windows-privesc-check – Tool to Check Windows Privilege Escalation Vectors
Windows operating systems include many security features to control access and privileges. It is possible to provide access based on roles and responsibilities beside providing a full access to modify the files/directories or read-only access. If you are looking to pentest windows infrastructure you can use windows-privesc-check.
This tool will look into windows configuration to find mistakes that can be in place with user privileges. Sometimes system administrators forget about local users and provide additional privilege more then what is required. Some of the features for this tool are:
- Reconfiguring Windows Services
- Replacing Service executables if they have weak file permissions
- Replacing poorly protected .exe or .dll files in %ProgramFiles%
- Maliciously modifying the registry (e.g. RunOnce)
- Modifying programs on FAT file systems
- Tampering with running processes
This tool is intended to be run by security auditors and penetration testers against systems they have been engaged to assess, and also by system administrators who want to check for “obvious” misconfigurations. It can even be run as a Scheduled Task so you can check regularly for misconfigurations that might be introduced.
Ensure that you have the appropriate legal permission before running it someone else’s system.
The windows-privesc-check is python based and can be downloaded over the following link: https://github.com/pentestmonkey/windows-privesc-check