qwqdanchun
/
ScreenshotBOF
mirror of https://github.com/qwqdanchun/ScreenshotBOF.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update README.md

This commit is contained in:
CodeX 2022-11-01 20:29:28 +08:00 committed by GitHub
parent 3a96075d72
commit 98d0c1746b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -26,6 +26,10 @@ beacon> screenshot_bof sad.bmp 1
[*] started download of sad.bmp
```
3. if downloaded over beacon, BMP can be viewed in Cobalt Strike by right clicking the download and clicking "Render BMP" (credit @BinaryFaultline)
![image](https://user-images.githubusercontent.com/29991665/199232459-0601e5d8-d534-4f05-bde4-c8acf3bd3c12.png)
## Notes
- no evasion is performed, which should be fine since the WinAPIs used are not malicious
@ -36,4 +40,4 @@ Cobalt Strike uses a technique known as fork & run for many of its post-ex capab
- Made using https://github.com/securifybv/Visual-Studio-BOF-template
- Save BMP to file from https://stackoverflow.com/a/60667564
- in memory download from https://github.com/anthemtotheego/CredBandit
- @BinaryFaultline for BMP rendering in aggressorscript, and screenshot callback branch
- @BinaryFaultline for BMP rendering in aggressorscript, and screenshot callback branch