Windows Priv esc

Check if we are admin

Living of the land GTFO Bins for Windows

LOLBASlolbas-project.github.io

Enumeration with Winpeas

wget https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/blob/a17f91745cafc5fa43a428d766294190c0ff70a1/winPEAS/winPEASexe/binaries/x86/Release/winPEASx86.exe

Enumeration with powerup.ps1

https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1

upload the script with metasploit

upload /root/PowerSploit/Privesc/PowerUp.ps1

Now run the script with Powershell

load Powershell
powershell_shell
.\PowerUp.ps1
Invoke-Allchecks

Windows compiled exploits

GitHub - SecWiki/windows-kernel-exploits: windows-kernel-exploits Windows平台提权漏洞集合GitHub

GitHub - abatchy17/WindowsExploits: Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.GitHub

Good Resources and Cheetsheets

FuzzySecurity | Windows Privilege Escalation Fundamentalswww.fuzzysecurity.com

PayloadsAllTheThings/Methodology and Resources/Windows - Privilege Escalation.md at master · swisskyrepo/PayloadsAllTheThingsGitHub

Windows Privilege Escalation Guidewww.absolomb.com

Privilege Escalation - Windows · Total OSCP Guidesushant747.gitbooks.io

PreviousPrivilege Escalation NextInitial Enumeration

Last updated 10 days ago