Windows Gather Privileges Enumeration
This module will print if UAC is enabled, and if the current account is ADMIN enabled. It will also print UID, foreground SESSION ID, is SYSTEM status and current process PRIVILEGES.
Rank
- Normal
Authors
- Merlyn Cousins < drforbin6 [at] gmail.com >
Development
Similar Modules
- post/windows/gather/arp_scanner
- post/windows/gather/bitcoin_jacker
- post/windows/gather/cachedump
- post/windows/gather/checkvm
- post/windows/gather/credentials/coreftp
- post/windows/gather/credentials/credential_collector
- post/windows/gather/credentials/dyndns
- post/windows/gather/credentials/enum_cred_store
- post/windows/gather/credentials/enum_picasa_pwds
- post/windows/gather/credentials/epo_sql
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use post/windows/gather/win_privs
msf post(win_privs) > set SESSION [INTEGER]
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use post/windows/gather/win_privs
msf post(win_privs) > set SESSION [INTEGER]
Module Options
| SESSION | The session to run this module on. |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |