Olivia
Online
Steve Breen
@breenmachine
Montreal
Joined May 2011
250 Following
1.7K Followers
401 Posts
@execveat The original Potato vulnerability for local privilege escalation actually worked for quite a while before it got fixed! It was mostly just the implementation of some of @tiraniddo's research that had been marked "WontFix" by MS.
@shortxstack Is that graphic available anywhere? It's really cool.
@tqbf It's a bit older but this book is worth a read on the subject https://t.co/4z6r8UH1kK
@steventseeley I also noticed "paste-from-file" with some binary files was breaking recently. Had to use curl.
Who to follow
Lee Chagolla-Christensen
@tifkin_
I like making computers misbehave. Does stuff at https://t.co/YsrVyTjOY7.
https://t.co/UsRIholZ3M
Swissky 
@pentest_swissky
RedTeam | Pentest
Author of PayloadsAllTheThings & SSRFmap
https://t.co/w1ZLRqoafG
Ryan Cobb
@cobbr_io
Developing training labs and CTFs @SpecterOps
Developer: Covenant, SharpSploit, PSAmsi
This paper is *the* resource for abusing tokens on Windows for privilege escalation. I especially appreciate the level of detail @dronesec and @breenmachine go into to explain the token ecosystem, permissions, past attacks, etc. 10/10 would read again.
https://t.co/i5pDwZElsh
Nice!
A small gift from S2anta: @breenmachine showed how to abuse JasperReports for RCE (https://t.co/eiyP760xKf) - now here's a single .JRXML file to achieve the same thing if no .JAR's are allowed:
https://t.co/kVgan1VpAy
Hey so we're stoked to welcome @jstnkndy @breenmachine and @brandonprry from @foxglovesec to the AtrediFam.
We've been calling it "The Hat Trick".
I'm releasing with @Giutro Juicy Potato, another Local Privilege Escalation tool from a Windows Service Accounts to SYSTEM by abusing the golden privileges (https://t.co/wk9RKGxMzl)
#UnpopularOpinion conferences should more heavily vet talks and reject those that are subpar because those speakers often get an inflated sense of skill and spread misinformation.
@Rhynorater np, glad it's still useful!
Custom version of C++ Rotten Potato along with some observations ;-) https://t.co/5PgJX9tvOP
@ifsecure uploaded the privilege escalation I wrote (with @halvarflake size coding) for the WPAD blog. https://t.co/3qaabrqOnQ Small footprint and uses RPC libs instead of parsing the RPC traffic like Rotten Potato /cc @breenmachine
#RottenPotatoNG - New version of #RottenPotato as a C++ DLL and standalone C++ binary by @breenmachine https://t.co/ggzMc8EFZb
@jensvoid @foxglovesec I believe you maintain the printer hacking wiki? Great resource, was very useful during this project. If you have any questions or would like to add some of this material to the wiki, I'd be interested in assisting.
HP has released the security bulletin which addresses the vulnerability described in our blogpost https://t.co/FSTwgnuJ80
We think HP should be more concerned with foxes than wolves - "A Sheep in Wolf's Clothing - Finding RCE in HP's Printer Fleet" by @breenmachine - https://t.co/lAABu721Ic
Abusing delay load DLLs for remote process injection https://t.co/EvAPyIzsje
Dropping @breenmachine and @dronesec latest Windows privilege escalation project - For exploit devs and pentesters - https://t.co/Zi9ntdoPVQ
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.3M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.3M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.6M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers