mubix
commented
6 years ago Also look at: https://github.com/mubix/bliizard_escalation
Closed mubix closed 5 years ago
mubix
commented
6 years ago Also look at: https://github.com/mubix/bliizard_escalation
SwiftOnSecurity
commented
5 years ago Thanks for your work on this, but the base version needs to be as lean as possible to ensure attackers can't used missing locations on victim computers to hide.
Yes it's called Agent.exe, yes it's in ProgramData Yes it's in a subfolder with a build number like
Agent.6082so it's nearly impossible to exclude right. Mostly I'm making this pull request as a way to ping the community as a way to fix this.