potato's People
Forkers
breenmachine malayke orbitusrobotics zeeshansultan emadshanab 4eu3 mylovered badexception nidaosky eniac888 blursight invisiblegg secpersu m0nk3yd1u44y fork42541 shuixi2013 arrowsides kknet cyberlight bwry zeqiii m4rm0k tempbottle ver007 codecrack3 defanlt cy83rv37 kaicastledine kev169 stonedeyy 0xrnair pythonone awesome-security cowithgun raslin777 jeky-- backendchan crbon lvmaple andy737 vasco2016 cyber-forensic random1984 wjdavis5 dipsec jsaldanar cjensenius jajp777 fnatalucci caidongyun mikesxrs sycam0re myhacklab michalkoczwara bagfri3s xpathmaster 0v3rm1nd-dr4g0n cc06 ht13 tardummy01 j14nj13 luistj buckshotwhoami olivierh59500 m4l0y bizdev1 bytecod3r muharremokutan potapo vaginessa cssxn suryaloe rjmcguire kbahaxor caineqt bryant1410 danielrteixeira nunombarros tobey123 ovidsec arryboom akamajoris molokovskikh 0xicl33n newyorkdev 0xjashim hsuykerbuyk f0829 firefalc0n cloud-forge tigerteamdevops samyoyo kcsec h1d3r v1cker v4n0m johnhubcr mrtaheramine bilportistivraboti ykankayapotato's Issues
ipv6 dhcp would be a nice feature
I write this as an issue, but it could be a feature / improvement.
During a couple of penetration tests I observed that most Windows clients have ipv6 enabled but they do not have an ipv6 address assigned. In addition it seems that windows OS gives highest priority to the next received lease, does not matter if it's ipv4 or ipv6.
The result: ipv6 dhcp takes over already assigned ipv4 address.
Just presenting yourself as ipv6 dhcp server and serving ipv6 dhcp client requests is a very simple way to poisoning windows clients in the local network both dns and ip and get your "wpad" offered easily, as well as any other exploit.
spoof_host not fully works
Hi, I'm experticing some problem because my Windows 10 installation is part of a domain with a dns prefix like contoso.corp.com. In this case wpad is "wpad.contoso.corp.com". The spoofing part is working perfectly, but when something try to get the configuration file (wpad.dat) the requested URL is http://wpad.contoso.corp.com/wpad.dat and not http://127.0.0.1/wpad.dat so Potato is not replying with a config file but with an empty file.
I guess that the problem is on line #136 of Program.cs
<<else if (request.Url.AbsoluteUri.ToString().Equals("http://127.0.0.1/wpad.dat") || request.Url.AbsoluteUri.ToString().Equals("http://wpad/wpad.dat"))>>
We sould probably add the case with the hostname given with -spoof_host !
At the moment I've tried to open the progect on my Vistual Studio 2005 but I'me having problems with Imports (c:\Microsotf.CSharp.targets not found).
I'll try to solve my problems, but I think that many people will enjoin an official fix!
Thank you so much for your beautifull work !
Paolo
Potato not hearing NBNS requests?
Since there are no instructions on how to 'install' the tool, I got Potato working by downloading the .exe and the two .dlls from Potato/source/Potato/Potato/bin/Release/
I ran the tool as suggested on my Win7 machine, and here is my output:
c:\Users***\Downloads>Potato.exe -ip -cmd "" -disable_exhaust true
Starting NBNS spoofer...WPAD = 127.0.0.1
Clearing dns and nbns cache...
Listening...
Clearing dns and nbns cache...
Clearing dns and nbns cache...
Clearing dns and nbns cache...
Continuing on like that until I hit ctrl+c. If I open up wireshark, I can see the NBNS broadcast requests for WPAD from my host hitting the network. Naturally, I don't see any repsonses as Wireshark cannot monitor the loopback interface on Windows.
I would expect to see the 'Got 127.0.0.1' in the output, but it never shows up. I've tried with and without admin privs, and with and without the Windows firewall enabled, and on two different Win7 machines with same results.
I've also tried setting diable_exhaust to false. In this case, my internet dies as all DNS requests from the host are failing.
Have I missed some steps in the setup? It looks to me like Potato is not receiving the NBNS or DNS requsts, but I verfied that UDP port 137 is listenening after I run Potato, but not before.
.net framework
When I try to run it I get asked to install .net framework 3.5. Which I can't do because I don't have admin rights in the first place. Any recommendations or maybe I am doing something wrong?
