🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
πŸͺŸ LOLBAS / Shell32.dll

Shell32.dll

Windows Shell Common Dll

Execute

Load a DLL payload.

rundll32.exe shell32.dll,Control_RunDLL {PATH_ABSOLUTE:.dll}

Launch a DLL payload by calling the Control_RunDLL function. — MITRE: T1218.011 — Privileges: User

Run an executable payload.

rundll32.exe shell32.dll,ShellExec_RunDLL {PATH:.exe}

Launch an executable by calling the ShellExec_RunDLL function. — MITRE: T1218.011 — Privileges: User

Run an executable payload.

rundll32 SHELL32.DLL,ShellExec_RunDLL {PATH:.exe} {CMD:args}

Launch command line by calling the ShellExec_RunDLL function. — MITRE: T1218.011 — Privileges: User

Load a DLL/CPL payload.

rundll32.exe shell32.dll,#44 {PATH:.dll}

Load a DLL/CPL by calling undocumented Control_RunDLLNoFallback function. — MITRE: T1218.011 — Privileges: User