Patch 1.2

Updated help menu
optiv · Feb 24, 2021 · 082a0f2 · 082a0f2
1 parent 2d3e9c7
commit 082a0f2
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/ScareCrow.go b/ScareCrow.go
@@ -36,10 +36,10 @@ func options() *FlagOptions {
 	console := flag.Bool("console", false, "Only for Binary Payloads - Generates verbose console information when the payload is executed. This will disable the hidden window feature.")
 	LoaderType := flag.String("Loader", "binary", `Sets the type of process that will sideload the malicious payload:
 [*] binary - Generates a binary based payload. (This type does not benfit from any sideloading)	
-[*] control - Loads a hidden control applet - the process name would be rundll32.
+[*] control - Loads a hidden control applet - the process name would be rundll32 if -O is specified a JScript loader will be generated.
 [*] dll - Generates just a DLL file. Can executed with commands such as rundll32 or regsvr32 with DllRegisterServer, DllGetClassObject as export functions.
-[*] excel - Loads into a hidden Excel process.
-[*] wscript - Loads into WScript process.
+[*] excel - Loads into a hidden Excel process using a JScript loader.
+[*] wscript - Loads into WScript process using a JScript loader.
 `)
 	refresher := flag.Bool("unmodified", false, "When enabled will generate a DLL loader that WILL NOT removing the EDR hooks in system DLLs and only use custom syscalls (set to false by default)")
 	URL := flag.String("url", "", "URL associated with the Delivery option to retrieve the payload. (e.g. https://acme.com/)")