Tag Archives: Lateral Movement

RPC Firewall : Stopping Lateral Movement via the RPC Firewall

RPC Firewall is the underlying mechanism which is used for numerous lateral movement techniques, reconnaissances, relay attacks, or simply to exploit vulnerable RPC services. DCSync attack? over RPC. Remote DCOM? over RPC. WMIC? over RPC. SharpHound? over RPC. PetitPotam? over RPC. PsExec? over RPC. ZeroLogon? over RPC… well, you get the idea 🙂 What is it used for? Research Install the …

Continue reading “RPC Firewall : Stopping Lateral Movement via the RPC Firewall”

TChopper : Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine

TChopper, a new technique I have discovered recently and give it a nickname (Chop chop) to perform lateral movement using windows services display name and WMI by smuggling the malicious binary as base64 chunks and automate the process using the TChopper tool. How It Works the tool will get the file you willing to smuggle …

Continue reading “TChopper : Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine”

CheeseTools : Self-developed Tools For Lateral Movement/Code Execution

The CheeseTools has been made basing onto the already existing MiscTool, so big shout-out to rasta-mouse for releasing them and for giving me the right motivation to work on them. CheeseExec Command Exec / Lateral movement via PsExec-like functionality. Must be running in the context of a privileged user. The tool is based on rasta-mouse CsExec, but is designed to …

Continue reading “CheeseTools : Self-developed Tools For Lateral Movement/Code Execution”