12:30AM Can’t sleep because mattress making too much noise when I flip to the side and waking gf up.

After getting familiar with COM and RPC, I believe the true way of gaining deeper understanding of these topics is to practice them

RPC Server Initializing LOCAL/REMOTE COM Servers for Fun and Profit

Goal:

  1. Write a RPC server and a RPC client.
  2. Write a COM Server and a COM client.
  3. Implement the COM client part into RPC server
    1. So that, when the RPC server:FunctionX is called, the RPC Server will load the In-process COM Server and execute payload/cmd.
    2. Add features that will allow RPC servers to initiate different COM Servers In-process to make firewall rule changes on machine.

Usage:

  1. Phishing, or any kind of delivery methods to get the RPC server + COM Server onto the On-prem machines and acting as a persistence/backdoor access.
  2. We can talk to HOST A with RPC client to tell it to create an instance of our custom COM server, and executes

Imagine the Sun is a machine with our COM server, We can drop an RPC servers on any of the planets as long as it can talk to the Sun to make RPC servers to work.

Untitled

COM server inside of a COM Server, Double Linked List COM Servers?

Goal:

  1. Simple wrapper of CreateInstance and GetClassObject
  2. Allowing more obfuscation

Usage:

  1. I initiate COM Server 1 → Initiate COM Server 2 on HOST B → COM Server 3 on HOST C.

COM Server Component Interface that implements a RPC Server

Goal:

  1. Initiate a RPC server COM component class in process to make it available for temporary socks over namedpipe? socks over RPC?
  3. ..

Usage:

  1. A COM server that will initiate a RPC server