Windows Privilege Escalation - Potato
Not sure who’s seen this or tried it yet, but it looks pretty cool. Take an unprivileged windows user and escalate rights to local admin. :-) Works on all versions of Windows and Desktop and Server.
Basically it’s the responder attack with an SMB relay used to get the system to authenticate to itself and then create a system level service that runs arbitrary commands.
https://www.youtube.com/watch?v=3rS6mZUo3fg
On 01/21/2016 11:17 AM, Jon Barclay wrote:
Not sure who’s seen this or tried it yet, but it looks pretty cool. Take an unprivileged windows user and escalate rights to local admin. :-) Works on all versions of Windows and Desktop and Server.
Basically it’s the responder attack with an SMB relay used to get the system to authenticate to itself and then create a system level service that runs arbitrary commands.
http://foxglovesecurity.com/2016/01/16/hot-potato/
USHE-assess mailing list USHE-assess@lists.dixie.edu http://lists.dixie.edu/cgi-bin/mailman/listinfo/ushe-assess
I feel bad for Dixie. Have fun next week guys. Nice find Jon!
-------- Original message -------- From: Jon Barclay Jon.Barclay@uvu.edu Date: 1/21/2016 11:17 AM (GMT-07:00) To: ushe-assess@lists.dixie.edu Subject: [USHE-assess] Windows Privilege Escalation - Potato
Not sure who’s seen this or tried it yet, but it looks pretty cool. Take an unprivileged windows user and escalate rights to local admin. :-) Works on all versions of Windows and Desktop and Server.
Basically it’s the responder attack with an SMB relay used to get the system to authenticate to itself and then create a system level service that runs arbitrary commands.
participants (3)
-
Andrew Goble -
Dustin Udy -
Jon Barclay