TL;DR+ WHOAMI?whoami + CAN I DO SPECIAL THINGS? Regardless of whether Enabled or Disabled – we might be able to enable a privilege ourselves.WHOAMI /PRIV + SERVICES –> SERVICES AT BOOT & SERVICES RAN THROUGH ICACLS.EXEwmic service get name,startnameNET START+ NETWORK CAPABILITIES? (CHECKS FOR 127)+ SHELL CAPABILITY –> STAGED/NON-STAGED? FORMAT? ARCH? ENCODER? BIND/REVERSE?+ SHELL CAPABILITY … Continue reading Windows Privilege Escalation – Resources