~/Privilege Escalation/Windows/Binaries# cat Register_cimprovider.exe.md █
Used to register new wmi providers
Paths:
C:\Windows\System32\Register-cimprovider.exe
C:\Windows\SysWOW64\Register-cimprovider.exe
Detection:
Execute
Load the target .DLL.
Register-cimprovider -path "C:\folder\evil.dll"
Usecase:Execute code within dll file