Abusing DCOM For Yet Another Lateral Movement Technique Logo

Abusing DCOM For Yet Another Lateral Movement Technique

0
Free
Visit Website

This post discusses an alternate DCOM lateral movement discovery and payload execution method by locating DCOM registry key/values that point to the path of a non-existing binary on the 'remote' machine, providing an example method that may work if mobsync.exe is not in the default location on Windows 2008 R2 and Windows 2012 R2 systems.

FEATURES

ALTERNATIVES

Cyber security platform for automating adversary emulation, red-team assistance, and incident response, built on the MITRE ATT&CK™ framework.

A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.

A post-exploitation framework for attacking running AWS infrastructure

BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.

Emulates Docker HTTP API with event logging and AWS deployment script.

A simple, fast web crawler for discovering endpoints and assets in a web application

A tool for Local File Inclusion (LFI) exploitation and scanning

A technique for social engineering and untrusted command execution using ClickOnce technology