Skip to content
/ GenericPotato Public

Impersonating authentication over HTTP and/or named pipes.

114 stars 15 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

micahvandeusen/GenericPotato

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
NtApiDotNet
NtApiDotNet
 
 
Properties
Properties
 
 
Security
Security
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
FodyWeavers.xml
FodyWeavers.xml
 
 
FodyWeavers.xsd
FodyWeavers.xsd
 
 
GenericPotato.csproj
GenericPotato.csproj
 
 
GenericPotato.sln
GenericPotato.sln
 
 
Options.cs
Options.cs
 
 
PotatoAPI.cs
PotatoAPI.cs
 
 
Program.cs
Program.cs
 
 
README.md
README.md
 
 
app.config
app.config
 
 
app.manifest
app.manifest
 
 
packages.config
packages.config
 
 

Repository files navigation

GenericPotato

A modified version of SweetPotato by @EthicalChaos to support impersonating authentication over HTTP and/or named pipes. This allows for local privilege escalation from SSRF and/or file writes.

For background and explanation see https://micahvandeusen.com/the-power-of-seimpersonation/

GenericPotato by @micahvandeusen
  Modified from SweetPotato by @_EthicalChaos_

  -m, --method=VALUE         Auto,User,Thread (default Auto)
  -p, --prog=VALUE           Program to launch (default cmd.exe)
  -a, --args=VALUE           Arguments for program (default null)
  -e, --exploit=VALUE        Exploit mode [HTTP|NamedPipe(default)]
  -l, --port=VALUE           HTTP port to listen on (default 8888)
  -i, --host=VALUE           HTTP host to listen on (default 127.0.0.1)
  -h, --help                 Display this help

About

Impersonating authentication over HTTP and/or named pipes.

Resources

Readme
Activity

Stars

114 stars

Watchers

5 watching

Forks

15 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages