skip to Main Content

Hacking, PetitPotam let attackers gain control of an entire Windows domain

PetitPotam let attackers gain control of an entire Windows domain. It has been discovered by the cybersecurity researcher topotam. It coerces machine account authentication via MS-EFSRPC

PetitPotam is a new kind of cyber attack to coerce machine account authentication via MS-EFSRPC, and consequently to take over an entire Windows domain. It has been discovered by the cybersecurity expert topotam. The researcher released a PoC script on GitHub to explain how it works. The MS-EFSRPC is a Microsoft Encrypting File System Remote Protocol is used for maintenance and management operations on encrypted data that is stored remotely and accessed over a network.

Back To Top