<aside> 📌 Summary
</aside>
<aside> 📦 box
</aside>
Un noyau de système d’exploitation, ou simplement noyau, ou kernel en anglais, est une des parties fondamentales de certains systèmes d’exploitation. Il gère les ressources de l’ordinateur et permet aux différents composants — matériels et logiciels — de ommuniquer entre eux.
A kernel exploit use known vulnerabilities to become sytem.
https://github.com/SecWiki/windows-kernel-exploits
<aside> 📦 box
‣
</aside>
Password are saved everywhere, just find one and try it everywhere. In the case of the Chatterbox machine, we find a autologon password that we reuse on the administrator machine through services only available from inside and plink.
Privilege Escalation - Windows
Priv esc methodology
<aside> 💡 At fist, prefere Quick Win, then look for research which require more time.
</aside>
<aside> 📦 box
‣
</aside>
Winpeas may find wsl executable, elseway go manually find it
where /R c:\\Windows bash.exe
where /R c:\\Windows wsl.exe
Then apply Linux enumeration like taking a look at history or .bash_history file.
<aside> 📦 box
‣
‣
</aside>
Rotten Potato - Privilege Escalation from Service Accounts to SYSTEM
After a whoami /priv you can see the privileges of the user, some of them are bad and may allow token impersonation.