Windows / Linux Local Privilege Escalation Workshop
My give back to the community initiative that was presented for free at several private and public events across Australia:
The workshop is based on the attack tree below, which covers all known (at the time) attack vectors of local user privilege escalation on both Linux and Windows operating systems.
The script was developed and tested on a Windows 7 (SP1) x64 Build 7601 English-US host. It might work on other OS instances, but it is not guaranteed. Pay attention to the script's output. Some exercises are skipped (e.g. Kernel, etc.) as it depends on the patchlevel of the VM.
NOTE: As with any intentionally vulnerable hosts, ensure the Windows VM is not connected to an externally facing network.