Lucene search
K

6 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.263 views

Regsvr32.exe (.sct) Command Delivery Server

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Regsvr32.exe .sct Command Delivery Server', 'Description' = %q This module uses the Regsvr32.exe Application Whitelisting Bypass technique as a w...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/13 12:0 a.m.80 views

WebDAV Server Serving DLL

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Serve DLL via webdav server', 'Description' = %q This module simplifies the rundll32.exe Application Whitelisting Bypass technique. The module...

7.4AI score
Exploits0
OSV
OSV
added 2018/10/15 4:29 p.m.2 views

CVE-2018-15591

An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can bypass Application Whitelisting restrictions to execute arbitrary code by leveraging multiple unspecified attack vectors...

7.8CVSS6.1AI score0.01284EPSS
Exploits1References5
FireEye
FireEye
added 2017/06/30 7:0 p.m.20 views

Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques

Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative...

0.7AI score
Exploits0
Metasploit
Metasploit
added 2016/06/13 8:14 p.m.35 views

Regsvr32.exe (.sct) Command Delivery Server

This module uses the Regsvr32.exe Application Whitelisting Bypass technique as a way to run a command on a target system. The major advantage of this technique is that you can execute a static command on the target system and dynamically and remotely change the command that will actually run by...

7.5AI score
Exploits0
Metasploit
Metasploit
added 2016/04/19 12:0 a.m.73 views

Regsvr32.exe (.sct) Application Whitelisting Bypass Server

This module simplifies the Regsvr32.exe Application Whitelisting Bypass technique. The module creates a web server that hosts an .sct file. When the user types the provided regsvr32 command on a system, regsvr32 will request the .sct file and then execute the included PowerShell command. This...

3.2AI score
Exploits0
Rows per page
Query Builder