Escape
But we cant login as we are not in the remote desktop group.
Since we have the admin password we can use runas to run commands
To get UAC use:
Now we get UAC and get an admin shell.
Last updated
But we cant login as we are not in the remote desktop group.
Since we have the admin password we can use runas to run commands
To get UAC use:
Now we get UAC and get an admin shell.
Last updated
Using rdesktop we get a display:
We are in kiosk mode as soon as login so opening edge:
We have an encrypted password:
Now transfering the profile to windows and open the profile in remote desktop plus and edit it. With the bulletpass Now use BulletsPassView and view the password:
We can try to download cmd.exe from here and rename to msedge
That spawns a cmd shell.
Now we get an admin shell: But we don't have privileges even though we are in administrators group.