Bastard write-up
Exploit app’s vulnerability & unpatched Windows vulnerability.
After accessing machine with reverse shell, open another session with admin privilege using reverse shell again. This part was fun.
References
https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS15-051