Category: Post Exploitation

UACME

UACME v3.5.4 releases: Defeating Windows User Account Control

UACMe Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10TH1/10TH2/10RS1/10RS2 (client, some methods, however, works on server version too). Admin account with UAC set on default settings...

SOCKS tunnel

rpc2socks: enables a SOCKS tunnel via a Windows host

rpc2socks rpc2socks is a client-server solution that allows us to drop and remotely run a custom RPC + SOCKS-through-SMB server application on a Windows target, from a Unix or Windows host. The client-server pair can be used as a regular...

linuxprivchecker

linuxprivchecker: Linux Privilege Escalation Check Script

Linuxprivchecker.py linuxprivchecker script is intended to be executed locally on a Linux box to enumerate basic system info and search for common privilege escalation vectors such as world-writable files, misconfigurations, clear-text passwords, and applicable...

WSMan-WinRM

WSMan-WinRM: executing remote commands over WinRM

WSMan-WinRM A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object. Windows Remote Management (WinRM) “is the Microsoft implementation of WS-Management Protocol (Web Services for...