EfsPotato
MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability
https://github.com/zcgonvh/EfsPotato
#potato #seImpersonateprivilege #lpe
MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability
https://github.com/zcgonvh/EfsPotato
#potato #seImpersonateprivilege #lpe
GitHub
GitHub - zcgonvh/EfsPotato: Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation…
Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability). - zcgonvh/EfsPotato
🥔 Coerced Potato
New tool for local privilege escalation on a Windows machine, from a service account to NT SYSTEM. Should work on any recent versions of Windows.
⚙️ Tool:
https://github.com/hackvens/CoercedPotato
📝 Research:
https://blog.hackvens.fr/articles/CoercedPotato.html
#windows #lpe #seimpersonateprivilege #potato
New tool for local privilege escalation on a Windows machine, from a service account to NT SYSTEM. Should work on any recent versions of Windows.
⚙️ Tool:
https://github.com/hackvens/CoercedPotato
📝 Research:
https://blog.hackvens.fr/articles/CoercedPotato.html
#windows #lpe #seimpersonateprivilege #potato
🔥10
This media is not supported in your browser
VIEW IN TELEGRAM
🥔 DeadPotato
This is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the original GodPotato source code by BeichenDream.
🔗 Source:
https://github.com/lypd0/DeadPotato
#windows #lpe #potato #seimpersonate
This is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the original GodPotato source code by BeichenDream.
🔗 Source:
https://github.com/lypd0/DeadPotato
#windows #lpe #potato #seimpersonate
🔥25❤1👍1🤔1
🔑 Three-Headed Potato Dog: NTLM and Kerberos Coercion
New research demonstrates how DCOM can coerce Windows systems to authenticate remotely, allowing attackers to relay NTLM or Kerberos authentication to AD CS over HTTP. This enables remote and cross-session authentication relay attacks, targeting both machine and user accounts.
🔗 Research:
https://blog.compass-security.com/2024/09/three-headed-potato-dog/
🔗 Source:
https://github.com/sploutchy/impacket/blob/potato/examples/potato.py
#ad #windows #dcom #relay #potato
New research demonstrates how DCOM can coerce Windows systems to authenticate remotely, allowing attackers to relay NTLM or Kerberos authentication to AD CS over HTTP. This enables remote and cross-session authentication relay attacks, targeting both machine and user accounts.
🔗 Research:
https://blog.compass-security.com/2024/09/three-headed-potato-dog/
🔗 Source:
https://github.com/sploutchy/impacket/blob/potato/examples/potato.py
#ad #windows #dcom #relay #potato
❤13👍3