Windows Privilege Escalation in XML Files

Table of Contents

We demonstrated how to do privilege escalation on windows after grabbing plain text credentials in XML files. We used a lab machine from cyberseclabs unattend for this demo.

Machine Name: Unattend

Difficulty: Beginner

Skills Learned

Windows Privilege Escalation
Unattend XML plain text credentials

Get OSCP Certificate Notes

Video Highlights

In this scenario, we leveraged XML configuration files, an example is unattend.xml, to obtain privilege on the Windows system as the SYSTEM user. Usually these configuration files are located under C:\Windows\User\Unattend.xml and can be viewed after gaining a foothold on the target machine.

First foothold access can be obtained by searching with “Rejetto” using Metasploit and using windows/http/rejetto_hfs_exec.

cyberseclabs, Metasploit, OSCP, Penetration Testing, Videos, Windows

Show Comments

MasterMind Study Notes

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles

Windows Privilege Escalation in XML Files – Cyberseclabs Unattend

Skills Learned

Video Highlights

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Press ESC to close

Windows Privilege Escalation in XML Files – Cyberseclabs Unattend

Skills Learned

Video Highlights

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Share Article:

You might also like

HackTheBox SPG Challenge Writeup | Cryptography CTF Challenges

Blue Team SOC Real World Case Studies | Complete Walkthrough | TryHackMe Boogeyman 1,2,3

Real World Phishing Email Analysis | TryHackMe Snapped Phishing Line