mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-24 05:33:33 +00:00
Add EfsPotato
This commit is contained in:
parent
e5d1cbc2f2
commit
82743ad320
1 changed files with 1 additions and 1 deletions
|
@ -24,7 +24,7 @@ If you **don't know what are Windows Access Tokens** read this page before conti
|
|||
|
||||
### SeImpersonatePrivilege
|
||||
|
||||
This is privilege that is held by any process allows the impersonation (but not creation) of any token, given that a handle to it can be obtained. A privileged token can be acquired from a Windows service (DCOM) by inducing it to perform NTLM authentication against an exploit, subsequently enabling the execution of a process with SYSTEM privileges. This vulnerability can be exploited using various tools, such as [juicy-potato](https://github.com/ohpe/juicy-potato), [RogueWinRM](https://github.com/antonioCoco/RogueWinRM) (which requires winrm to be disabled), [SweetPotato](https://github.com/CCob/SweetPotato), and [PrintSpoofer](https://github.com/itm4n/PrintSpoofer).
|
||||
This is privilege that is held by any process allows the impersonation (but not creation) of any token, given that a handle to it can be obtained. A privileged token can be acquired from a Windows service (DCOM) by inducing it to perform NTLM authentication against an exploit, subsequently enabling the execution of a process with SYSTEM privileges. This vulnerability can be exploited using various tools, such as [juicy-potato](https://github.com/ohpe/juicy-potato), [RogueWinRM](https://github.com/antonioCoco/RogueWinRM) (which requires winrm to be disabled), [SweetPotato](https://github.com/CCob/SweetPotato), [EfsPotato](https://github.com/zcgonvh/EfsPotato) and [PrintSpoofer](https://github.com/itm4n/PrintSpoofer).
|
||||
|
||||
{% content-ref url="../roguepotato-and-printspoofer.md" %}
|
||||
[roguepotato-and-printspoofer.md](../roguepotato-and-printspoofer.md)
|
||||
|
|
Loading…
Reference in a new issue