Lateral Movement: Abuse the Power of DCOM Excel Application

In this post, we will talk about an interesting lateral movement technique called ActivateMicrosoftApp() method within the distributed component object model (DCOM) Excel application. This technique is built upon Matt Nelson’s initial research on “Lateral Movement using Excel.Application and DCOM”.

What is DCOM?

DCOM is a Microsoft solution that allows software components to communicate remotely. Its predecessor, component object model (COM), lacked distributed computing functionality, so Microsoft introduced DCOM to serve the need of software components to …

abuse application called components dcom distributed excel lateral movement matt microsoft object power research software software components solution what is