mirror of
https://github.com/hak5darren/bashbunny-payloads.git
synced 2025-10-29 16:58:12 +00:00
39 lines
1.3 KiB
Markdown
39 lines
1.3 KiB
Markdown
# PrivEscChecker
|
|
* Author: illwill
|
|
* Version: Version 0.1
|
|
* Target: Windows
|
|
|
|
## Description
|
|
|
|
Checks Windows boxes for unpatched vulns that allow privilege escalation
|
|
then stores the result in /root/udisk/loot/PrivEscChecker/%ComputerName%-%username%
|
|
|
|
Credits to rasta-mouse for their powershell script:
|
|
https://github.com/rasta-mouse/Sherlock Sherlock.ps1
|
|
|
|
Tested on:
|
|
+ Windows 7 SP1 32-bit
|
|
+ Windows 7 SP1 64-bit
|
|
+ Windows 8 64-bit
|
|
+ Windows 10 64-bit
|
|
|
|
## Configuration
|
|
|
|
Option to change payload.txt to webDL the powershell script by commenting line 47 & uncommenting line 50
|
|
|
|
## STATUS
|
|
|
|
| LED | Status |
|
|
| ------------------ | -------------------------------------------- |
|
|
| Blue (blinking) | Running Powershell script |
|
|
| Purple (blinking) | Checking Results |
|
|
| Green (blinking) | Found Possible Privilege Escalation |
|
|
| Red (solid | No Possible Privilege Escalation |
|
|
|
|
## TO-DO
|
|
Add more priv checks
|
|
Eventually add https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc
|
|
to check for unquoted paths,dll hijacking, editable services, and other misconfigurations...
|
|
|
|
## Discussion
|
|
https://forums.hak5.org/index.php?/topic/40642-payload-privescchecker/ |