TempRacer – Windows Privilege Escalation Tool

The New Acunetix V12 Engine


TempRacer is a Windows Privilege Escalation Tool written in C# designed to automate the process of injecting user creation commands into batch files with administrator level privileges.

tempracer - Windows Privilege Escalation Tool

The code itself is not using that many resources because it relies on callbacks from the OS. You can keep it running for the the whole day to try and catch the creation of an admin level batch file. It’s especially useful (and very successful) in environments where automated patching systems like BigFix are running. If you are able to trigger updates or new software installs you should give it a try.

Usage

You can use this tool to watch for *.bat file creation and try to inject “add user” to it, so that you can get local admin privs. Usage example:

Test it with:

If successful it will inject the code to add the user “alex” with password “Hack123123” and add him to the local administrator group. It will also block the file for further changes, so the privilege escalation code stays inside.

You can also find some Windows Privilege Escalation Tools in: PowerSploit – A PowerShell Post-Exploitation Framework

And if you want to scan for privilege issues or misconfiguration, use this – windows-privesc-check – Windows Privilege Escalation Scanner

You can download tempracer here:

TempRacer.exe
tempracer-1.zip (Source)

Or read more here.

Posted in: Hacking Tools, Windows Hacking

, , ,


Latest Posts:


RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.
NetBScanner - NetBIOS Network Scanner NetBScanner – NetBIOS Network Scanner
NetBScanner is a NetBIOS network scanner tool that scans all computers in the IP addresses range you choose, using the NetBIOS protocol.
Metta - Information Security Adversarial Simulation Tool Metta – Information Security Adversarial Simulation Tool
Metta is an information security preparedness tool in Python to help with adversarial simulation and assess security defense preparation and alerts.
Powershell-RAT - Gmail Exfiltration RAT Powershell-RAT – Gmail Exfiltration RAT
Powershell-RAT is a Python-based Gmail exfiltration RAT that can be used a Windows backdoor to send screenshots or other data as an e-mail attachment.
SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
It seems like SCADA hacking is still a topic in hacker conferences, and it should be with SCADA systems still driving power stations, manufacturing plants etc.
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.


Comments are closed.