mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
147a71fe4f
* Initial commit HID Powershell attack to dump WiFiCreds * Update readme.md * changed initial LED blink color to white * Changed initial LED color to white * Changed initial LED Color to white * swapped sync before LED * switched from powershell to batch * Update payload.txt * using powershell again , updated version and LEDs * using powershell, added usb eject, Win 7,8,10 * added window resizing to hide payload typing * Update payload.txt * pull request * BrowserCreds Pull * separate powershell script called from payload also added result detection * update LEDs * Update payload.txt * initial commit * Update payload.txt * initial pull * initial commit
39 lines
1.3 KiB
Markdown
39 lines
1.3 KiB
Markdown
# PrivEscChecker
|
|
* Author: illwill
|
|
* Version: Version 0.1
|
|
* Target: Windows
|
|
|
|
## Description
|
|
|
|
Checks Windows boxes for unpatched vulns that allow privilege escalation
|
|
then stores the result in /root/udisk/loot/PrivEscChecker/%ComputerName%-%username%
|
|
|
|
Credits to rasta-mouse for their powershell script:
|
|
https://github.com/rasta-mouse/Sherlock Sherlock.ps1
|
|
|
|
Tested on:
|
|
+ Windows 7 SP1 32-bit
|
|
+ Windows 7 SP1 64-bit
|
|
+ Windows 8 64-bit
|
|
+ Windows 10 64-bit
|
|
|
|
## Configuration
|
|
|
|
Option to change payload.txt to webDL the powershell script by commenting line 47 & uncommenting line 50
|
|
|
|
## STATUS
|
|
|
|
| LED | Status |
|
|
| ------------------ | -------------------------------------------- |
|
|
| Blue (blinking) | Running Powershell script |
|
|
| Purple (blinking) | Checking Results |
|
|
| Green (blinking) | Found Possible Privilege Escalation |
|
|
| Red (solid | No Possible Privilege Escalation |
|
|
|
|
## TO-DO
|
|
Add more priv checks
|
|
Eventually add https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc
|
|
to check for unquoted paths,dll hijacking, editable services, and other misconfigurations...
|
|
|
|
## Discussion
|
|
https://forums.hak5.org/index.php?/topic/40642-payload-privescchecker/ |