GitHub - topotam/PetitPotam: PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
Tags
| attack-pattern: | Credentials - T1589.001 Python - T1059.006 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 271afbf1-ce34-4251-99c1-e037b50d3219 |
| Fingerprint | f6d6edd5fd25fccf |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | May 20, 2022, midnight |
| Added to db | Feb. 17, 2023, 9:19 p.m. |
| Last updated | Nov. 15, 2024, 4:40 p.m. |
| Headline | topotam/PetitPotam |
| Title | GitHub - topotam/PetitPotam: PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions. |
| Detected Hints/Tags/Attributes | 11/1/4 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://github.com/topotam/PetitPotam |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 26 | cve-2021-36942 |
|
| Details | Domain | 452 | msrc.microsoft.com |
|
| Details | Url | 1 | https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-36942 |
|
| Details | Url | 1 | https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/08796ba8-01c8-4872-9221-1000ec2eff31 |