mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
Add tool 'BadPotato' to clusters/tool.json
This commit is contained in:
parent
b978bb1c86
commit
99ab2a13d6
1 changed files with 14 additions and 1 deletions
|
@ -8471,7 +8471,20 @@
|
||||||
},
|
},
|
||||||
"uuid": "f3bae23a-ec73-49cb-8149-f93578bb2bff",
|
"uuid": "f3bae23a-ec73-49cb-8149-f93578bb2bff",
|
||||||
"value": "Motnug"
|
"value": "Motnug"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "BadPotato leaks a system token handle through the MS RPN API, which can be used to get NT AUTHORITY\\SYSTEM access.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://github.com/BeichenDream/BadPotato",
|
||||||
|
"https://www.mandiant.com/resources/apt41-us-state-governments",
|
||||||
|
"https://thehackernews.com/2021/06/chinese-hackers-believed-to-be-behind.html",
|
||||||
|
"https://blog.group-ib.com/colunmtk_apt41"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "f43a3828-a3b6-11ec-80e1-55a8e5815c2c",
|
||||||
|
"value": "BadPotato"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 149
|
"version": 150
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue