Living Off The Land Binaries, Scripts and Libraries - LOLBINs LOLBAS

josephine

Bardzo aktywny
Zasłużony
Dołączył
14 Czerwiec 2020
Posty
3996
Reakcje/Polubienia
22132
LCgqMfv.jpg


LOLBins is the abbreviated term for Living Off the Land Binaries. Living Off the Land Binaries are binaries of a non-malicious nature, local to the operating system, that have been utilised and exploited by cyber criminals and crime groups to camouflage their malicious activity.

Initially, LOLBins were commonly used in a post-exploitation basis, to gain persistence or escalate privileges. However, the local system binaries or the preinstalled tools on a machine are now being used to bypass detection and aid in malware delivery.

Which means that malicious actors can use these LOLBins to achieve their goals, without relying on specific code or files.

LOLBins are often Microsoft signed binaries. Such as Certutil, Windows Management Instrumentation Command-line (WMIC).

They can be used for a range of attacks, including executing code, to performing file operations (downloading, uploading, copying, etc.), to stealing passwords.

More information about the Living Off The Land Binaries, Scripts and Libraries project on GitHub in the links below.

Zaloguj lub Zarejestruj się aby zobaczyć!


Zaloguj lub Zarejestruj się aby zobaczyć!


Zaloguj lub Zarejestruj się aby zobaczyć!
 
Do góry