A few days ago, I was looking into a Python documentation shortcut on Windows that suddenly won’t open. It gave me an error that it could not open the file.
Then, I remembered that I just upgraded my Python from 3.9.1 to 3.9.2 via
chocolatey. Apparently, the upgrade process doesn’t update the shortcut for local documentation.
So I went to the pointed directory and changed
python392.chm to fix the error.
After the shortcut worked and the documentation opened, I idly right-clicked on the documentation’s window title and saw the “Jump to URL…” menu.
The menu brought up this window.
Since I was curious, I filled the URL box with
http://localhost:53, and at the same time I setup a
ncat listener on port 53.
ncat captured an HTTP request.
After that, I tried it with
responder on my Kali Linux and redo the steps above, but this time I’m triggering the request via command prompt.
I checked on my Kali, and I can see my hash has been captured
If the resource doesn’t exist (
responder off), it will pop up this window.
So I think it’s a bit usable in RDP not in DOS.
I just found out that this program is already listed on LOLBas project
I posted this because I couldn’t find
hh.exe on these sites: