Post-Exploitation Privilege Escalation

Jul 10, 2015 09:24 PM

Jul 10, 2015 09:40 PM

Screenshot of terminal output showing the process of a computer exploit injection and the status of a Meterpreter session.

Hey everyone, I've been encountering some problems with privilege escalation when the target has an AV installed, so here's a tutorial for when the almighty "getsystem" doesn't cut it and "bypassuac" gets blocked by the AV. The machine is running Windows 7

Get a Meterpreter Session Running on the Target Machine

As you can see on the picture above we don't have administrator rights over the system. Let's try using "getsystem" and attempt to own the PC.

If this happens, we need not lose hope, we can use a local exploit to still try and get admin rights. The exploit we'll use is "ms14_058_track_popup_menu", so background the session and select it as your exploit (its CVE is 2014-4113).

Now we just need to set the options for the exploit. Set the session option to the session you just backgrounded and everything else should be all set. All we need to do now is type in "exploit" and wait to see what happens.

And voila! You now own the machine and can do whatever you want with it. Stay tuned to Null-Byte for more awesome tutorials on hacking!

EDIT: It's not always the antivirus that's causing the issues, but most of the time it's responsible for most of the difficulties one might encounter.

The next big software update for iPhone is coming sometime in April and will include a Food section in Apple News+, an easy-to-miss new Ambient Music app, Priority Notifications thanks to Apple Intelligence, and updates to apps like Mail, Photos, Podcasts, and Safari. See what else is coming to your iPhone with the iOS 18.4 update.