#Windows 10

<div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-JMl-654CheQ/YUOLZnQfumI/AAAAAAAAuuQ/JGDFkb4V1iQ5GvRUodx6ZDEecD6q2iZ1gCNcBGAsYHQ/s300/printer_hack.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="168" data-original-width="300" height="358" src="https://1.bp.blogspot.com/-JMl-654CheQ/YUOLZnQfumI/AAAAAAAAuuQ/JGDFkb4V1iQ5GvRUodx6ZDEecD6q2iZ1gCNcBGAsYHQ/w640-h358/printer_hack.jpeg" width="640" /></a></div><p><br /></p> <p>Concealed Position is a local <a href="https://www.kitploit.com/search/label/Privilege%20Escalation" target="_blank" title="privilege escalation">privilege escalation</a> attack against Windows using the concept of "Bring Your Own Vulnerability". Specifically, Concealed Position (CP) uses the <em>as designed</em> package point and print logic in Windows that allows a low privilege user to stage and install printer drivers. CP specifically installs drivers with <a hr...

<p><a href="http://2.bp.blogspot.com/-Lc-pMQxsfVg/YTVKVhCUJqI/AAAAAAAAt1I/Hsik9IJaHQENyEWH7b1bKIx-2vjj3ttNwCK4BGAYYCw/s1600/ntlm_theft_1_example-run-781145.png" style="text-align: center;"><img alt="" border="0" height="336" id="BLOGGER_PHOTO_ID_7004586528950462114" src="http://2.bp.blogspot.com/-Lc-pMQxsfVg/YTVKVhCUJqI/AAAAAAAAt1I/Hsik9IJaHQENyEWH7b1bKIx-2vjj3ttNwCK4BGAYYCw/w640-h336/ntlm_theft_1_example-run-781145.png" width="640" /></a></p><p><br /></p> <p>A tool for generating multiple types of NTLMv2 hash theft files.</p> <p>ntlm_theft is an Open Source Python3 Tool that generates 21 different types of hash theft documents. These can be used for phishing when either the target allows smb traffic outside their network, or if you are already inside the internal network.</p> <p>The benefits of these file types over say macro based documents or exploit documents are that all of these are built using "intended functionality". None were flagged by <a href="https://www.kitploit.com/se...