Jump to content
Nytro

windows-privesc-check

Recommended Posts

Posted

[h=1]windows-privesc-check[/h]

A long time ago, I started writing a tool to look for local privilege escalation vectors on Windows systems – e.g. weak permissions on files, directories, service registy keys. I never quite got round to finishing it, but the project could still be useful to pentesters and auditors in its current part-finished state.

I’d suggest giving it a try next time you do a security audit with local administrator rights, or next time you get a non-admin logon to a Windows system during a pentest. It was designed to be useful for both.

Trunk contains the best all-round version. It checks some file, directory, registry and service permissions (among other things). Reports are in HTML.

The newer wpc-2.0 branch does a better job at auditing Windows services – but does little else. Reports are in text only.

You only need to download the .exe file. Full source code is available too, though. It’s written in Python, uses pywin32 and “compiled” with pyinstaller. You don’t need to download any dependencies (even python) unless you’re planning to build the .exe yourself.

[h=2]FAQ[/h] [h=3]Why 2 versions?[/h] The code in “trunk” wasn’t object-oriented, making it harder to work with. I rewrote it to create the “wpc-2.0? branch. Much better – but alas, not finished.

[h=3]Can I see the source code?[/h] Yes, it’s on google code along with the executables.

[h=3]Will the program elevate privileges for me?[/h] No. It gives you a report describing any potential vulnerabilities it finds, but doesn’t have any autopwn features. This is mostly to reduce the risk of my code accidentally breaking your client’s system icon_smile.gif

Sursa: windows-privesc-check | pentestmonkey

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...