public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-01-13 15:29:05 +01:00
Code Issues Projects Releases Wiki Activity
793a512551
LOLBAS/Ieframe.md
bohops 793a512551
Updated Libs
2018-09-16 08:04:36 -04:00

1.2 KiB
Raw Blame History

name description functions resources fullpath notes
ieframe.dll Internet Browser DLL for translating HTML code.
execute
description code
Launch an executable payload via proxy through a(n) URL (information) file by calling OpenURL. rundll32.exe ieframe.dll,OpenURL "C:\test\calc.url"
description code
Launch an executable payload via proxy through a renamed URL (information) file by calling OpenURL. rundll32.exe ieframe.dll,OpenURL c:\test\calc-url-file.zz
resource
http://www.hexacorn.com/blog/2018/03/15/running-programs-via-proxy-jumping-on-a-edr-bypass-trampoline-part-5/
resource
https://bohops.com/2018/03/17/abusing-exported-functions-and-exposed-dcom-interfaces-for-pass-thru-command-execution-and-lateral-movement/
resource
https://twitter.com/bohops/status/997690405092290561
resource
1206a613a6/calc.url
resource
https://windows10dll.nirsoft.net/ieframe_dll.html
path
c:\windows\system32\ieframe.dll
path
c:\windows\syswow64\ieframe.dll
Thanks to Adam - @hexacorn, Jimmy - @bohops