Searchsploit
Given the fact that the target system is Windows 7 Enterprise with x86 architecture, I decided to check locally via searchsploit
┌──(kali㉿kali)-[~/…/htb/labs/devel/kernelbuster]
└─$ searchsploit 'windows 7 (x86) local privilege escalation'
----------------------------------------------------------------------- ---------------------------------
Exploit Title | Path
----------------------------------------------------------------------- ---------------------------------
Microsoft Windows (x86) - 'afd.sys' Local Privilege Escalation (MS11-0 | windows_x86/local/40564.c
Microsoft Windows (x86) - 'NDISTAPI' Local Privilege Escalation (MS11- | windows_x86/local/40627.c
Microsoft Windows (x86) - Task Scheduler' .job' Import Arbitrary Discr | windows_x86/local/46918.txt
Microsoft Windows 10 (Build 1703 Creators Update) (x86) - 'WARBIRD' 'N | windows_x86/local/43192.c
Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escal | windows_x86/local/39446.py
Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation | windows_x86/local/47176.cpp
Microsoft Windows 7 SP1 (x86) - 'WebDAV' Local Privilege Escalation (M | windows_x86/local/39432.c
Microsoft Windows 7 SP1 (x86) - GDI Palette Objects Local Privilege Es | windows_x86/local/42432.cpp
Microsoft Windows 7 SP1 (x86) - Local Privilege Escalation (MS16-014) | windows_x86/local/40039.cpp
Microsoft Windows 8.1/10 (x86) - Secondary Logon Standard Handles Miss | windows_x86/local/39574.cs
Microsoft Windows XP SP3 (x86) / 2003 SP2 (x86) - 'NDProxy' Local Priv | windows_x86/local/37732.c
NoMachine < 6.0.80 (x86) - 'nxfuse' Privilege Escalation | windows_x86/local/44167.c
----------------------------------------------------------------------- ---------------------------------
shellcodes: No Results
papers: No Results
There are so many exploits available for the target system
I will start with the first one