Survey LevelUp Techniques

Description

Checks which validated LevelUp privilege escalation techniques are compatible with this system and outputs the CVE and technique description.

Overview

Runs the vulnerability check (Check()) for each validated LevelUp privilege escalation technique and reports which ones are exploitable on the current target system.

By default, only compatible techniques are listed. With -Verbose $true, all validated techniques are listed with a Reason field that explains why incompatible techniques will not work (e.g., patch status, required service not running).

Arguments

Parameter Type Mandatory Description
Verbose bool No When $true, outputs all techniques including incompatible ones with a Reason field. Default: $false.

Dependencies

  • levelup

Operating Systems

  • Windows

Example Output (default)

CVE             Description
---             -----------
CVE-2024-26169  Windows Error Reporting Service EoP - SYSTEM file write in System32 via WER queue junction swap
CVE-2024-49039  Windows Task Scheduler WPTaskScheduler NCALRPC EoP

Example Output (-Verbose $true)

CVE             Description                                                         Compatible  Reason
---             -----------                                                         ----------  ------
CVE-2021-34527  Windows Print Spooler EoP - DLL load via AddPrinterDriverEx        True
CVE-2022-21999  Windows Print Spooler EoP - SpoolDirectory junction swap           True
CVE-2024-21447  Windows User Manager AccountPicture EoP via junction chain         False       [CVE-2024-21447] Check: AccountPictureChangeEnabled=False
CVE-2024-26169  Windows Error Reporting Service EoP via WER queue junction swap    True
CVE-2024-49039  Windows Task Scheduler WPTaskScheduler NCALRPC EoP                 True
Scroll to Top