SWAPAROO METERPRETER SCRIPT TO BACKDOOR ANY VERSION OF WINDOWS
Recently Un0wn_X wrote the batch automated code to replace sethc.exe (Sticky Keys) and utilman.exe (Utility Manager) into a cmd shell. This is valid to any windows operating system and can be easily executed during the windows login screen. In the windows login screen you are under NT AUTHORITY/SYSTEM account which you have highest privileges on a windows machine. You can get a cmd shell by pressing the Shift Key 5 times or by pressing the windows key + U or the blue colour icon at the bottom. So Un0wn_X had an idea to write a meterpreter script to make this easier for pentesters. Un0wn_X and Hood3dRob1n wrote a meterpreter script to to support the metasploit framework. This comes in handy when we use RDPs and we at that login session we can easily trigger cmd.
A video demonstrating this attack and the script.
TnX && CrediT: Un0wn_X
Source && Download