darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c7a98ee914
PEASS-ng/winPEAS/winPEASexe/winPEAS/Helpers/Search/LOLBAS.cs
makikvues f3c7e92735 - added PrintLOLBAS 
- added PrintInternetSettings
- added PrintPowerShellSessionSettings
- added PrintNtlmSettings
- added PrintRDPSettings
2021-02-11 22:36:39 +01:00

133 lines
3.5 KiB
C#
Raw Blame History

using System.Collections.Generic;
namespace winPEAS.Helpers.Search
{
class LOLBAS
{
public static readonly HashSet<string> FileWithExtension = new HashSet<string>(){
"advpack.dll",
"appvlp.exe",
"at.exe",
"atbroker.exe",
"bash.exe",
"bginfo.exe",
"bitsadmin.exe",
"cl_invocation.ps1",
"cl_mutexverifiers.ps1",
"cdb.exe",
"certutil.exe",
"cmd.exe",
"cmdkey.exe",
"cmstp.exe",
"comsvcs.dll",
"control.exe",
"csc.exe",
"cscript.exe",
"desktopimgdownldr.exe",
"devtoolslauncher.exe",
"dfsvc.exe",
"diskshadow.exe",
"dnscmd.exe",
"dotnet.exe",
"dxcap.exe",
"esentutl.exe",
"eventvwr.exe",
"excel.exe",
"expand.exe",
"extexport.exe",
"extrac32.exe",
"findstr.exe",
"forfiles.exe",
"ftp.exe",
"gfxdownloadwrapper.exe",
"gpscript.exe",
"hh.exe",
"ie4uinit.exe",
"ieadvpack.dll",
"ieaframe.dll",
"ieexec.exe",
"ilasm.exe",
"infdefaultinstall.exe",
"installutil.exe",
"java.exe",
"jsc.exe",
"makecab.exe",
"manage-bde.wsf",
"mavinject.exe",
"mftrace.exe",
"microsoft.workflow.compiler.exe",
"mmc.exe",
"msbuild.exe",
"msconfig.exe",
"msdeploy.exe",
"msdt.exe",
"mshta.exe",
"mshtml.dll",
"msiexec.exe",
"netsh.exe",
"nc.exe",
"nc64.exe",
"nmap.exe",
"odbcconf.exe",
"pcalua.exe",
"pcwrun.exe",
"pcwutl.dll",
"pester.bat",
"powerpnt.exe",
"presentationhost.exe",
"print.exe",
"psr.exe",
"pubprn.vbs",
"rasautou.exe",
"reg.exe",
"regasm.exe",
"regedit.exe",
"regini.exe",
"register-cimprovider.exe",
"regsvcs.exe",
"regsvr32.exe",
"replace.exe",
"rpcping.exe",
"rundll32.exe",
"runonce.exe",
"runscripthelper.exe",
"sqltoolsps.exe",
"sc.exe",
"schtasks.exe",
"scriptrunner.exe",
"setupapi.dll",
"shdocvw.dll",
"shell32.dll",
"slmgr.vbs",
"sqldumper.exe",
"sqlps.exe",
"squirrel.exe",
"syncappvpublishingserver.exe",
"syncappvpublishingserver.vbs",
"syssetup.dll",
"tracker.exe",
"tttracer.exe",
"update.exe",
"url.dll",
"verclsid.exe",
"wab.exe",
"winword.exe",
"wmic.exe",
"wscript.exe",
"wsl.exe",
"wsreset.exe",
"xwizard.exe",
"zipfldr.dll",
"csi.exe",
"dnx.exe",
"msxsl.exe",
"ntdsutil.exe",
"rcsi.exe",
"te.exe",
"vbc.exe",
"vsjitdebugger.exe",
"winrm.vbs",
};
}
}
Reference in New Issue View Git Blame Copy Permalink