Ralf Hacker Channel
26.7K subscribers
407 photos
16 videos
503 files
487 links
Download Telegram
Forwarded from APT
🥔 Coerced Potato

New tool for local privilege escalation on a Windows machine, from a service account to NT SYSTEM. Should work on any recent versions of Windows.

⚙️ Tool:
https://github.com/hackvens/CoercedPotato

📝 Research:
https://blog.hackvens.fr/articles/CoercedPotato.html

#windows #lpe #seimpersonateprivilege #potato
Forwarded from APT
298559809-27f286d7-e0e3-47ab-864a-e040f8749708.webm
6.5 MB
👩‍💻 Windows CLFS Driver Privilege Escalation

This vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization’s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.

📊 Affects version:
Windows 11 21H2 (clfs.sys version 10.0.22000.1574);
Windows 11 22H2;
Windows 10 21H2;
Windows 10 22H2;
Windows Server 2022.

Research:
🔗 https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability

Exploit:
🔗 https://github.com/duck-sec/CVE-2023-28252-Compiled-exe

#windows #privesc #clfs #driver
Please open Telegram to view this post
VIEW IN TELEGRAM