Added more in new structure

master
api0cradle 2018-04-18 15:55:43 +02:00
parent cc007b717c
commit e4b37b00ef
11 changed files with 134 additions and 137 deletions

View File

@ -5,150 +5,45 @@ If you are missing from the acknowledgement, please let me know (I did not forge
# OS BINARIES
[Rundll32.exe](OSBinaries/Rundll32.md)
[Regsvr32.exe](OSBinaries/Regsvr32.md)
[Msbuild.exe](OSBinaries/Msbuild.md)
[Regsvcs.exe](OSBinaries/Regsvcs.md)
[Regasm.exe](OSBinaries/Regasm.md)
[Installutil.exe](OSBinaries/Installutil.md)
[Mshta.exe](OSBinaries/Mshta.md)
[Ieexec.exe](OSBinaries/Ieexec.md)
[Presentationhost.exe](OSBinaries/Presentationhost.md)
[Msiexec.exe](OSBinaries/Msiexec.md)
[Cmstp.exe](OSBinaries/Cmstp.md)
[Xwizard.exe](OSBinaries/Xwizard.md)
[Odbcconf.exe](OSBinaries/Odbcconf.md)
[Forfiles.exe](OSBinaries/Forfiles.md)
[Syncappvpublishingserver.exe](OSBinaries/Syncappvpublishingserver.md)
[Infdefaultinstall.exe](OSBinaries/Infdefaultinstall.md)
[Atbroker.exe](OSBinaries/Atbroker.md)
[Wmic.exe](OSBinaries/Wmic.md)
[Mavinject32.exe](OSBinaries/Mavinject32.md)
[Runscripthelper.exe](OSBinaries/Runscripthelper.md)
[Cmstp.exe](OSBinaries/Cmstp.md)
[Control.exe](OSBinaries/Control.md)
[ie4unit.exe](OSBinaries/ie4unit.md)
[Forfiles.exe](OSBinaries/Forfiles.md)
[Ieexec.exe](OSBinaries/Ieexec.md)
[Ie4unit.exe](OSBinaries/Ie4unit.md)
[Infdefaultinstall.exe](OSBinaries/Infdefaultinstall.md)
[Installutil.exe](OSBinaries/Installutil.md)
[Mavinject32.exe](OSBinaries/Mavinject32.md)
[Msbuild.exe](OSBinaries/Msbuild.md)
[Mshta.exe](OSBinaries/Mshta.md)
[Msiexec.exe](OSBinaries/Msiexec.md)
[Odbcconf.exe](OSBinaries/Odbcconf.md)
[Presentationhost.exe](OSBinaries/Presentationhost.md)
[Regasm.exe](OSBinaries/Regasm.md)
[Regsvcs.exe](OSBinaries/Regsvcs.md)
[Regsvr32.exe](OSBinaries/Regsvr32.md)
[Rundll32.exe](OSBinaries/Rundll32.md)
[Runscripthelper.exe](OSBinaries/Runscripthelper.md)
[Syncappvpublishingserver.exe](OSBinaries/Syncappvpublishingserver.md)
[Wmic.exe](OSBinaries/Wmic.md)
[Xwizard.exe](OSBinaries/Xwizard.md)
# OTHER MICROSOFT SIGNED BINARIES
## Bginfo.exe
* Functions: Execute
```
bginfo.exe bginfo.bgi /popup /nolicprompt
(Add vbs code inside .bgi file)
```
Acknowledgements:
* Oddvar Moe - @oddvarmoe
[Bginfo.exe](OtherMSBinaries/Bginfo.md)
[Cdb.exe](OtherMSBinaries/Cdb.md)
[Csi.exe](OtherMSBinaries/Csi.md)
[Dnx.exe](OtherMSBinaries/Dnx.md)
[Msxsl.exe](OtherMSBinaries/Msxsl.md)
[Rcsi.exe](OtherMSBinaries/Rcsi.md)
[Te.exe](OtherMSBinaries/Te.md)
[Tracker.exe](OtherMSBinaries/Tracker.md)
[Winword.exe](OtherMSBinaries/Winword.md)
## msxsl.exe
* Functions: Execute
```
msxsl.exe customers.xml script.xsl
```
Acknowledgements:
* Casey Smith - @subtee
## winword.exe
* Functions: Execute
```
winword.exe /l dllfile.dll
```
Acknowledgements:
* Casey Smith - @subtee
## dnx.exe
* Functions: Execute
```
dnx.exe consoleapp
```
Acknowledgements:
* Matt Nelson - @enigma0x3
## cdb.exe
* Functions: Execute
```
cdb.exe -cf x64_calc.wds -o notepad.exe
```
Acknowledgements:
* Matt Graber - @mattifestation
## rcsi.exe
* Functions: Execute
```
rcsi.exe bypass.csx
```
Acknowledgements:
* Matt Nelson - @enigma0x3
## csi.exe
* Functions: Execute
```
csi.exe file
```
Acknowledgements:
* Casey Smith - @subtee
## te.exe
* Functions: Execute
```
te.exe bypass.wsc
```
Acknowledgements:
* * Giuseppe N3mes1s - @gN3mes1s
## Tracker.exe
* Functions: Execute
```
Tracker.exe /d .\calc.dll /c C:\Windows\write.exe
```
Acknowledgements:
* * Giuseppe N3mes1s - @gN3mes1s

