winget: Install ROGUE Software & Packages?

26,992

1,011 0

Published 2023-04-20

j-h.io/plextrac || Save time and effort on pentest reports with PlexTrac's premiere reporting & collaborative platform in a FREE one-month trial! j-h.io/plextrac 😎

🔥 YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe!
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware

All Comments (19)

@6r1nch4 1 year ago

Love it, I use winget all the time as a System Engineer
@MoustacheChauveau 1 year ago

I did not validate this with the winget docs, but if setting the LocalManifestFiles configuration would modify the user settings of winget, why would an attacker not simply edit that file to have the setting on instead of having to impersonate local admin? I think this would explain why changing the setting does not edit the user settings json.
@aviationbutterr 1 year ago

Little tip, around 6:24 you exit the terminal to open up a new admin one. I don't know about you but that gets a little annoying for me to do so I found this tool called "gsudo". You can call it as gsudo or just sudo. If you just type `gsudo` it will do a UAC prompt and then bring you to a new privliaged powershell environment, but if you do `gsudo [commands ...]` it will just do that command with admin privliages and then bring you back to your normal environment. I find it pretty handy
@_._._._._._._.__._._._._._._._ 1 year ago

Interesting....
@uzumakiuchiha7678 1 year ago

Its kewl
@f.andersen3824 1 year ago

Uhhh, didn’t know about winget at all. Thanks man, very interesting.
@ReligionAndMaterialismDebunked 1 year ago

Just 31 comments. Damn. Hehe. I saw this on my feed many hours ago, but now I'm here, at 21 hours ago posted status. Hehe
@YouChwb 1 year ago

Probs malware...well, someone was going to say it eventually.
@Vilematrix 1 year ago

I always wonder. Malwarebytes uses LOL strings. Whut
@dtvdavid 1 year ago

So if I interpret it correctly, these LOLBAS things are like syskey.exe in the past?
@blinking_dodo 1 year ago

Neat. Also, I am pretty sure that unzipping a folder can trigger network activity... Not gonna talk about it here, since i would be using it as my own 0-day. (Or is John interested?)
@baxuvis275 1 year ago

sixth comment posted here <3 Love you all
@RazoBeckett. 1 year ago

i was watching ...
@DayzGone 1 year ago

He uses PowerShell instead of cmd. Is there any reason as to why?
@RX_100.0 1 year ago

Okay, i am first
@dom1310df 1 year ago

TIL that winget is a thing. Will have to use it when I next need to install software on Windows. Might stop me from going crazy.
@vnc.t 1 year ago

why have winget download and execute the virus if you have a shell already? why not do it yourself?
@BoneE710S 1 year ago

There no audio