search

Kernel Exploits

LogoGitHub - SecWiki/windows-kernel-exploits: windows-kernel-exploits Windows平台提权漏洞集合GitHubchevron-right

hashtag
What is Kernel

hashtag
Kernel exploits

Kernel exploits should be our last resource, since it might but the machine in an unstable state or create some other problem with the machine.

Identify the hotfixes/patches

Python to Binary

If we have an exploit written in python but we don't have python installed on the victim-machine we can always transform it into a binary with pyinstaller. Good trick to know.

hashtag
Escalation with Metasploit

Check for exploits

hashtag
Syntax Breakdown

  • run: A Meterpreter command used to execute a script or a post-exploitation module within the current session.

  • post/: Indicates that this is a post-exploitation module, designed to be used after a system has already been compromised.

  • multi/recon/: Specifies the category of the module. Multi means it works across multiple platforms (e.g., Windows, Linux, Android), and Recon indicates it is used for reconnaissance/gathering information.

  • local_exploit_suggester: The specific name of the module (sometimes nicknamed "Lester").

Kitrapod is very good. Try it for a few times

Kitrap0d Information - https://seclists.org/fulldisclosure/2010/Jan/341arrow-up-right

hashtag
Manual Kernel Exploitation

MS10-059 Exploit - https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS10-059arrow-up-right

PreviousWindows Exploit SuggesterNextImpersonating access tokens

Last updated