Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

HTML

Dart

JavaScript

F#

Zig

Lua

Scala

C++

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Rust

TypeScript

Python

Nix

F#

Ruby

Zig

PHP

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇨🇿 Czechia

🇬🇪 Georgia

🇪🇬 Egypt

🇬🇱 Greenland

🇰🇷 South Korea

🇰🇳 Saint Kitts and Nevis

Kosovo

🇨🇳 China

All Countries Compare Countries

crisprss/RasmanPotato

Stars
331
Rank 127,323 (Top 3 %)
Language
C
Created almost 2 years ago
Updated over 1 year ago

crisprss/RasmanPotato

crisprss

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do

RasmanPotato

Thanks to @Wh04m1001 for continuous communication over time

Just another potato like other potatoes, using RasMan service for privilege escalation

For Windows 10(11 not test), Windows Server 2012 - 2019(2022 not test)

Usage

magicRasMan v0.1
Provided that the current user has the SeImpersonate privilege, this tool will have an escalation to SYSTEM
Arguments:
 -c <CMD>       Execute the command *CMD*
 -m <METHOD>            Choose The RPC Function [1]VpnProtEngWinRtConnect [2]VpnProtEngGetInterface
 -i             Interact with the new process in the current command prompt (default is non-interactive)

Example

BypassUserAdd

通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化

Shellcode_Memory_Loader

基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)

PetitPotam

替代PrintBug用于本地提权的新方式，主要利用MS-EFSR协议中的接口函数借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, a series of local rights escalation methods have been realized

PrintSpoofer

PrintSpoofer的反射dll实现，结合Cobalt Strike使用

net_memory_webshell

用来存放平时写的一些net内存马，仅用于练手，需要可以自行修改

magicNetdefs

Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged processes to access malicious pipes for exploitation

Extracted_WD_VDM

Windows Defender VDM lua collections

goHashDumper

用于Dump指定进程的内存,主要利用静默退出机制(SilentProcessExit)和Windows API(MiniDumpW)实现

magicDiagTrack

DiagTrack Eop (From Service Account to SYSTEM)

magicAzureAttestService

针对于AzureAttestService服务的本地提权Eop，微软表示已经进行修复

sucksAV

This project used to learn golang and try to bypass AV

Laravel_CVE-2021-3129_EXP

ProcessPlayer

一些进程注入或者Shellcode注入的实例代码，用于练习和熟悉

listTokeninfoByPipe

用于列出基于管道模拟RPC客户端获得令牌时的令牌详细信息和通过转化为主令牌从而执行创建进程等相关操作

crisprss

wikicrawl

crisprss.github.io

csdn_crawl

token_vault

Used to be familiar with and understand the related mechanism of Token in Windows

zhipinspider

CVEs

List for some of my cves

ProcessMonitor