Skip to content
/ COM-Object-hijacking Public

use COM Object hijacking to maintain persistence.(Hijack CAccPropServicesClass and MMDeviceEnumerator)

License

BSD-3-Clause license
56 stars 30 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

3gstudent/COM-Object-hijacking

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
COM Object hijacking persistence.ps1
COM Object hijacking persistence.ps1
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

COM-Object-hijacking

use COM Object hijacking to maintain persistence

This script allows you to use COM Object hijacking to maintain persistence.

Learn from:https://www.gdatasoftware.com/blog/2014/10/23941-com-object-hijacking-the-discreet-way-of-persistence

Code by: 3gstudent@3gstudent

License: BSD 3-Clause

Support x86 and x64 system.

Redefined CAccPropServicesClass and MMDeviceEnumerator.

These two instances are used by a lot of applications, for example by the browser (by using the CoCreateInstance() function).

When you start iexplore.exe,it also starts calc.exe.

:)

About

use COM Object hijacking to maintain persistence.(Hijack CAccPropServicesClass and MMDeviceEnumerator)

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

56 stars

Watchers

3 watching

Forks

30 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages