module

MS16-032 Secondary Logon Handle Privilege Escalation

Try Surface Command
Back to search
Disclosed
2016-03-21
Created
2018-05-30

Description

This module exploits the lack of sanitization of standard handles in Windows' Secondary
Logon Service. The vulnerability is known to affect versions of Windows 7-10 and 2k8-2k12
32 and 64 bit. This module will only work against those versions of Windows with
Powershell 2.0 or later and systems with two or more CPU cores.

Authors

James Forshaw
b33f
khr0x40sh

Platform

Windows

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:


    msf > use exploit/windows/local/ms16_032_secondary_logon_handle_privesc
    msf exploit(ms16_032_secondary_logon_handle_privesc) > show targets
        ...targets...
    msf exploit(ms16_032_secondary_logon_handle_privesc) > set TARGET < target-id >
    msf exploit(ms16_032_secondary_logon_handle_privesc) > show options
        ...show and set options...
    msf exploit(ms16_032_secondary_logon_handle_privesc) > exploit
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today