Windows Priv Esc - OSCP :|
ArdenUK
Member Posts: 14 ■□□□□□□□□□
Evening All,
I am looking at starting OSCP in the near future, I have done my fair share of vulnhub VMs (I know thats not enough by itself) and for my day job I'm a SOC engineer, blue team etc etc..
The trouble I am having is I work with Linux every day so popping Linux boxes comes a little easier to me that Windows.. Sadly I have no Windows admin experience so I am hoping someone on here could give me a few hints and tips re Windows Priv Esc.
From what I understand there is no one "root" location, root in the windows world is the C:\ or \ etc is that correct?
Is there any commonalities between the two, ie does windows have a version of cronjob, are permissions similar really the bare bones basics of Windows Admin and common pit falls?
Thanks for the taking the time I appreciative its a bit vague!
Ta!
I am looking at starting OSCP in the near future, I have done my fair share of vulnhub VMs (I know thats not enough by itself) and for my day job I'm a SOC engineer, blue team etc etc..
The trouble I am having is I work with Linux every day so popping Linux boxes comes a little easier to me that Windows.. Sadly I have no Windows admin experience so I am hoping someone on here could give me a few hints and tips re Windows Priv Esc.
From what I understand there is no one "root" location, root in the windows world is the C:\ or \ etc is that correct?
Is there any commonalities between the two, ie does windows have a version of cronjob, are permissions similar really the bare bones basics of Windows Admin and common pit falls?
Thanks for the taking the time I appreciative its a bit vague!
Ta!
Comments
-
chrisone Member Posts: 2,278 ■■■■■■■■■□try these references
Windows Priv Escalation Fundamentals:
https://www.fuzzysecurity.com/tutorials/16.html
Look for Fuzzy series on "Occult Windows Hacking" which includes the module above.
https://www.fuzzysecurity.com/tutorials.html
Windows Privilege Escalation Fundamentals
I'll Get Your Credentials ... Later!
Windows Userland Persistence Fundamentals
Powershell PE Injection: This is not the Calc you are looking for!
Low-Level Windows API Access From PowerShell
Windows Domains, Pivot & Profit
Anatomy of UAC Attacks
Capcom Rootkit Proof-Of-Concept
Application Introspection & Hooking With Frida
other youtube videos on windows priv esc.
https://www.youtube.com/watch?v=kMG8IsCohHA
http://www.youtube.com/watch?v=_8xJaaQlpBo
https://www.youtube.com/watch?v=PC_iMqiuIRQ&t=2s (Level-Up!)
Elevating privileges by exploiting weak folder permissions | GreyHatHacker.NET
Have fun and prosper!Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
shochan Member Posts: 1,014 ■■■■■■■■□□Very Nice, hi5! ~ BoratCompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP