Windows utilities that can be used to bypass restrictions
Credit: https://www.pentestpartners.com/security-blog/breaking-out-of-citrix-and-other-restricted-desktop-environments/
We can try and create a file a new text file and save at as file.bat with the content of cmd.exe , double click on the file and a cmd will open.
McAfee uncovered and documented the security flaws in a lengthy blog post, with one simple issue being the fact that you could trigger the voice assistant from the lock screen (assuming Cortana is enabled in this respect, on default settings), and bring up a contextual Windows 10 menu simply by typing while Cortana is listening to a query.
simply typing while Cortana starts to listen to a query on a locked device will bring up a Windows contextual menu, as shown below
An interesting weakness, where some systems prevent access to cmd.exe, however it can still be scheduled to run via Task Scheduler. This can be done either via the command line scheduler (at.exe) or the GUI (taskschd.msc). A basic task can be created to run cmd.exe at a specific time (i.e. 1 minute in the future) or upon certain events such as when a user logs on.
We can use it to make it run powershell from the path:
%SystemRoot%\\system32\\WindowsPowerShell\\v1.0\\powershell.exe
When a user logout and log back in
Task Manager: CTRL+SHIFT+ESC -> File -> Run New Task
Right-click anywhere -> Print -> Find Printer -> browse to cmd.exe