___|  _ \   |  |    |   |_ _|\ \     / ____|
 |     |   |  |  |    |   |  |  \ \   /  __|
 |   | |   | ___ __|  ___ |  |   \ \ /   |
\____|\___/     _|   _|  _|___|   \_/   _____| 

 --- A GOPHER-LIKE INTERFACE FOR HIVE BLOCKCHAIN ---

Windows Privilege Escalation Resources

BY: @pwnedu | CREATED: Aug. 7, 2017, 11:07 p.m. | VOTES: 1 | PAYOUT: $0.00 | [ VOTE ]

Exploits

BHaFSec's Window Privilege Escalation [This is GOLD] -  http://www.bhafsec.com/wiki/index.php/Windows_Privilege_Escalation

DeleteExpiredTaskAfter -  https://www.exploit-db.com/exploits/38200/

Tools

PowerUp - https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc

Sysinternals Suite - https://docs.microsoft.com/en-us/sysinternals/downloads/sysinternals-suite

FolderPermissions.ps1 - www.greyhathacker.net/docs/folderperm.zip

SubinACL - https://www.microsoft.com/en-us/download/confirmation.aspx?id=23510

Windows-privesc-check - https://github.com/pentestmonkey/windows-privesc-check/archive/master.zip

JollyFrog's Root Loot Script - https://pastebin.com/sUuqBGHk

Windows Exploit Suggester - https://github.com/GDSSecurity/Windows-Exploit-Suggester

Tutorials

Windows Privilege Escalation Fundamentals - http://www.fuzzysecurity.com/tutorials/16.html

Windows WMIC Command Line - https://www.computerhope.com/wmic.htm

Windows PrivEsc By Weak Folder Permissions - http://www.greyhathacker.net/?p=738

Escalation Via Weak Service Permissions - http://travisaltman.com/windows-privilege-escalation-via-weak-service-permissions/

Windows PrivEsc Methods for Pentesters - https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/

ATT&CK Privilege Escalation - https://attack.mitre.org/wiki/Privilege_Escalation

Privilege Escalation | To Shell and Back - https://www.toshellandback.com/2015/11/24/ms-priv-esc/

Automating Windows Privilege Escalation - http://resources.infosecinstitute.com/automating-windows-privilege-escalation/

Hot Potato - https://foxglovesecurity.com/2016/01/16/hot-potato/

Local Administrator Privileges - https://blog.netspi.com/windows-privilege-escalation-part-1-local-administrator-privileges/

Metasploit Unleashed - https://www.offensive-security.com/metasploit-unleashed/privilege-escalation/

Level Up! - Practical Windows PrivEsc - https://www.slideshare.net/jakx_/level-up-practical-windows-privilege-escalation

TAGS: [ #hacking ] [ #windows ] [ #technology ] [ #cybersecurity ]

Replies

@odinthelibrarian | Aug. 8, 2017, 4:07 a.m. | Votes: 0 | [ VOTE ]

Thanks so much for this link dump! Always need more reading material.

@pwnedu | Aug. 8, 2017, 1:28 p.m. | Votes: 0 | [ VOTE ]

No problem! It is sad to admit that meterpreter's getsystem works for me 90% of the time, so I decided I need to beef up my privesc skills on Windows boxes for that other 10% of the time.
I hope it is helpful for others. Having all of this in one spot has helped me for sure.
I've got a post with some linux privesc exploits, but I'm going to be making a similar post to this in the near future.

[ BACK TO TRENDING ] [ BACK TO MENU ]
CMD>