mirror/ LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-05-18 05:26:15 +02:00
Code Issues
LOLBAS/OSBinaries/Runscripthelper.yml
2018-06-09 00:15:06 +02:00

18 lines
778 B
YAML
Raw Blame History

---
Name: Runscripthelper.exe
Description: Execute
Author: ''
Created: '2018-05-25'
Categories: []
Commands:
- Command: runscripthelper.exe surfacecheck \\?\C:\Test\Microsoft\Diagnosis\scripts\test.txt C:\Test
Description: Execute the PowerShell script named test.txt.
Full Path:
- 'C:\Windows\WinSxS\amd64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_10.0.16299.15_none_c2df1bba78111118\Runscripthelper.exe '
- 'C:\Windows\WinSxS\amd64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_10.0.16299.192_none_ad4699b571e00c4a\Runscripthelper.exe '
Code Sample: []
Detection: []
Resources:
- https://posts.specterops.io/bypassing-application-whitelisting-with-runscripthelper-exe-1906923658fc
Notes: Thanks to Matt Graeber - @mattifestation
View Git Blame Copy Permalink