-
### Description
As many know, Rectify11 fixes WScript. However, Rectify11 does not fix MSHTA. As a developer myself, I see how this would be hard to implement. but WScript has the Win11 icons, why …
-
I am using version 2.16.40.0 X64. However, any other version also encountered same issue. I used open, browse to add .xls file then select CompareMSExcelFiles. However, whenever i click on "Plugin Set…
-
@chvancooten thanks for your follina script !
what if use not msdt , can Ms word spawn something another Url handlers that can execute pwsh ?
Here is a bit of em what have bypass and execute optio…
-
Kovter uses mshta and powershell and the monitor seems to be missing those processes in my tests. This sample (can be downloaded from VT) will execute the scripting engines:
15c237f6b74af2588b0791…
-
Host: VMware Pro 17, Windows 10, AMD Ryzen 2400G, Hyper-V features disabled
Guest: Windows Me Japanese, Patcher9x v0.8.50-beta4
It's very often to cause app crash after apply Patcher9x, especially…
-
Hey,
Is it possible to add mshta based exploits? Generating html applications and running it with mshta shouldn't be a problem, I guess.
-
rundll32 js code will get killed by many sponsers,and it comes the same using mshta execute remote js code,but it'll do when the payload land at local disk, use mshta execute hta will do fine
-
Hi there,
Have you tried to execute the generated HTA on Windows 7? atob and Blob are only defined in IE10+, which caused mshta on Windows 7 to fail
-
Hello @klezVirus thanks for you work, and your tools!
How to build follina doc without hosting, just with command/payload file (ps1, raw, txt..)
#maybe it can be useful https://github.com/komomon…
-
I'm sorry for not following the issue template but I just have a quick issue.
Couple months ago I used the mshta "something payload" to get an agent but
Whenever I launch cmd as admin from this use…