forked from wietze/HijackLibs
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtemplate.yml
More file actions
27 lines (26 loc) · 718 Bytes
/
template.yml
File metadata and controls
27 lines (26 loc) · 718 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
---
Name: nameofthedll.dll # All lower case
Author: Author Name
Created: 2022-01-01
Vendor: Vendor Name
ExpectedLocations: # No trailing slashes
- '%SYSTEM32%'
- '%SYSWOW64%'
- '%PROGRAMFILES%'
- 'C:\\some\\random\\location'
- ...
VulnerableExecutables:
- Path: 'path\to\the\executable.exe'
Type: Phantom|Sideloading|Search Order
AutoElevate: true # or remove if false
PrivilegeEscalation: true # or remove if false
SHA256: # remove if not a 3rd-party entry
- 'for 3rd-party entries, provide a SHA-256 hash'
- ...
Resources:
- https://some-link.here
- ...
Acknowledgements:
- Name: Full Name or Twitter Screen Name
Twitter: '@twitter-handle' #has to start with @
- ...