Summary
- The learner is assumed to have completed the previous steps of the exploit and obtained a shell on the target machine.
- They also have analyzed the configuration of an SMB share and used smbclient to access it anonymously.
- The learner is trying to escalate their access.
- They find a script in an accessible share that may allow them to escalate their privileges and use Evil-WinRM to run the script.
- They then access the Desktop directory of the Administrator and use Evil-WinRM to run the cat command and finally access the root.txt file.
- Additionally, the commands used in this step are also provided.
- The conclusion calls for a celebration of the successful exploitation of the vulnerability.
By Reju Kole
Original Article