A Python script depends on Impacket scripts to trigger the loading of a .cpl file into memory using a DCOM object. The CPL file path must already be added to the registry. The script uses the Open function in the IOpenControlPanel interface to load the CPL (Control Panel Item) DLL into memory.
Full research: https://securelist.com/lateral-movement-via-dcom-abusing-control-panel/118232/
python3 CPLTrig.py [[domain/]username[:password]@]<targetName or address> -cpl 'mycpl'
The script will return error but the dll will be loaded successfully
Note: Any random name can be provided for the -cpl argument.
Haidar kabibo. Kaspersky Security Services. X: https://x.com/haider_kabibo
This software is provided under MIT Software License.