BeRoot - Privilege Escalation for Windows

BeRoot

BeRoot(s) is a post exploitation tool to check commun Windows misconfigurations to find a way to escalate our privilege.
A compiled version is available here.
It will be added to the pupy project as a post exploitation module (so it will be executed all in memory without touching the disk).
Except one method, this tool is only used to detect and not to exploit. If something is found, templates could be used to exploit it. To use it, just create a test.bat file located next to the service / DLL used. It should execute it once called. Depending on the Redistributable Packages installed on the target host, these binaries may not work.


  • MS16-075
  • AlwaysInstallElevated registry key
  • Unattended Install files
  • ... and more priv esc

Run it

|====================================================================|
|                                                                    |
|                    Windows Privilege Escalation                    |
|                                                                    |
|                          ! BANG BANG !                             |
|                                                                    |
|====================================================================|


usage: beRoot.exe [-h] [-l] [-w] [-c CMD]

Windows Privilege Escalation

optional arguments:
  -h, --help         show this help message and exit
  -l, --list         list all softwares installed (not run by default)
  -w, --write        write output
  -c CMD, --cmd CMD  cmd to execute for the webclient check (default: whoami)

No comments

Note: Only a member of this blog may post a comment.

Powered by Blogger.