Added msi-shenaningans

2022-12-22 10:22:20 +01:00 · 2022-12-22 10:21:52 +01:00 · 2022-12-22 10:20:48 +01:00
3 changed files with 6 additions and 0 deletions
--- a/.gitmodules
+++ b/.gitmodules
@ -70,3 +70,6 @@
 [submodule "phishing/CustomXMLPart"]
 	path = phishing/CustomXMLPart
 	url = https://github.com/mgeeky/CustomXMLPart
+[submodule "file-formats/msi-shenanigans"]
+	path = file-formats/msi-shenanigans
+	url = https://github.com/mgeeky/msi-shenanigans
--- a/file-formats/README.md
+++ b/file-formats/README.md
@ -1,5 +1,7 @@
 ## File-Formats Penetration Testing related scripts, tools and Cheatsheets

+- **`msi-shenanigans`** - Proof of Concept code and samples presenting emerging threat of MSI installer files. Based on my [MSI Shenanignas 1 - Offensive Capabilities Overview](https://mgeeky.tech/msi-shenanigans-part-1/) research conducted.
+
 - [**`PackMyPayload`**](https://github.com/mgeeky/PackMyPayload) - A script that takes file/directory on input and creates a new (or backdoors existing) container file with input ones embedded. Some of the formats (ISO, IMG, VHD, VHDX) could be used to bypass Mark-of-the-Web (MOTW) file taint flag. Supported formats: 
  1. `ZIP` (+password)
  2. `7zip` (+password)
--- a/file-formats/msi-shenanigans
+++ b/file-formats/msi-shenanigans
@ -0,0 +1 @@
+Subproject commit 1d5fdd57879f1553571a0e5a026f432c1317d410
Author	SHA1	Message	Date
Mariusz B. / mgeeky	b95f9aadbf	Added msi-shenaningans	2022-12-22 10:22:20 +01:00
Mariusz B. / mgeeky	b300b51045	Added msi-shenaningans	2022-12-22 10:21:52 +01:00
Mariusz B. / mgeeky	b298879274	Added msi-shenaningans	2022-12-22 10:20:48 +01:00
				`@ -0,0 +1 @@`
				`Subproject commit 1d5fdd57879f1553571a0e5a026f432c1317d410`