mitre.org/techniques/T1202
OperatingSystem: Windows 10, Windows 19 Server
Full_Path:
- Path: C:\Windows\System32\wsl.exe
Code_Sample: