In the wake of the recent buzz and trend in using DDE for executing arbitrary command lines and eventually compromising a system, I asked myself « what are the coolest command lines an attacker could use besides the famous powershell oneliner » ?
I’ve recently been looking into a fancy covert channel, targeting Windows familly operating systems, for either:
- deliver various malicious payloads (shellcode, binaries, scripts, whatever…)
- use it as a C2 communication channel
This is what this blog post is all about. Let’s dig into it.