Ashesh3 commented 8 years ago

You must have heard about the recent Windows Privilege exploit codenamed "Hot Potato".

Hot Potato (aka: Potato) takes advantage of known issues in Windows to gain local privilege escalation in default configurations, namely NTLM relay (specifically HTTP->SMB relay) and NBNS spoofing.

Using this technique, we can elevate our privilege on a Windows workstation from the lowest levels to “NT AUTHORITY\SYSTEM” – the highest level of privilege available on a Windows machine.

I just thought if we could port it to post exploit for Windows to gain Admin privilege?

Is it possible? Let me know.

Reference: https://code.google.com/p/google-security-research/issues/detail?id=222

Thanks

OJ commented 8 years ago

I know of a couple of people attempting to build this already. I'd say it's just a matter of time.

bcook-r7 commented 8 years ago

Is this related? #6986

bcoles commented 5 years ago

6986 (Hot Potato) was closed (not merged) and was later superseded by #10418 (Rotten Potato / Reflective Potato), which is soon likely to be deprecated by #11230 (Juicy Potato) pending merge.

Closing this issue as potato.

rapid7 / metasploit-framework

Porting "Hot Potato" to metasploit #6513

6986 (Hot Potato) was closed (not merged) and was later superseded by #10418 (Rotten Potato / Reflective Potato), which is soon likely to be deprecated by #11230 (Juicy Potato) pending merge.