😈 [ decoder_it, ap ]
We did it again with #LocalPotato!
A not-so-common NTLM reflection attack allowing for arbitrary read/write. Basically EoP from user to SYSTEM.
Tracked as #CVE-2023-21746 - Windows NTLM EoP
Soon more details --> https://t.co/Skyn0xdxNN
cc @splinter_code
🔗 http://www.localpotato.com
🐥 [ tweet ]
We did it again with #LocalPotato!
A not-so-common NTLM reflection attack allowing for arbitrary read/write. Basically EoP from user to SYSTEM.
Tracked as #CVE-2023-21746 - Windows NTLM EoP
Soon more details --> https://t.co/Skyn0xdxNN
cc @splinter_code
🔗 http://www.localpotato.com
🐥 [ tweet ]
🔥3
😈 [ splinter_code, Antonio Cocomazzi ]
🔥 Brace yourself #LocalPotato is out 🥔
Our new NTLM reflection attack in local authentication allows for arbitrary file read/write & elevation of privilege.
Patched by Microsoft, but other protocols may still be vulnerable.
cc @decoder_it
Enjoy! 👇
https://t.co/3Lge45hb7L
🔗 https://www.localpotato.com/localpotato_html/LocalPotato.html
🔗 https://github.com/decoder-it/LocalPotato
🐥 [ tweet ]
🔥 Brace yourself #LocalPotato is out 🥔
Our new NTLM reflection attack in local authentication allows for arbitrary file read/write & elevation of privilege.
Patched by Microsoft, but other protocols may still be vulnerable.
cc @decoder_it
Enjoy! 👇
https://t.co/3Lge45hb7L
🔗 https://www.localpotato.com/localpotato_html/LocalPotato.html
🔗 https://github.com/decoder-it/LocalPotato
🐥 [ tweet ]
😈 [ splinter_code, Antonio Cocomazzi ]
Cool discovery 😎
Can be used also to weaponize arbitrary file write vulnerabilities.
As a bonus, check the screenshot on how to weaponize #LocalPotato with this StorSvc DLL hijacking to get a SYSTEM shell.
🐥 [ tweet ][ quote ]
Cool discovery 😎
Can be used also to weaponize arbitrary file write vulnerabilities.
As a bonus, check the screenshot on how to weaponize #LocalPotato with this StorSvc DLL hijacking to get a SYSTEM shell.
🐥 [ tweet ][ quote ]