shadowbrokers-exploits/windows/Resources/Ep/Scripts/malfind/getsig3.eps
2017-04-14 11:45:07 +02:00

7 lines
No EOL
336 B
PostScript

string $ldf_dir = GetEnv("SYSPATH");
$ldf_dir = "$ldf_dir\\driver32\\ldf";
`dir * -path "$ldf_dir" -max 0`;
if (prompt "SIG3 was detected. Do you want to download the SIG3-related files? (Look at the dir output for the \"$ldf_dir\" directory in EP log viewer to see what you'd be getting)") {
`get * -path "$ldf_dir" -max 0`;
}