Potato.exe have stopped working
Hello, I'have download the Potato-master, and i'm trying to run it on Windows Server 2012 R2.
The command that I'm using:
Potato.exe -ip 172.16.21.89 -cmd "C:\Windows\System32\cmd.exe /K net localgroup administrators project /add" -disable_exhaust true -disable_defender true
Now the IP (of the system that running the potato.exe) & the account name "project" are correct, and every time when the programs says "Spoofed Target WPAD succesfully..." the Windows Server pop a "Potato.exe have stopped working".
Unhandled Exception: FileNotFound
OS: Windows 7 Ultimate SP1 x64
.\Potato.exe -ip 10.1.11.108 -cmd notepad.exe -disable_exhaust true
Starting NBNS spoofer...WPAD = 127.0.0.1
Clearing dns and nbns cache... Got 127.0.0.1
Spoofed target WPAD succesfully...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Checking for windows defender updates...
Unhandled Exception: System.IO.FileNotFoundException: Could not load file or assembly 'NHttp, Version=0.1.8.0, Culture=neutral, PublicKeyToken=156364e4f7b202d9' or one of its dependencies. The system cannot find the file specified.
File name: 'NHttp, Version=0.1.8.0, Culture=neutral, PublicKeyToken=156364e4f7b202d9'
at Potato.HTTPNtlmHandler.startListening(String cmd, String[] wpad_exclude, Int32 port)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()
WRN: Assembly binding logging is turned OFF.
To enable assembly bind failure logging, set the registry value HKLM\Software\Microsoft\Fusion!EnableLog to 1.
Note: There is some performance penalty associated with assembly bind failure logging.
To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog].
System.Exception: Not supported yet.
When trying to use I get this exception:
Excepción no controlada: System.Exception: Not supported yet. en SharpCifs.Smb.QueuedNtlmContext.GetSigningKey() en \vmware-host\shared fo
lders\Potato\source\SharpCifs\SharpCifs\Smb\QueuedNtlmContext.cs:línea 33
en SharpCifs.Smb.SmbSession.SessionSetup(ServerMessageBlock andx, ServerMessa
geBlock andxResponse) en \vmware-host\shared folders\Potato\source\SharpCifs\Sh
arpCifs\Smb\SmbSession.cs:línea 461
en SharpCifs.Smb.SmbSession.Send(ServerMessageBlock request, ServerMessageBlo
ck response) en \vmware-host\shared folders\Potato\source\SharpCifs\SharpCifs\S
mb\SmbSession.cs:línea 289
en SharpCifs.Smb.SmbTree.TreeConnect(ServerMessageBlock andx, ServerMessageBl
ock andxResponse) en \vmware-host\shared folders\Potato\source\SharpCifs\SharpC
ifs\Smb\SmbTree.cs:línea 194
en SharpCifs.Smb.SmbFile.DoConnect() en \vmware-host\shared folders\Potato\s
ource\SharpCifs\SharpCifs\Smb\SmbFile.cs:línea 1189
en SharpCifs.Smb.SmbFile.Connect() en \vmware-host\shared folders\Potato\sou
rce\SharpCifs\SharpCifs\Smb\SmbFile.cs:línea 1250
en SharpCifs.Smb.SmbFile.Connect0() en \vmware-host\shared folders\Potato\so
urce\SharpCifs\SharpCifs\Smb\SmbFile.cs:línea 1140
en SharpCifs.Smb.SmbFileInputStream..ctor(SmbFile file, Int32 openFlags) en
\vmware-host\shared folders\Potato\source\SharpCifs\SharpCifs\Smb\SmbFileInputSt
ream.cs:línea 92
en SharpCifs.Smb.TransactNamedPipeInputStream..ctor(SmbNamedPipe pipe) en \v
mware-host\shared folders\Potato\source\SharpCifs\SharpCifs\Smb\TransactNamedPip
eInputStream.cs:línea 42
en SharpCifs.Smb.SmbNamedPipe.GetNamedPipeInputStream() en \vmware-host\shar
ed folders\Potato\source\SharpCifs\SharpCifs\Smb\SmbNamedPipe.cs:línea 169
en SharpCifs.Dcerpc.DcerpcPipeHandle.DoSendFragment(Byte[] buf, Int32 off, In
t32 length, Boolean isDirect) en \vmware-host\shared folders\Potato\source\Shar
pCifs\SharpCifs\Dcerpc\DcerpcPipeHandle.cs:línea 74
en SharpCifs.Dcerpc.DcerpcHandle.Sendrecv(DcerpcMessage msg) en \vmware-host
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.