Windows Print Operators
Exploitation - With GUI
Confirming Privileges
whoami /privChecking Privileges Again
whoami /privPRIVILEGES INFORMATION
----------------------
Privilege Name Description State
-----------------------------------------------------------
SeMachineAccountPrivilege Add workstations to domain Disabled
SeLoadDriverPrivilege Load and unload device drivers Disabled
SeShutdownPrivilege Shut down the system Disabled
SeChangeNotifyPrivilege Bypass traverse checking Enabled
SeIncreaseWorkingSetPrivilege Increase a process working set DisabledCompile with cl.exe
Add Reference to Driver
Verify Driver is not Loaded
Verify Privilege is Enabled
Verify Capcom Driver is Listed
Use ExploitCapcom Tool to Escalate Privileges
Alternate Exploitation - No GUI
Automating the Steps
Automating with EopLoadDriver
Clean-up
Removing Registry Key
Last updated