First of all, download psexec from the Microsoft website. http://www.microsoft.com/technet/sysinternals/utilities/psexec.mspx From and elevated/admin command prompt (cmd.exe, "run as administrator"), run psexec –s cmd.exe
C:\>whoami peter
C:\>psexec -s cmd.exe
PsExec v1.83 - Execute processes remotely Copyright (C) 2001-2007 Mark Russinovich Sysinternals - www.sysinternals.com
Microsoft Windows [Version 6.0.6000] Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Windows\system32>whoami nt authority\system
C:\Windows\system32>exit cmd.exe exited on LAPTOP1 with error code 0.
C:\>
Type 'exit' to exit the "system" command prompt. You can launch any other tool from that prompt, and it will inherit your system rights
© Corelan Consulting BV. All rights reserved. The contents of this page may not be reproduced, redistributed, or republished, in whole or in part, for commercial or non-commercial purposes without prior written permission from Corelan Consulting bv. See our Terms of Use & Privacy Policy (https://www.corelan.be/index.php/legal) for more details.
Subscribe to get the latest posts sent to your email.
Type your email…
Subscribe
Peter Van Eeckhoutte is the founder of Corelan and a globally recognized expert in exploit development and vulnerability research. With over two decades in IT security, he built Corelan into a respected platform for deep technical research, hands-on training, and knowledge sharing. Known for his influential exploit development tutorials, tools, and real-world training, Peter combines a strong research mindset with a passion for education—helping security professionals understand not just how exploits work, but why.
Tags:
