micahvandeusen/GenericPotato

Stars
115
Rank 304,280 (Top 7 %)
Language
C#
Created over 3 years ago
Updated over 3 years ago

micahvandeusen

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Impersonating authentication over HTTP and/or named pipes.

GenericPotato

A modified version of SweetPotato by @EthicalChaos to support impersonating authentication over HTTP and/or named pipes. This allows for local privilege escalation from SSRF and/or file writes.

For background and explanation see https://micahvandeusen.com/the-power-of-seimpersonation/

GenericPotato by @micahvandeusen
  Modified from SweetPotato by @_EthicalChaos_

  -m, --method=VALUE         Auto,User,Thread (default Auto)
  -p, --prog=VALUE           Program to launch (default cmd.exe)
  -a, --args=VALUE           Arguments for program (default null)
  -e, --exploit=VALUE        Exploit mode [HTTP|NamedPipe(default)]
  -l, --port=VALUE           HTTP port to listen on (default 8888)
  -i, --host=VALUE           HTTP host to listen on (default 127.0.0.1)
  -h, --help                 Display this help

gMSADumper

Lists who can read any gMSA password blobs and parses them if the current user has access.

Python

233

impacket-ADCS

Python

PrologueDecrypt

micahvandeusen/GenericPotato

micahvandeusen

Reviews

Repository Details

GenericPotato

A modified version of SweetPotato by @EthicalChaos to support impersonating authentication over HTTP and/or named pipes. This allows for local privilege escalation from SSRF and/or file writes.

For background and explanation see https://micahvandeusen.com/the-power-of-seimpersonation/

More Repositories