I'm pretty new to pentesting and I just penetrated my first Win7 test-pc several days ago. Now I want to continue with my Windows 10 one.
Does anyone already know some Win10 remote exploits? I heard about eternalsynergy. Are there other ones? I also heard about eternalblue being ported to Win10, but I can't find it anywhere.
What else could I try to penetrate my Win10 PC without user interaction? What are the most common ways and what are more exotic ways?
This question could have been answered with a quick Google search. You can go to CVE Details and find out information about vendors, products, versions, and so on. Most CVEs will post information relevant to a vulnerability, e.g.: "Exploit available." As for "more exotic ways", I think you need to understand exploits, threats, and threat actors in general. Many organizations are compromised via phishing/social engineering primarily, then applications (Office, Excel, IE, etc) are "client side" attacked. (Browser based, file based, etc).
Exploits have been dwindling for some time now, so finding them is increasingly difficult, and threat actors aren't going to burn "0 day" exploits when they can continue using traditional methods that work time and time again. For what it is worth, metasploit's team does a decent job of adding exploits when there are proof of concepts in the wild/discussed. But you need to also understand that there is a huge market for exploits. What this means is that some researchers can hoard their exploits, sell them to heavy hitter buys (govs/mil), or sell them to some exploit clearinghouse. So if you think someone will be making it rain 0 days some time soon, I don't see it happening.
