dcomexec

package
v0.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 15, 2025 License: MIT Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	LcEnglishUs uint32 = 0x409
)
View Source 
const (
	MethodMmc = "MMC" // MMC20.Application::Document.ActiveView.ExecuteShellCommand
)
View Source 
const (
	MethodShellBrowserWindow = "ShellBrowserWindow" // ShellBrowserWindow::Document.Application.ShellExecute
)
View Source 
const (
	MethodShellWindows = "ShellWindows" // ShellWindows::Item().Document.Application.ShellExecute
)
View Source 
const (
	ModuleName = "DCOM"
)

Variables

View Source 
var (
	ShellBrowserWindowUuid = uuid.MustParse("C08AFD90-F2A1-11D1-8455-00A0C91F3880")
	ShellWindowsUuid       = uuid.MustParse("9BA05972-F6A8-11CF-A442-00A0C90A8F39")
	Mmc20Uuid              = uuid.MustParse("49B2791A-B1AE-4C90-9B8E-E860BA07F889")

	RandCid      = dcom.CID(*dtyp.GUIDFromUUID(uuid.MustParse(googleUUID.NewString())))
	IDispatchIID = &dcom.IID{
		Data1: 0x20400,
		Data2: 0x0,
		Data3: 0x0,
		Data4: []byte{0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46},
	}
	ComVersion = &dcom.COMVersion{
		MajorVersion: 5,
		MinorVersion: 7,
	}
	ORPCThis = &dcom.ORPCThis{
		Version: ComVersion,
		CID:     &RandCid,
	}
)

Functions

This section is empty.

Types

type Dcom 

type Dcom struct {
	goexec.Cleaner
	goexec.Executor

	Client  *dce.Client
	ClassID *uuid.UUID
	// contains filtered or unexported fields
}

func (*Dcom) Connect 

func (m *Dcom) Connect(ctx context.Context) (err error)

func (*Dcom) Init 

func (m *Dcom) Init(ctx context.Context) (err error)

type DcomMmc 

type DcomMmc struct {
	Dcom

	IO goexec.ExecutionIO

	WorkingDirectory string
	WindowState      string
}

func (*DcomMmc) Execute 

func (m *DcomMmc) Execute(ctx context.Context, execIO *goexec.ExecutionIO) (err error)

Execute will perform command execution via the MMC20.Application DCOM object.

type DcomShellBrowserWindow added in v0.2.0 

type DcomShellBrowserWindow struct {
	Dcom

	IO goexec.ExecutionIO

	WorkingDirectory string
	WindowState      string
}

func (*DcomShellBrowserWindow) Execute added in v0.2.0 

func (m *DcomShellBrowserWindow) Execute(ctx context.Context, execIO *goexec.ExecutionIO) (err error)

Execute will perform command execution via the ShellBrowserWindow object. See https://enigma0x3.net/2017/01/23/lateral-movement-via-dcom-round-2/

type DcomShellWindows added in v0.2.0 

type DcomShellWindows struct {
	Dcom

	IO goexec.ExecutionIO

	WorkingDirectory string
	WindowState      string
}

func (*DcomShellWindows) Execute added in v0.2.0 

func (m *DcomShellWindows) Execute(ctx context.Context, execIO *goexec.ExecutionIO) (err error)

Execute will perform command execution via the ShellWindows object. See https://enigma0x3.net/2017/01/23/lateral-movement-via-dcom-round-2/

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.