You must be logged in to view this content.
5 responses to “Advanced LNK File Attack Techniques”
-
I am trying to use this technique as well but nothing its working, what can i use to bypass smartscreen and when i download from web it adds extention file.lnk.download, but if i put it in a rar, i download and extract when i run it i ve got a smart screen how do you bypass that?
-
The most common reasons why a VBA macro that downloads a file from a trusted remote source and then tries to execute it (especially via a shortcut like .lnk) fails today are related to Microsoft’s security layers, not necessarily your code syntax.
1- Remove the Zone.Identifier after download (this is usually the #1 fix)
2-Test without .lnk download and execute the .exe directly instead of creating/using a shortcut. .lnk adds an extra layer of suspicion
-
-
yes its already without extention
-
but if you .rar it you see the file inside with the .lnk extention
-
Another thing is i cant create a agent in loki, i click on it and i ad my localhost but nothing happens
Leave a Reply
You must be logged in to post a comment.