微软不当洞的漏洞-Windows提权神器JuicyPotato
0X00-Juicy-Potato简介Juicy Potato江湖人称烂土豆,是在MS16-075漏洞利用工具RottenPotatoN工具的基础上做了扩展(A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM*) 追根到底是一款Windows的本地提权工具,利用了COM对象进行提权,相比RottenPotatoNG适用范围更加广泛(正如作者所说with a bit of juice) 使用Juicy Potato这款提权工具的前提是获得了SeIm..
Read more