GET /api/techniques/162/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"id": 162,
"key": "breaking-badder",
"unprotect_id": "U1201",
"name": "Breaking BaDDEr",
"description": "Dynamic Data Exchange (DDE) is a protocol that allows applications to share data with each other. The Dynamic Data Exchange Management Library (DDEML) is a set of functions that facilitate data sharing using the DDE protocol. DDE and DDEML are commonly used in Microsoft Office to enable data to be shared between applications. In October 2017, a vulnerability was discovered in Microsoft Office that could be exploited using DDE to execute arbitrary code. Since then, DDE has been disabled by default in Microsoft Office and is no longer considered a critical component. \r\n\r\nThis injection method is limited to the explorer.exe process, which is the process that handles graphical user interface (GUI) elements in the Windows operating system.",
"resources": "https://modexp.wordpress.com/2019/08/09/windows-process-injection-breaking-badder/",
"creation_date": "2020-10-26T07:41:58Z",
"tags": "Data sharing protocol,\r\nData sharing library,\r\nDDE protocol,\r\nCode execution,",
"modification_date": "2023-10-04T10:42:33.135000Z",
"category": [
4
],
"rules": [],
"attachments": [],
"featured_api": [
3,
4,
6,
23,
24,
239,
290,
357,
363,
381,
423,
569
],
"contributors": []
}
