mirror/ LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-06-02 04:46:04 +02:00
Code Issues

Correcting case in Usecase key names.

This commit is contained in:
xenoscr 2022-09-10 23:45:28 -04:00
parent a040ca3e40
commit 371d1cf2cc
No known key found for this signature in database
GPG Key ID: 52C26F96860C0DAA
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OSLibraries/Ieframe.yml
View File

@ -6,7 +6,7 @@ Created: '2018-05-25'
Commands:
- Command: rundll32.exe ieframe.dll,OpenURL "C:\test\calc.url"
Description: Launch an executable payload via proxy through a(n) URL (information) file by calling OpenURL.
UseCase: Load an executable payload by calling a .url file with or without quotes. The .url file extension can be renamed.
Usecase: Load an executable payload by calling a .url file with or without quotes. The .url file extension can be renamed.
Category: Execute
Privileges: User
MitreID: T1218.011

4
yml/OSLibraries/Setupapi.yml
View File

@ -6,14 +6,14 @@ Created: '2018-05-25'
Commands:
- Command: rundll32.exe setupapi.dll,InstallHinfSection DefaultInstall 128 C:\Tools\shady.inf
Description: Execute the specified (local or remote) .wsh/.sct script with scrobj.dll in the .inf file by calling an information file directive (section name specified).
UseCase: Run local or remote script(let) code through INF file specification.
Usecase: Run local or remote script(let) code through INF file specification.
Category: AWL Bypass
Privileges: User
MitreID: T1218.011
OperatingSystem: Windows
- Command: rundll32.exe setupapi.dll,InstallHinfSection DefaultInstall 128 C:\\Tools\\calc_exe.inf
Description: Launch an executable file via the InstallHinfSection function and .inf file section directive.
UseCase: Load an executable payload.
Usecase: Load an executable payload.
Category: Execute
Privileges: User
MitreID: T1218.011