13
OtherMSBinaries/Bginfo.md Normal file
View File

@ -0,0 +1,13 @@
## Bginfo.exe
* Functions: Execute
```
bginfo.exe bginfo.bgi /popup /nolicprompt
(Add vbs code inside .bgi file)
```
Acknowledgements:
* Oddvar Moe - @oddvarmoe

11
OtherMSBinaries/Cdb.md Normal file
View File

@ -0,0 +1,11 @@
## cdb.exe
* Functions: Execute
```
cdb.exe -cf x64_calc.wds -o notepad.exe
```
Acknowledgements:
* Matt Graber - @mattifestation

13
OtherMSBinaries/Csi.md Normal file
View File

@ -0,0 +1,13 @@
## csi.exe
* Functions: Execute
```
csi.exe file
```
Acknowledgements:
* Casey Smith - @subtee

11
OtherMSBinaries/Dnx.md Normal file
View File

@ -0,0 +1,11 @@
## dnx.exe
* Functions: Execute
```
dnx.exe consoleapp
```
Acknowledgements:
* Matt Nelson - @enigma0x3

10
OtherMSBinaries/Msxsl.md Normal file
View File

@ -0,0 +1,10 @@
## msxsl.exe
* Functions: Execute
```
msxsl.exe customers.xml script.xsl
```
Acknowledgements:
* Casey Smith - @subtee

11
OtherMSBinaries/Rcsi.md Normal file
View File

@ -0,0 +1,11 @@
## rcsi.exe
* Functions: Execute
```
rcsi.exe bypass.csx
```
Acknowledgements:
* Matt Nelson - @enigma0x3

12
OtherMSBinaries/Te.md Normal file
View File

@ -0,0 +1,12 @@
## te.exe
* Functions: Execute
```
te.exe bypass.wsc
```
Acknowledgements:
* * Giuseppe N3mes1s - @gN3mes1s

View File

@ -0,0 +1,11 @@
## Tracker.exe
* Functions: Execute
```
Tracker.exe /d .\calc.dll /c C:\Windows\write.exe
```
Acknowledgements:
* * Giuseppe N3mes1s - @gN3mes1s

View File

@ -0,0 +1,10 @@
## winword.exe
* Functions: Execute
```
winword.exe /l dllfile.dll
```
Acknowledgements:
* Casey Smith - @subtee

View File

@ -4,6 +4,6 @@ The goal of these lists are to document every binary and script that can be used
There are two different lists.
[LOLBins.MD]
[LOLScripts.MD]
[LOLBins](LOLBins.md)
[LOLScripts](LOLScripts.md)