hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/recon/PrivEscChecker
History
Sebastian Kinne 85b1bc7aca
Cleanup: Sort payloads by category
2017-04-10 13:29:17 +10:00
..
payload.txt
Cleanup: Sort payloads by category
2017-04-10 13:29:17 +10:00
readme.md
Cleanup: Sort payloads by category
2017-04-10 13:29:17 +10:00
Sherlock.ps1
Cleanup: Sort payloads by category
2017-04-10 13:29:17 +10:00

readme.md

PrivEscChecker

  • Author: illwill
  • Version: Version 0.1
  • Target: Windows

Description

Checks Windows boxes for unpatched vulns that allow privilege escalation then stores the result in /root/udisk/loot/PrivEscChecker/%ComputerName%-%username%

Credits to rasta-mouse for their powershell script: https://github.com/rasta-mouse/Sherlock Sherlock.ps1

Tested on:

  • Windows 7 SP1 32-bit
  • Windows 7 SP1 64-bit
  • Windows 8 64-bit
  • Windows 10 64-bit

Configuration

Option to change payload.txt to webDL the powershell script by commenting line 47 & uncommenting line 50

STATUS

LED Status
Blue (blinking) Running Powershell script
Purple (blinking) Checking Results
Green (blinking) Found Possible Privilege Escalation
Red (solid No Possible Privilege Escalation

TO-DO

Add more priv checks Eventually add https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc to check for unquoted paths,dll hijacking, editable services, and other misconfigurations...

Discussion

https://forums.hak5.org/index.php?/topic/40642-payload-privescchecker/