Forwarded from APT
🥔 Coerced Potato
New tool for local privilege escalation on a Windows machine, from a service account to NT SYSTEM. Should work on any recent versions of Windows.
⚙️ Tool:
https://github.com/hackvens/CoercedPotato
📝 Research:
https://blog.hackvens.fr/articles/CoercedPotato.html
#windows #lpe #seimpersonateprivilege #potato
New tool for local privilege escalation on a Windows machine, from a service account to NT SYSTEM. Should work on any recent versions of Windows.
⚙️ Tool:
https://github.com/hackvens/CoercedPotato
📝 Research:
https://blog.hackvens.fr/articles/CoercedPotato.html
#windows #lpe #seimpersonateprivilege #potato
🔥34👍9
LocalPotato (Windows LPE) обновлён и теперь поддерживает HTTP/WebDAV.
Git: https://github.com/decoder-it/LocalPotato
Blog: https://decoder.cloud/2023/11/03/localpotato-http-edition/
#git #lpe #redteam #redteam
Git: https://github.com/decoder-it/LocalPotato
Blog: https://decoder.cloud/2023/11/03/localpotato-http-edition/
The HTTP/WebDAV scenario is currently unpatched (Microsoft decision, we reported it) and works on updated systems.
#git #lpe #redteam #redteam
🔥15😢3👍1😁1
This media is not supported in your browser
VIEW IN TELEGRAM
CVE-2023-36003 (Windows LPE XAML diagnostics API)
Blog: https://m417z.com/Privilege-escalation-using-the-XAML-diagnostics-API-CVE-2023-36003/
PoC: https://github.com/m417z/CVE-2023-36003-POC
Исправлено в патче от 12 декабря
#lpe #ad #pentest #redteam
Blog: https://m417z.com/Privilege-escalation-using-the-XAML-diagnostics-API-CVE-2023-36003/
PoC: https://github.com/m417z/CVE-2023-36003-POC
Исправлено в патче от 12 декабря
#lpe #ad #pentest #redteam
🔥34👍10
CVE-2024-20656: Windows LPE in the VSStandardCollectorService150 service
Blog: https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/
PoC: https://github.com/Wh04m1001/CVE-2024-20656
#lpe #exploit #redteam #pentest
Blog: https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/
PoC: https://github.com/Wh04m1001/CVE-2024-20656
#lpe #exploit #redteam #pentest
MDSec
CVE-2024-20656 - Local Privilege Escalation in the VSStandardCollectorService150 Service - MDSec
Overview Visual Studio is a complex and powerful IDE developed by Microsoft and comes with a lot of features that can be interesting from a red team perspective. During this...
🔥7👍6
This media is not supported in your browser
VIEW IN TELEGRAM
CVE-2024-1086: Linux LPE
https://github.com/notselwyn/cve-2024-1086
#pentest #redteam #exploit #lpe
https://github.com/notselwyn/cve-2024-1086
The exploit affects versions from (including) v5.14 to (including) v6.6, excluding patched branches v5.15.149>, v6.1.76>, v6.6.15>. The patch for these versions were released in feb 2024. The underlying vulnerability affects all versions (excluding patched stable branches) from v3.15 to v6.8-rc1.
#pentest #redteam #exploit #lpe
🔥36👍7
CVE-2024-21338: Windows Admin-to-Kernel LPE
Уязвимы Windows 10 & 11
PoC: https://github.com/hakaioffsec/CVE-2024-21338
Blog: https://hakaisecurity.io/cve-2024-21338-from-admin-to-kernel-through-token-manipulation-and-windows-kernel-exploitation/research-blog/
#lpe #windows #exploit #redteam
Уязвимы Windows 10 & 11
PoC: https://github.com/hakaioffsec/CVE-2024-21338
Blog: https://hakaisecurity.io/cve-2024-21338-from-admin-to-kernel-through-token-manipulation-and-windows-kernel-exploitation/research-blog/
#lpe #windows #exploit #redteam
🔥26👍8😁5
CVE-2024-26229: Windows LPE
PATCHED: Apr 9, 2024
https://github.com/RalfHacker/CVE-2024-26229-exploit
P.S. Чуть поправил оригинальный эксплоит
#git #exploit #lpe #pentest #redteam
PATCHED: Apr 9, 2024
https://github.com/RalfHacker/CVE-2024-26229-exploit
P.S. Чуть поправил оригинальный эксплоит
#git #exploit #lpe #pentest #redteam
🔥30👍10
This media is not supported in your browser
VIEW IN TELEGRAM
Еще одна картошка)) Абузит RPCSS в DCOM при обработке OXID
https://github.com/lypd0/DeadPotato
#lpe #potato #ad #pentest #redteam
https://github.com/lypd0/DeadPotato
#lpe #potato #ad #pentest #redteam
🔥21