search

Checklist - PrivEsc

Checklist for privilege escalation in Windows

hashtag
Checklist

  • Uncommon directories under C directory

  • Installed vulnerable programs

  • Unquoted service paths

  • Exploitable build version

  • SeImpersonateToken or SeAssignPrimaryToken - Enabled

  • Jobs with editable files

  • Weak passwords at Filezilla FTP

  • MSSQL is running with sa user

  • Misconfigured LDAP

hashtag
System Version Number

winver

REG QUERY "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v ReleaseId

hashtag
Windows Exploit Suggester

windows-exploit-suggester.pyarrow-up-right

hashtag
Finding Out Process Name Which Is Listening On TCP Or UDP Port

https://stackoverflow.com/questions/48198/how-can-you-find-out-which-process-is-listening-on-a-tcp-or-udp-port-on-windowsarrow-up-right

hashtag
Disabling Firewall (Need High Priv.)

hashtag
Excluding the folder from Defender (Need High Priv.)

PreviousWindowsNextMSSQL

Last updated