DCOMUploadExec is a proof-of-concept (PoC) tool designed to exploit the Distributed Component Object Model (DCOM) for lateral movement within a network.
By leveraging the IMsiServer interface, this tool demonstrates how attackers can abuse Windows Installer’s COM functionality to execute payloads on remote systems. Below is an overview of its functionality, usage, and limitations.
DCOMUploadExec consists of two key components:
This tool bypasses traditional methods like PsExec by exploiting the IMsiServer interface in msiexec.exe
, enabling attackers to upload and execute DLLs remotely.
msiexec.exe
process.InitializeEmbeddedUI
) from the DLL.DCOMUploadExec
and AssemblyPayload
).DCOMUploadExec.exe [domain]$$user]:[password]@[address]
DCOMUploadExec.exe LOCALHOST
To customize the payload:
InitializeEmbeddedUI
.PayloadConfig.h
with details of your custom payload:PAYLOAD_ASSEMBLY_PATH
: Path to your DLL.ASSEMBLY_NAME
: Name of your assembly.ASSEMBLY_BITNESS
: Specify “64” (x64) or “32” (x86).ASSEMBLY_VERSION
: Version obtained via tools like sigcheck.exe
.ASSEMBLY_PUBLIC_KEY
: Public key generated using sn.exe
.Recompile DCOMUploadExec to use this custom payload.
DCOMUploadExec highlights how attackers can exploit lesser-known COM interfaces like IMsiServer for lateral movement.
While it serves as a PoC, it underscores the importance of securing DCOM configurations, applying patches, and monitoring suspicious activity in enterprise environments.
Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…
Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…
Efficient disk space management is vital in Linux, especially for system administrators who manage servers…
Knowing how to check directory sizes in Linux is essential for managing disk space and…
Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…
Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…