2. Pov

2.1. Machine Info

image-20240128190934277

Notice: the full version of write-up is here.

2.2. Beyond Root

  1. why powershell reverse shell has no SeDebugPrivilege

  2. why powershell spawned by RunasCs has SeDebugPrivilege while cmd does not have SeDebugPrivilege

  3. why evil-winrm has all privileges enabled