GTFOBins #linux #privesc

The project collects legitimate functions of Unix binaries that can be abused to get the f**k break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks

https://gtfobins.github.io/

📜 Abuse AD CS via dNSHostName Spoofing

This blog covers the technical details of CVE-2022-26923. Active Directory Domain Services Elevation of Privilege Vulnerability via AD CS dNSHostName Spoofing.

https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4

#ad #adcs #privesc #redteam

DiagTrackEoP
Just another way to abuse SeImpersonate privilege.

#Windows #Privesc
https://github.com/Wh04m1001/DiagTrackEoP

#Redteam #potato #privesc #windows
Любите картошку? Я тоже, особенно посвежее..)

PetitPotam does not work on newer versions of Windows due to the limitations of related patches. However, setting AuthnLevel to RPC_C_AUTHN_LEVEL_PKT_PRIVACY via RpcBindingSetAuthInfoW before calling EFS works on latest systems.

https://github.com/wh0amitz/PetitPotato