module
Windows Net-NTLMv2 Reflection DCOM/RPC
| Disclosed |
|---|
| Jan 16, 2016 |
Disclosed
Jan 16, 2016
Description
Module utilizes the Net-NTLMv2 reflection between DCOM/RPC
to achieve a SYSTEM handle for elevation of privilege. Currently the module
does not spawn as SYSTEM, however once achieving a shell, one can easily
use incognito to impersonate the token.
to achieve a SYSTEM handle for elevation of privilege. Currently the module
does not spawn as SYSTEM, however once achieving a shell, one can easily
use incognito to impersonate the token.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.