Abusing DCOM For Yet Another Lateral Movement Technique Logo

Abusing DCOM For Yet Another Lateral Movement Technique

0
Free
Visit Website

This post discusses an alternate DCOM lateral movement discovery and payload execution method by locating DCOM registry key/values that point to the path of a non-existing binary on the 'remote' machine, providing an example method that may work if mobsync.exe is not in the default location on Windows 2008 R2 and Windows 2012 R2 systems.

FEATURES

ALTERNATIVES

A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.

Data exfiltration & infiltration tool using text-based steganography to evade security controls.

Cutting-edge open-source security tools for adversary simulation and threat hunting.

An open-source penetration testing framework for social engineering with custom attack vectors.

LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.

A collection of Microsoft PowerShell modules for penetration testing purposes.

Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.

A unified repository for different Metasploit Framework payloads.

PINNED