Comment on page
General
- 1.Stored Credentials
- 2.Windows Kernel Exploit
- 3.DLL Injection
- 4.Unattended Answer File
- 5.Insecure File/Folder Permissions
- 6.Insecure Service Permissions
- 7.DLL Hijacking
- 8.Group Policy Preferences
- 9.Unquoted Service Path
- 10.Always Install Elevated
- 11.Token Manipulation
- 12.Insecure Registry Permissions
- 13.Autologon User Credential
- 14.User Account Control (UAC) Bypass
- 15.Insecure Named Pipes Permissions
- 16.Scheduled task
- 1.Initial Information Gathering
- 2.Using script or manual enumeration
- 3.Use wmic for information gathering (see wmic script)
- 4.Review all info gathered
- 5.Look for some quick security fails which can be easily leveraged to upgrade our user privileges (see wmic script)wmic qfe get Caption,Description,HotFixID,InstalledOn
- 6.Look for password or any sensitive information
- 7.refer Interesting Files and Sensitive Information
- 8.Look at Windows services and file/folder permissions to escalate privilege
- 9.
sc
andaccesschk.exe