@decoder_it : The "XBL Live Game Save" DCOM app, running on Windows 150/11 and Server (up to 2019), can be remotely launched and activated by Distrib. DCOM & Perf Log groups. This triggers auth. as computer account, which can be relayed in a DCOM -> HTTP Kerberos / NTLM relay attack ;) • TwiCopy

Andrea Pierini

@decoder_it

+ Follow

Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere"

ID: 37397611

linkhttps://decoder.cloud calendar_today03-05-2009 10:27:23

1,1K Tweet

8,8K Followers

285 Following

Andrea Pierini

@decoder_it

a year ago

The "XBL Live Game Save" DCOM app, running on Windows 10/11 and Server (up to 2019), can be remotely launched and activated by Distrib. DCOM & Perf Log groups. This triggers auth. as computer account, which can be relayed in a DCOM -> HTTP Kerberos / NTLM relay attack ;)

thumb_up_off_alt163

chat_bubble_outline5

repeat67

shareShare