First
of all, to learn to how to hack victim’s PC click here. After hacking when you have
gained a meterpreter session then type:
getprivs
using
this command you will confirm the fact that you have not entered the
administrator yet. So now, there is no need to worry.
Now use the following exploit
This module will bypass
Windows UAC by hijacking a special key in the Registry under the current user
hive, and inserting a custom command that will get invoked when the Windows
Event Viewer is launched. It will spawn a second shell that has the UAC flag turned
off. This module modifies a registry key, but cleans up the key once the
payload has been invoked. The module does not require the architecture of the
payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess
() after starting your payload in a separate process.
As
the command will make our file execute we will have a session with
administrator privileges as shown
0 comments:
Post a Comment