Vulnerability & Exploit Database

Back to search

MS16-032 Secondary Logon Handle Privilege Escalation

This module exploits the lack of sanitization of standard handles in Windows' Secondary Logon Service. The vulnerability is known to affect versions of Windows 7-10 and 2k8-2k12 32 and 64 bit. This module will only work against those versions of Windows with Powershell 2.0 or later and systems with two or more CPU cores.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/windows/local/ms16_032_secondary_logon_handle_privesc

Authors

  • James Forshaw
  • b33f
  • khr0x40sh

References

Targets

  • Windows x86
  • Windows x64

Platforms

  • windows

Architectures

  • x86
  • x64

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/windows/local/ms16_032_secondary_logon_handle_privesc msf exploit(ms16_032_secondary_logon_handle_privesc) > show targets ...targets... msf exploit(ms16_032_secondary_logon_handle_privesc) > set TARGET <target-id> msf exploit(ms16_032_secondary_logon_handle_privesc) > show options ...show and set options... msf exploit(ms16_032_secondary_logon_handle_privesc) > exploit

Related Vulnerabilities