timwhitez starred LocalPotato
2023-2-15 17:16:31 Author: github.com(查看原文) 阅读量:40 收藏

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

2 branches 1 tag

Code

Latest commit

Files

Permalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

Another Local Windows privilege escalation using a new potato technique ;)

The LocalPotato attack is a type of NTLM reflection attack that targets local authentication. This attack allows for arbitrary file read/write and elevation of privilege.

NOTE: This vulnerability has been fixed by Microsoft in the January 2023 Patch Tuesday with the CVE-2023-21746. If you run this exploit against a patched machine it won't work.

More technical details at --> https://www.localpotato.com/localpotato_html/LocalPotato.html

Usage


         LocalPotato (aka CVE-2023-21746)
         by splinter_code & decoder_it


Mandatory Args:
-i Source file to copy
-o Output file - do not specify the drive letter
Example: localpotato -i c:\hacker\evil.dll -o windows\system32\evil.dll

Optional Args:
-c CLSID (Default {854A20FB-2D44-457D-992F-EF13785D2B51})
-p COM server port (Default 10271)

Demo

image

Authors:


文章来源: https://github.com/decoder-it/LocalPotato
如有侵权请联系:admin#unsafe.sh