Fuzzing COM/DCOM (Component Object Model)? Hell yeah! My next research project will focus on automating security research for COM/DCOM using the fuzzing approach. In the video I point the fuzzer to "SecurityHealthService" and monitor the interactions to the FS and register.

I remember that I had to do some research online on how to make exploits for vulnerabilities over MS-RPC. With this blog, I hope to fill the gap on the lacking information available online on how to make these yourself. incendium.rocks/posts/Exploit-…

Writing to files as Local Service from a low user context? One of the many interesting things found so far with my COM/DCOM research. Making some good progress with the tool, expect more soon...

Made a small commit to the MS-RPC-Fuzzer. Seems excluding special characters from string input can help to identify interesting operations on the file system IN SOME CASES. So don't use it by default ;), just to check the difference. github.com/warpnet/MS-RPC…

Sometimes you only want to fuzz remotely accessible RPC servers. You can now gather only those using the -RemotelyAccessibleOnly switch before sending them to the fuzzer. Supports both ncacn_np and ncacn_ip_tcp. github.com/warpnet/MS-RPC…

Automating COM/DCOM security research is like slaying a dragon. The constant PowerShell crashes when creating COM objects and fuzzing its interface(s) is insane haha. Yet I already reported security issues to Microsoft which they accepted! More details soon :).