dec0ne / davrelayup Goto Github PK
View Code? Open in Web Editor NEWDavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).
DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).
I am wondering if there is any concrete timing when the ShadowCred feature will be added. There seems to be no go implementation of whisker so it might be not so easy to add this feature.
Hello, if I try to start from domain user i've got the error.
DavRelayUp.exe --CreateNewComputerAccount --Port 10443
DavRelayUp - Relaying you to SYSTEM, again...
[+] WebClient Service started successfully
[+] Computer account "DAVRELAYUP$" added with password "gM4#vD2=zX3$jI3$"
[+] Starting Relay Server on Port 10443
[+] Coercing System Authentication
[+] WebDAV Request: No Authorization header
[+] WebDAV Response: Sending 401 Unauthorized with "WWW-Authenticate: NTLM" header
[+] WebDAV Request: Got NTLMSSP_NEGOTIATE. Initiating connection to LDAP
[+] LDAP Bind: Got NTLMSSP_CHALLENGE from LDAP server. Relaying to WebDAV Client
[+] WebDAV Response: Sending 401 Unauthorized with NTLMSSP_CHALLENGE from LDAP
[+] WebDAV Request: Got NTLMSSP_AUTH. Relaying to LDAP
[+] LDAP Bind: Connected to LDAP as domain\user
LDAP Result Code 50 "Insufficient Access Rights": 00002098: SecErr: DSID-03150F93, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
Hi there,
Love this project. Works like a champ in my lab.
I'm trying to run this through a C2 server and things get a bit tricker because I need that .dll in the same folder where the .exe runs, and also if I'm running through C2 I can't get access to that new cmd.exe that spawns as SYSTEM.
I've played around with a ton of options and couldn't get it working so I thought I'd ask: can the -sc
flag be a call to cmd.exe
with some actions attached, like net localgroup administrators add luser /add
? If so could you provide an example of formatting please? I think I've tried them all :-)
can you make some bin Release for 4.6 and 4.5 net framework.
More of servers dont have the new net framework
thank you
I am currently stuck on building the solution
Current OS: Windows 11 Home
MSFT VS : 2019
Error Fody: An unhandled exception occurred:
Exception:
Could not load file or assembly 'file:///C:\Users\bamo\Downloads\DavRelayUp-master\DavRelayUp-master\packages\Fody.6.7.0\netclassictask\FodyIsolated.dll' or one of its dependencies. Operation is not supported. (Exception from HRESULT: 0x80131515)
Type:
System.IO.FileLoadException
StackTrace:
at System.Reflection.RuntimeAssembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)
at System.Reflection.RuntimeAssembly.nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)
at System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(AssemblyName assemblyRef, Evidence assemblySecurity, RuntimeAssembly reqAssembly, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)
at System.Reflection.RuntimeAssembly.InternalLoadFrom(String assemblyFile, Evidence securityEvidence, Byte[] hashValue, AssemblyHashAlgorithm hashAlgorithm, Boolean forIntrospection, Boolean suppressSecurityChecks, StackCrawlMark& stackMark)
at System.Reflection.Assembly.LoadFrom(String assemblyFile, Evidence securityEvidence)
at System.Activator.CreateInstanceFromInternal(String assemblyFile, String typeName, Boolean ignoreCase, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes, Evidence securityInfo)
at System.AppDomain.CreateInstanceFrom(String assemblyFile, String typeName)
at System.AppDomain.CreateInstanceFromAndUnwrap(String assemblyName, String typeName)
at System.AppDomain.CreateInstanceFromAndUnwrap(String assemblyName, String typeName)
at IsolatedAssemblyLoadContext.CreateInstanceFromAndUnwrap() in C:\projects\fody\FodyCommon\IsolatedAssemblyLoadContext.cs:line 21
at Processor.ExecuteInOwnAssemblyLoadContext() in C:\projects\fody\Fody\Processor.cs:line 128
at Processor.Inner() in C:\projects\fody\Fody\Processor.cs:line 122
at Processor.Execute() in C:\projects\fody\Fody\Processor.cs:line 49
Source:
mscorlib
TargetSite:
System.Reflection.RuntimeAssembly _nLoad(System.Reflection.AssemblyName, System.String, System.Security.Policy.Evidence, System.Reflection.RuntimeAssembly, System.Threading.StackCrawlMark ByRef, IntPtr, Boolean, Boolean, Boolean)
An attempt was made to load an assembly from a network location which would have caused the assembly to be sandboxed in previous versions of the .NET Framework. This release of the .NET Framework does not enable CAS policy by default, so this load may be dangerous. If this load is not intended to sandbox the assembly, please enable the loadFromRemoteSources switch. See http://go.microsoft.com/fwlink/?LinkId=155569 for more information.
Type:
System.NotSupportedException
StackTrace: DavRelayUp
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.