Windows Privilege Escalation – a cheatsheet
This is a work in progress. Additions, suggestions and constructive feedback are welcome. The purpose of these cheatsheets is to, essentially, save time during an attack and study session. Stored credentials Search for credentials within: c:\unattend.xml Unattend credentials are stored in base64 and can be decoded manually with base64: user@host $ base64 -d cABhAHMAcwB3AG8AcgBkAFAAYQBzAHMAdwBvAHIAZAA= Metasploit Framework […]
read more »