Results 1 to 10 of 11

Thread: BT5-R3_attempt-to_privilege-escalation_&_hashdump_vs_ win7-sp1-patched(AV-enable)

Hybrid View

  1. #1
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default BT5-R3_attempt-to_privilege-escalation_&_hashdump_vs_ win7-sp1-patched(AV-enable)

    hi guys
    in this "" video "(i think) I tried to have" "privilege-escalation" "in my win 7-sp1-fully_patched with AV enable
    after trying to use the module msf (post / windows / escalate / bypassuac) which was LOCKED out of my system by antivirus .. (& I do not want to kill it) .. reading on the net I tried another way ..... .
    I am not able to judge whether this method is correct or incorrect & useless ....(i'm not a pentester)
    I have just tried it!
    if you want to see the video ... bad ..... & ... full of errors:

    http://vimeo.com/48773626

    PS (the material that helped me prepare for the prior two payloads is in the forum & in the network)

    bye-zimmaro the_g0at-brain

  2. #2
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    1

    Default Re: BT5-R3_attempt-to_privilege-escalation_&_hashdump_vs_ win7-sp1-patched(AV-enable)

    seems good and fun to try
    thanks for share ...

  3. #3
    Just burned his ISO
    Join Date
    May 2012
    Posts
    1

    Default 回复: BT5-R3_attempt-to_privilege-escalation_&_hashdump_vs_ win7-sp1-patched(AV-ena

    where can i download it?give me a link ,thanks for share

  4. #4
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

  5. #5
    Just burned his ISO
    Join Date
    Apr 2011
    Posts
    10

    Default Riferimento: Re: 回复: BT5-R3_attempt-to_privilege-escalation_&_hashdump_vs_ win7-s

    this is great!!!
    thank you zimmaro! very very useful!

  6. #6
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default Re: Riferimento: Re: 回复: BT5-R3_attempt-to_privilege-escalation_&_hashdump_vs_ wi

    hi
    For those interested:
    update!

    * I also tried the "" new "" local <exploit / windows / local / bypassuac>
    works great with my (AV's-off)

    * I also tested the "" method "" in the video versus >> windows 8 pro with AV-ON (microsoft) && worked wonderfully!
    regards

  7. #7
    Junior Member
    Join Date
    Aug 2011
    Posts
    34

    Default Re: Riferimento: Re: 回复: BT5-R3_attempt-to_privilege-escalation_&_hashdump_vs_ wi

    On the Win 8 you tried on a x64 machine? if so after bypassing uac and getting system were you able to migrate to a x64 system privilleged process?

    Humm, nervermind i just tried on some other process it worked, it looks like i was trying the worng process hehehe
    Last edited by jnpa123; 11-10-2012 at 07:42 PM.

  8. #8
    Just burned their ISO
    Join Date
    Nov 2011
    Location
    Italy
    Posts
    3

    Default Riferimento: BT5-R3_attempt-to_privilege-escalation_&_hashdump_vs_ win7-sp1-patched(A

    Ciao zimmaro e grazie per i video veramente istruttivi !! ( trad. "Hi zimmaro, thanks for the very informative video")

    Now there is a new bypassuac exploit on Metasploit that support EXE::Custom

    http://www.metasploit.com/modules/ex...ocal/bypassuac

    work perfect (max. uac supported is default) whit custom exe

    my problem is i can not make a good exe to bypass my AV (avira)
    but just because i am a noob at this...
    Well my idea was create a PAYLOAD whit S.E.T. since it integrate obfuscation
    but for some reason that i don't understand web_attack(java) bypassAV but
    the exe create for use whit exploit bypassuac don't !! anyway i have tried every solution
    posted here whit no success ...
    Last edited by JUGGLER; 01-29-2013 at 08:54 AM.

  9. #9
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default Re: Riferimento: BT5-R3_attempt-to_privilege-escalation_&_hashdump_vs_ win7-sp1-patch

    Quote Originally Posted by JUGGLER View Post
    Ciao zimmaro e grazie per i video veramente istruttivi !! ( trad. "Hi zimmaro, thanks for the very informative video")

    Now there is a new bypassuac exploit on Metasploit that support EXE::Custom

    http://www.metasploit.com/modules/ex...ocal/bypassuac

    work perfect (max. uac supported is default) whit custom exe

    my problem is i can not make a good exe to bypass my AV (avira)
    but just because i am a noob at this...
    Well my idea was create a PAYLOAD whit S.E.T. since it integrate obfuscation
    but for some reason that i don't understand web_attack(java) bypassAV but
    the exe create for use whit exploit bypassuac don't !! anyway i have tried every solution
    posted here whit no success ...
    hi Juggler:
    I can not remember if the method of the video was prior to the release "of the exploit-bypassuac"
    I would not use (my insignificant opinion) an "attack in java" because the victim should be "vulnerable"to it (i don't know is your victim-java-affected)... ..... as well the bypass AV!
    look on the net .... is there any way to bypass even "AVIRA" with a "" special-shellcode "" (prepare by MSF) && insert "C #-template"
    to compile it & used as "custom-exe"
    sorry my language
    bye

  10. #10
    Just burned their ISO
    Join Date
    Nov 2011
    Location
    Italy
    Posts
    3

    Default Riferimento: BT5-R3_attempt-to_privilege-escalation_&_hashdump_vs_ win7-sp1-patched(A

    Hi zimmaro,
    i have tried to make some ""base.c"" maybe i have not generate to much random, or not the right MSFEncoder
    I'm totally newbie maybe best if AVoffLine next try, whit result of search ;-)
    thanks
    ("I'm my victim, no matter right now what's attack but How to bypassuac")
    ciao

Similar Threads

  1. Dual boot BT5R2 + Win7 on UEFI netbook with existing Win7-installation
    By fighterhayabusa in forum BackTrack 5 Beginners Section
    Replies: 16
    Last Post: 01-17-2013, 09:17 PM
  2. PTH Attack with patched Samba
    By oceanonre in forum OLD Pentesting
    Replies: 2
    Last Post: 08-29-2009, 11:08 AM
  3. zd1211rw not properly patched
    By sleek in forum OLD BackTrack 4 Bugs and Fixes
    Replies: 0
    Last Post: 06-23-2009, 01:42 PM
  4. Hostap Drives (Not Patched)
    By Dark0n3 in forum OLD BT3final Bugs and Fixes
    Replies: 7
    Last Post: 01-07-2009, 07:21 PM
  5. Atheros patched drivers
    By imported_ROULETTE in forum OLD Newbie Area
    Replies: 2
    Last Post: 10-06-2008, 08:20 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •