Welcome to my blog!

$whoami
decoder
$finger decoder
Login: decoder Name: IT Security enthusiast
Directory: /italy Shell: /sbin/shell2heaven
Always logged in.
decoder[dot]ap[at]gmail[dot]com No spam.  
Twitter: @decoder_it
Enjoy and leave comments!

 

My posts:

Elevation of privilege in Group Policy Client  CVE-2022-37955

When Swapping  the Context leads you to SYSTEM

Giving JuicyPotato a second chance: JuicyPotatoNG

Group Policy Folder Redirection CVE-2021-26887

A not-so-common and stupid privilege escalation

Relaying Potatoes

Hands off my (MS) cloud services!

Hands off my IIS accounts!

Hands off my service account!

When a stupid oplock leads you to SYSTEM

When ntuser.pol leads you to SYSTEM

Abusing Group Policy Caching

The impersonation game

No more JuicyPotato? Old story, welcome RoguePotato!

From NETWORK SERVICE to SYSTEM

Exploiting Feedback Hub in Windows 10

The strange case of “open-ssh” in Windows Server 2019

The strange RPC interface (MS, are you trolling me?)

From Hyper-V Admin to SYSTEM

From dropbox(updater) to NT AUTHORITY\SYSTEM

From iPhone to NT AUTHORITY\SYSTEM

We thought they were potatoes but they were beans (from Service Account to SYSTEM again)

From arbitrary file overwrite to SYSTEM

Creating Windows Access Tokens

Combinig LUAFV PostLuafvPostReadWrite Race Condition PE with DiagHub collector exploit -> from standard user to SYSTEM

Donkey’s guide to Resource Based Constrained Delegation Exploitation – from simple user to (almost) DA –

Windows Named Pipes & Impersonation

Demystifying Windows Service “permissions” configuration

Creating Symbolic Links in Windows 10

No more rotten/juicy potato?

Fear the Rotten/Juicy potato attack?

Slides from my talk “whoami /priv” at Romhack 2018

Juicy Potato (abusing the golden privileges)

Windows e le privilege escalations che non ti aspetti (italian)

The power of backup operators

Getting SYSTEM

Potatoes and tokens

The lonely potato – part 2 –

The lonely potato  (here) you can download the entire c# project

We don’t need powershell.exe – 4 –

“Poor man’s process migration”

We don’t need powershell.exe -part 3-

We don’t need powershell.exe – part 2 –

We don’t need powershell.exe

From Pass-the-Hash to Pass-the-Ticket with no pain

Simple ASLR/NX bypass on a Linux 32 bit binary

From APK to Golden ticket

The road to “silver”

The “SYSTEM” challenge

The “Golden Ticket” solution

Grab the Windows secrets!

Bypassing UAC from a remote powershell and escalting to “SYSTEM”

Dirty tricks with Powershell

Idiot’s quick & dirty guide to buffer overflow on GNU/Linux X64 architecture

“Speedy” HTTP2 challenge on game.rop.sh

 

Any  actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The author of decoder.cloud will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.