Windows Privilege Escalation | Efs Potato | TryHackMe Stealth

We covered TryHackMe Stealth machine where we went over the typical stages of enumerating open ports and services with Nmap and we found an upload form that plays the role of Powershell script analyzer. We uploaded a reverse shell Powershell script to gain the first foothold but we made sure to delete all log files to keep the connection alive and prevent attracting the attention of the blue team. Then we used PrivescCheck script to enumerate for available privilege escalation vectors and we found that the current user has complete control over the web server process so we uploaded a webshell and executed the EfsPotato exploit to have SYSTEM access.

Offensive Security Certified Professional Study Notes and Guide

This is a 1099 pages of notes that will guide and help you prepare for and pass the OSCP exam. When you buy this…

The Complete Practical Web Application Penetration Testing Course

Course Content: Introduction to Injection Vulnerabilities SQL Injection - Authentication Bypass SQL Injection - Error…

Challenge Description

Use your evasion skills to pwn a Windows target with an updated defence mechanism.

Full writeup can be found here.