Another Local Windows privilege escalation using a new potato technique ;)
The LocalPotato attack is a type of NTLM reflection attack that targets local authentication. This attack allows for arbitrary file read/write and elevation of privilege.
NOTE: This vulnerability has been fixed by Microsoft in the January 2023 Patch Tuesday with the CVE-2023-21746. If you run this exploit against a patched machine it won't work.
More technical details at --> https://www.localpotato.com/localpotato_html/LocalPotato.html
https://github.com/decoder-it/LocalPotato
#LPE
The LocalPotato attack is a type of NTLM reflection attack that targets local authentication. This attack allows for arbitrary file read/write and elevation of privilege.
NOTE: This vulnerability has been fixed by Microsoft in the January 2023 Patch Tuesday with the CVE-2023-21746. If you run this exploit against a patched machine it won't work.
More technical details at --> https://www.localpotato.com/localpotato_html/LocalPotato.html
https://github.com/decoder-it/LocalPotato
#LPE
Localpotato
LocalPotato - When Swapping The Context Leads You To SYSTEM
Here we are again with our new *potato flavor, the LocalPotato! This was a cool finding so we decided to create this dedicated website ;)
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
https://github.com/xforcered/BokuLoader
https://github.com/xforcered/BokuLoader
GitHub
GitHub - xforcered/BokuLoader: A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance…
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! - xforcered/BokuLoader
POC for CVE-2022-39952
https://github.com/horizon3ai/CVE-2022-39952
Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs
https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/
https://github.com/horizon3ai/CVE-2022-39952
Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs
https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/
GitHub
GitHub - horizon3ai/CVE-2022-39952: POC for CVE-2022-39952
POC for CVE-2022-39952. Contribute to horizon3ai/CVE-2022-39952 development by creating an account on GitHub.
Weblogic CVE-2023-21839
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data.
https://github.com/Scarehehe/Weblogic-CVE-2023-21839
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data.
https://github.com/Scarehehe/Weblogic-CVE-2023-21839
GitHub
GitHub - DXask88MA/Weblogic-CVE-2023-21839
Contribute to DXask88MA/Weblogic-CVE-2023-21839 development by creating an account on GitHub.
A modular web reconnaissance tool and vulnerability scanner.
https://github.com/CERT-Polska/Artemis
https://github.com/CERT-Polska/Artemis
GitHub
GitHub - CERT-Polska/Artemis: A modular vulnerability scanner with automatic report generation capabilities.
A modular vulnerability scanner with automatic report generation capabilities. - CERT-Polska/Artemis
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
https://github.com/Octoberfest7/MemFiles
https://github.com/Octoberfest7/MemFiles
GitHub
GitHub - Octoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk - Octoberfest7/MemFiles
powershell and bash noscript use api of chatgpt for bypassing chatgpt’s restrictions
CVE-2023-21768 Local Privilege Escalation POC
https://github.com/xforcered/Windows_LPE_AFD_CVE-2023-21768
https://github.com/xforcered/Windows_LPE_AFD_CVE-2023-21768
GitHub
GitHub - xforcered/Windows_LPE_AFD_CVE-2023-21768: LPE exploit for CVE-2023-21768
LPE exploit for CVE-2023-21768. Contribute to xforcered/Windows_LPE_AFD_CVE-2023-21768 development by creating an account on GitHub.
NativePayloads
https://github.com/DamonMohammadbagher/NativePayloads
https://github.com/DamonMohammadbagher/NativePayloads
GitHub
GitHub - DamonMohammadbagher/NativePayloads: All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming
All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming - DamonMohammadbagher/NativePayloads
Local privilege escalation via PetitPotam (perfectly on Windows 21H2 10.0.20348.1547)
https://github.com/wh0amitz/PetitPotato
https://github.com/wh0amitz/PetitPotato
GitHub
GitHub - wh0amitz/PetitPotato: Local privilege escalation via PetitPotam (Abusing impersonate privileges).
Local privilege escalation via PetitPotam (Abusing impersonate privileges). - wh0amitz/PetitPotato
POC code to exploit the Heap overflow in Fortinet's SSLVPN daemon
https://github.com/scrt/cve-2022-42475
https://github.com/scrt/cve-2022-42475
GitHub
GitHub - scrt/cve-2022-42475: POC code to exploit the Heap overflow in Fortinet's SSLVPN daemon
POC code to exploit the Heap overflow in Fortinet's SSLVPN daemon - scrt/cve-2022-42475
Windows x64 handcrafted token stealing kernel-mode shellcode
https://github.com/winterknife/PINKPANTHER
https://github.com/winterknife/PINKPANTHER
GitHub
GitHub - winterknife/PINKPANTHER: Windows x64 handcrafted token stealing kernel-mode shellcode
Windows x64 handcrafted token stealing kernel-mode shellcode - winterknife/PINKPANTHER
CVE-2023-23415
Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
https://github.com/wh-gov/CVE-2023-23415
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415/
Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
https://github.com/wh-gov/CVE-2023-23415
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415/