Automatic script to perform security check for common windows misconfiguration.
September 26, 2016
User's privileges are a daily challange in today's hack, sometime when a malicious user break into your system he tries also to escalate their permission till Administrator account. There are many ways to do it, some are really hard to perform such as 0day, others are pretty trivial such as misconfigurations, weak permissions, elevated process, pipelines and more.
Perform all those task on a system with many packeges installed would be a really pain in the ass, here's where my script come in help!.
Winescalation is a single module python based script, which will help you to perform all those kinds of security check automatically, below a screenshot of what you should expect running winescalate.py
Some of these vulnerability are real-world ones, such as WVSScheduler.exe (WVSS1 and WVSS2)
Like any other automatic scanner tool, even this one will require manual checking but at least will show where to focus.
Try it now
You can clone my repository on github at the following address https://github.com/dzonerzy/winescalation
Please comment with your impression i will try to improve it with new techniques!