Introduction When we talk about getting more control over Windows, one common way is by finding weak permissions on files and folders. In this discussion, we’ll look at a specific example related to certain registry keys that control what programs start up when your computer boots. First, we’ll learn how to find these startup registry […]
Autorun Startup Registry Keys – Windows Privilege Escalation Read More »
Introduction Microsoft has confirmed a new problem on Windows 10. This issue lets regular users get access to local user passwords without needing administrator privileges. It’s another vulnerability coming just after the PrintNightmare problem that was reported recently. As the world figures out how to defend against this vulnerability, it raises the question: Is it
HiveNightmare vulnerability Privilege Escalation on Windows Read More »
Introduction This blog talks about how to solve the GET aHEAD challenge, which is one of the tasks in the picoCTF Web Exploitation section. Solution Here’s what you need to do: There’s a flag hidden on a server. You can access it through this link: http://mercury.picoctf.net:21939/ Just open the link in your web browser and
GET aHEAD Pico CTF Writeup Read More »
Introduction Hey there! So, in this post, we’re diving into different methods for taking advantage of something called the SeImpersonate privilege. Picture this: we’ll start with a scenario where we sneak into a Windows 10 computer using the iisapppool service account. How? Well, we’ll exploit a poorly set-up FTP server. Once we’re in, we’ll snoop
SeImpersonatePrivilege – Windows Privilege Escalation Read More »
Introduction CrackMapExec, or CME for short, is a handy tool used to check the security of Windows networks during internal tests. It helps to figure out what devices are connected to the network and what services they’re running. It also helps to find shared files, users, and groups on the network. In our previous post’s
CrackMapExec in Action: Enumerating Windows Networks (Part 2) Read More »
Introduction CrackMapExec, also known as CME, is a helpful tool for checking how safe Windows networks are, especially during internal pentesting assessments. It’s used to explore networks, finding out what computers are connected and what services they’re running. It also looks for shared folders, user accounts, and groups within the network. In this article, we’ll
Crackmapexec Full Tutorial part 1 [Updated 2024] Read More »
Introduction In this post, You will learn how to CTF Perfection from HacktheBox, If you have any doubts comment down below 👇🏾 Let’s Begin Hey you ❤️ Please check out my other posts, You will be amazed and support me by following on X. Let’s Hack Perfection HTB 😌 https://twitter.com/HacklikeHacker Enumeration First, we start by
Perfection HTB Writeup | HacktheBox Read More »
Introduction DNSAdmins: I recently found out about a sneaky trick that involves taking advantage of the DNS service on a main computer in a network. This trick lets you get more control than you should. It works by exploiting the special permissions given to certain people in a group called DNS Admins. 🎯 Here’s how
Windows Privilege Escalation with DNSAdmins Group Read More »
Introduction Hey everyone, check out my latest article about hacking Windows. For us hackers, getting higher privileges is super important. Today, I’m gonna talk about how to exploit something called SeBackupPrivilege. So, let’s dive in! Listing Privileges Alright, so when we first land a standard shell on a user account, the first thing we gotta
Windows PrivEsc with SeBackupPrivilege Read More »
Introduction The Windows installer is a tool that helps install new software using MSI packages. The AlwaysInstallElevated feature is a setting in Windows that lets regular users install software with high-level permissions, like those of the SYSTEM user. This can be risky because it gives almost complete control over the computer. Microsoft advises against using
Windows Privilege Escalation – AlwaysInstallElevated Policy Read More »
