CL-Invocation.ps1

~/Privilege Escalation/Windows/Binaries# cat CL_Invocation.ps1.md █

Aero diagnostics script

Paths:

C:\Windows\diagnostics\system\AERO\CL_Invocation.ps1
C:\Windows\diagnostics\system\Audio\CL_Invocation.ps1
C:\Windows\diagnostics\system\WindowsUpdate\CL_Invocation.ps1

Detection:

Execute

Import the PowerShell Diagnostic CL_Invocation script and call SyncInvoke to launch an executable.

. C:\\Windows\\diagnostics\\system\\AERO\\CL_Invocation.ps1   \nSyncInvoke  [args]