lexi

i like breaking computers

  • it/its, #[deprecated] she/her
  • ./a.out

i like rust, nix, linux, infosec, webdev and i shitpost a lot. ctf player and so-called "security researcher". aroace, agender, nb, nd, disabled, &, ΘΔ :3 🏳️‍⚧️ 🟨⬜️🟪⬛️

picrew: #1322863


does anyone here know a bit of windows security stuff? if i theoretically had an exploit to download and execute a file from a website without consent, what file type, except for .exe or .bat (they do not work), can i use for a 0-click shell exploit? i currently use an AHK file, that does not trigger any security mechanisms and gets executed immediately, which can in turn open a shell and run whatever it wants. but AHK is not preinstalled everywhere, a built-in windows thing would be waaaay better (or worse to be precise). i usually do web exploits or stuff in web backends or sometimes linux but i have no clue about windows lol

also, if you're wondering, i already have something for linux, but i want to make it cross-platform. mac users are fine today because i cannot be assed to set up a mac vm for this


You must log in to comment.

in reply to @lexi's post:

OOH powershell is a good idea. idk if those get catched. scr has smartscreen like exe so it doesn't work, chm and vbs/js could work and i dont even know what pif is lol

ps1 does not work either. idk why they even do this when they don't do it with every file, MSI seems to work but i really really do not want to make a MSI lol