guenicoe
a3cc577ebd
added cmd on the USOSVC vuln
...
Added `cmd \c C:\Users\nc.exe` as not typing `cmd \c` did not work for me. Might need even more explanation
2020-03-24 20:15:59 +00:00
PixeL
1b190939c4
Remove example from win priv esc
...
This example was used on hackthebox where it leaked the root flag of a machine on free servers.
This resulted in every user being able to get the root flag before they have even completed the box which isn't fair to others.
This example should either be changed or removed completely to combat copy-pasting without knowing what you're doing.
2020-03-23 17:17:42 -05:00
Fanis Katsimpas
2bdbb2dbc5
Update Windows - Privilege Escalation.md
...
Make powershell on EoP - Runas easier to copy paste
2020-03-22 19:25:35 +00:00
Swissky
7cd49769be
WMI + Cobalt Strike
2020-02-13 22:53:45 +01:00
Swissky
fb76fdc331
Windows Firewall + DLL hijacking + Named pipes
2020-02-01 22:12:36 +01:00
Swissky
742c7ee3c2
AppLocker rules
2020-01-06 23:03:54 +01:00
Swissky
b052f78d95
Blacklist3r and Machine Key
2020-01-02 23:33:04 +01:00
Swissky
896e262531
Privilege impersonation and GraphQL SQLi
2019-12-11 16:59:14 +01:00
Swissky
3abaa3e23d
Linux AD - Keyring, Keytab, CCACHE
2019-11-25 23:12:06 +01:00
Swissky
43f185d289
CVE-2019-1322 UsoSvc
2019-11-11 20:31:07 +01:00
Swissky
f6d5221a85
SID history break trust + Powershell history + SCF files
2019-11-07 23:21:00 +01:00
Swissky
357658371f
SSRF URL for Google Cloud
2019-10-06 20:59:58 +02:00
Swissky
5455c30ec7
Juicy Potato + XXE update
2019-09-08 19:44:51 +02:00
Swissky
bb305d0183
Network Discovery - Masscan update
2019-08-29 01:08:26 +02:00
Swissky
6c161f26b2
JWT None alternative + MS15-051
2019-08-22 23:03:48 +02:00
Swissky
8dffb59ac5
Pspy + Silver Ticket + MSSQL connect
2019-08-18 22:24:48 +02:00
Swissky
b6697d8595
SSRF SVG + Windows Token getsystem
2019-08-15 18:21:06 +02:00
Swissky
98124178db
EoP - Juicy Potato
2019-07-26 15:29:34 +02:00
Swissky
f6c0f226af
PXE boot attack
2019-07-25 14:08:32 +02:00
Swissky
a14b3af934
Active Directory - Resource Based Constrained Delegation
2019-07-22 21:45:50 +02:00
Swissky
13ba72f124
GraphQL + RDP Bruteforce + PostgreSQL RCE
2019-07-01 23:29:29 +02:00
Swissky
46780de750
PostgreSQL rewrite + LFI SSH
2019-06-29 19:23:34 +02:00
Swissky
9be62677b6
Add root user + PHP null byte version
2019-06-24 00:21:39 +02:00
Swissky
9745e67465
HQL Injection + references update
2019-06-16 23:45:52 +02:00
Dan Borges
24a05c7098
Update Windows - Privilege Escalation.md
2019-06-11 11:51:09 -07:00
Swissky
a85fa5af28
Local File Include : rce via mail + kadimus
2019-06-10 00:05:47 +02:00
Swissky
5d4f65720a
PrivEsc - Common Exploits
2019-06-09 20:53:41 +02:00
Swissky
adcea1a913
Linux PrivEsc + SSH persistency
2019-06-09 16:05:44 +02:00
Swissky
93f6c03b54
GraphQL + LXD/etc/passwd PrivEsc + Win firewall
2019-06-09 13:46:40 +02:00
Swissky
f88da43e1c
SQL informationschema.processlist + UPNP warning + getcap -ep
2019-05-25 18:19:08 +02:00
Swissky
9c2e63818f
XSS without parenthesis, semi-colon + Lontara
2019-05-15 21:55:17 +02:00
Swissky
765c615efe
XSS injection Summary + MSF web delivery
2019-05-12 14:22:48 +02:00
Swissky
c66197903f
MYSQL Truncation attack + Windows search where
2019-04-14 19:46:34 +02:00
Swissky
3af87ddf98
Reverse shell summary + golang
2019-04-02 22:43:44 +02:00
Swissky
289fa8c22b
PrivEsc - Linux Task
2019-03-31 15:05:13 +02:00
Swissky
a509909561
PostgreSQL RCE CVE-2019–9193 + ADAPE + WinPrivEsc Resources
2019-03-24 16:00:27 +01:00
Swissky
68df152fd3
Linux PrivEsc - Wildcard/NFS/Sudo
2019-03-07 15:09:06 +01:00
Swissky
404afd1d71
Fix name's capitalization
2019-03-07 00:07:55 +01:00
Swissky
21d1fe7eee
Fix name - Part 1
2019-03-07 00:07:14 +01:00
Swissky
450de2c90f
Typo fix
2019-03-04 19:40:34 +01:00
Swissky
e36b15a6d7
Windows PrivEsc - Table of content update
2019-03-03 20:05:27 +01:00
Swissky
ecadcf3d0f
Windows PrivEsc - Full rewrite
2019-03-03 20:01:25 +01:00
Swissky
2d5b4f2193
Meterpreter generate + LaTeK XSS + Ruby Yaml
2019-03-03 16:31:17 +01:00
Swissky
b9f2fe367c
Bugfix - Errors in stashed changes
2019-01-28 20:27:45 +01:00
ThunderSon
99857a714f
fead: add powerless repo to the tools
2019-01-27 20:13:06 +02:00
Swissky
4db45a263a
MSSQL union based + Windows Runas
2019-01-20 16:41:46 +01:00
Swissky
2e3aef1a19
Shell IPv6 + Sandbox credential
2019-01-07 18:15:45 +01:00
Swissky
b9efdb52d3
Linux - PrivEsc - First draft
2018-12-25 15:51:11 +01:00
Swissky
38c3bfbd9f
Windows Priv Esc - Unquoted Path, Password looting and Powershell version
2018-12-25 15:19:45 +01:00
Swissky
a6475a19d9
Adding references sectio
2018-12-24 15:02:50 +01:00
Swissky
b4aff1a826
Architecture - Files/Intruder/Images and README + template
2018-12-23 00:45:45 +01:00
Swissky
65654f81a4
Markdown formatting update
2018-08-12 23:30:22 +02:00
Swissky
cdc3adee51
PassTheTicket + OpenShare + Tools(CME example)
2018-07-08 20:03:40 +02:00
Swissky
8eb6cb80f9
GPP decrypt + SSRF url for cloud providers
2018-05-27 22:27:31 +02:00
Swissky
e261836532
Windows PrivEsc + SQLi second order + AD DiskShadow
2018-05-20 22:10:33 +02:00