Windows PowerShell / Trojan File RCE revisited

From: hyp3rlinx <apparitionsec () gmail com>
Date: Wed, 7 Jun 2023 22:29:41 -0400


Windows PowerShell Filename Code Execution POC

Discovery: 2019 and revisited 2023

Since it still works, I dusted off and made minor improvements:

Execute a remote DLL using rundll32
Execute an unintended secondary PS1 script or local text-file (can be
Updated the PS1 Trojan Filename Creator Python3 Script
First reported to Microsoft back in 2019 yet remains unfixed as of the time
of this writing.

Remote code execution via a specially crafted filename.

Thank you,
Sent through the Full Disclosure mailing list
Web Archives & RSS:

Current thread:

  • Windows PowerShell / Trojan File RCE revisited hyp3rlinx (Jun 09)

Source link