sailay1996 / Delete2system
Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM
Stars: ✭ 95
Programming Languages
c
50402 projects - #5 most used programming language
Labels
Projects that are alternatives of or similar to Delete2system
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+302.11%)
Mutual labels: privilege-escalation
Msdat
MSDAT: Microsoft SQL Database Attacking Tool
Stars: ✭ 621 (+553.68%)
Mutual labels: privilege-escalation
Gtfonow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-28.42%)
Mutual labels: privilege-escalation
Torat
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
Stars: ✭ 415 (+336.84%)
Mutual labels: privilege-escalation
Dirty sock
Linux privilege escalation exploit via snapd (CVE-2019-7304)
Stars: ✭ 533 (+461.05%)
Mutual labels: privilege-escalation
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+815.79%)
Mutual labels: privilege-escalation
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+4292.63%)
Mutual labels: privilege-escalation
Juicy Potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
Stars: ✭ 1,276 (+1243.16%)
Mutual labels: privilege-escalation
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+34541.05%)
Mutual labels: privilege-escalation
Sudo killer
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+1029.47%)
Mutual labels: privilege-escalation
Roothelper
A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
Stars: ✭ 416 (+337.89%)
Mutual labels: privilege-escalation
Wadcoms.github.io
WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (+353.68%)
Mutual labels: privilege-escalation
Awesome Privilege Escalation
A curated list of awesome privilege escalation
Stars: ✭ 413 (+334.74%)
Mutual labels: privilege-escalation
Kernel Exploits
My proof-of-concept exploits for the Linux kernel
Stars: ✭ 1,173 (+1134.74%)
Mutual labels: privilege-escalation
Infosec reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+4281.05%)
Mutual labels: privilege-escalation
Oscp
Collection of things made during my OSCP journey
Stars: ✭ 709 (+646.32%)
Mutual labels: privilege-escalation
Winpwn
Automation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+1271.58%)
Mutual labels: privilege-escalation
Phpsploit
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stars: ✭ 1,188 (+1150.53%)
Mutual labels: privilege-escalation
Privesccheck
Privilege Escalation Enumeration Script for Windows
Stars: ✭ 1,032 (+986.32%)
Mutual labels: privilege-escalation
Delete2SYSTEM
Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM
Short Description:
I just combined @jonasLyk's technique https://secret.club/2020/04/23/directory-deletion-shell.html and one of technique from this article https://0x00sec.org/t/windows-defender-av-zero-day-vulnerability/22258 which using windows media player (service and folder).
Read Me:
In order to work this technique, you must to delete the 2 folders which are C:\ProgramData\Microsoft\Windows\WER\* and C:\Program Files (x86)\Windows Media Player with Arbitrary Files/Directories Delete bugs such as CVE-2020-1170, CVE-2020-1571, etc ...
Note:
NtApiDotNet.dll from James Forshaw.
Thanks to: @jonasLyk and other who research awesome things
Code Browsed from:
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].