Chaitanya Haritash ChaitanyaHaritash
ChaitanyaHaritash
/ Autoelevated COM objects
Created
December 18, 2020 12:44
— forked from Elm0D/Autoelevated COM objects
List of COM object with enabled elevation. This does not mean they all useful for bypassing UAC or anything like this. Most of them are not. Some of them like Copy/Move/Rename/Delete/Link Object and Shell Security Editor already used by malware. All others need to be investigated, use OleView from Windows SDK for more info. Snapshots taken from …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| List of COM object with enabled elevation. This does not mean they all useful for bypassing UAC or anything like this. Most of them are not. Some of them like Copy/Move/Rename/Delete/Link Object and Shell Security Editor already used by malware. All others need to be investigated, use OleView from Windows SDK for more info. | |
| Snapshots taken from clean installs. | |
| Windows 7 SP1 x64, 7601 | |
| WPD Association LUA Virtual Factory | |
| {00393519-3A67-4507-A2B8-85146167ACA7} | |
| Virtual Factory for Biometrics | |
| {0142e4d1-fb7a-11dc-ba4a-000ffe7ab428} |
ChaitanyaHaritash
/ RTF obfuscation techniques.rtf
Created
December 4, 2018 08:17
— forked from mint177/RTF obfuscation techniques.rtf
RTF obfuscation techniques
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {\rt- RTF SPECIFICATION SUCKS | |
| {\u0097}} | |
| {\uc2 \u0098}}} | |
| {\uc2 \u0099\'**}} | |
| {\uc2 \uc31682 \u0101} | |
| {\u0100}} | |
| {\uc-1 \u0102} | |
| {\object\objemb\objw-\objh- |