-
Notifications
You must be signed in to change notification settings - Fork 92
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
149e8c0
commit 72d2635
Showing
1 changed file
with
30 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,33 @@ | ||
# LocalPotato | ||
Another local Windows privilege escalation using a new potato technique ;) | ||
Another Local Windows privilege escalation using a new potato technique ;) | ||
|
||
Details: https://www.localpotato.com | ||
The LocalPotato attack is a type of NTLM reflection attack that targets local authentication. This attack allows for arbitrary file read/write and elevation of privilege. | ||
|
||
Authors: @decoder_it & @splinter_code | ||
More technical details at --> https://www.localpotato.com | ||
|
||
## Usage | ||
|
||
``` | ||
LocalPotato (aka CVE-2023-21746) | ||
by splinter_code & decoder_it | ||
Mandatory Args: | ||
-i Source file to copy | ||
-o Output file - do not specify the drive letter | ||
Example: localpotato -i c:\hacker\evil.dll -o windows\system32\evil.dll | ||
Optional Args: | ||
-c CLSID (Default {854A20FB-2D44-457D-992F-EF13785D2B51}) | ||
-p COM server port (Default 10271) | ||
``` | ||
|
||
## Demo | ||
|
||
![image](https://user-images.githubusercontent.com/19797064/218135881-af046286-c299-4f08-856b-2265adc46e64.png) | ||
|
||
|
||
## Authors: | ||
- [@decoder_it](https://twitter.com/decoder_it) | ||
- [@splinter_code](https://twitter.com/splinter_code) |