Sherlock is a Powershell script to quickly find missing software patches for local privilege escalation vulnerabilities
It can be loaded from Powershell or even loaded into Empire to be executed.
1. Download into Kali/Parrot
Executing Sherlock through Empire
1. import the script into the empire agent session, use the absolute linux path to load it
- scriptimport /home/user/Desktop/Tools/Post-Exploitation/Sherlock/Sherlock.ps1
2. Once the task is in memory, we can execute commands that belong to Sherlock like “Find-AllVulns”
- Scriptcmd Find-AllVulns
The output will show all the test results and VulnStatus show if the machine is vulnerable or not.