module
Windows Net-NTLMv2 Reflection DCOM/RPC
| Disclosed |
|---|
| Jan 16, 2016 |
Disclosed
Jan 16, 2016
Description
Module utilizes the Net-NTLMv2 reflection between DCOM/RPC
to achieve a SYSTEM handle for elevation of privilege. Currently the module
does not spawn as SYSTEM, however once achieving a shell, one can easily
use incognito to impersonate the token.
to achieve a SYSTEM handle for elevation of privilege. Currently the module
does not spawn as SYSTEM, however once achieving a shell, one can easily
use incognito to impersonate the token.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.