Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/werneror/windowsprivilegeescalationset

Privilege escalation tool sets on Windows.
https://github.com/werneror/windowsprivilegeescalationset

pentest-tool privilege-escalation windows

Last synced: 2 days ago
JSON representation

Privilege escalation tool sets on Windows.

Host: GitHub
URL: https://github.com/werneror/windowsprivilegeescalationset
Owner: Werneror
Created: 2019-09-28T01:58:34.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2019-09-30T13:23:55.000Z (over 5 years ago)
Last Synced: 2024-11-19T22:17:59.743Z (2 months ago)
Topics: pentest-tool, privilege-escalation, windows
Language: Python
Homepage:
Size: 5.86 KB
Stars: 2
Watchers: 1
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# WindowsPrivilegeEscalationSet

[中文](cn)

Privilege escalation tool sets on Windows.

## netstat_join_tasklist.py

Get the process name corresponding to each port.

In Windows, `netstat` has a parameter `-b` that gives the name of the process corresponding to the port,
but using this parameter requires permissions that we may not have.
In fact, the `-o` parameter of `netstat` can give the process id corresponding to each port.
The command `tasklist` can give the name of the process corresponding to the process id.
So in order to get the process name corresponding to each port,
we only need to join the output of `netstat` and `tasklist` without using the `-b` parameter.
This script is used to do this.

Our design is to redirect the output of `netstat` and `tasklist` to a file
then parse it by Python, because there is probably no Python environment on Windows.
Redirecting to a file makes it easy for us to transfer it to a machine with a Python environment.

## echo_translate.py

Use the `echo` command with copy and paste to implement text file transfer.

When we get a shell, we may want to transfer the file. If we only transfer a small text file,
we can redirect each line of the file to the file on the remote host with the `echo` command.
This script is used to generate these `echo` commands.

This script receives three parameters.
The first parameter is a native file path, which is the file to be transferred.
The second parameter is a remote host file path, which is the target of the `echo` command redirect.
The third parameter is optional and will appear after all `echo` commands.
It is a command that is executed in addition to the remote host.