Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32 [for bypass, evasion, and persistence]
In Summary : The purpose of CLSIDs, LocalServer32, and InprocServer32 A slightly improved method for enumerating LocalServer32 and Inpro...
https://updatesinfosec.blogspot.com/2018/07/abusing-com-registry-structure-clsid.html
In Summary :
kindly refer the following link as follow up :
https://ift.tt/2yNPJBx
- The purpose of CLSIDs, LocalServer32, and InprocServer32
- A slightly improved method for enumerating LocalServer32 and InprocServer32 keys and missing key references
- The DCOM lateral movement method
- Rundll32 and CLSID abuse
- Several defensive recommendations [...]
kindly refer the following link as follow up :
https://ift.tt/2yNPJBx
