BeRoot - Privilege Escalation for Windows
BeRoot
BeRoot(s) is a post exploitation tool to check commun Windows misconfigurations to find a way to escalate our privilege.
A compiled version is available here.
It will be added to the pupy project as a post exploitation module (so it will be executed all in memory without touching the disk).
Except one method, this tool is only used to detect and not to exploit. If something is found, templates could be used to exploit it. To use it, just create a test.bat file located next to the service / DLL used. It should execute it once called. Depending on the Redistributable Packages installed on the target host, these binaries may not work.
- MS16-075
- AlwaysInstallElevated registry key
- Unattended Install files
- ... and more priv esc
Run it
|====================================================================|
| |
| Windows Privilege Escalation |
| |
| ! BANG BANG ! |
| |
|====================================================================|
usage: beRoot.exe [-h] [-l] [-w] [-c CMD]
Windows Privilege Escalation
optional arguments:
-h, --help show this help message and exit
-l, --list list all softwares installed (not run by default)
-w, --write write output
-c CMD, --cmd CMD cmd to execute for the webclient check (default: whoami)
Post a Comment