Powershell

Edit: I gave a short firetalk on PowerUp at BSidesBoston 2014– the slides are posted here. The public reaction for PowerUp has been awesome and unexpected. I wanted to expand the script to move beyond just vulnerable service abuse, and include several other Windows privilege escalation vectors. There is a ton of great information out there …

PowerUp v1.1 – Beyond Service Abuse Read More »

On a recent assessment we ran into a situation where we needed to escalate privileges on a fairly locked down workstation. Kernel exploits (kitrap0d) wouldn’t work, so we fell back to an old classic, vulnerable windows services. While we couldn’t manipulate services directly, a custom system service purposely left its binary privileges open for compatibility …

PowerUp Read More »