Abusing DCOM For Yet Another Lateral Movement Technique Logo

Abusing DCOM For Yet Another Lateral Movement Technique

0
Free
Visit Website

This post discusses an alternate DCOM lateral movement discovery and payload execution method by locating DCOM registry key/values that point to the path of a non-existing binary on the 'remote' machine, providing an example method that may work if mobsync.exe is not in the default location on Windows 2008 R2 and Windows 2012 R2 systems.

FEATURES

ALTERNATIVES

A DNS rebinding attack framework for security researchers and penetration testers.

A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.

Local pentest lab using docker compose to spin up victim and attacker services.

A technique for social engineering and untrusted command execution using ClickOnce technology

Open source application for retrieving passwords stored on a local computer with support for various software and platforms.

A collection of precompiled Windows exploits for privilege escalation.

BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.

A modular, menu-driven tool for building repeatable, time-delayed, distributed security events.