During the duration of opening a file to edit it and closing the file, **the attacker has access to plaintext documents**.
16
16
17
-
The script in this repo is a **PoC for exfiltrating sensitive data encrypted by 7-zip** to an external attacker server. This is done in the **post exploitation** phase.
17
+
The powershellscript in this repo is a **PoC for exfiltrating sensitive data encrypted by 7-zip** to an external attacker server. This is done in the **post exploitation** phase.
18
+
19
+
**Steps**
20
+
- Add the batch file to the victim's Startup folder (C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup).
21
+
- Add the powershell script in the preceding directory.