From 92c03ab815620160bde86a1794a3be01833e07d9 Mon Sep 17 00:00:00 2001 From: sealldev <120470330+sealldeveloper@users.noreply.github.com> Date: Thu, 25 Jul 2024 00:58:13 +1000 Subject: [PATCH] Update README.md --- .../privilege-escalation-abusing-tokens/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows-hardening/windows-local-privilege-escalation/privilege-escalation-abusing-tokens/README.md b/windows-hardening/windows-local-privilege-escalation/privilege-escalation-abusing-tokens/README.md index 2ff5e485b..c237c4a01 100644 --- a/windows-hardening/windows-local-privilege-escalation/privilege-escalation-abusing-tokens/README.md +++ b/windows-hardening/windows-local-privilege-escalation/privilege-escalation-abusing-tokens/README.md @@ -24,7 +24,7 @@ If you **don't know what are Windows Access Tokens** read this page before conti ### SeImpersonatePrivilege -This is privilege that is held by any process allows the impersonation (but not creation) of any token, given that a handle to it can be obtained. A privileged token can be acquired from a Windows service (DCOM) by inducing it to perform NTLM authentication against an exploit, subsequently enabling the execution of a process with SYSTEM privileges. This vulnerability can be exploited using various tools, such as [juicy-potato](https://github.com/ohpe/juicy-potato), [RogueWinRM](https://github.com/antonioCoco/RogueWinRM) (which requires winrm to be disabled), [SweetPotato](https://github.com/CCob/SweetPotato), [EfsPotato](https://github.com/zcgonvh/EfsPotato) and [PrintSpoofer](https://github.com/itm4n/PrintSpoofer). +This is privilege that is held by any process allows the impersonation (but not creation) of any token, given that a handle to it can be obtained. A privileged token can be acquired from a Windows service (DCOM) by inducing it to perform NTLM authentication against an exploit, subsequently enabling the execution of a process with SYSTEM privileges. This vulnerability can be exploited using various tools, such as [juicy-potato](https://github.com/ohpe/juicy-potato), [RogueWinRM](https://github.com/antonioCoco/RogueWinRM) (which requires winrm to be disabled), [SweetPotato](https://github.com/CCob/SweetPotato), [EfsPotato](https://github.com/zcgonvh/EfsPotato), [DCOMPotato](https://github.com/zcgonvh/DCOMPotato) and [PrintSpoofer](https://github.com/itm4n/PrintSpoofer). {% content-ref url="../roguepotato-and-printspoofer.md" %} [roguepotato-and-printspoofer.md](../roguepotato-and-printspoofer.md)