Exploitable privileges
Last updated
Last updated
Allows an user to read of ownership or permissions. This permission can be exploited to and crack them to obtain plaintext credentials
Allows an user to gain ownership over any any element of the system including files and registry keys. This privilege allows an attacker to replace any executable running as a SYSTEM service with a malicious program to execute commands as an elevated user.
After locking and unlocking the account we will be greeted with a SYSTEM shell.
Allows an user to impersonate and spawn processes under the context of other users on the machine. Can be exploited with and similar techniques.
Download the appropriate exe file from . Then run the following command to obtain a SYSTEM shell
Exploitable drivers
Allows to manage permissions on volumes. Can be exploited to change ownership of all files under C:\ to the current user. The following steps allow to run a payload under SYSTEM user
Write a custom DLL to C:\Windows\System32\wbem\tzres.dll
Trigger the payload under SYSTEM by executing systeminfo
Allows to load arbitrary drivers. Can be exploited by loading drivers with known vulnerabilities. in order to load a service in memory download and compile the following and invoke it as follows
Download compile and execute the PoC