![]()
Beyond good ol’ Run key, Part 152
文章介绍了一种Windows系统的持久化机制,通过注册表路径HKLM\Software\Microsoft\MSDTC\XADLL存储可被操作系统加载的DLL文件列表。
2025-12-31 23:8:39
Author: www.hexacorn.com(查看原文)
阅读量:0
收藏
Forgot to post this one before 153…
As this is often the case in this series, this persistence mechanism is a documented feature of Microsoft Windows.
The following Registry entry:
HKLM\Software\Microsoft\MSDTC\XADLL
can store a list of DLL files that can be loaded by the OS.
文章来源: https://www.hexacorn.com/blog/2025/12/31/beyond-good-ol-run-key-part-152/
如有侵权请联系:admin#unsafe.sh