Persistent Asynchronous and Fileless Backdoor
TNzWWG
TNzWWG
- No tags were found...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
WMI Attacks – C2 Communication• WMI is a fantastic C2 channel!• The following can be used to stage exfil– Namespace• WMI Shell already does it– WMI class creation• One group already kind of does it– Registry• No one I know of is doing this– Ideas? Let’s chat