Security Training Share
kernelpop kernelpop is a framework for performing automated kernel exploit enumeration on Linux and Mac hosts. currently supported CVE’s: CVE-2017-1000379 CVE-2017-1000373 CVE-2017-1000372 CVE-2017-1000371 CVE-2017-1000370 CVE-2017-1000367 CVE-2017-1000112 CVE-2017-7308 CVE-2017-6074 CVE-2017-5123 CVE-2016-5195 CVE-2016-2384 CVE-2016-0728 CVE-2015-1328 CVE-2014-4699...
portia Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised Privilege escalation Lateral movement Convenience modules Portia is a genus...
MIDA-Multitool Bash script purposed for system enumeration, vulnerability identification, and privilege escalation. MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper and is in many regards RootHelpers successor. Besides functionality from these two...
JAWS is PowerShell script designed to help penetration testers (and CTFers) quickly identify potential privilege escalation vectors on Windows systems. It is written using PowerShell 2.0 so ‘should’ run on every Windows version since...
RottenPotato – Local Privilege Escalation from Windows Service Accounts to SYSTEM The idea behind this vulnerability is simple to describe at a high level: Trick the “NT AUTHORITY\SYSTEM” account into authenticating via NTLM to...
What is CVE-2017-0213? An elevation of privilege exists in Windows COM Aggregate Marshaler. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run...
Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit. Download Included In p0wnedShell – https://github.com/Cn33liz/p0wnedShell PowerShell Empire – https://github.com/PowerShellEmpire/Empire PS>Attack – https://github.com/jaredhaight/psattack Functions Invoke-Tater The main Tater function. Parameters IP – Specify a...
How Potato works Hot Potato (aka: Potato) takes advantage of known issues in Windows to gain local privilege escalation in default configurations, namely NTLM relay (specifically HTTP->SMB relay) and NBNS spoofing. If this sounds...
