Post-Exploitation Privilege Escalation

Screenshot of terminal output showing the process of a computer exploit injection and the status of a Meterpreter session.

Hey everyone, I've been encountering some problems with privilege escalation when the target has an AV installed, so here's a tutorial for when the almighty "getsystem" doesn't cut it and "bypassuac" gets blocked by the AV. The machine is running Windows 7

Get a Meterpreter Session Running on the Target Machine

As you can see on the picture above we don't have administrator rights over the system. Let's try using "getsystem" and attempt to own the PC.

Error message indicating access denial in a terminal window.

If this happens, we need not lose hope, we can use a local exploit to still try and get admin rights. The exploit we'll use is "ms14_058_track_popup_menu", so background the session and select it as your exploit (its CVE is 2014-4113).

Terminal command interface displaying search results for a CVE (Common Vulnerabilities and Exposures) related to a software exploit.

Now we just need to set the options for the exploit. Set the session option to the session you just backgrounded and everything else should be all set. All we need to do now is type in "exploit" and wait to see what happens.

Metasploit terminal output displaying a reverse shell exploit execution.

And voila! You now own the machine and can do whatever you want with it. Stay tuned to Null-Byte for more awesome tutorials on hacking!

EDIT: It's not always the antivirus that's causing the issues, but most of the time it's responsible for most of the difficulties one might encounter.

Apple's iOS 26 and iPadOS 26 updates are packed with new features, and you can try them before almost everyone else. First, check Gadget Hacks' list of supported iPhone and iPad models, then follow the step-by-step guide to install the iOS/iPadOS 26 beta — no paid developer account required.