mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2024-11-21 18:11:37 +01:00
README
This commit is contained in:
parent
8e976e7cee
commit
9afe574be7
@ -9,6 +9,8 @@ Windows Script Host (WSH) subsystem can execute VBScript/JScript scritplets usin
|
|||||||
- `wscript.exe` - For general scripts execution. **This one loads AMSI**
|
- `wscript.exe` - For general scripts execution. **This one loads AMSI**
|
||||||
|
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
#### VBScript
|
#### VBScript
|
||||||
|
|
||||||
- **`download-file-and-exec.vbs`** - Downloads a binary file using `Msxml2.ServerXMLHTTP`, stores it to the disk `Adodb.Stream` and then launches it via `Wscript.Shell Run`
|
- **`download-file-and-exec.vbs`** - Downloads a binary file using `Msxml2.ServerXMLHTTP`, stores it to the disk `Adodb.Stream` and then launches it via `Wscript.Shell Run`
|
||||||
@ -20,9 +22,13 @@ Windows Script Host (WSH) subsystem can execute VBScript/JScript scritplets usin
|
|||||||
- **`wscript-shell-stdin-code-exec.vbs`** - Code execution via `WScript.Shell` in a hidden window through a command passed from StdIn to `powershell`
|
- **`wscript-shell-stdin-code-exec.vbs`** - Code execution via `WScript.Shell` in a hidden window through a command passed from StdIn to `powershell`
|
||||||
|
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
#### JScript
|
#### JScript
|
||||||
|
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
#### XSL
|
#### XSL
|
||||||
|
|
||||||
XSL files can be executed in the following ways:
|
XSL files can be executed in the following ways:
|
||||||
@ -40,6 +46,8 @@ Templates:
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
#### COM Scriptlets
|
#### COM Scriptlets
|
||||||
|
|
||||||
Sample code execution with `regsvr32` can be following:
|
Sample code execution with `regsvr32` can be following:
|
||||||
@ -50,6 +58,8 @@ regsvr32 /u /n /s /i:wscript-shell-run-jscript-scriptlet.sct scrobj.dll
|
|||||||
- **`wscript-shell-run-jscript-scriptlet.sct`** - SCT file with JSCript code execution via `WScript.Shell.Run`
|
- **`wscript-shell-run-jscript-scriptlet.sct`** - SCT file with JSCript code execution via `WScript.Shell.Run`
|
||||||
|
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
#### HTA
|
#### HTA
|
||||||
|
|
||||||
HTA files are HTML Applications
|
HTA files are HTML Applications
|
||||||
|
Loading…
Reference in New Issue
Block a user