Antonio Cocomazzi: "We are releasing an alternative way for elevating to SYSTEM when you have SeTcbP" | Zamantika Mersobahis Locabet

Post

Antonio Cocomazzi

Antonio Cocomazzi@splinter_code·10 Eyl

We are releasing an alternative way for elevating to SYSTEM when you have SeTcbPrivilege How? Leveraging AcquireCredentialsHandle through an SSPI hook that allows authenticating as SYSTEM to SCM Should be "lighter" than the classic S4U cc @decoder_it gist.github.com/antonioCoco/19…

Antonio Cocomazzi tweet media

English

202

529

0

Antonio Cocomazzi

Antonio Cocomazzi@splinter_code·10 Eyl

@decoder_it credits to @tiraniddo for the SSPI hooks code and SCM trick <3 gist.github.com/tyranid/c24cfd…

English

1

18

0

Andrea P

Andrea P@decoder_it·11 Eyl

@splinter_code definitely much more lighter and without any tricks to circumvent lack of impersonation ;)

Andrea P tweet media

English

2

1

0

Mehran

Mehran@evilsockets·13 Eyl

@splinter_code @decoder_it @SaveToNotion #tweet #privileges #escalate

QME

0

0

0

Roy Rahamim

Roy Rahamim@0xRoyR·13 Eyl

@splinter_code @SBousseaden @decoder_it @SaveToNotion #tweet

QME

0

0

0

X-Technobro

X-Technobro@vendetce·11 Eyl

@splinter_code @decoder_it Love it

English

0

0

0

Paylaş