![]() Notansi Don't use ansi colors (all white)Īpplicationsinfo Search installed applications informationįilesinfo Search files that can contains credentials Searchall Search all known filenames whith possible credentials (coul take some mins)Ĭmd Obtain wifi, cred manager and clipboard information executing CMD commands Searchfast Avoid sleeping while searching files (notable amount of resources) WinPEAS is a binary to enumerate possible paths to escalate privileges locally Use the winexe command to spawn a command prompt running with the admin privileges HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\winlogon\VolatileUserMgrKey HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\winlogon\AutoLogonChecked HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\winlogon\UserDefaults HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\winlogon\GPExtensions HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\winlogon\AlternateShells VMApplet REG_SZ SystemPropertiesPerformance.exe /pagefile Userinit REG_SZ C:\Windows\system32\userinit.exe, HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\winlogon C:\PrivEsc>reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon"
0 Comments
Leave a Reply. |