lexi

i like breaking computers

  • it/its, #[deprecated] she/her
  • ./a.out

i like rust, nix, linux, infosec, webdev and i shitpost a lot. ctf player and so-called "security researcher". aroace, agender, nb, nd, disabled, &, ΘΔ :3 🏳️‍⚧️ 🟨⬜️🟪⬛️

picrew: #1322863


does anyone here know a bit of windows security stuff? if i theoretically had an exploit to download and execute a file from a website without consent, what file type, except for .exe or .bat (they do not work), can i use for a 0-click shell exploit? i currently use an AHK file, that does not trigger any security mechanisms and gets executed immediately, which can in turn open a shell and run whatever it wants. but AHK is not preinstalled everywhere, a built-in windows thing would be waaaay better (or worse to be precise). i usually do web exploits or stuff in web backends or sometimes linux but i have no clue about windows lol

also, if you're wondering, i already have something for linux, but i want to make it cross-platform. mac users are fine today because i cannot be assed to set up a mac vm for this