Impersonating Privileges with Juicy Potato

<p>Windows Privilege Escalation with&nbsp;<em>SeImpersonatePrivilege, and SeAssignPrimaryTokenPrivilege</em></p> <p><img alt="" src="https://miro.medium.com/v2/resize:fit:700/1*euXYYhgNQUJc0-mPXeUfag.jpeg" style="height:956px; width:700px" /></p> <p>Photo by&nbsp;<a href="https://unsplash.com/de/@hans_isaacson?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText" rel="noopener ugc nofollow" target="_blank">Hans Isaacson</a>&nbsp;on&nbsp;<a href="https://unsplash.com/photos/ZqSDrFeAbCg?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText" rel="noopener ugc nofollow" target="_blank">Unsplash</a></p> <p>Today, I am going to talk about a Windows privilege escalation tool called Juicy Potato. In the past, I used it on Hack The box older machines:&nbsp;<strong><em>Bounty, Jeeves, and Conceal&nbsp;</em></strong>to escalate my privileges from a local user to an Administrator.&nbsp;</p> <p>Juicy Potato is a local privilege escalation tool created by&nbsp;<a href="https://twitter.com/decoder_it" rel="noopener ugc nofollow" target="_blank">Andrea Pierini</a>&nbsp;and Giuseppe Trotta to exploit Windows service accounts&rsquo; impersonation privileges.</p> <p>The tool takes advantage of the&nbsp;<strong><em>SeImpersonatePrivilege&nbsp;</em></strong>or&nbsp;<strong><em>SeAssignPrimaryTokenPrivilege&nbsp;</em></strong>if enabled on the machine to elevate the local privileges to System. Normally, these privileges are assigned to service users, admins, and local systems &mdash; high integrity elevated users.</p> <p><a href="https://medium.com/r3d-buck3t/impersonating-privileges-with-juicy-potato-e5896b20d505"><strong>Visit Now</strong></a></p>
Tags: Juicy Potato