Windows batch and PowerShell script that finds misconfiguration issues which can lead to privilege escalation.
Batch script uses accesschk.exe from Sysinternals. This executable is mandatory.
Few checks also use Listdlls.exe and pipelist.exe from Sysinternals. Those executables are optional.
Edit script and set "mode" and "long" parameters: - mode - parameter takes two values "full" or "lhf". "lhf" tries to find only Low Hanging Fruits. "full" shows full output of all commands. - long - parameter takes two values "yes" or "no". If "yes" is configured then time consuming checks are also done. Run batch script: privesc.bat "Users group name" ["Next group name"]
privesc.bat Everyone Users "Authenticated Users"