Forwarded from APT
🥔 Coerced Potato
New tool for local privilege escalation on a Windows machine, from a service account to NT SYSTEM. Should work on any recent versions of Windows.
⚙️ Tool:
https://github.com/hackvens/CoercedPotato
📝 Research:
https://blog.hackvens.fr/articles/CoercedPotato.html
#windows #lpe #seimpersonateprivilege #potato
New tool for local privilege escalation on a Windows machine, from a service account to NT SYSTEM. Should work on any recent versions of Windows.
⚙️ Tool:
https://github.com/hackvens/CoercedPotato
📝 Research:
https://blog.hackvens.fr/articles/CoercedPotato.html
#windows #lpe #seimpersonateprivilege #potato
Forwarded from APT
298559809-27f286d7-e0e3-47ab-864a-e040f8749708.webm
6.5 MB
This vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization’s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.
📊 Affects version:
— Windows 11 21H2 (clfs.sys version 10.0.22000.1574);
— Windows 11 22H2;
— Windows 10 21H2;
— Windows 10 22H2;
— Windows Server 2022.
Research:
🔗 https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability
Exploit:
🔗 https://github.com/duck-sec/CVE-2023-28252-Compiled-exe
#windows #privesc #clfs #driver
Please open Telegram to view this post
VIEW IN TELEGRAM
CVE-2024-21338: Windows Admin-to-Kernel LPE
Уязвимы Windows 10 & 11
PoC: https://github.com/hakaioffsec/CVE-2024-21338
Blog: https://hakaisecurity.io/cve-2024-21338-from-admin-to-kernel-through-token-manipulation-and-windows-kernel-exploitation/research-blog/
#lpe #windows #exploit #redteam
Уязвимы Windows 10 & 11
PoC: https://github.com/hakaioffsec/CVE-2024-21338
Blog: https://hakaisecurity.io/cve-2024-21338-from-admin-to-kernel-through-token-manipulation-and-windows-kernel-exploitation/research-blog/
#lpe #windows #exploit #redteam