RemoteMonologue: Weaponizing DCOM for NTLM authentication coercions | IBM

RemoteMonologue: Weaponizing DCOM for NTLM authentication coercions | IBM

Now that we know it’s possible to convert a DCOM object into a session hijacking tool, the next step is to identify which Methods and Properties can be leveraged to complete the hijack. For this research, I explored whether user compromise…

Article Source
https://www.ibm.com/think/x-force/remotemonologue-weaponizing-dcom-ntlm-authentication-coercions