Skip to content

rikismaja/Windows-Privilege-Escalation

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
README.md
README.md
 
 
discord.png
discord.png
 
 
linked.png
linked.png
 
 
twitter.png
twitter.png
 
 
winprivs.jpg
winprivs.jpg
 
 

Repository files navigation

Windows Privilege Escalation Cheatsheet

This cheatsheet is aimed at OSCP aspirants to help them understand the various methods of escalating privilege on Windows-based machines and CTFs with examples. There are multiple ways to perform the same task. We have performed and compiled this list based on our experience. Please share this with your connections and direct queries and feedback to Hacking Articles.

Follow us on alt text alt text alt text

image

  1. AlwaysInstallElevated
  2. SeBackupPrivilege
  3. DnsAdmins to DomainAdmin
  4. SeImpersonatePrivilege
  5. HiveNightmare
  6. Logon Autostart Execution (Registry Run Keys)
  7. Boot Logon Autostart Execution (Startup Folder)
  8. Stored Credentials (Runas)
  9. Weak Registry Permission
  10. Unquoted Service Path
  11. Insecure GUI Application
  12. Weak Service Permissions
  13. Scheduled Task/Job (T1573.005)
  14. Kernel Exploit
  15. SamAccountSpoofing (CVE-2021–42278)
  16. SpoolFool
  17. PrintNightmare
  18. Server Operator Group

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published